Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/U07dnnEeQd8xR8uBXYy8bNQa1lw.roa
File: U07dnnEeQd8xR8uBXYy8bNQa1lw.roa (raw, json)
Hash identifier: RZqQWMzKS5HjagoFELR2czUKoaCiq3mZTZUozMmddLs=
Subject key identifier: 53:4E:DD:9E:71:1E:41:DF:31:47:CB:81:5D:8C:BC:6C:D4:1A:D6:5C
Certificate issuer: /CN=62dd5a4075428a7fc9ac94e6d2a2d9a992ef4853
Certificate serial: 018512FD5F6676B713BDFD68DC3AECED2BE9
Authority key identifier: 62:DD:5A:40:75:42:8A:7F:C9:AC:94:E6:D2:A2:D9:A9:92:EF:48:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yt1aQHVCin_JrJTm0qLZqZLvSFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/U07dnnEeQd8xR8uBXYy8bNQa1lw.roa
Signing time: Wed 14 Dec 2022 23:34:33 +0000
ROA not before: Wed 14 Dec 2022 23:34:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47815
IP address blocks: 194.30.185.0/24 maxlen: 24
188.92.200.0/21 maxlen: 21
94.125.64.0/21 maxlen: 21
2a03:4080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:12:fd:5f:66:76:b7:13:bd:fd:68:dc:3a:ec:ed:2b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62dd5a4075428a7fc9ac94e6d2a2d9a992ef4853
Validity
Not Before: Dec 14 23:34:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=534edd9e711e41df3147cb815d8cbc6cd41ad65c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e9:ac:f1:e8:b9:3b:fb:90:b6:4c:a7:e9:4a:
46:d9:d2:98:4e:99:cd:70:02:52:61:21:c1:0f:5c:
e3:8b:f9:17:3d:d2:89:70:04:32:8f:57:99:ba:18:
d0:3c:f6:2b:6e:ca:05:2b:98:99:45:34:96:19:ab:
fd:e9:70:8e:21:de:6f:ee:a3:da:c4:9b:39:81:b5:
ca:ac:14:6c:19:a6:db:0a:56:e3:4c:3d:8a:5a:f0:
ad:0b:ef:f2:97:57:c3:08:f3:7f:26:42:72:77:97:
f9:ce:3e:7f:a9:9d:45:e0:12:78:13:4a:7d:e4:4c:
dc:1c:9e:53:9e:e9:e4:35:2c:b8:89:3c:d4:64:94:
fa:2a:2f:3b:5b:84:e8:5a:6d:67:87:a8:8d:74:eb:
78:75:73:8f:c7:d4:c3:bb:00:52:2c:10:af:20:75:
25:6b:dd:ae:b7:7d:58:bd:01:fb:27:1d:2a:7f:d1:
4e:ca:7b:38:37:7e:aa:bd:00:20:c7:22:57:e0:c7:
c3:41:29:8d:b5:6e:3b:6a:03:d5:94:a7:17:9f:28:
9e:7f:a7:8d:c8:ee:5c:c3:70:96:51:08:b3:8d:4f:
65:96:4a:3b:ef:dc:e6:80:36:83:15:dc:2a:73:98:
13:be:83:64:58:e2:06:44:4c:4f:e2:62:6a:87:2e:
cc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4E:DD:9E:71:1E:41:DF:31:47:CB:81:5D:8C:BC:6C:D4:1A:D6:5C
X509v3 Authority Key Identifier:
keyid:62:DD:5A:40:75:42:8A:7F:C9:AC:94:E6:D2:A2:D9:A9:92:EF:48:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yt1aQHVCin_JrJTm0qLZqZLvSFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/U07dnnEeQd8xR8uBXYy8bNQa1lw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/Yt1aQHVCin_JrJTm0qLZqZLvSFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.64.0/21
188.92.200.0/21
194.30.185.0/24
IPv6:
