Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DAQ3ZUTvbNsSo48ehWoOuyWWrnQ.roa
File: DAQ3ZUTvbNsSo48ehWoOuyWWrnQ.roa (raw, json)
Hash identifier: ha/243gQdxULO8a3HIUHLu/vWu80splaYGM6C75iojA=
Subject key identifier: 0C:04:37:65:44:EF:6C:DB:12:A3:8F:1E:85:6A:0E:BB:25:96:AE:74
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018562F689349D440B217BA40D74CDDA5585
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DAQ3ZUTvbNsSo48ehWoOuyWWrnQ.roa
Signing time: Fri 30 Dec 2022 12:16:42 +0000
ROA not before: Fri 30 Dec 2022 12:16:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42694
IP address blocks: 193.163.74.0/24 maxlen: 24
185.15.136.0/24 maxlen: 24
193.163.101.0/24 maxlen: 24
2a13:5800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:62:f6:89:34:9d:44:0b:21:7b:a4:0d:74:cd:da:55:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 30 12:16:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c04376544ef6cdb12a38f1e856a0ebb2596ae74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:40:f1:10:57:a2:0a:7d:e8:e1:b7:90:22:56:
32:ba:ff:fd:6f:a4:bb:d7:84:03:91:77:21:50:8c:
03:ac:75:9e:a6:5e:c3:11:be:15:11:e8:f3:db:78:
70:be:19:c3:a2:ac:fe:ca:a5:88:67:9a:cb:cf:4f:
87:f7:c4:13:44:b3:02:96:d6:03:73:f1:01:b6:32:
94:04:43:c7:5a:04:66:63:90:b8:71:00:0e:3c:4f:
11:99:e6:83:7f:c3:ca:d8:b4:19:ed:af:14:5e:a0:
b3:57:12:30:d9:30:ee:9f:39:17:b6:2f:e4:aa:0d:
ac:82:61:c9:f7:4f:24:bc:f2:7a:14:97:88:14:62:
00:93:fc:03:96:73:83:8a:b4:ba:68:db:b1:84:66:
fa:4c:0c:ca:22:60:a9:ed:8e:84:8d:4e:28:85:b8:
2e:2e:7e:6f:4b:6e:26:b3:e7:de:a1:e3:80:f7:82:
13:5b:cc:cb:91:c4:e0:b7:1b:84:47:be:6e:a0:0a:
d3:ff:1c:43:09:cb:77:42:3d:a1:95:e0:10:3b:8a:
58:30:54:50:72:20:e2:4b:e2:45:96:d4:57:be:82:
81:33:e8:75:6e:74:af:eb:02:70:5c:9d:df:4f:b6:
18:bd:99:dd:de:1e:76:17:c7:35:a0:10:fe:08:b0:
1a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:04:37:65:44:EF:6C:DB:12:A3:8F:1E:85:6A:0E:BB:25:96:AE:74
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/DAQ3ZUTvbNsSo48ehWoOuyWWrnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.136.0/24
193.163.74.0/24
193.163.101.0/24
IPv6:
2a13:5800::/29
Signature Algorithm: sha256WithRSAEncryption
24:b2:49:c3:79:3d:45:6f:bd:a3:52:ad:1a:fd:65:34:b4:c6:
64:df:42:4e:1b:15:29:a9:f2:4c:2d:78:01:42:60:c2:7c:a2:
ec:0a:7a:12:07:5f:5f:6f:f7:a1:4b:84:2c:0d:b1:84:1e:ce:
fc:ae:83:23:16:ff:18:e1:a3:34:00:4e:ee:36:dc:f8:4c:de:
00:b0:27:b4:58:f6:92:b9:12:58:20:19:42:e1:6f:37:d3:21:
62:ca:86:59:cb:33:9b:59:2a:32:36:d2:63:80:3b:0e:29:e5:
7b:6d:55:cc:10:6d:b7:19:98:f8:8c:de:a7:1c:49:f5:b3:0b:
ff:94:f2:5c:20:99:1c:07:5a:70:28:2b:ec:65:09:f7:86:a4:
36:d8:0b:61:39:95:bf:6b:ce:58:a2:07:00:37:60:00:6e:8f:
e8:08:7d:91:2a:b3:6a:80:ef:21:05:53:4f:07:42:6a:fd:88:
c2:eb:16:74:6b:c5:b0:1e:fb:4a:96:df:d4:81:76:5f:92:b1:
07:13:d9:9e:bd:8a:ed:55:8c:ef:18:da:15:43:47:94:b6:66:
2a:c8:46:6e:da:01:ea:38:f4:19:ad:fc:b6:99:3f:30:18:80:
e5:b1:b9:d0:65:15:90:60:55:24:ef:28:ab:35:52:6c:29:09:
c6:17:48:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVi9ok0nUQLIXukDXTN2lWFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMjMwMTIxNjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzA0Mzc2NTQ0ZWY2Y2RiMTJhMzhmMWU4NTZhMGViYjI1OTZhZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkDxEFeiCn3o4beQIlYyuv/9b6S7
14QDkXchUIwDrHWepl7DEb4VEejz23hwvhnDoqz+yqWIZ5rLz0+H98QTRLMCltYD
c/EBtjKUBEPHWgRmY5C4cQAOPE8RmeaDf8PK2LQZ7a8UXqCzVxIw2TDunzkXti/k
qg2sgmHJ908kvPJ6FJeIFGIAk/wDlnODirS6aNuxhGb6TAzKImCp7Y6EjU4ohbgu
Ln5vS24ms+feoeOA94ITW8zLkcTgtxuER75uoArT/xxDCct3Qj2hleAQO4pYMFRQ
ciDiS+JFltRXvoKBM+h1bnSv6wJwXJ3fT7YYvZnd3h52F8c1oBD+CLAa7wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAwEN2VE72zbEqOPHoVqDrsllq50MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvREFRM1pVVHZiTnNTbzQ4ZWhXb091eVdXcm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuQ+IAwQA
waNKAwQAwaNlMA0EAgACMAcDBQMqE1gAMA0GCSqGSIb3DQEBCwUAA4IBAQAksknD
eT1Fb72jUq0a/WU0tMZk30JOGxUpqfJMLXgBQmDCfKLsCnoSB19fb/ehS4QsDbGE
Hs78roMjFv8Y4aM0AE7uNtz4TN4AsCe0WPaSuRJYIBlC4W830yFiyoZZyzObWSoy
NtJjgDsOKeV7bVXMEG23GZj4jN6nHEn1swv/lPJcIJkcB1pwKCvsZQn3hqQ22Ath
OZW/a85YogcAN2AAbo/oCH2RKrNqgO8hBVNPB0Jq/YjC6xZ0a8WwHvtKlt/UgXZf
krEHE9mevYrtVYzvGNoVQ0eUtmYqyEZu2gHqOPQZrfy2mT8wGIDlsbnQZRWQYFUk
7yirNVJsKQnGF0hS
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org