Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/t1U82kAk8QFNZxU38BWyjrNnJEA.roa
File: t1U82kAk8QFNZxU38BWyjrNnJEA.roa (raw, json)
Hash identifier: RL91aP7IHkbVsLgJnlOQ8bQUt6v2pheUugv5r75x+GU=
Subject key identifier: B7:55:3C:DA:40:24:F1:01:4D:67:15:37:F0:15:B2:8E:B3:67:24:40
Certificate issuer: /CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Certificate serial: 11E68162
Authority key identifier: 33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/t1U82kAk8QFNZxU38BWyjrNnJEA.roa
Signing time: Wed 01 Jun 2022 08:16:21 +0000
ROA not before: Wed 01 Jun 2022 08:16:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31214
IP address blocks: 5.11.64.0/20 maxlen: 20
193.39.220.0/22 maxlen: 22
178.210.0.0/19 maxlen: 19
109.111.128.0/19 maxlen: 19
194.50.12.0/22 maxlen: 22
185.234.120.0/22 maxlen: 22
91.109.128.0/19 maxlen: 19
185.251.216.0/22 maxlen: 22
37.60.208.0/20 maxlen: 20
213.149.0.0/19 maxlen: 19
185.238.76.0/22 maxlen: 22
31.192.128.0/19 maxlen: 19
185.16.136.0/22 maxlen: 22
83.219.128.0/19 maxlen: 19
2a03:5800::/32 maxlen: 32
2a06:50c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 300319074 (0x11e68162)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Validity
Not Before: Jun 1 08:16:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7553cda4024f1014d671537f015b28eb3672440
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ff:de:26:4b:25:9f:6c:8b:90:e7:b6:39:27:
4a:05:6d:02:07:04:85:bb:59:dd:9e:f1:08:30:3e:
26:07:f6:8b:6e:f8:07:61:4a:b7:81:e6:3c:b3:b3:
bd:73:e0:eb:db:e1:f2:98:7c:1c:07:ea:5c:d2:52:
97:ce:15:da:4b:39:ca:74:3e:c2:d4:e5:cd:83:23:
5b:83:c7:a9:4b:be:ac:83:b0:f8:a3:d3:29:ef:c0:
cf:70:aa:09:78:22:c0:4b:49:7a:20:9e:87:bd:7c:
39:77:86:e5:34:34:9f:d5:1e:d1:2b:6c:87:b2:ae:
cc:77:83:92:ce:79:00:f9:84:64:84:aa:98:9f:96:
13:b6:12:b7:97:ba:a0:19:e9:6d:b0:00:a0:f8:f2:
43:80:55:9a:76:a0:13:c8:8f:af:49:cb:2b:f3:57:
00:7b:10:bc:f0:cd:89:a5:c7:81:ac:77:b0:aa:00:
fd:0d:9d:96:c4:e4:2a:09:24:c9:26:16:1f:50:59:
9f:b3:7b:8f:0b:6e:e1:33:2d:af:d4:ca:6e:68:e1:
64:e2:3e:ab:48:42:ca:eb:65:75:cc:3d:8d:ba:6e:
5d:cf:6f:47:6d:4b:3f:0e:47:f3:51:12:de:14:58:
2a:da:ab:45:62:bb:34:94:63:43:61:af:73:15:a1:
ff:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:55:3C:DA:40:24:F1:01:4D:67:15:37:F0:15:B2:8E:B3:67:24:40
X509v3 Authority Key Identifier:
keyid:33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/t1U82kAk8QFNZxU38BWyjrNnJEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.64.0/20
31.192.128.0/19
37.60.208.0/20
83.219.128.0/19
91.109.128.0/19
109.111.128.0/19
178.210.0.0/19
185.16.136.0/22
185.234.120.0/22
185.238.76.0/22
185.251.216.0/22
193.39.220.0/22
194.50.12.0/22
213.149.0.0/19
IPv6:
2a03:5800::/32
