Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/13C82UYgfOZj1izlum6Z5V7JmoU.roa
File: 13C82UYgfOZj1izlum6Z5V7JmoU.roa (raw, json)
Hash identifier: vWG7jY+WDk1Q0YZbzAU3Aw7KoxldgNGTcXWXV9JyVzg=
Subject key identifier: D7:70:BC:D9:46:20:7C:E6:63:D6:2C:E5:BA:6E:99:E5:5E:C9:9A:85
Certificate issuer: /CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Certificate serial: 04F74E98
Authority key identifier: 30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/13C82UYgfOZj1izlum6Z5V7JmoU.roa
Signing time: Fri 15 Apr 2022 18:51:13 +0000
ROA not before: Fri 15 Apr 2022 18:51:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8308
IP address blocks: 195.164.0.0/16 maxlen: 16
217.9.160.0/20 maxlen: 20
217.9.160.0/24 maxlen: 24
217.9.165.0/24 maxlen: 24
194.181.0.0/16 maxlen: 16
195.187.101.0/24 maxlen: 24
195.187.0.0/18 maxlen: 18
193.59.0.0/16 maxlen: 16
195.187.128.0/17 maxlen: 17
2001:a10::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83316376 (0x4f74e98)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30c409613fea0a2b442ce112e9cbdb485e01188f
Validity
Not Before: Apr 15 18:51:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d770bcd946207ce663d62ce5ba6e99e55ec99a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:24:36:1a:94:7d:be:54:22:39:bf:51:fb:7b:
14:64:04:d6:39:26:43:2f:de:19:e9:cf:9b:2e:f0:
71:4d:6c:19:05:45:81:fa:2c:78:3b:61:78:be:e9:
d0:49:7f:70:76:74:82:84:95:51:7d:9c:4d:b7:4f:
43:12:8f:10:cc:a0:46:b1:5c:67:85:67:09:79:28:
4c:f0:9d:1f:7d:04:a1:0d:cd:1b:83:8a:03:cd:e7:
c5:b1:f7:38:ad:0a:7d:e4:98:f3:ec:62:eb:d4:69:
2f:01:b7:7b:03:64:f7:71:39:08:07:90:10:dd:e1:
4b:4b:ed:97:ec:91:72:0d:2c:54:76:48:83:e0:16:
47:03:19:2d:fa:41:a0:53:b9:a8:70:8a:e4:48:53:
86:42:08:c4:1e:83:23:1e:cd:5d:45:01:94:b3:57:
f7:4e:f3:b1:e8:ff:07:e1:9f:be:cb:9b:4b:a8:81:
cf:60:1e:4e:30:9a:8b:3d:bb:a5:19:19:80:f7:e5:
84:c1:d8:c1:27:18:16:a7:1e:23:09:58:a0:04:67:
44:a3:0b:04:82:8a:91:c5:82:40:fb:5e:3f:09:4a:
06:e7:c5:44:a1:26:f3:5b:72:ea:58:cc:8a:f6:4f:
17:76:b4:ef:d6:2d:82:9f:f0:50:6a:16:ba:4a:ea:
36:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:70:BC:D9:46:20:7C:E6:63:D6:2C:E5:BA:6E:99:E5:5E:C9:9A:85
X509v3 Authority Key Identifier:
keyid:30:C4:09:61:3F:EA:0A:2B:44:2C:E1:12:E9:CB:DB:48:5E:01:18:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MMQJYT_qCitELOES6cvbSF4BGI8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/13C82UYgfOZj1izlum6Z5V7JmoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b78fb5-afca-4db7-8886-c0671bf4cf3e/1/MMQJYT_qCitELOES6cvbSF4BGI8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.59.0.0/16
194.181.0.0/16
195.164.0.0/16
195.187.0.0/18
195.187.101.0/24
195.187.128.0/17
