Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/SX5n6NUHB59znzFL9ywpdStq-7g.roa
File: SX5n6NUHB59znzFL9ywpdStq-7g.roa (raw, json)
Hash identifier: zCRMPQbUDOaNgBzO6hPY+AIbXkoThFJ5Khknq4ItilY=
Subject key identifier: 49:7E:67:E8:D5:07:07:9F:73:9F:31:4B:F7:2C:29:75:2B:6A:FB:B8
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01837A076706C71B64C08F4FB56FB1987C29
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/SX5n6NUHB59znzFL9ywpdStq-7g.roa
Signing time: Mon 26 Sep 2022 13:40:48 +0000
ROA not before: Mon 26 Sep 2022 13:40:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204868
IP address blocks: 2.59.204.0/22 maxlen: 22
5.253.228.0/22 maxlen: 22
185.145.80.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:07:67:06:c7:1b:64:c0:8f:4f:b5:6f:b1:98:7c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 26 13:40:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=497e67e8d507079f739f314bf72c29752b6afbb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:16:54:14:60:f0:f8:3f:04:42:05:95:4c:98:
d7:42:c2:ad:02:04:57:ac:7e:ca:1d:00:a8:a3:ab:
0f:f6:cb:6f:68:d3:a2:07:75:36:d0:ce:fe:99:c2:
e6:0c:f3:bd:ee:22:6b:f6:75:1a:ec:48:cc:43:de:
6f:4d:5d:83:c6:46:e6:50:f0:31:a8:77:93:40:f4:
11:de:5f:c9:7a:a6:13:c7:12:e0:b6:dc:35:7f:be:
fa:2d:13:59:03:17:68:23:2c:8d:65:db:50:36:cb:
74:0b:5a:78:07:92:1a:36:ef:d4:33:5e:8f:da:4c:
75:c1:4f:c8:87:07:8d:c9:4f:4f:4f:2f:17:58:51:
99:e5:9a:f3:ff:16:b3:e0:88:3e:e5:5a:92:a9:d2:
38:7a:52:df:4b:ee:63:2a:70:78:a3:5d:6f:29:11:
89:91:1b:6b:cc:5c:a0:6e:3d:0a:d3:ed:fe:c4:8b:
0a:7d:d9:c3:a7:ca:50:ef:fb:14:b6:b9:e1:78:0e:
a6:31:04:0a:79:bd:d1:e0:81:ba:9a:31:ec:43:df:
03:24:a3:7a:2c:98:e8:73:ca:d3:fd:ca:3c:34:89:
1f:5e:ae:2f:83:58:51:9b:ff:f5:9b:8c:df:2e:8f:
0f:33:52:ce:4e:18:32:f8:70:d7:c4:94:f0:55:55:
1c:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:7E:67:E8:D5:07:07:9F:73:9F:31:4B:F7:2C:29:75:2B:6A:FB:B8
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/SX5n6NUHB59znzFL9ywpdStq-7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.204.0/22
5.253.228.0/22
185.145.80.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:80:4b:34:d3:15:67:d5:d7:11:6e:4e:f6:72:03:22:24:6c:
e7:09:e8:ce:9a:8c:cd:56:c2:d0:7a:33:9e:44:62:b7:11:28:
a4:2e:f2:03:b0:41:8e:17:ee:7d:c0:d6:76:5b:e4:e1:72:4c:
b0:08:f5:8a:2e:ec:52:1a:d9:35:e6:bc:98:4c:97:fa:3b:20:
21:89:f6:f1:4e:2d:d4:6e:bb:be:9a:67:91:ae:94:50:e9:66:
8e:8b:35:3e:3b:5b:ce:63:19:83:bc:68:89:d4:87:0d:45:29:
38:88:cc:5c:b9:5e:10:1f:7a:97:90:94:72:a1:c8:04:7e:a4:
d3:ea:32:f2:c3:15:b9:b4:92:66:54:f4:e0:7a:58:dd:df:3f:
63:62:eb:62:db:cd:eb:1c:ff:85:80:7a:fc:67:77:8f:48:a8:
64:a1:dd:04:f1:b5:db:98:f6:66:67:00:91:52:da:54:d9:17:
23:0b:fa:25:87:f6:db:19:ce:69:ba:5c:91:d3:58:c7:4a:b4:
49:3f:2d:21:fa:4d:1b:c7:31:d3:63:2b:40:8a:cf:14:44:0e:
55:47:7e:5c:fb:9d:21:5f:9c:0f:79:87:24:85:9e:76:6d:81:
ff:9f:81:4d:ee:5d:cd:12:04:78:2d:c9:62:fc:43:6c:5b:fb:
bd:7f:b8:15
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYN6B2cGxxtkwI9PtW+xmHwpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI2MTM0MDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTdlNjdlOGQ1MDcwNzlmNzM5ZjMxNGJmNzJjMjk3NTJiNmFmYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhZUFGDw+D8EQgWVTJjXQsKtAgRX
rH7KHQCoo6sP9stvaNOiB3U20M7+mcLmDPO97iJr9nUa7EjMQ95vTV2DxkbmUPAx
qHeTQPQR3l/JeqYTxxLgttw1f776LRNZAxdoIyyNZdtQNst0C1p4B5IaNu/UM16P
2kx1wU/IhweNyU9PTy8XWFGZ5Zrz/xaz4Ig+5VqSqdI4elLfS+5jKnB4o11vKRGJ
kRtrzFygbj0K0+3+xIsKfdnDp8pQ7/sUtrnheA6mMQQKeb3R4IG6mjHsQ98DJKN6
LJjoc8rT/co8NIkfXq4vg1hRm//1m4zfLo8PM1LOThgy+HDXxJTwVVUc/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEl+Z+jVBwefc58xS/csKXUravu4MB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvU1g1bjZOVUhCNTl6bnpGTDl5d3BkU3RxLTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCAjvMAwQC
Bf3kAwQCuZFQMA0GCSqGSIb3DQEBCwUAA4IBAQCKgEs00xVn1dcRbk72cgMiJGzn
CejOmozNVsLQejOeRGK3ESikLvIDsEGOF+59wNZ2W+ThckywCPWKLuxSGtk15ryY
TJf6OyAhifbxTi3Ubru+mmeRrpRQ6WaOizU+O1vOYxmDvGiJ1IcNRSk4iMxcuV4Q
H3qXkJRyocgEfqTT6jLywxW5tJJmVPTgeljd3z9jYuti283rHP+FgHr8Z3ePSKhk
od0E8bXbmPZmZwCRUtpU2RcjC/olh/bbGc5pulyR01jHSrRJPy0h+k0bxzHTYytA
is8URA5VR35c+50hX5wPeYckhZ52bYH/n4FN7l3NEgR4Lcli/ENsW/u9f7gV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org