Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/iMY1kuSBjuyOR8LSme3g3MRN9TQ.roa
File: iMY1kuSBjuyOR8LSme3g3MRN9TQ.roa (raw, json)
Hash identifier: 2Ex5gFWgSd8I7U8EEq7hdJ4FXa0eCwU5Xy+9Z084T/s=
Subject key identifier: 88:C6:35:92:E4:81:8E:EC:8E:47:C2:D2:99:ED:E0:DC:C4:4D:F5:34
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 0182ED63A2567BDEFD134C4D8ECEBD2F6756
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/iMY1kuSBjuyOR8LSme3g3MRN9TQ.roa
Signing time: Tue 30 Aug 2022 06:15:05 +0000
ROA not before: Tue 30 Aug 2022 06:15:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20552
IP address blocks: 185.119.15.0/24 maxlen: 24
185.119.12.0/24 maxlen: 24
185.119.12.0/22 maxlen: 22
185.119.14.0/24 maxlen: 24
185.119.13.0/24 maxlen: 24
185.24.200.0/22 maxlen: 22
217.168.128.0/20 maxlen: 20
217.168.129.0/24 maxlen: 24
217.168.141.0/24 maxlen: 24
185.52.171.0/24 maxlen: 24
185.52.168.0/22 maxlen: 24
185.52.170.0/24 maxlen: 24
185.52.169.0/24 maxlen: 24
164.40.240.0/24 maxlen: 24
164.40.241.0/24 maxlen: 24
164.40.240.0/21 maxlen: 21
164.40.246.0/24 maxlen: 24
91.216.30.0/24 maxlen: 24
164.40.245.0/24 maxlen: 24
164.40.243.0/24 maxlen: 24
164.40.242.0/24 maxlen: 24
164.40.244.0/24 maxlen: 24
164.40.247.0/24 maxlen: 24
2a02:d88::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ed:63:a2:56:7b:de:fd:13:4c:4d:8e:ce:bd:2f:67:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Aug 30 06:15:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88c63592e4818eec8e47c2d299ede0dcc44df534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:51:da:0f:15:65:78:ef:d0:ce:9d:c7:52:b5:
06:2e:b5:3c:03:08:d6:80:c9:54:9c:9c:10:83:f9:
06:7a:f4:23:b4:00:98:d1:a4:9d:d4:03:01:0e:40:
e2:ba:14:9a:f4:f6:9c:05:19:0d:6a:8e:a3:e6:d4:
83:c1:ae:50:54:ea:e1:76:c3:04:1c:b3:8b:43:f5:
77:a2:24:e1:ca:78:96:b4:c6:cc:e5:2c:9f:51:cc:
0c:37:6e:b8:2d:18:91:45:e7:ed:f6:c5:b1:f6:39:
19:1c:56:2f:85:9b:36:fe:e1:59:df:de:08:0a:82:
80:c2:eb:27:2f:36:8d:50:b3:eb:49:32:4e:39:a0:
d1:2f:c3:44:a3:b7:9b:5e:b3:18:ce:7c:ec:b2:88:
2f:c5:d9:67:db:95:61:40:7c:2b:d4:1d:f9:43:c1:
4f:ce:ca:5e:e2:5a:9b:b9:c9:58:5f:75:82:a7:cf:
7a:d4:65:9b:5a:ad:fc:eb:05:06:0e:41:2d:7e:a2:
f9:60:9a:af:45:76:7c:90:3e:72:6a:b4:04:38:d3:
06:b7:e0:a5:13:2e:1f:6a:03:53:7d:a9:9d:dc:99:
71:0c:7e:61:0c:d0:26:ee:bf:ad:ed:bd:e4:3f:80:
8b:c4:c1:96:8b:9a:93:c9:0b:9f:77:2e:2e:03:54:
b2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C6:35:92:E4:81:8E:EC:8E:47:C2:D2:99:ED:E0:DC:C4:4D:F5:34
