Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/CUEeJk0sZ9EmDKcguuYRZ61eScs.roa
File: CUEeJk0sZ9EmDKcguuYRZ61eScs.roa (raw, json)
Hash identifier: hjY0+ZxQ2aevhC5M8qBkfLXQqhsvuN8zIcE61K0Y8tA=
Subject key identifier: 09:41:1E:26:4D:2C:67:D1:26:0C:A7:20:BA:E6:11:67:AD:5E:49:CB
Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial: 01849A4F8ECECF7AF7E81F926C15E4F6A21C
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/CUEeJk0sZ9EmDKcguuYRZ61eScs.roa
Signing time: Mon 21 Nov 2022 13:10:15 +0000
ROA not before: Mon 21 Nov 2022 13:10:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25400
IP address blocks: 213.188.0.0/19 maxlen: 19
212.125.192.0/18 maxlen: 18
213.236.171.0/24 maxlen: 24
109.163.124.0/24 maxlen: 24
217.68.96.0/19 maxlen: 19
62.113.128.0/19 maxlen: 19
80.239.0.0/17 maxlen: 17
213.236.128.0/17 maxlen: 17
93.124.128.0/17 maxlen: 17
195.70.160.0/19 maxlen: 19
185.72.96.0/22 maxlen: 22
212.37.224.0/19 maxlen: 19
213.225.64.0/18 maxlen: 18
80.232.0.0/17 maxlen: 17
109.163.0.0/17 maxlen: 17
62.73.192.0/18 maxlen: 18
85.19.0.0/16 maxlen: 16
212.20.192.0/19 maxlen: 19
80.232.34.0/24 maxlen: 24
2a02:228::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:4f:8e:ce:cf:7a:f7:e8:1f:92:6c:15:e4:f6:a2:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Validity
Not Before: Nov 21 13:10:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09411e264d2c67d1260ca720bae61167ad5e49cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:63:bf:94:2c:14:90:79:aa:31:00:3e:26:b2:
63:40:03:a3:fc:cc:81:e4:63:79:f9:f7:8a:28:c1:
77:07:c5:4f:27:de:e1:5a:67:13:4e:05:0f:d9:0c:
94:da:82:58:f2:7f:73:50:fc:f7:be:ba:f2:3d:30:
d4:c9:a7:a9:7e:34:86:1a:53:c9:7c:b3:85:8f:b5:
63:71:39:97:02:b5:23:b3:74:31:39:bf:88:9e:90:
dc:23:82:e8:75:cb:e7:c1:60:2d:7f:ba:d7:fb:55:
91:c4:f2:49:ca:8b:a5:71:90:01:df:50:1d:66:4f:
b9:60:40:b6:e5:eb:39:74:d1:24:7d:03:62:77:4e:
39:68:2a:85:44:96:52:9e:7f:7e:99:a8:4f:4e:df:
22:82:64:87:ad:fe:25:9d:14:65:b1:ec:f2:54:62:
43:6e:72:ac:62:80:e8:d3:d6:0f:97:b2:85:01:40:
1a:68:7c:43:8a:a4:90:a9:1f:e3:0e:c2:d2:76:d0:
51:c5:c2:35:64:56:92:1a:2b:70:a0:de:50:c3:ba:
a6:a6:50:75:27:cc:55:fa:4b:fd:92:54:98:42:67:
ee:c4:cf:ba:ff:69:16:55:ad:be:46:b7:ed:55:4f:
e7:d5:af:49:1d:a8:52:de:05:52:de:49:3d:ff:87:
0b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:41:1E:26:4D:2C:67:D1:26:0C:A7:20:BA:E6:11:67:AD:5E:49:CB
X509v3 Authority Key Identifier:
keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/CUEeJk0sZ9EmDKcguuYRZ61eScs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.73.192.0/18
62.113.128.0/19
