Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/SfTtmWqRFiCEQb1zp-0_iT3Y2-M.roa
File: SfTtmWqRFiCEQb1zp-0_iT3Y2-M.roa (raw, json)
Hash identifier: BVY5OZOao9ftULL9SAesnUFv88NOEmaT9gVJre6pEns=
Subject key identifier: 49:F4:ED:99:6A:91:16:20:84:41:BD:73:A7:ED:3F:89:3D:D8:DB:E3
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01825DC27CD88A9A460BFA8C7A25C80650AE
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/SfTtmWqRFiCEQb1zp-0_iT3Y2-M.roa
Signing time: Tue 02 Aug 2022 08:53:23 +0000
ROA not before: Tue 02 Aug 2022 08:53:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 53356
IP address blocks: 194.64.164.0/22 maxlen: 22
194.64.172.0/22 maxlen: 22
194.64.168.0/22 maxlen: 22
194.233.36.0/22 maxlen: 22
194.233.32.0/22 maxlen: 22
194.233.40.0/22 maxlen: 22
195.179.84.0/22 maxlen: 22
194.195.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5d:c2:7c:d8:8a:9a:46:0b:fa:8c:7a:25:c8:06:50:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Aug 2 08:53:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=49f4ed996a9116208441bd73a7ed3f893dd8dbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:30:e2:0c:49:8e:16:eb:41:87:fc:28:c0:7b:
6e:d4:97:4f:a5:88:f0:84:0b:03:d2:f2:2c:d7:42:
d8:2f:b7:e2:85:69:c3:b4:61:98:ab:09:ee:84:de:
18:08:4f:55:a1:39:ca:25:34:9b:8e:78:09:44:05:
eb:50:95:88:45:87:80:26:f4:32:50:86:c6:65:27:
9f:dd:95:9d:bb:71:dc:d5:b9:6b:f4:61:c3:e6:22:
19:74:f1:47:15:53:5e:80:0c:50:46:1c:f3:24:ed:
b9:42:3b:3d:7a:99:bf:7f:ed:8b:2a:7f:1c:f7:ca:
44:9b:18:54:01:c7:92:33:10:49:29:9a:87:2c:21:
0a:1c:d3:16:89:60:d8:46:4f:25:53:fc:f3:1e:80:
56:d5:22:3c:d5:9f:a9:41:69:1f:47:9c:96:24:35:
48:72:a9:ed:39:1e:7d:88:d3:f9:36:b0:7b:ff:c3:
e6:f0:15:c3:3e:cb:83:a7:ec:2f:49:88:af:4a:c6:
19:65:e9:30:53:62:40:1f:d0:af:bf:62:9e:ec:c6:
cc:f1:94:9b:d6:65:62:41:53:5f:6b:06:5d:a4:44:
17:d5:af:a1:3f:5c:93:de:63:70:2c:bd:32:04:b8:
5c:c1:b5:a1:95:18:ca:7a:56:aa:76:e7:ce:59:5d:
f8:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F4:ED:99:6A:91:16:20:84:41:BD:73:A7:ED:3F:89:3D:D8:DB:E3
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/SfTtmWqRFiCEQb1zp-0_iT3Y2-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.164.0-194.64.175.255
194.195.204.0/22
194.233.32.0-194.233.43.255
195.179.84.0/22
Signature Algorithm: sha256WithRSAEncryption
64:76:77:f1:8f:e0:0a:58:c0:bc:ca:43:be:ff:80:ab:9d:44:
6a:eb:c9:02:7c:c9:4b:43:75:00:4c:79:c7:e5:74:54:16:ad:
4f:cf:2b:2c:0e:d1:f1:74:d6:b2:a6:23:84:2d:a2:24:88:3b:
87:a0:4c:6d:cb:54:15:4f:f0:6c:4d:a2:21:c0:e2:55:33:44:
ee:2e:74:a8:41:14:2a:f1:ae:ce:64:d2:ca:f4:0a:14:c3:e0:
ac:ec:0f:d2:dd:7a:3a:b0:bb:33:98:04:03:ff:39:0f:69:07:
7a:fc:42:58:72:b7:b6:6f:8a:79:5c:a6:74:45:23:f6:a7:ac:
a0:43:1f:b4:62:33:e2:38:69:c2:ba:06:c6:bf:9e:e0:3e:f1:
5c:6c:80:94:8b:ba:aa:18:81:15:eb:1b:5d:42:50:5c:d3:7e:
a2:ff:2d:ab:8c:d9:d6:ca:43:ac:67:56:cf:96:4d:a6:79:c1:
97:cc:a8:68:20:03:3a:9b:1a:d9:df:45:12:bb:d8:ab:90:65:
8f:ce:9a:17:a7:30:b0:53:82:5b:19:68:01:9b:25:c7:57:35:
50:c4:48:47:a3:33:16:b4:26:95:90:a3:98:bc:f5:a0:b8:4d:
74:77:93:6a:42:84:8b:83:a2:8c:ea:f7:22:91:78:ef:17:0f:
4b:9e:bc:57
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYJdwnzYippGC/qMeiXIBlCuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjIwODAyMDg1MzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWY0ZWQ5OTZhOTExNjIwODQ0MWJkNzNhN2VkM2Y4OTNkZDhkYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzDiDEmOFutBh/wowHtu1JdPpYjw
hAsD0vIs10LYL7fihWnDtGGYqwnuhN4YCE9VoTnKJTSbjngJRAXrUJWIRYeAJvQy
UIbGZSef3ZWdu3Hc1blr9GHD5iIZdPFHFVNegAxQRhzzJO25Qjs9epm/f+2LKn8c
98pEmxhUAceSMxBJKZqHLCEKHNMWiWDYRk8lU/zzHoBW1SI81Z+pQWkfR5yWJDVI
cqntOR59iNP5NrB7/8Pm8BXDPsuDp+wvSYivSsYZZekwU2JAH9Cvv2Ke7MbM8ZSb
1mViQVNfawZdpEQX1a+hP1yT3mNwLL0yBLhcwbWhlRjKelaqdufOWV34/wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEn07ZlqkRYghEG9c6ftP4k92NvjMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvU2ZUdG1XcVJGaUNFUWIxenAtMF9pVDNZMi1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBALCQKQD
BATCQKADBALCw8wwDAMEBcLpIAMEAsLpKAMEAsOzVDANBgkqhkiG9w0BAQsFAAOC
AQEAZHZ38Y/gCljAvMpDvv+Aq51EauvJAnzJS0N1AEx5x+V0VBatT88rLA7R8XTW
sqYjhC2iJIg7h6BMbctUFU/wbE2iIcDiVTNE7i50qEEUKvGuzmTSyvQKFMPgrOwP
0t16OrC7M5gEA/85D2kHevxCWHK3tm+KeVymdEUj9qesoEMftGIz4jhpwroGxr+e
4D7xXGyAlIu6qhiBFesbXUJQXNN+ov8tq4zZ1spDrGdWz5ZNpnnBl8yoaCADOpsa
2d9FErvYq5Blj86aF6cwsFOCWxloAZslx1c1UMRIR6MzFrQmlZCjmLz1oLhNdHeT
akKEi4OijOr3IpF47xcPS568Vw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org