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/iMY1kuSBjuyOR8LSme3g3MRN9TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.30.0/24
164.40.240.0/21
185.24.200.0/22
185.52.168.0/22
185.119.12.0/22
217.168.128.0/20
IPv6:
2a02:d88::/32
Signature Algorithm: sha256WithRSAEncryption
a2:bf:e6:11:76:1d:0b:cf:ec:cd:07:ca:29:fe:ba:a6:43:83:
25:3f:07:c0:c8:5e:15:a3:9c:1d:db:65:d5:51:ad:b9:21:81:
98:fd:92:4a:af:8e:f8:78:50:18:b1:24:20:3d:00:e1:36:41:
e9:ea:a6:8d:bd:3b:65:de:b9:f4:a4:a5:21:57:19:2e:94:84:
c6:5b:e8:22:59:dc:a7:6e:48:5b:cd:60:7c:5b:03:03:d2:ff:
27:f1:83:0d:b2:b4:b4:cd:97:03:65:4c:a8:b7:68:33:a0:c6:
4f:84:bb:e4:0a:a7:25:bc:15:bd:a3:5c:ae:48:a3:3c:d0:dc:
16:fc:76:26:5d:06:ee:b0:64:e2:b0:ad:f0:73:4e:5c:35:1e:
74:f2:29:68:48:13:87:71:37:9b:6e:68:b6:fc:9d:35:05:b2:
4f:87:41:04:e4:56:c1:de:e6:aa:a3:78:38:6a:07:bb:ce:66:
29:d5:78:7b:b7:63:28:b8:7d:9a:ac:31:31:a4:22:2a:c1:e0:
af:4e:15:81:69:7b:ee:34:8d:4f:96:3e:cf:54:ed:0a:cf:85:
82:54:15:3e:4e:ab:8a:25:ec:60:68:0a:ef:07:f7:e8:ea:64:
b0:2e:1c:87:f3:36:b8:18:b1:21:17:30:f3:0a:25:49:98:05:
51:ce:a8:a8
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYLtY6JWe979E0xNjs69L2dWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjIwODMwMDYxNTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGM2MzU5MmU0ODE4ZWVjOGU0N2MyZDI5OWVkZTBkY2M0NGRmNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1HaDxVleO/Qzp3HUrUGLrU8AwjW
gMlUnJwQg/kGevQjtACY0aSd1AMBDkDiuhSa9PacBRkNao6j5tSDwa5QVOrhdsME
HLOLQ/V3oiThyniWtMbM5SyfUcwMN264LRiRReft9sWx9jkZHFYvhZs2/uFZ394I
CoKAwusnLzaNULPrSTJOOaDRL8NEo7ebXrMYznzssogvxdln25VhQHwr1B35Q8FP
zspe4lqbuclYX3WCp8961GWbWq386wUGDkEtfqL5YJqvRXZ8kD5yarQEONMGt+Cl
Ey4fagNTfamd3JlxDH5hDNAm7r+t7b3kP4CLxMGWi5qTyQufdy4uA1SyRwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIjGNZLkgY7sjkfC0pnt4NzETfU0MB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvaU1ZMWt1U0JqdXlPUjhMU21lM2czTVJOOVRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAW9geAwQD
pCjwAwQCuRjIAwQCuTSoAwQCuXcMAwQE2aiAMA0EAgACMAcDBQAqAg2IMA0GCSqG
SIb3DQEBCwUAA4IBAQCiv+YRdh0Lz+zNB8op/rqmQ4MlPwfAyF4Vo5wd22XVUa25
IYGY/ZJKr474eFAYsSQgPQDhNkHp6qaNvTtl3rn0pKUhVxkulITGW+giWdynbkhb
zWB8WwMD0v8n8YMNsrS0zZcDZUyot2gzoMZPhLvkCqclvBW9o1yuSKM80NwW/HYm
XQbusGTisK3wc05cNR508iloSBOHcTebbmi2/J01BbJPh0EE5FbB3uaqo3g4age7
zmYp1Xh7t2MouH2arDExpCIqweCvThWBaXvuNI1Plj7PVO0Kz4WCVBU+TquKJexg
aArvB/fo6mSwLhyH8za4GLEhFzDzCiVJmAVRzqio
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:52 2024 by rpki-client on console-fra.rpki-client.org