Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/Szg-Oo5D1Tl7MHAt1XhBVGtApAM.roa
File: Szg-Oo5D1Tl7MHAt1XhBVGtApAM.roa (raw, json)
Hash identifier: ZUpeRgB/P2Q2fWgLvw45z9g2Od614xzyRY18d9IoNd4=
Subject key identifier: 4B:38:3E:3A:8E:43:D5:39:7B:30:70:2D:D5:78:41:54:6B:40:A4:03
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0D610501
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/Szg-Oo5D1Tl7MHAt1XhBVGtApAM.roa
Signing time: Tue 24 May 2022 10:19:13 +0000
ROA not before: Tue 24 May 2022 10:19:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 194.163.71.0/24 maxlen: 24
194.233.49.0/24 maxlen: 24
212.224.6.0/24 maxlen: 24
195.180.176.0/24 maxlen: 24
195.252.174.0/24 maxlen: 24
195.180.188.0/24 maxlen: 24
195.180.189.0/24 maxlen: 24
194.233.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224462081 (0xd610501)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: May 24 10:19:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b383e3a8e43d5397b30702dd57841546b40a403
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6e:09:9e:7e:85:46:78:f9:bd:e4:c7:3b:34:
69:2e:a6:2e:3c:22:cc:23:9b:6c:fe:aa:b3:4a:58:
58:a4:a9:c9:4e:7e:95:57:9b:c8:dd:6d:11:b6:c0:
fd:24:8f:11:2b:c3:f0:23:c2:2e:7b:23:48:f6:b2:
d8:41:a5:26:9f:a5:32:48:28:c0:3a:04:cc:7c:af:
e1:e5:09:66:ee:2a:7b:e1:7d:52:18:80:ff:36:da:
1d:ca:1b:d8:8a:95:9c:64:ba:f8:6e:8f:d5:f3:c7:
33:90:38:c0:09:0a:4d:29:a4:f2:53:39:84:77:3a:
0a:83:c8:37:65:52:da:c4:95:6a:30:ab:9e:18:62:
2a:48:32:2e:78:99:49:58:c0:d2:27:79:cf:a8:d8:
ba:18:27:da:05:a4:81:1d:06:9b:7c:be:28:54:98:
b5:18:54:21:ea:93:c3:08:da:6e:6d:6a:2c:b0:f5:
96:64:eb:43:0c:0c:de:7a:52:24:6f:ec:e9:18:b7:
16:9f:22:01:39:54:06:82:7e:a5:6e:7a:b9:b7:40:
83:bd:f0:06:78:1d:63:39:8f:22:5e:fb:2d:cc:db:
07:c3:a6:91:92:ab:50:ec:17:aa:2a:85:ce:45:7c:
73:75:b5:a1:cf:90:c8:e0:4d:30:f5:f7:01:93:74:
fd:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:38:3E:3A:8E:43:D5:39:7B:30:70:2D:D5:78:41:54:6B:40:A4:03
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/Szg-Oo5D1Tl7MHAt1XhBVGtApAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.71.0/24
194.233.5.0/24
194.233.49.0/24
195.180.176.0/24
195.180.188.0/23
195.252.174.0/24
212.224.6.0/24
Signature Algorithm: sha256WithRSAEncryption
34:9a:62:c3:b9:16:38:79:c7:2c:63:ac:73:db:2c:6a:ae:60:
cf:b1:62:73:e6:d2:bd:50:8a:53:9e:6a:72:2b:e5:87:7f:15:
8c:7e:3d:d2:ee:6d:ce:3e:fc:5f:6c:c5:a1:51:42:96:40:d3:
c8:86:23:ad:e3:b1:bf:9f:47:77:1e:25:4e:2a:d9:97:71:bc:
36:c3:43:20:de:e8:cc:c2:05:23:36:c3:4b:85:3e:5d:9e:23:
a3:19:e0:ab:c7:7f:df:7d:3b:e9:98:4f:73:2c:42:fe:e8:41:
f3:90:af:ee:05:52:c1:74:d7:b7:b6:59:f4:75:56:df:55:f7:
0d:b3:a5:b1:f7:d6:02:bf:13:45:42:1f:84:65:59:3f:65:d2:
a6:33:d5:b4:4d:ee:d4:21:33:87:4c:bd:e8:49:82:37:11:19:
9f:de:d9:ac:97:48:64:f0:05:de:49:ec:1b:22:e9:b2:fe:47:
d3:72:dd:f5:21:ee:db:b1:1d:f9:d8:a9:cb:d8:b0:0a:eb:bd:
12:36:60:db:88:6c:32:20:2b:44:66:2a:d0:cc:b4:29:36:cb:
f5:3e:f8:fb:e2:e8:aa:35:93:d0:fc:5e:e6:ca:f1:98:ab:f8:
64:9b:a0:c9:3e:87:6c:23:d0:31:9f:30:e4:7c:69:23:99:78:
2a:03:e5:53
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDWEFATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDUy
NDEwMTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIzODNlM2E4ZTQz
ZDUzOTdiMzA3MDJkZDU3ODQxNTQ2YjQwYTQwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBuCZ5+hUZ4+b3kxzs0aS6mLjwizCObbP6qs0pYWKSpyU5+
lVebyN1tEbbA/SSPESvD8CPCLnsjSPay2EGlJp+lMkgowDoEzHyv4eUJZu4qe+F9
UhiA/zbaHcob2IqVnGS6+G6P1fPHM5A4wAkKTSmk8lM5hHc6CoPIN2VS2sSVajCr
nhhiKkgyLniZSVjA0id5z6jYuhgn2gWkgR0Gm3y+KFSYtRhUIeqTwwjabm1qLLD1
lmTrQwwM3npSJG/s6Ri3Fp8iATlUBoJ+pW56ubdAg73wBngdYzmPIl77LczbB8Om
kZKrUOwXqiqFzkV8c3W1oc+QyOBNMPX3AZN0/fkCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRLOD46jkPVOXswcC3VeEFUa0CkAzAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L1N6Zy1PbzVEMVRsN01IQXQxWGhCVkd0QXBBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAMKjRwMEAMLpBQMEAMLpMQMEAMO0
sAMEAcO0vAMEAMP8rgMEANTgBjANBgkqhkiG9w0BAQsFAAOCAQEANJpiw7kWOHnH
LGOsc9ssaq5gz7Fic+bSvVCKU55qcivlh38VjH490u5tzj78X2zFoVFClkDTyIYj
reOxv59Hdx4lTirZl3G8NsNDIN7ozMIFIzbDS4U+XZ4joxngq8d/33076ZhPcyxC
/uhB85Cv7gVSwXTXt7ZZ9HVW31X3DbOlsffWAr8TRUIfhGVZP2XSpjPVtE3u1CEz
h0y96EmCNxEZn97ZrJdIZPAF3knsGyLpsv5H03Ld9SHu27Ed+dipy9iwCuu9EjZg
24hsMiArRGYq0My0KTbL9T74++LoqjWT0Pxe5srxmKv4ZJugyT6HbCPQMZ8w5Hxp
I5l4KgPlUw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org