217.9.160.0/20
IPv6:
2001:a10::/32
Signature Algorithm: sha256WithRSAEncryption
89:e2:10:ea:4a:0e:4e:60:a4:dc:9e:f1:4d:3f:95:ce:1a:b3:
06:34:75:10:bc:a8:4d:36:0d:5e:d0:64:e3:c6:04:37:fa:c2:
bd:b4:0d:50:95:6c:85:bf:62:e2:91:9d:64:8b:09:70:41:74:
f4:2b:50:30:fc:1e:41:06:cd:11:0c:fc:eb:fe:f5:ec:04:fc:
69:bd:14:98:87:6e:79:57:7f:1e:65:90:df:15:01:bc:6c:10:
32:2e:ee:42:ab:d0:3e:d9:7b:8c:61:2b:d2:95:4e:42:b7:fa:
db:e4:6a:aa:4c:9b:e8:5f:28:9f:5e:11:ff:17:fe:17:78:09:
a3:c0:a7:c1:35:22:0b:36:38:c3:87:4e:24:e2:48:c7:1c:d3:
45:1e:7c:00:08:44:72:97:d1:c8:1d:44:70:3d:7b:71:82:ac:
34:90:49:eb:f6:8c:f5:e3:c1:08:a4:6f:d5:8b:f9:f7:c0:d1:
39:d7:a7:45:25:43:85:ca:3f:3a:95:97:5b:20:d5:72:58:62:
be:e0:b8:b4:f6:1e:65:8c:a2:54:52:50:d8:bc:c9:6f:99:b5:
8c:fe:24:32:af:1e:12:db:34:f7:50:54:cd:bf:79:d7:a3:d0:
7f:33:f2:a9:b0:16:49:19:fc:48:98:05:2b:97:7a:72:fe:00:
3a:55:b9:ef
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBPdOmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MGM0MDk2MTNmZWEwYTJiNDQyY2UxMTJlOWNiZGI0ODVlMDExODhmMB4XDTIyMDQx
NTE4NTExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc3MGJjZDk0NjIw
N2NlNjYzZDYyY2U1YmE2ZTk5ZTU1ZWM5OWE4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIkNhqUfb5UIjm/Uft7FGQE1jkmQy/eGenPmy7wcU1sGQVF
gfoseDtheL7p0El/cHZ0goSVUX2cTbdPQxKPEMygRrFcZ4VnCXkoTPCdH30EoQ3N
G4OKA83nxbH3OK0KfeSY8+xi69RpLwG3ewNk93E5CAeQEN3hS0vtl+yRcg0sVHZI
g+AWRwMZLfpBoFO5qHCK5EhThkIIxB6DIx7NXUUBlLNX907zsej/B+GfvsubS6iB
z2AeTjCaiz27pRkZgPflhMHYwScYFqceIwlYoARnRKMLBIKKkcWCQPtePwlKBufF
RKEm81ty6ljMivZPF3a079Ytgp/wUGoWukrqNkECAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTXcLzZRiB85mPWLOW6bpnlXsmahTAfBgNVHSMEGDAWgBQwxAlhP+oKK0Qs
4RLpy9tIXgEYjzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01NUUpZVF9xQ2l0RUxPRVM2Y3ZiU0Y0QkdJOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvYjc4ZmI1LWFmY2EtNGRiNy04ODg2LWMwNjcxYmY0Y2YzZS8x
LzEzQzgyVVlnZk9aajFpemx1bTZaNVY3Sm1vVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
Yjc4ZmI1LWFmY2EtNGRiNy04ODg2LWMwNjcxYmY0Y2YzZS8xL01NUUpZVF9xQ2l0
RUxPRVM2Y3ZiU0Y0QkdJOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wLQQCAAEwJwMDAME7AwMAwrUDAwDDpAMEBsO7AAME
AMO7ZQMEB8O7gAMEBNkJoDANBAIAAjAHAwUAIAEKEDANBgkqhkiG9w0BAQsFAAOC
AQEAieIQ6koOTmCk3J7xTT+VzhqzBjR1ELyoTTYNXtBk48YEN/rCvbQNUJVshb9i
4pGdZIsJcEF09CtQMPweQQbNEQz86/717AT8ab0UmIdueVd/HmWQ3xUBvGwQMi7u
QqvQPtl7jGEr0pVOQrf62+Rqqkyb6F8on14R/xf+F3gJo8CnwTUiCzY4w4dOJOJI
xxzTRR58AAhEcpfRyB1EcD17cYKsNJBJ6/aM9ePBCKRv1Yv598DROdenRSVDhco/
OpWXWyDVclhivuC4tPYeZYyiVFJQ2LzJb5m1jP4kMq8eEts091BUzb9516PQfzPy
qbAWSRn8SJgFK5d6cv4AOlW57w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:05 2024 by rpki-client on console-ams.rpki-client.org