Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/73xTL5h_6swDZ1HMYap6_xMY-NI.roa
File: 73xTL5h_6swDZ1HMYap6_xMY-NI.roa (raw, json)
Hash identifier: 0FMAKsSltQ5wWtylNAG+tHhji7Ixv6mqy8J6uModd1M=
Subject key identifier: EF:7C:53:2F:98:7F:EA:CC:03:67:51:CC:61:AA:7A:FF:13:18:F8:D2
Certificate issuer: /CN=1da97cae7de6b29e56f0259af53c95926034a502
Certificate serial: 085D43D0
Authority key identifier: 1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/73xTL5h_6swDZ1HMYap6_xMY-NI.roa
Signing time: Wed 16 Mar 2022 07:38:06 +0000
ROA not before: Wed 16 Mar 2022 07:38:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3399
IP address blocks: 45.141.108.0/22 maxlen: 22
185.242.228.0/22 maxlen: 22
178.132.72.0/21 maxlen: 21
185.86.104.0/22 maxlen: 22
195.128.240.0/23 maxlen: 23
185.147.236.0/22 maxlen: 22
195.128.254.0/23 maxlen: 23
2a03:8600::/32 maxlen: 32
2a07:5cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140329936 (0x85d43d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1da97cae7de6b29e56f0259af53c95926034a502
Validity
Not Before: Mar 16 07:38:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ef7c532f987feacc036751cc61aa7aff1318f8d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4c:a8:9e:92:ab:b8:a0:82:03:56:cf:fb:2f:
84:df:72:55:95:0b:01:f3:2d:1e:35:32:84:09:88:
6d:78:45:be:d2:ad:d5:2a:28:1a:17:fe:40:bc:e6:
4c:77:13:4d:57:fd:de:d8:40:42:3f:44:5a:53:01:
85:b5:ae:d3:b5:9c:80:35:ba:a9:00:bb:07:80:fb:
04:69:5b:4e:e5:76:50:bf:e6:bd:f5:1d:a7:91:74:
64:a9:62:a2:49:0d:0a:ce:3b:c6:34:d6:36:8b:29:
86:06:7f:af:80:17:cf:2e:f9:7f:a8:f6:6f:b9:43:
75:6e:95:05:d5:53:e1:06:46:20:4d:9c:2d:b7:54:
f8:90:4e:bf:cb:80:13:2e:a3:c1:7c:9a:4c:7a:23:
32:c5:1a:8f:37:5f:4a:ee:4e:5a:89:1a:48:09:cb:
9d:1a:03:09:1a:0d:6c:bc:49:e4:b3:81:7d:5f:98:
cc:62:54:de:a6:4a:e7:c9:c0:00:61:da:05:db:22:
27:5c:19:d8:63:b5:b9:93:7a:5b:25:35:3a:c6:1c:
17:d3:ef:1f:40:ed:d9:83:53:d5:76:b4:6c:ab:da:
a4:d1:99:14:7c:ef:98:f3:42:26:86:2c:f2:2f:54:
e2:5e:23:83:d9:fa:47:a5:0e:88:f6:92:f0:16:89:
7e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:7C:53:2F:98:7F:EA:CC:03:67:51:CC:61:AA:7A:FF:13:18:F8:D2
X509v3 Authority Key Identifier:
keyid:1D:A9:7C:AE:7D:E6:B2:9E:56:F0:25:9A:F5:3C:95:92:60:34:A5:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hal8rn3msp5W8CWa9TyVkmA0pQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/73xTL5h_6swDZ1HMYap6_xMY-NI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/85b673-f1ad-43e2-bfe7-0cd7236b29b6/1/Hal8rn3msp5W8CWa9TyVkmA0pQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.108.0/22
178.132.72.0/21
185.86.104.0/22
185.147.236.0/22
185.242.228.0/22
195.128.240.0/23
195.128.254.0/23
IPv6:
2a03:8600::/32
