Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/RIpUqpVbmripDfHc8328Do3yNNk.roa
File: RIpUqpVbmripDfHc8328Do3yNNk.roa (raw, json)
Hash identifier: pRctI6tUNsv3pDKGtkefTMTlXC4MJHAgUKhywAInOYw=
Subject key identifier: 44:8A:54:AA:95:5B:9A:B8:A9:0D:F1:DC:F3:7D:BC:0E:8D:F2:34:D9
Certificate issuer: /CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Certificate serial: 0A758B37
Authority key identifier: 68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/RIpUqpVbmripDfHc8328Do3yNNk.roa
Signing time: Sat 01 Jan 2022 04:55:38 +0000
ROA not before: Sat 01 Jan 2022 04:55:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8304
IP address blocks: 193.186.192.0/22 maxlen: 24
87.252.0.0/19 maxlen: 24
193.239.120.0/22 maxlen: 24
195.13.58.0/23 maxlen: 24
2a0a:4d40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175475511 (0xa758b37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68f60683b377257427dbbf6ece35e2c585a3b01d
Validity
Not Before: Jan 1 04:55:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=448a54aa955b9ab8a90df1dcf37dbc0e8df234d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a7:c9:59:57:f0:fd:bb:d1:58:20:84:d3:f0:
f3:97:56:67:a4:ac:86:ef:69:98:91:0e:f3:ac:0c:
83:71:90:1b:a4:b4:96:da:09:02:12:c5:7e:ac:cf:
7e:27:22:ab:fd:47:82:d7:92:a9:34:81:68:2e:7d:
af:de:3c:4b:be:e8:8e:ef:4e:a1:f2:00:b7:16:3b:
6b:52:e4:4b:09:e7:37:8c:ac:b6:29:c9:a6:96:b1:
ef:29:25:00:d7:83:e6:f8:19:30:b8:6c:03:d2:09:
d9:f9:eb:ec:0b:51:44:39:0a:39:2e:18:79:1d:59:
dd:3d:67:92:c7:2f:4d:86:05:12:a4:40:bc:d1:89:
44:9c:6e:cb:ed:d1:fb:53:0b:02:6f:71:e4:3c:3a:
48:b2:27:66:98:19:25:c5:4b:0b:fa:39:84:be:85:
bc:a6:28:33:a5:51:60:5a:11:2b:ed:88:91:7a:7f:
95:14:23:b8:45:01:be:de:92:95:32:c5:a6:df:af:
97:3d:7e:bb:9e:63:da:dd:a7:1b:af:ac:01:ef:dc:
b3:fb:ac:cf:a6:5f:9b:c4:7f:d8:08:7e:14:35:53:
6d:83:82:57:7f:af:60:a5:8a:e0:6d:f1:45:68:3a:
3c:78:37:85:29:6e:21:44:4a:57:0b:ca:76:61:c5:
f8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:8A:54:AA:95:5B:9A:B8:A9:0D:F1:DC:F3:7D:BC:0E:8D:F2:34:D9
X509v3 Authority Key Identifier:
keyid:68:F6:06:83:B3:77:25:74:27:DB:BF:6E:CE:35:E2:C5:85:A3:B0:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPYGg7N3JXQn279uzjXixYWjsB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/RIpUqpVbmripDfHc8328Do3yNNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/2eb969-863a-462d-9f9d-35474036a9d7/1/aPYGg7N3JXQn279uzjXixYWjsB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.252.0.0/19
193.186.192.0/22
193.239.120.0/22
195.13.58.0/23
IPv6:
2a0a:4d40::/32
Signature Algorithm: sha256WithRSAEncryption
