Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/oE3BE5PFTXYgQ49riyKl8bK5ooc.roa
File: oE3BE5PFTXYgQ49riyKl8bK5ooc.roa (raw, json)
Hash identifier: NjYxdwzAVMTqsafrdu9DkIl6IVk4vyoMzcFhPEjO2sM=
Subject key identifier: A0:4D:C1:13:93:C5:4D:76:20:43:8F:6B:8B:22:A5:F1:B2:B9:A2:87
Certificate issuer: /CN=1f21c543844c417f61ad7939244d3b759c2a43ed
Certificate serial: 1A93A93D
Authority key identifier: 1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/oE3BE5PFTXYgQ49riyKl8bK5ooc.roa
Signing time: Mon 23 May 2022 11:20:30 +0000
ROA not before: Mon 23 May 2022 11:20:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60304
IP address blocks: 185.33.35.0/24 maxlen: 24
185.33.34.0/24 maxlen: 24
185.33.33.0/24 maxlen: 24
185.33.32.0/24 maxlen: 24
2a04:5901:7::/48 maxlen: 48
2a04:5901:c::/48 maxlen: 48
2a04:5901:1d::/48 maxlen: 48
2a04:5901:22::/48 maxlen: 48
2a04:5901:2::/48 maxlen: 48
2a04:5901:13::/48 maxlen: 48
2a04:5901:18::/48 maxlen: 48
2a04:5901:9::/48 maxlen: 48
2a04:5901:e::/48 maxlen: 48
2a04:5900::/32 maxlen: 32
2a04:5901:1f::/48 maxlen: 48
2a04:5901:24::/48 maxlen: 48
2a04:5901:4::/48 maxlen: 48
2a04:5901:15::/48 maxlen: 48
2a04:5901:1a::/48 maxlen: 48
2a04:5901:b::/48 maxlen: 48
2a04:5901:10::/48 maxlen: 48
2a04:5901:21::/48 maxlen: 48
2a04:5901:1::/48 maxlen: 48
2a04:5901:6::/48 maxlen: 48
2a04:5901:17::/48 maxlen: 48
2a04:5901:1c::/48 maxlen: 48
2a04:5901:d::/48 maxlen: 48
2a04:5901:12::/48 maxlen: 48
2a04:5901:23::/48 maxlen: 48
2a04:5901:3::/48 maxlen: 48
2a04:5901:8::/48 maxlen: 48
2a04:5900::/29 maxlen: 29
2a04:5901:19::/48 maxlen: 48
2a04:5901:1e::/48 maxlen: 48
2a04:5901:f::/48 maxlen: 48
2a04:5901:14::/48 maxlen: 48
2a04:5901:5::/48 maxlen: 48
2a04:5901:a::/48 maxlen: 48
2a04:5901:1b::/48 maxlen: 48
2a04:5901::/32 maxlen: 32
2a04:5901:20::/48 maxlen: 48
2a04:5901:11::/48 maxlen: 48
2a04:5901:16::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 445884733 (0x1a93a93d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f21c543844c417f61ad7939244d3b759c2a43ed
Validity
Not Before: May 23 11:20:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a04dc11393c54d7620438f6b8b22a5f1b2b9a287
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:07:c1:01:3c:cf:5a:44:f5:4d:5c:ab:99:1f:
27:ee:22:9c:26:5c:55:2c:81:68:3a:0a:40:e3:89:
26:41:9c:85:5a:3d:0a:92:15:3e:13:c9:9d:ae:9b:
cb:7e:f5:59:4d:03:e3:43:8d:6a:aa:59:6f:af:13:
21:5f:6e:3a:a6:3e:d7:9d:21:9e:1a:00:f6:2d:62:
3f:d5:66:3a:0e:d6:98:34:c4:21:35:ff:e3:8c:89:
4d:27:e5:d0:06:77:0c:e8:95:77:2f:11:59:f9:e0:
8d:71:0f:d1:7b:0c:94:f0:20:90:be:2f:72:84:8b:
ae:39:a3:b2:96:9e:85:6e:6c:a3:49:5b:4e:8f:ac:
e7:86:e0:81:be:e3:16:32:23:cd:da:71:a9:f5:74:
e4:5e:53:ab:81:c4:fa:16:5b:0a:09:29:79:cc:24:
83:95:94:aa:31:46:5d:db:fd:48:e6:fb:59:f6:03:
28:22:04:b9:c9:33:7a:70:c4:4b:7b:c3:d8:9d:bd:
99:3d:dd:c8:2f:f4:fc:a9:72:5f:e7:3c:ee:ea:b4:
8f:37:f0:cd:8b:7a:fa:0d:ad:b2:6e:98:40:f5:dd:
4d:06:31:20:39:98:04:ea:83:6b:b0:9d:7a:63:77:
dc:ef:54:4c:28:8d:8f:b5:92:91:b6:63:64:d4:38:
49:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:4D:C1:13:93:C5:4D:76:20:43:8F:6B:8B:22:A5:F1:B2:B9:A2:87
X509v3 Authority Key Identifier:
keyid:1F:21:C5:43:84:4C:41:7F:61:AD:79:39:24:4D:3B:75:9C:2A:43:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/oE3BE5PFTXYgQ49riyKl8bK5ooc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/156ecd-fe68-4bc3-ae7d-b8c4853e42bc/1/HyHFQ4RMQX9hrXk5JE07dZwqQ-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.32.0/22
IPv6:
2a04:5900::/29
Signature Algorithm: sha256WithRSAEncryption
b3:70:f2:e9:ae:18:77:43:62:41:8c:ed:79:fb:75:a3:3c:f8:
2b:33:7e:90:4f:bd:e9:32:28:b8:30:f6:14:45:96:25:9e:55:
d3:ea:aa:50:2e:c1:1d:79:aa:57:17:6a:67:3c:13:e4:de:fd:
38:fc:e5:9c:12:18:84:0d:3f:68:8f:bf:c7:d2:bc:dc:06:c2:
9a:7a:35:3d:86:e9:a7:32:82:b7:3b:5e:b1:92:21:20:cb:21:
7d:50:9f:19:f8:76:3c:28:a8:c9:e6:f5:7c:24:08:a3:36:9c:
0c:f9:ec:92:83:6e:ab:6c:6d:df:5d:26:3d:ba:70:f3:2e:d6:
9b:67:dd:cc:87:b2:ff:35:44:8c:36:3a:8a:c2:e6:ba:c6:0e:
c6:fe:b4:ec:55:ea:cc:ef:5c:ce:60:02:ff:5b:75:f8:cf:02:
33:ba:00:5c:17:e0:f6:ee:19:3a:82:65:b1:c9:4e:5e:38:7e:
7f:fa:c7:4e:e0:77:72:69:51:6d:56:b7:17:bf:ad:9d:2b:cf:
f8:5b:62:38:3e:76:ed:53:b7:f0:2c:30:18:29:01:7a:68:1f:
96:46:ee:29:78:b2:2c:89:3b:fd:bf:44:51:ec:65:38:23:ce:
4f:66:d2:12:c1:f0:d5:91:d4:58:d8:0f:71:89:be:a1:89:80:
f5:0c:98:33
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGpOpPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZjIxYzU0Mzg0NGM0MTdmNjFhZDc5MzkyNDRkM2I3NTljMmE0M2VkMB4XDTIyMDUy
MzExMjAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTA0ZGMxMTM5M2M1
NGQ3NjIwNDM4ZjZiOGIyMmE1ZjFiMmI5YTI4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwHwQE8z1pE9U1cq5kfJ+4inCZcVSyBaDoKQOOJJkGchVo9
CpIVPhPJna6by371WU0D40ONaqpZb68TIV9uOqY+150hnhoA9i1iP9VmOg7WmDTE
ITX/44yJTSfl0AZ3DOiVdy8RWfngjXEP0XsMlPAgkL4vcoSLrjmjspaehW5so0lb
To+s54bggb7jFjIjzdpxqfV05F5Tq4HE+hZbCgkpecwkg5WUqjFGXdv9SOb7WfYD
KCIEuckzenDES3vD2J29mT3dyC/0/KlyX+c87uq0jzfwzYt6+g2tsm6YQPXdTQYx
IDmYBOqDa7CdemN33O9UTCiNj7WSkbZjZNQ4SSsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSgTcETk8VNdiBDj2uLIqXxsrmihzAfBgNVHSMEGDAWgBQfIcVDhExBf2Gt
eTkkTTt1nCpD7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0h5SEZRNFJNUVg5aHJYazVKRTA3ZFp3cVEtMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvMTU2ZWNkLWZlNjgtNGJjMy1hZTdkLWI4YzQ4NTNlNDJiYy8x
L29FM0JFNVBGVFhZZ1E0OXJpeUtsOGJLNW9vYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
MTU2ZWNkLWZlNjgtNGJjMy1hZTdkLWI4YzQ4NTNlNDJiYy8xL0h5SEZRNFJNUVg5
aHJYazVKRTA3ZFp3cVEtMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkhIDANBAIAAjAHAwUDKgRZADAN
BgkqhkiG9w0BAQsFAAOCAQEAs3Dy6a4Yd0NiQYzteft1ozz4KzN+kE+96TIouDD2
FEWWJZ5V0+qqUC7BHXmqVxdqZzwT5N79OPzlnBIYhA0/aI+/x9K83AbCmno1PYbp
pzKCtztesZIhIMshfVCfGfh2PCioyeb1fCQIozacDPnskoNuq2xt310mPbpw8y7W
m2fdzIey/zVEjDY6isLmusYOxv607FXqzO9czmAC/1t1+M8CM7oAXBfg9u4ZOoJl
sclOXjh+f/rHTuB3cmlRbVa3F7+tnSvP+FtiOD527VO38CwwGCkBemgflkbuKXiy
LIk7/b9EUexlOCPOT2bSEsHw1ZHUWNgPcYm+oYmA9QyYMw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-ams.rpki-client.org