2a03:4080::/32
Signature Algorithm: sha256WithRSAEncryption
6a:94:fe:49:75:1b:9e:5a:da:19:e6:a1:56:0a:a3:04:80:13:
1c:8a:44:d3:2f:a9:41:7d:06:cc:60:72:e8:07:81:62:a5:0c:
6e:b8:35:d9:39:5f:64:a3:c8:1b:af:79:e6:b1:50:fd:85:bb:
44:a9:d3:f6:ff:54:50:b9:0c:2a:ff:13:f0:d6:e2:91:63:20:
fa:0d:62:c9:ed:54:66:4c:eb:b3:b8:d5:ba:21:64:b0:29:c9:
5e:e0:bf:8d:d3:85:c6:89:83:ea:f8:35:54:82:4e:20:3a:e6:
88:87:0b:ac:d5:62:53:a9:c4:73:90:b5:be:7e:01:a7:b5:0d:
92:37:98:29:4e:98:c0:be:28:81:e9:9d:8d:64:6f:51:27:84:
e0:07:06:64:f2:c5:37:2d:6f:ff:88:ff:e0:8f:a1:ac:d2:49:
79:23:e6:a5:84:a3:72:49:57:f8:05:1a:39:71:2e:25:88:a0:
3f:21:0f:8e:8d:fe:87:2e:0c:be:ec:df:e5:6c:30:32:59:23:
f8:29:0c:70:a8:1b:09:7a:81:b5:37:25:be:54:c2:47:92:50:
8d:47:a5:79:53:77:6d:78:92:dd:28:7d:d6:71:ab:89:9b:07:
8c:a7:02:ae:d3:72:51:b0:b6:77:94:d1:3a:c9:ea:00:16:ca:
bf:94:12:b8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYUS/V9mdrcTvf1o3Drs7SvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZGQ1YTQwNzU0MjhhN2ZjOWFjOTRlNmQyYTJkOWE5OTJl
ZjQ4NTMwHhcNMjIxMjE0MjMzNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzRlZGQ5ZTcxMWU0MWRmMzE0N2NiODE1ZDhjYmM2Y2Q0MWFkNjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+ms8ei5O/uQtkyn6UpG2dKYTpnN
cAJSYSHBD1zji/kXPdKJcAQyj1eZuhjQPPYrbsoFK5iZRTSWGav96XCOId5v7qPa
xJs5gbXKrBRsGabbClbjTD2KWvCtC+/yl1fDCPN/JkJyd5f5zj5/qZ1F4BJ4E0p9
5EzcHJ5TnunkNSy4iTzUZJT6Ki87W4ToWm1nh6iNdOt4dXOPx9TDuwBSLBCvIHUl
a92ut31YvQH7Jx0qf9FOyns4N36qvQAgxyJX4MfDQSmNtW47agPVlKcXnyief6eN
yO5cw3CWUQizjU9llko779zmgDaDFdwqc5gTvoNkWOIGRExP4mJqhy7MxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFNO3Z5xHkHfMUfLgV2MvGzUGtZcMB8GA1UdIwQY
MBaAFGLdWkB1Qop/yayU5tKi2amS70hTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXQxYVFIVkNpbl9KckpUbTBxTFpxWkx2U0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzIyYzgtMTRlMy00MDgyLTkyZDEt
NjVmODkwMGU1YzgyLzEvVTA3ZG5uRWVRZDh4Ujh1QlhZeThiTlFhMWx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzIyYzgtMTRlMy00MDgyLTkyZDEtNjVmODkwMGU1Yzgy
LzEvWXQxYVFIVkNpbl9KckpUbTBxTFpxWkx2U0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXn1AAwQD
vFzIAwQAwh65MA0EAgACMAcDBQAqA0CAMA0GCSqGSIb3DQEBCwUAA4IBAQBqlP5J
dRueWtoZ5qFWCqMEgBMcikTTL6lBfQbMYHLoB4FipQxuuDXZOV9ko8gbr3nmsVD9
hbtEqdP2/1RQuQwq/xPw1uKRYyD6DWLJ7VRmTOuzuNW6IWSwKcle4L+N04XGiYPq
+DVUgk4gOuaIhwus1WJTqcRzkLW+fgGntQ2SN5gpTpjAviiB6Z2NZG9RJ4TgBwZk
8sU3LW//iP/gj6Gs0kl5I+alhKNySVf4BRo5cS4liKA/IQ+Ojf6HLgy+7N/lbDAy
WSP4KQxwqBsJeoG1NyW+VMJHklCNR6V5U3dteJLdKH3WcauJmweMpwKu03JRsLZ3
lNE6yeoAFsq/lBK4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:01 2023 by rpki-client on console-ams.rpki-client.org