2a07:5cc0::/29
Signature Algorithm: sha256WithRSAEncryption
53:2f:e3:1b:d5:93:12:2a:94:c2:26:f5:a1:69:2d:45:8c:c6:
03:eb:0b:07:c1:a8:b0:82:1d:e4:4e:af:17:65:47:53:91:5a:
c1:e2:b2:ea:d4:bf:3a:15:7e:75:d7:f7:51:bf:5d:42:4a:5f:
98:80:09:1d:40:c6:34:a9:9c:0a:ff:0a:4f:c5:8c:64:b4:75:
50:07:7c:50:c4:48:a6:64:ea:43:c5:0c:a5:88:8d:29:71:82:
2e:3d:e4:5a:91:55:c0:17:86:bc:e1:22:2f:e8:3d:97:35:12:
b8:36:aa:dd:38:a6:42:23:22:ff:6a:dd:4f:11:45:81:1a:27:
a5:23:40:6f:e8:04:ee:a0:b6:31:eb:1b:bd:32:3a:3e:f6:72:
76:e0:f8:ba:44:26:a3:82:60:3c:3c:fe:40:63:d4:23:8c:23:
b8:a3:b7:79:b7:2c:fc:0c:66:e0:fe:c1:07:dd:9a:5e:d7:e0:
e7:7d:a7:5c:cb:3f:2c:70:0f:c6:95:b2:20:9f:b1:8d:cc:29:
88:44:8a:83:24:fa:22:00:29:cd:ea:74:07:fe:e8:c0:c5:56:
cf:03:d9:93:5a:de:32:47:28:d7:36:f2:8a:8c:23:de:fc:91:
07:f7:8d:6b:af:a8:70:8d:11:76:5a:8c:69:1a:c0:e2:14:86:
a6:80:05:87
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIECF1D0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGE5N2NhZTdkZTZiMjllNTZmMDI1OWFmNTNjOTU5MjYwMzRhNTAyMB4XDTIyMDMx
NjA3MzgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWY3YzUzMmY5ODdm
ZWFjYzAzNjc1MWNjNjFhYTdhZmYxMzE4ZjhkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhMqJ6Sq7igggNWz/svhN9yVZULAfMtHjUyhAmIbXhFvtKt
1SooGhf+QLzmTHcTTVf93thAQj9EWlMBhbWu07WcgDW6qQC7B4D7BGlbTuV2UL/m
vfUdp5F0ZKliokkNCs47xjTWNosphgZ/r4AXzy75f6j2b7lDdW6VBdVT4QZGIE2c
LbdU+JBOv8uAEy6jwXyaTHojMsUajzdfSu5OWokaSAnLnRoDCRoNbLxJ5LOBfV+Y
zGJU3qZK58nAAGHaBdsiJ1wZ2GO1uZN6WyU1OsYcF9PvH0Dt2YNT1Xa0bKvapNGZ
FHzvmPNCJoYs8i9U4l4jg9n6R6UOiPaS8BaJfmMCAwEAAaOCAkMwggI/MB0GA1Ud
DgQWBBTvfFMvmH/qzANnUcxhqnr/Exj40jAfBgNVHSMEGDAWgBQdqXyufeaynlbw
JZr1PJWSYDSlAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hhbDhybjNtc3A1VzhDV2E5VHlWa21BMHBRSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvODViNjczLWYxYWQtNDNlMi1iZmU3LTBjZDcyMzZiMjliNi8x
LzczeFRMNWhfNnN3RFoxSE1ZYXA2X3hNWS1OSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
ODViNjczLWYxYWQtNDNlMi1iZmU3LTBjZDcyMzZiMjliNi8xL0hhbDhybjNtc3A1
VzhDV2E5VHlWa21BMHBRSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBZ
BggrBgEFBQcBBwEB/wRKMEgwMAQCAAEwKgMEAi2NbAMEA7KESAMEArlWaAMEArmT
7AMEArny5AMEAcOA8AMEAcOA/jAUBAIAAjAOAwUAKgOGAAMFAyoHXMAwDQYJKoZI
hvcNAQELBQADggEBAFMv4xvVkxIqlMIm9aFpLUWMxgPrCwfBqLCCHeROrxdlR1OR
WsHisurUvzoVfnXX91G/XUJKX5iACR1AxjSpnAr/Ck/FjGS0dVAHfFDESKZk6kPF
DKWIjSlxgi495FqRVcAXhrzhIi/oPZc1Erg2qt04pkIjIv9q3U8RRYEaJ6UjQG/o
BO6gtjHrG70yOj72cnbg+LpEJqOCYDw8/kBj1COMI7ijt3m3LPwMZuD+wQfdml7X
4Od9p1zLPyxwD8aVsiCfsY3MKYhEioMk+iIAKc3qdAf+6MDFVs8D2ZNa3jJHKNc2
8oqMI978kQf3jWuvqHCNEXZajGkawOIUhqaABYc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:09 2023 by rpki-client on console-ams.rpki-client.org