Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/s35bvNHONYLx8xcn6nDwJAkUxPw.roa
File: s35bvNHONYLx8xcn6nDwJAkUxPw.roa (raw, json)
Hash identifier: c3Fp8Z0yuHfn+zaF0WrGkuIHp/G54qj5Ga5ZGtdpt/4=
Subject key identifier: B3:7E:5B:BC:D1:CE:35:82:F1:F3:17:27:EA:70:F0:24:09:14:C4:FC
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 018304EC0E53580E399D02FE9D1FF93B0B93
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/s35bvNHONYLx8xcn6nDwJAkUxPw.roa
Signing time: Sat 03 Sep 2022 19:55:22 +0000
ROA not before: Sat 03 Sep 2022 19:55:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201975
IP address blocks: 193.148.20.0/22 maxlen: 22
45.86.176.0/22 maxlen: 22
185.54.180.0/22 maxlen: 22
93.90.64.0/22 maxlen: 22
157.97.112.0/21 maxlen: 21
2a02:4660::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:04:ec:0e:53:58:0e:39:9d:02:fe:9d:1f:f9:3b:0b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Sep 3 19:55:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b37e5bbcd1ce3582f1f31727ea70f0240914c4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b1:c4:4b:5c:0a:0a:24:ac:3b:b2:65:01:b7:
02:e9:4a:c9:a9:5d:7c:9d:ca:00:a3:1f:f8:82:56:
6e:d6:b0:b5:c5:1e:b9:67:f5:51:d9:3e:be:93:1b:
65:53:5d:78:1d:11:1b:1f:d0:18:3b:02:ea:c1:ee:
ad:d5:75:53:bb:d9:b0:04:79:47:73:29:15:83:59:
a3:a0:64:d0:da:f3:24:25:6a:67:0a:7b:66:35:7a:
bd:66:b9:d7:6d:08:b5:9b:f5:1a:a2:dd:d7:6d:96:
22:df:1d:b4:26:06:dc:86:52:50:ee:3a:f0:74:af:
f4:47:aa:80:46:77:00:c8:5f:ca:78:d2:cb:45:17:
ba:6b:6b:3d:b8:26:5c:10:7a:ea:98:1f:8f:2c:94:
5b:b5:fb:e0:57:bb:95:fb:71:7c:89:3c:d2:ac:39:
7b:f7:cd:20:6a:3d:fe:6b:92:85:97:9a:b6:72:7c:
b1:46:47:b7:ce:aa:84:4b:8f:83:d0:7b:49:7f:72:
fa:89:fc:1e:1b:8e:2b:d2:ee:9e:f7:ff:ad:49:81:
ad:8c:1e:d0:8a:da:f4:6e:24:93:64:8e:c1:d0:97:
ce:c8:eb:da:2b:fc:11:a8:9e:24:5c:48:5e:03:c2:
3c:ce:c5:ac:9e:f7:4a:c9:a6:e9:22:4e:8d:e2:e5:
2c:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:7E:5B:BC:D1:CE:35:82:F1:F3:17:27:EA:70:F0:24:09:14:C4:FC
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/s35bvNHONYLx8xcn6nDwJAkUxPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.176.0/22
93.90.64.0/22
157.97.112.0/21
185.54.180.0/22
193.148.20.0/22
IPv6:
2a02:4660::/32
Signature Algorithm: sha256WithRSAEncryption
9b:0b:36:22:ce:5e:22:86:31:37:9c:e1:ba:9f:ba:29:8a:6d:
b8:3c:3c:52:aa:a5:20:a2:33:85:2c:5f:63:35:1a:f9:ae:86:
8e:48:4f:3d:7b:0b:95:85:9d:0e:58:f1:e2:dc:d4:01:8f:20:
c2:82:b3:d7:b8:a1:63:ea:8b:cf:c9:1f:1b:eb:e2:a0:13:4c:
f5:50:ae:ed:a0:c1:fb:ea:69:76:0d:57:8a:0c:75:0a:84:80:
ee:09:f5:47:16:83:aa:96:54:6c:9b:36:90:9e:93:82:03:a2:
a3:f9:33:15:e1:df:0a:09:21:e9:5c:f5:80:08:d9:19:b5:e6:
da:91:7c:f9:5d:cc:3d:9f:7c:d7:09:c7:51:4a:45:76:79:18:
16:29:82:f9:98:c1:08:d4:75:11:f5:80:3a:f4:ff:b2:b5:a5:
b8:3b:bf:fe:fa:6c:8b:d7:26:53:64:79:6a:f5:2c:de:2a:86:
f3:01:41:ed:29:02:90:33:b8:be:88:4c:8c:1e:90:47:fe:20:
7b:af:50:0a:ea:6e:81:0a:35:fb:11:cc:fb:1c:79:a8:ce:fa:
01:9f:12:7c:ac:99:a2:ed:63:25:75:f0:d0:be:6c:f9:5c:45:
c8:8f:04:7a:a8:c2:74:2a:36:bb:e0:f2:3c:a9:d0:51:87:0d:
c3:f1:bb:a6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYME7A5TWA45nQL+nR/5OwuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjIwOTAzMTk1NTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzdlNWJiY2QxY2UzNTgyZjFmMzE3MjdlYTcwZjAyNDA5MTRjNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlLHES1wKCiSsO7JlAbcC6UrJqV18
ncoAox/4glZu1rC1xR65Z/VR2T6+kxtlU114HREbH9AYOwLqwe6t1XVTu9mwBHlH
cykVg1mjoGTQ2vMkJWpnCntmNXq9ZrnXbQi1m/Uaot3XbZYi3x20JgbchlJQ7jrw
dK/0R6qARncAyF/KeNLLRRe6a2s9uCZcEHrqmB+PLJRbtfvgV7uV+3F8iTzSrDl7
980gaj3+a5KFl5q2cnyxRke3zqqES4+D0HtJf3L6ifweG44r0u6e9/+tSYGtjB7Q
itr0biSTZI7B0JfOyOvaK/wRqJ4kXEheA8I8zsWsnvdKyabpIk6N4uUs+QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLN+W7zRzjWC8fMXJ+pw8CQJFMT8MB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEvczM1YnZOSE9OWUx4OHhjbjZuRHdKQWtVeFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVawAwQC
XVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZgMA0GCSqGSIb3DQEB
CwUAA4IBAQCbCzYizl4ihjE3nOG6n7opim24PDxSqqUgojOFLF9jNRr5roaOSE89
ewuVhZ0OWPHi3NQBjyDCgrPXuKFj6ovPyR8b6+KgE0z1UK7toMH76ml2DVeKDHUK
hIDuCfVHFoOqllRsmzaQnpOCA6Kj+TMV4d8KCSHpXPWACNkZtebakXz5Xcw9n3zX
CcdRSkV2eRgWKYL5mMEI1HUR9YA69P+ytaW4O7/++myL1yZTZHlq9SzeKobzAUHt
KQKQM7i+iEyMHpBH/iB7r1AK6m6BCjX7Ecz7HHmozvoBnxJ8rJmi7WMldfDQvmz5
XEXIjwR6qMJ0Kja74PI8qdBRhw3D8bum
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:34 2024 by rpki-client on console-ams.rpki-client.org