80.232.0.0/17
80.239.0.0/17
85.19.0.0/16
93.124.128.0/17
109.163.0.0/17
185.72.96.0/22
195.70.160.0/19
212.20.192.0/19
212.37.224.0/19
212.125.192.0/18
213.188.0.0/19
213.225.64.0/18
213.236.128.0/17
217.68.96.0/19
IPv6:
2a02:228::/29
Signature Algorithm: sha256WithRSAEncryption
19:a3:a2:9b:80:d4:ea:79:fb:02:8c:79:b6:de:db:58:73:1f:
7a:52:ce:57:d8:2c:8f:97:34:95:a8:20:70:9f:93:1a:30:57:
23:e5:f9:21:32:5a:42:2f:ed:e8:aa:e8:10:aa:14:4f:d8:ce:
b4:02:2b:0d:09:29:37:d0:c3:05:ad:23:67:9f:c3:07:1c:5e:
11:f6:78:da:12:4c:37:8f:6f:c5:c5:5b:43:bb:ad:f9:29:e4:
99:d5:54:d1:2b:08:54:3a:f8:5e:05:e6:16:6c:7b:b7:99:52:
63:ae:df:54:d0:92:27:59:b6:96:05:c2:a3:5f:9c:1a:da:81:
89:6b:33:e6:8c:ed:96:f3:b5:14:e2:a9:e1:b1:7b:e6:9e:96:
c5:fb:8b:7d:0f:aa:73:67:d9:ad:83:5e:cd:4a:82:e7:75:44:
83:99:56:22:71:dd:86:17:ce:ab:96:1a:ba:48:56:98:38:3a:
4d:a5:9a:f7:81:be:53:b2:de:db:44:46:0e:04:e2:22:36:b0:
63:29:ae:c6:5f:fc:ef:f2:14:c2:c0:21:c4:90:e7:e1:c1:c7:
1b:e9:e4:8a:f0:87:5b:26:86:24:09:30:98:0c:ff:8f:a9:e7:
41:a2:a6:19:ba:ec:08:9d:75:f3:73:6b:85:37:6a:db:02:11:
2c:0a:b0:87
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYSaT47Oz3r36B+SbBXk9qIcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjIxMTIxMTMxMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTQxMWUyNjRkMmM2N2QxMjYwY2E3MjBiYWU2MTE2N2FkNWU0OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmO/lCwUkHmqMQA+JrJjQAOj/MyB
5GN5+feKKMF3B8VPJ97hWmcTTgUP2QyU2oJY8n9zUPz3vrryPTDUyaepfjSGGlPJ
fLOFj7VjcTmXArUjs3QxOb+InpDcI4LodcvnwWAtf7rX+1WRxPJJyoulcZAB31Ad
Zk+5YEC25es5dNEkfQNid045aCqFRJZSnn9+mahPTt8igmSHrf4lnRRlsezyVGJD
bnKsYoDo09YPl7KFAUAaaHxDiqSQqR/jDsLSdtBRxcI1ZFaSGitwoN5Qw7qmplB1
J8xV+kv9klSYQmfuxM+6/2kWVa2+RrftVU/n1a9JHahS3gVS3kk9/4cLtwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFAlBHiZNLGfRJgynILrmEWetXknLMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEvQ1VFZUprMHNaOUVtREtjZ3V1WVJaNjFlU2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwZQQCAAEwXwMEBj5JwAME
BT5xgAMEB1DoAAMEB1DvAAMDAFUTAwQHXXyAAwQHbaMAAwQCuUhgAwQFw0agAwQF
1BTAAwQF1CXgAwQG1H3AAwQF1bwAAwQG1eFAAwQH1eyAAwQF2URgMA0EAgACMAcD
BQMqAgIoMA0GCSqGSIb3DQEBCwUAA4IBAQAZo6KbgNTqefsCjHm23ttYcx96Us5X
2CyPlzSVqCBwn5MaMFcj5fkhMlpCL+3oqugQqhRP2M60AisNCSk30MMFrSNnn8MH
HF4R9njaEkw3j2/FxVtDu635KeSZ1VTRKwhUOvheBeYWbHu3mVJjrt9U0JInWbaW
BcKjX5wa2oGJazPmjO2W87UU4qnhsXvmnpbF+4t9D6pzZ9mtg17NSoLndUSDmVYi
cd2GF86rlhq6SFaYODpNpZr3gb5Tst7bREYOBOIiNrBjKa7GX/zv8hTCwCHEkOfh
wccb6eSK8IdbJoYkCTCYDP+PqedBoqYZuuwInXXzc2uFN2rbAhEsCrCH
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:36 2024 by rpki-client on console-ams.rpki-client.org