Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/10XuDMTrcLgd4nc3BSGhw6N4mHY.roa
File: 10XuDMTrcLgd4nc3BSGhw6N4mHY.roa (raw, json)
Hash identifier: muylJuoxXPDKv+PmAZV2k6HC9+vS+PEvu/AgS/hDXYg=
Subject key identifier: D7:45:EE:0C:C4:EB:70:B8:1D:E2:77:37:05:21:A1:C3:A3:78:98:76
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01845140C5FABA2BFF1DFE6BC7C13CF43BEC
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/10XuDMTrcLgd4nc3BSGhw6N4mHY.roa
Signing time: Mon 07 Nov 2022 08:41:50 +0000
ROA not before: Mon 07 Nov 2022 08:41:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20616
IP address blocks: 85.120.16.0/24 maxlen: 24
85.120.17.0/24 maxlen: 24
193.226.68.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:51:40:c5:fa:ba:2b:ff:1d:fe:6b:c7:c1:3c:f4:3b:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Nov 7 08:41:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d745ee0cc4eb70b81de277370521a1c3a3789876
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ab:42:46:06:10:cf:05:b5:22:65:5f:dc:8f:
c3:09:6d:dc:ae:76:06:ca:73:ce:4b:03:30:3a:ef:
11:96:77:16:53:3c:a9:a1:82:43:92:b8:91:e9:f6:
e7:ca:b4:ce:a6:5d:74:42:35:31:4f:0a:be:c3:15:
b1:7e:71:93:8b:05:cd:42:c2:8e:06:83:53:71:8c:
e4:22:dc:ec:f5:b1:ca:e6:f7:c3:e8:32:42:3e:39:
6c:3e:cc:a1:be:58:56:23:bf:b8:81:8b:6e:67:ea:
bc:22:5c:3b:fa:d4:f4:30:78:bc:6d:d2:7c:44:7d:
c1:fa:17:4e:bd:e8:71:4b:fd:c3:13:50:da:51:16:
54:a4:d1:95:16:7d:78:98:53:cd:88:5f:ee:df:b7:
f1:87:17:d2:54:9e:bb:0d:b8:96:b2:b9:ea:a2:26:
c4:e7:da:d2:4e:35:f0:50:be:61:0d:d5:44:14:f1:
50:79:14:31:32:5d:cd:85:79:fb:72:6b:dc:9f:61:
8c:17:a5:fc:7f:05:a9:50:c7:ef:b1:75:62:7a:73:
28:bc:84:a2:73:f1:de:de:2d:64:1c:de:d0:0e:6a:
9a:9a:00:73:a5:a9:de:63:33:df:31:b3:33:a8:cf:
7c:0d:29:00:16:70:17:45:57:ca:7d:b9:e8:31:a7:
be:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:45:EE:0C:C4:EB:70:B8:1D:E2:77:37:05:21:A1:C3:A3:78:98:76
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/10XuDMTrcLgd4nc3BSGhw6N4mHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.16.0/23
193.226.68.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:64:93:2e:4d:28:6f:b7:3b:2c:b6:2d:63:37:80:24:ee:0b:
4f:37:b3:f6:00:32:7b:ed:71:72:b8:d4:ea:aa:31:13:04:4b:
77:d1:f2:83:37:1b:7d:90:7f:d3:8b:b1:60:eb:db:d0:59:ef:
fe:87:36:c7:0c:cb:b0:8e:82:d9:a7:20:e8:7d:04:3e:19:44:
54:a7:c2:e1:54:67:91:2d:b7:b7:db:8a:90:13:9c:88:e5:ff:
02:12:4a:75:10:b5:eb:95:ec:0a:42:78:be:b4:31:84:e0:fe:
4d:e1:83:ff:d0:3e:95:91:34:99:fc:47:26:93:ed:a2:87:f5:
4f:9d:c4:e5:2d:f5:1a:9c:0c:f7:2a:17:fb:4d:b0:8c:83:63:
67:62:16:5c:af:b8:ba:9a:05:e7:37:ac:df:18:38:f0:ba:1c:
4e:fc:b3:e1:1b:2c:ca:65:26:e3:fa:dc:07:e8:ba:19:5b:21:
ac:7c:ab:4d:3b:db:ee:7f:9f:81:d9:29:ae:f9:f1:30:da:a1:
c6:d7:40:ed:4e:d6:1e:47:4e:16:4c:4b:65:e4:18:81:0b:33:
c1:ca:ae:2a:ae:ae:62:b6:20:ef:1f:bf:3a:22:a9:37:d8:2b:
66:21:06:6a:7d:c8:83:6f:44:d9:69:e5:f5:01:86:a8:c0:19:
95:59:72:0c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRRQMX6uiv/Hf5rx8E89DvsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjIxMTA3MDg0MTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ1ZWUwY2M0ZWI3MGI4MWRlMjc3MzcwNTIxYTFjM2EzNzg5ODc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgatCRgYQzwW1ImVf3I/DCW3crnYG
ynPOSwMwOu8RlncWUzypoYJDkriR6fbnyrTOpl10QjUxTwq+wxWxfnGTiwXNQsKO
BoNTcYzkItzs9bHK5vfD6DJCPjlsPsyhvlhWI7+4gYtuZ+q8Ilw7+tT0MHi8bdJ8
RH3B+hdOvehxS/3DE1DaURZUpNGVFn14mFPNiF/u37fxhxfSVJ67DbiWsrnqoibE
59rSTjXwUL5hDdVEFPFQeRQxMl3NhXn7cmvcn2GMF6X8fwWpUMfvsXVienMovISi
c/He3i1kHN7QDmqamgBzpaneYzPfMbMzqM98DSkAFnAXRVfKfbnoMae+9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNdF7gzE63C4HeJ3NwUhocOjeJh2MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvMTBYdURNVHJjTGdkNG5jM0JTR2h3Nk40bUhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVXgQAwQC
weJEMA0GCSqGSIb3DQEBCwUAA4IBAQC7ZJMuTShvtzssti1jN4Ak7gtPN7P2ADJ7
7XFyuNTqqjETBEt30fKDNxt9kH/Ti7Fg69vQWe/+hzbHDMuwjoLZpyDofQQ+GURU
p8LhVGeRLbe324qQE5yI5f8CEkp1ELXrlewKQni+tDGE4P5N4YP/0D6VkTSZ/Ecm
k+2ih/VPncTlLfUanAz3Khf7TbCMg2NnYhZcr7i6mgXnN6zfGDjwuhxO/LPhGyzK
ZSbj+twH6LoZWyGsfKtNO9vuf5+B2Smu+fEw2qHG10DtTtYeR04WTEtl5BiBCzPB
yq4qrq5itiDvH786Iqk32CtmIQZqfciDb0TZaeX1AYaowBmVWXIM
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-ams.rpki-client.org