Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/32n-bpaK4sEY2uuN8ciIGjVQJy4.roa
File: 32n-bpaK4sEY2uuN8ciIGjVQJy4.roa (raw, json)
Hash identifier: fouNnrkuAG/Hts2+teTCovEHzJkGpziI3YNb0wLWP6Q=
Subject key identifier: DF:69:FE:6E:96:8A:E2:C1:18:DA:EB:8D:F1:C8:88:1A:35:50:27:2E
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 540769
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/32n-bpaK4sEY2uuN8ciIGjVQJy4.roa
Signing time: Sat 01 Jan 2022 02:52:02 +0000
ROA not before: Sat 01 Jan 2022 02:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39855
IP address blocks: 193.110.161.0/24 maxlen: 24
194.55.128.0/24 maxlen: 24
91.229.5.0/24 maxlen: 24
45.85.247.0/24 maxlen: 24
193.201.202.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5506921 (0x540769)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 02:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df69fe6e968ae2c118daeb8df1c8881a3550272e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:15:ab:35:d0:26:a9:57:bb:66:2d:1a:ce:0f:
ca:7b:71:14:7c:a3:8c:83:4c:21:2f:27:93:23:6c:
75:ee:57:ee:83:0a:a7:74:4f:1a:f4:70:7a:66:95:
5f:0e:c9:ba:a9:84:72:9a:51:2f:e4:89:fc:71:d4:
af:41:7e:7c:4c:f3:57:11:4d:39:69:c2:a6:c8:d4:
1b:23:14:2d:85:73:37:15:ed:90:0c:37:08:7f:58:
62:9c:23:b6:2b:84:29:e9:dc:d3:0b:b8:d1:74:21:
cb:23:d7:ef:73:f5:78:fb:60:86:c0:f6:01:4c:2a:
d4:88:e2:40:0a:85:88:83:78:37:04:a0:f7:eb:05:
9e:e2:9b:39:d5:9d:b3:a6:b7:89:2f:fa:1a:17:45:
5b:24:1d:0f:ad:dd:6a:f2:b2:d3:8b:0c:77:e8:d3:
fc:af:02:0c:e8:bd:75:e5:13:4a:f6:52:07:64:f4:
9f:c4:d6:c3:d6:93:ea:c8:df:69:c2:e6:97:62:bd:
47:02:26:d1:c0:11:cf:45:46:79:54:60:db:66:ff:
e3:b8:cd:f8:19:a1:dd:eb:af:16:e6:18:4c:66:c1:
49:b1:85:be:30:8f:80:77:8a:c6:eb:28:a1:ba:24:
c1:16:68:79:48:f6:ef:10:e2:56:41:da:b8:dd:9d:
1f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:69:FE:6E:96:8A:E2:C1:18:DA:EB:8D:F1:C8:88:1A:35:50:27:2E
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/32n-bpaK4sEY2uuN8ciIGjVQJy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.247.0/24
91.229.5.0/24
193.110.161.0/24
193.201.202.0/24
194.55.128.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:cf:fc:ef:60:0e:dc:69:59:57:09:7a:16:f5:db:4c:6d:ea:
d0:be:65:d7:64:6b:ef:bb:f6:04:01:29:4f:56:5b:2f:dc:8a:
99:2f:30:b7:51:15:ed:90:56:cf:6b:30:ca:2f:74:ed:47:5b:
55:80:77:e6:c3:35:13:6a:25:87:12:05:8c:5e:16:7c:74:42:
b5:9b:11:d8:ec:04:c9:35:44:f6:5b:04:42:d3:6b:2b:bc:cd:
a1:66:76:6b:b5:b2:03:ea:f3:e2:cf:32:40:46:c9:d8:ed:55:
6b:48:25:c6:6f:80:16:b2:fd:11:90:d1:a1:71:ae:a7:6d:c2:
08:96:87:40:04:75:90:15:12:c0:62:21:ae:4c:4f:5d:a3:5f:
17:f6:30:85:c7:25:d7:2b:30:bb:f6:c8:3e:97:b0:db:16:6c:
0c:89:f7:db:27:49:c7:69:45:8a:5b:1e:98:5b:cb:bc:8f:98:
10:40:40:2a:46:52:1f:22:f3:2c:9c:8a:f2:89:9f:b4:ed:07:
3c:9a:b0:96:90:5b:ea:86:11:96:20:54:d9:7e:3f:9d:f7:56:
ac:8b:ec:57:98:cd:21:ee:81:a0:7a:63:c7:54:53:4e:0d:3b:
28:c3:b9:15:09:39:2d:8a:11:e4:3d:18:6a:57:74:c9:26:3d:
73:f7:0a:64
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDVAdpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDBk
Mjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVlNzM2NjQwHhcNMjIwMTAx
MDI1MjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkZjY5ZmU2ZTk2OGFl
MmMxMThkYWViOGRmMWM4ODgxYTM1NTAyNzJlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAihWrNdAmqVe7Zi0azg/Ke3EUfKOMg0whLyeTI2x17lfugwqn
dE8a9HB6ZpVfDsm6qYRymlEv5In8cdSvQX58TPNXEU05acKmyNQbIxQthXM3Fe2Q
DDcIf1hinCO2K4Qp6dzTC7jRdCHLI9fvc/V4+2CGwPYBTCrUiOJACoWIg3g3BKD3
6wWe4ps51Z2zpreJL/oaF0VbJB0Prd1q8rLTiwx36NP8rwIM6L115RNK9lIHZPSf
xNbD1pPqyN9pwuaXYr1HAibRwBHPRUZ5VGDbZv/juM34GaHd668W5hhMZsFJsYW+
MI+Ad4rG6yihuiTBFmh5SPbvEOJWQdq43Z0fpwIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFN9p/m6WiuLBGNrrjfHIiBo1UCcuMB8GA1UdIwQYMBaAFA0pmQQsXiAGvVrr
egXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
RFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEv
MzJuLWJwYUs0c0VZMnV1TjhjaUlHalZRSnk0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8y
YzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5LzEvRFNtWkJDeGVJQWE5
V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVX3AwQAW+UFAwQAwW6hAwQAwcnK
AwQAwjeAMA0GCSqGSIb3DQEBCwUAA4IBAQBfz/zvYA7caVlXCXoW9dtMberQvmXX
ZGvvu/YEASlPVlsv3IqZLzC3URXtkFbPazDKL3TtR1tVgHfmwzUTaiWHEgWMXhZ8
dEK1mxHY7ATJNUT2WwRC02srvM2hZnZrtbID6vPizzJARsnY7VVrSCXGb4AWsv0R
kNGhca6nbcIIlodABHWQFRLAYiGuTE9do18X9jCFxyXXKzC79sg+l7DbFmwMiffb
J0nHaUWKWx6YW8u8j5gQQEAqRlIfIvMsnIryiZ+07Qc8mrCWkFvqhhGWIFTZfj+d
91asi+xXmM0h7oGgemPHVFNODTsow7kVCTktihHkPRhqV3TJJj1z9wpk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:51 2023 by rpki-client on console-ams.rpki-client.org