42:f6:3f:e2:1b:68:3d:78:9b:f2:32:85:66:ad:34:01:8e:f4:
91:04:e8:81:62:d8:ff:5f:87:30:c4:7c:d5:76:89:65:c1:cc:
83:e0:1e:aa:a9:28:a1:65:d5:b9:e8:5f:fa:70:1c:cc:f3:4b:
2b:f5:6d:b4:63:b7:09:49:e4:1f:c2:a4:f7:dc:f9:71:ec:ce:
29:ba:d3:2d:a2:fc:d8:5f:c5:0a:1e:4b:2a:65:94:95:ae:48:
a6:e8:66:ee:ef:b9:d4:78:6f:2b:38:34:89:38:aa:1b:c6:76:
cf:8d:f4:38:90:10:8f:c3:3f:01:54:df:c5:f9:dc:57:83:57:
e9:d0:2b:75:9c:35:ae:55:84:53:ef:57:5b:ce:80:36:17:37:
b8:af:d8:ce:68:66:63:65:db:15:02:44:3e:1c:07:8a:85:73:
0d:29:f4:4d:f0:07:d1:55:c1:d4:14:49:03:5a:05:96:f2:99:
7d:b8:4c:be:60:70:3a:45:37:94:c5:3e:88:18:cb:31:06:75:
fa:94:3a:a4:82:bc:4f:97:3d:16:be:96:9d:bd:c0:e9:b4:83:
26:3c:c7:c0:01:4d:c9:2a:c7:6e:d1:ec:1d:d1:55:d9:3d:50:
fc:c8:fb:2e:2a:73:56:c2:60:38:10:18:7e:3f:03:ff:ed:56:
c9:6f:cc:58
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECnWLNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OGY2MDY4M2IzNzcyNTc0MjdkYmJmNmVjZTM1ZTJjNTg1YTNiMDFkMB4XDTIyMDEw
MTA0NTUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ4YTU0YWE5NTVi
OWFiOGE5MGRmMWRjZjM3ZGJjMGU4ZGYyMzRkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSnyVlX8P270VgghNPw85dWZ6Sshu9pmJEO86wMg3GQG6S0
ltoJAhLFfqzPficiq/1HgteSqTSBaC59r948S77oju9OofIAtxY7a1LkSwnnN4ys
tinJppax7yklANeD5vgZMLhsA9IJ2fnr7AtRRDkKOS4YeR1Z3T1nkscvTYYFEqRA
vNGJRJxuy+3R+1MLAm9x5Dw6SLInZpgZJcVLC/o5hL6FvKYoM6VRYFoRK+2IkXp/
lRQjuEUBvt6SlTLFpt+vlz1+u55j2t2nG6+sAe/cs/usz6Zfm8R/2Ah+FDVTbYOC
V3+vYKWK4G3xRWg6PHg3hSluIURKVwvKdmHF+M8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBREilSqlVuauKkN8dzzfbwOjfI02TAfBgNVHSMEGDAWgBRo9gaDs3cldCfb
v27ONeLFhaOwHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FQWUdnN04zSlhRbjI3OXV6alhpeFlXanNCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvMmViOTY5LTg2M2EtNDYyZC05ZjlkLTM1NDc0MDM2YTlkNy8x
L1JJcFVxcFZibXJpcERmSGM4MzI4RG8zeU5Oay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
MmViOTY5LTg2M2EtNDYyZC05ZjlkLTM1NDc0MDM2YTlkNy8xL2FQWUdnN04zSlhR
bjI3OXV6alhpeFlXanNCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBVf8AAMEAsG6wAMEAsHveAMEAcMN
OjANBAIAAjAHAwUAKgpNQDANBgkqhkiG9w0BAQsFAAOCAQEAQvY/4htoPXib8jKF
Zq00AY70kQTogWLY/1+HMMR81XaJZcHMg+AeqqkooWXVuehf+nAczPNLK/VttGO3
CUnkH8Kk99z5cezOKbrTLaL82F/FCh5LKmWUla5Ipuhm7u+51HhvKzg0iTiqG8Z2
z430OJAQj8M/AVTfxfncV4NX6dArdZw1rlWEU+9XW86ANhc3uK/YzmhmY2XbFQJE
PhwHioVzDSn0TfAH0VXB1BRJA1oFlvKZfbhMvmBwOkU3lMU+iBjLMQZ1+pQ6pIK8
T5c9Fr6Wnb3A6bSDJjzHwAFNySrHbtHsHdFV2T1Q/Mj7LipzVsJgOBAYfj8D/+1W
yW/MWA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:41 2023 by rpki-client on console-ams.rpki-client.org