Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UAvMWEIubXxZTGtNBdAD66ZYLNs.roa
File: UAvMWEIubXxZTGtNBdAD66ZYLNs.roa (raw, json)
Hash identifier: 72B16T2ziFlxZoS03nJrZXYgMlpHmVrmxZ2KeWyRxbE=
Subject key identifier: 50:0B:CC:58:42:2E:6D:7C:59:4C:6B:4D:05:D0:03:EB:A6:58:2C:DB
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0183F9A60D07A4246050B5C9F1E1875A61D1
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UAvMWEIubXxZTGtNBdAD66ZYLNs.roa
Signing time: Fri 21 Oct 2022 08:25:52 +0000
ROA not before: Fri 21 Oct 2022 08:25:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57844
IP address blocks: 85.209.120.0/22 maxlen: 24
45.94.168.0/22 maxlen: 24
195.211.188.0/22 maxlen: 24
2.56.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:a6:0d:07:a4:24:60:50:b5:c9:f1:e1:87:5a:61:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 21 08:25:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=500bcc58422e6d7c594c6b4d05d003eba6582cdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:58:d9:cd:64:c9:1d:a0:c8:6e:67:52:5e:c2:
02:77:b1:ac:b7:ff:03:23:e1:93:f3:df:34:00:a9:
dd:2d:aa:2c:8a:04:ba:2e:bc:73:9e:91:23:bc:70:
af:f6:7d:37:98:b4:bc:3b:d5:0e:9f:02:93:62:b3:
6f:cd:fd:3a:9d:d1:8c:f5:07:99:fa:2b:bf:de:07:
7e:48:9b:af:6f:df:8e:10:c5:68:ed:48:cb:18:9e:
18:dd:c9:2d:45:bb:94:cd:e1:f0:fc:33:35:56:8c:
c5:d5:c7:2a:11:7c:61:3f:0e:d1:79:15:cc:61:75:
db:fe:c7:05:b9:d0:0c:97:49:27:d4:db:c7:32:b4:
2d:fe:9a:a4:8f:ed:f6:49:90:6a:90:87:ce:5b:19:
28:60:81:d9:07:e7:be:5c:4d:9f:f3:90:5b:ee:2d:
be:08:6b:39:a5:96:a2:f6:82:2a:22:3d:82:39:ad:
7e:b0:6a:b6:56:45:54:8a:be:1c:68:55:ee:c7:b6:
52:db:5e:bc:04:c8:9b:c3:d7:1d:5e:f0:b3:cb:f3:
eb:26:be:bf:45:12:e3:f5:85:d2:da:1d:d3:7f:5b:
f8:e2:5c:40:a7:61:15:e6:d7:4b:75:37:75:54:b1:
c9:98:8a:df:76:46:29:8f:57:ce:d6:ca:13:f4:be:
01:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:0B:CC:58:42:2E:6D:7C:59:4C:6B:4D:05:D0:03:EB:A6:58:2C:DB
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/UAvMWEIubXxZTGtNBdAD66ZYLNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/22
45.94.168.0/22
85.209.120.0/22
195.211.188.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:76:18:9d:ca:48:38:fe:3a:31:3c:24:2b:ed:96:56:4a:3d:
a2:72:ff:81:90:99:fb:fc:a7:31:6a:0f:4a:e6:9e:53:cd:f1:
dd:0e:09:cf:9b:49:90:f5:49:47:dc:ff:c3:a4:ca:71:51:16:
f5:3e:b4:89:59:60:2c:9f:46:05:25:b0:9e:b5:dc:e2:7d:60:
bc:11:0f:50:1d:22:e1:d0:b8:a4:7b:2b:1f:d1:4f:b8:a6:6d:
a7:b0:72:24:8b:93:2d:cb:36:7d:ce:2c:58:cf:37:17:d1:61:
85:89:35:b7:8b:b9:36:f0:d8:06:1c:d7:12:65:4c:52:4d:54:
6b:43:7a:6f:fb:7f:6e:e9:73:e3:41:12:88:34:46:18:1f:34:
54:1b:44:3e:3f:f6:f9:cb:f7:5e:89:68:e5:ee:ed:32:88:7e:
44:6f:22:0c:2b:71:d3:26:65:d3:05:d0:49:17:35:44:2e:e6:
10:80:9c:75:c5:f4:c8:ff:29:a3:ea:35:39:6c:d7:cc:3a:28:
e6:5d:19:98:e0:b7:91:78:53:2b:ae:f3:bb:07:7c:a1:35:9e:
10:90:19:2e:93:9d:b6:2d:0f:0e:b1:38:97:76:de:7d:c9:54:
26:63:cc:75:67:7a:d3:0b:98:c8:eb:a9:2c:0b:0c:7d:92:88:
e5:aa:d7:58
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYP5pg0HpCRgULXJ8eGHWmHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDIxMDgyNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MDBiY2M1ODQyMmU2ZDdjNTk0YzZiNGQwNWQwMDNlYmE2NTgyY2RiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjVjZzWTJHaDIbmdSXsICd7Gst/8D
I+GT8980AKndLaosigS6LrxznpEjvHCv9n03mLS8O9UOnwKTYrNvzf06ndGM9QeZ
+iu/3gd+SJuvb9+OEMVo7UjLGJ4Y3cktRbuUzeHw/DM1VozF1ccqEXxhPw7ReRXM
YXXb/scFudAMl0kn1NvHMrQt/pqkj+32SZBqkIfOWxkoYIHZB+e+XE2f85Bb7i2+
CGs5pZai9oIqIj2COa1+sGq2VkVUir4caFXux7ZS2168BMibw9cdXvCzy/PrJr6/
RRLj9YXS2h3Tf1v44lxAp2EV5tdLdTd1VLHJmIrfdkYpj1fO1soT9L4BrwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFALzFhCLm18WUxrTQXQA+umWCzbMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVUF2TVdFSXViWHhaVEd0TkJkQUQ2NlpZTE5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCAjhsAwQC
LV6oAwQCVdF4AwQCw9O8MA0GCSqGSIb3DQEBCwUAA4IBAQA+dhidykg4/joxPCQr
7ZZWSj2icv+BkJn7/Kcxag9K5p5TzfHdDgnPm0mQ9UlH3P/DpMpxURb1PrSJWWAs
n0YFJbCetdzifWC8EQ9QHSLh0Likeysf0U+4pm2nsHIki5MtyzZ9zixYzzcX0WGF
iTW3i7k28NgGHNcSZUxSTVRrQ3pv+39u6XPjQRKINEYYHzRUG0Q+P/b5y/deiWjl
7u0yiH5EbyIMK3HTJmXTBdBJFzVELuYQgJx1xfTI/ymj6jU5bNfMOijmXRmY4LeR
eFMrrvO7B3yhNZ4QkBkuk522LQ8OsTiXdt59yVQmY8x1Z3rTC5jI66ksCwx9kojl
qtdY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org