2a06:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
86:6e:50:fe:77:ff:df:e0:c6:80:50:da:1b:0a:3a:54:0b:5c:
23:c9:f2:c4:49:14:05:24:75:49:db:7d:3d:ef:e5:a2:a8:f4:
e9:b3:2b:8b:00:eb:38:fc:bf:0b:76:47:19:fb:4b:22:18:46:
d9:42:a7:87:18:38:6a:08:12:c2:51:1b:d1:de:66:d7:11:b6:
6f:df:27:16:16:31:31:b8:8b:22:5a:93:42:ee:15:81:3d:bd:
8f:3f:8b:1c:b2:a8:fa:71:19:31:88:56:a3:b6:e9:41:33:b5:
85:23:6a:0a:7b:fc:80:66:9d:a5:e8:e9:2d:15:3c:72:35:be:
23:90:d1:0f:87:06:aa:c7:cd:ee:ba:b2:f3:b1:09:07:6b:0c:
15:5c:b4:16:3b:ad:ce:b6:30:1d:5a:39:81:58:ba:e2:bb:b4:
45:4b:84:2c:c3:18:18:6e:d1:6b:62:70:28:10:7e:a5:c0:97:
6b:f6:8b:6b:82:a8:ea:d2:69:c8:15:15:c3:a0:87:83:42:fe:
3d:e0:e6:67:14:fa:99:38:ed:72:49:c7:b4:c1:27:0a:c6:28:
27:07:d7:85:ff:fd:c8:85:fe:9c:b4:d3:b2:f7:f2:45:f5:f3:
7e:2d:79:d4:94:12:74:bc:71:2e:40:cd:5e:ff:e0:0a:d5:99:
85:80:b3:7f
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIEEeaBYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2ZlODBhZWExMDBlOThjMGRhNWQxZmZlZjk4YjM3MWQxMWVkZGEyMB4XDTIyMDYw
MTA4MTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc1NTNjZGE0MDI0
ZjEwMTRkNjcxNTM3ZjAxNWIyOGViMzY3MjQ0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7/3iZLJZ9si5DntjknSgVtAgcEhbtZ3Z7xCDA+Jgf2i274
B2FKt4HmPLOzvXPg69vh8ph8HAfqXNJSl84V2ks5ynQ+wtTlzYMjW4PHqUu+rIOw
+KPTKe/Az3CqCXgiwEtJeiCeh718OXeG5TQ0n9Ue0Stsh7KuzHeDks55APmEZISq
mJ+WE7YSt5e6oBnpbbAAoPjyQ4BVmnagE8iPr0nLK/NXAHsQvPDNiaXHgax3sKoA
/Q2dlsTkKgkkySYWH1BZn7N7jwtu4TMtr9TKbmjhZOI+q0hCyutldcw9jbpuXc9v
R21LPw5H81ES3hRYKtqrRWK7NJRjQ2GvcxWh/9ECAwEAAaOCAm4wggJqMB0GA1Ud
DgQWBBS3VTzaQCTxAU1nFTfwFbKOs2ckQDAfBgNVHSMEGDAWgBQz/oCuoQDpjA2l
0f/vmLNx0R7dojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01fNkFycUVBNll3TnBkSF83NWl6Y2RFZTNhSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8x
L3QxVTgya0FrOFFGTlp4VTM4Qld5anJObkpFQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
ODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8xL01fNkFycUVBNll3
TnBkSF83NWl6Y2RFZTNhSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
gwYIKwYBBQUHAQcBAf8EdDByMFoEAgABMFQDBAQFC0ADBAUfwIADBAQlPNADBAVT
24ADBAVbbYADBAVtb4ADBAWy0gADBAK5EIgDBAK56ngDBAK57kwDBAK5+9gDBALB
J9wDBALCMgwDBAXVlQAwFAQCAAIwDgMFACoDWAADBQAqBlDAMA0GCSqGSIb3DQEB
CwUAA4IBAQCGblD+d//f4MaAUNobCjpUC1wjyfLESRQFJHVJ23097+WiqPTpsyuL
AOs4/L8LdkcZ+0siGEbZQqeHGDhqCBLCURvR3mbXEbZv3ycWFjExuIsiWpNC7hWB
Pb2PP4scsqj6cRkxiFajtulBM7WFI2oKe/yAZp2l6OktFTxyNb4jkNEPhwaqx83u
urLzsQkHawwVXLQWO63OtjAdWjmBWLriu7RFS4QswxgYbtFrYnAoEH6lwJdr9otr
gqjq0mnIFRXDoIeDQv494OZnFPqZOO1ySce0wScKxignB9eF//3Ihf6ctNOy9/JF
9fN+LXnUlBJ0vHEuQM1e/+AK1ZmFgLN/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:01 2023 by rpki-client on console-ams.rpki-client.org