Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/aSHb2fDCEb-gydYiIABC1QzY4hg.roa
File: aSHb2fDCEb-gydYiIABC1QzY4hg.roa (raw, json)
Hash identifier: orSaBFopYRwEvrDpW3ANgI1IkfMDknp/ho30V3TzvEk=
Subject key identifier: 69:21:DB:D9:F0:C2:11:BF:A0:C9:D6:22:20:00:42:D5:0C:D8:E2:18
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 01833C4AC5B5E2254F9EA3A0A2A852C60D18
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/aSHb2fDCEb-gydYiIABC1QzY4hg.roa
Signing time: Wed 14 Sep 2022 13:57:56 +0000
ROA not before: Wed 14 Sep 2022 13:57:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 53356
IP address blocks: 194.64.164.0/22 maxlen: 22
194.64.172.0/22 maxlen: 22
194.64.168.0/22 maxlen: 22
194.233.32.0/22 maxlen: 22
194.233.40.0/22 maxlen: 22
194.195.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3c:4a:c5:b5:e2:25:4f:9e:a3:a0:a2:a8:52:c6:0d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Sep 14 13:57:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6921dbd9f0c211bfa0c9d622200042d50cd8e218
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:16:c8:49:ac:e6:19:25:e9:2a:b1:b5:84:7a:
0b:a4:4b:89:06:b6:af:73:e5:db:ea:ed:b4:4f:8e:
5d:2b:fc:87:2c:f9:f8:8c:d8:0f:4a:01:2f:34:37:
24:89:ab:32:bd:0f:4d:84:9b:9a:26:c6:d5:1a:ba:
1e:7f:5f:d5:e8:d7:b8:12:10:e2:79:cc:21:3e:00:
cb:c4:71:27:69:6c:d6:fc:3b:42:84:b4:8c:fd:2a:
92:c4:eb:70:d1:48:c1:78:36:c5:fd:ca:4c:cf:fc:
96:a4:50:2b:f8:35:a8:d9:74:66:28:e8:83:6a:01:
c7:17:22:dc:17:70:95:c2:66:a0:38:97:b3:fc:1f:
de:85:a8:9f:a1:de:c3:cf:9e:07:08:02:69:12:af:
55:c4:ad:1b:3f:44:1b:3c:c3:ba:0e:f0:49:e8:23:
fc:df:1c:91:b0:84:c5:18:46:02:89:d1:d6:a7:17:
88:27:60:13:d8:f8:68:c8:02:50:98:31:8d:47:8a:
09:3c:f1:01:b7:03:b9:5b:7d:21:50:2b:59:63:5e:
7f:95:04:11:cc:f3:0c:c9:bf:a5:31:d4:3f:ca:8e:
58:43:bd:16:e0:26:1e:a8:8e:88:64:27:e7:6f:14:
be:5b:e2:40:e1:0d:53:18:9b:30:89:43:10:84:ff:
fe:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:21:DB:D9:F0:C2:11:BF:A0:C9:D6:22:20:00:42:D5:0C:D8:E2:18
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/aSHb2fDCEb-gydYiIABC1QzY4hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.164.0-194.64.175.255
194.195.204.0/22
194.233.32.0/22
194.233.40.0/22
Signature Algorithm: sha256WithRSAEncryption
9f:d5:22:de:17:59:41:b7:47:39:79:c9:3b:3c:25:ae:df:44:
14:61:ba:9c:35:b9:69:44:7b:3f:bf:49:1e:b4:5d:9b:83:2f:
9d:2f:c8:6f:42:53:fd:9e:fc:44:05:e6:2e:84:a6:18:ca:5e:
ed:6e:88:90:7a:76:1a:a7:b3:a6:00:32:a4:e2:cf:37:5e:2c:
e0:76:cf:2c:a6:b5:29:3c:f3:26:7f:9e:92:0c:3a:a1:5d:dc:
f8:7a:88:3a:ac:10:bc:9e:7f:85:7e:43:55:01:c5:d8:79:08:
0e:78:24:86:6a:79:88:33:30:2e:f7:a2:4b:fe:f0:f8:c3:d5:
3d:4f:a0:f4:dc:8d:bc:1d:1f:48:94:f3:4e:29:77:6f:cc:95:
5a:4e:06:4f:7c:07:c0:43:5d:3c:db:04:39:e6:a3:8a:f1:38:
ed:c3:83:42:5a:cd:15:6b:93:a9:43:07:c0:6e:47:09:d6:2b:
49:38:ad:75:fe:50:75:81:3a:6a:d0:dc:73:1f:e1:a0:47:ad:
52:1a:f2:9d:dd:44:36:37:5a:c3:95:7b:4c:da:1d:7f:0c:91:
da:b0:91:fa:df:ed:03:89:e3:97:0f:d8:08:70:e8:57:e3:e4:
eb:63:15:a1:c8:59:b8:a8:0f:a0:07:0b:f9:04:31:54:b0:c1:
7c:fb:1b:ca
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYM8SsW14iVPnqOgoqhSxg0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjIwOTE0MTM1NzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTIxZGJkOWYwYzIxMWJmYTBjOWQ2MjIyMDAwNDJkNTBjZDhlMjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxbISazmGSXpKrG1hHoLpEuJBrav
c+Xb6u20T45dK/yHLPn4jNgPSgEvNDckiasyvQ9NhJuaJsbVGroef1/V6Ne4EhDi
ecwhPgDLxHEnaWzW/DtChLSM/SqSxOtw0UjBeDbF/cpMz/yWpFAr+DWo2XRmKOiD
agHHFyLcF3CVwmagOJez/B/ehaifod7Dz54HCAJpEq9VxK0bP0QbPMO6DvBJ6CP8
3xyRsITFGEYCidHWpxeIJ2AT2PhoyAJQmDGNR4oJPPEBtwO5W30hUCtZY15/lQQR
zPMMyb+lMdQ/yo5YQ70W4CYeqI6IZCfnbxS+W+JA4Q1TGJswiUMQhP/+TwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGkh29nwwhG/oMnWIiAAQtUM2OIYMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvYVNIYjJmRENFYi1neWRZaUlBQkMxUXpZNGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBALCQKQD
BATCQKADBALCw8wDBALC6SADBALC6SgwDQYJKoZIhvcNAQELBQADggEBAJ/VIt4X
WUG3Rzl5yTs8Ja7fRBRhupw1uWlEez+/SR60XZuDL50vyG9CU/2e/EQF5i6EphjK
Xu1uiJB6dhqns6YAMqTizzdeLOB2zyymtSk88yZ/npIMOqFd3Ph6iDqsELyef4V+
Q1UBxdh5CA54JIZqeYgzMC73okv+8PjD1T1PoPTcjbwdH0iU804pd2/MlVpOBk98
B8BDXTzbBDnmo4rxOO3Dg0JazRVrk6lDB8BuRwnWK0k4rXX+UHWBOmrQ3HMf4aBH
rVIa8p3dRDY3WsOVe0zaHX8Mkdqwkfrf7QOJ45cP2Ahw6Ffj5OtjFaHIWbioD6AH
C/kEMVSwwXz7G8o=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org