Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/SDaV5wvADJdaqyP_wPk4uIkL58k.roa
File: SDaV5wvADJdaqyP_wPk4uIkL58k.roa (raw, json)
Hash identifier: v84ooxFJTS9QwOTG6bDivOdtAd9s1KIPFZ9IqgTbFAM=
Subject key identifier: 48:36:95:E7:0B:C0:0C:97:5A:AB:23:FF:C0:F9:38:B8:89:0B:E7:C9
Certificate issuer: /CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Certificate serial: 01834173E4D9F06C6D65D134FD962C8B0118
Authority key identifier: DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/SDaV5wvADJdaqyP_wPk4uIkL58k.roa
Signing time: Thu 15 Sep 2022 14:00:57 +0000
ROA not before: Thu 15 Sep 2022 14:00:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206273
IP address blocks: 185.198.60.0/23 maxlen: 23
185.198.62.0/23 maxlen: 23
178.212.58.0/23 maxlen: 23
31.130.242.0/23 maxlen: 23
31.130.244.0/22 maxlen: 22
178.212.60.0/22 maxlen: 22
91.218.154.0/23 maxlen: 23
2a0a:15c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:41:73:e4:d9:f0:6c:6d:65:d1:34:fd:96:2c:8b:01:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddbe6e0adae8bb478393aab175b638644c74ccb7
Validity
Not Before: Sep 15 14:00:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=483695e70bc00c975aab23ffc0f938b8890be7c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2c:d6:bc:f1:27:32:e9:db:60:e5:5d:4d:82:
8e:60:14:2f:98:3b:3a:32:d4:8c:e4:13:59:cb:a8:
92:67:ff:2f:63:25:96:a5:66:81:85:a6:b4:e5:48:
19:15:92:e4:59:36:b6:7b:a1:52:ec:bc:63:c1:b3:
22:49:ee:64:82:64:a6:fa:66:11:9d:ef:74:22:c3:
38:75:8d:22:a9:3e:12:b6:57:dc:28:4e:00:e8:fb:
df:1c:5e:38:5f:92:2a:fb:64:55:ef:ca:4d:c3:4d:
42:82:44:79:3b:fc:a0:81:61:f2:72:14:dc:d8:e4:
92:8b:42:74:3e:c8:13:df:58:41:b0:f3:28:02:34:
fc:8e:96:30:7a:6c:97:ce:37:af:0b:75:82:2e:fc:
22:5d:b2:48:98:86:9e:54:7c:ca:7e:c3:0a:6f:15:
73:51:15:28:b5:43:65:57:0b:76:8f:4b:1a:83:cd:
b4:c2:65:89:57:01:d9:37:8d:9d:61:c9:38:d0:ef:
af:01:e0:f8:3c:63:a0:6c:75:1b:29:ed:4b:5a:0a:
ff:4c:dd:88:80:e2:21:f4:5e:83:aa:8c:59:91:64:
e8:38:3c:f0:04:e3:fa:de:61:61:b2:cf:b1:74:b4:
91:4a:b4:9a:1f:78:bf:0b:d2:0c:3f:f2:87:8c:ea:
82:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:36:95:E7:0B:C0:0C:97:5A:AB:23:FF:C0:F9:38:B8:89:0B:E7:C9
X509v3 Authority Key Identifier:
keyid:DD:BE:6E:0A:DA:E8:BB:47:83:93:AA:B1:75:B6:38:64:4C:74:CC:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b5uCtrou0eDk6qxdbY4ZEx0zLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/SDaV5wvADJdaqyP_wPk4uIkL58k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a67b78-58c8-4311-9e69-6baa3b548d23/1/3b5uCtrou0eDk6qxdbY4ZEx0zLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.130.242.0-31.130.247.255
91.218.154.0/23
178.212.58.0-178.212.63.255
185.198.60.0/22
IPv6:
2a0a:15c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:5f:b8:2c:fc:51:6d:fd:ea:56:09:5d:c1:49:e7:c6:c3:e0:
4c:17:1e:d9:af:69:57:2f:d1:a1:4a:09:49:d7:29:ad:55:25:
7f:25:1d:97:98:f1:c7:36:7f:ad:97:c7:22:bb:0a:c4:19:d7:
e3:8e:d7:86:d0:ed:4e:93:aa:20:78:e9:e8:65:76:e2:ab:87:
4e:e5:e4:ea:85:21:f4:7b:c6:33:f0:b4:52:20:87:cb:9b:fa:
02:18:28:ec:a8:96:74:03:31:82:1a:ab:93:b6:9f:62:dc:35:
7f:85:5d:29:60:90:14:a2:a7:57:e6:cb:d4:91:6b:2f:70:c4:
bf:c4:17:5f:ef:3d:bd:02:b5:97:bf:a5:dd:23:e8:55:95:fc:
45:0b:62:b2:94:81:b8:17:ff:85:9a:10:4d:ee:7e:52:e0:86:
b3:a9:34:e1:6e:65:b1:80:e6:3f:2d:61:33:20:0a:e8:40:ee:
84:b2:00:0d:3c:20:c9:0a:25:a4:32:66:cc:c2:6a:0c:34:93:
5b:f1:d0:b3:bd:05:5f:14:b0:9c:7c:6c:c0:8a:80:5e:95:f4:
69:54:4f:ec:d1:31:d5:58:2b:f3:cf:a5:a7:17:64:07:25:d2:
04:15:66:65:f7:c5:5e:e3:8f:2c:d5:e7:fc:3f:55:d2:5c:ba:
11:80:e1:7d
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYNBc+TZ8GxtZdE0/ZYsiwEYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkYmU2ZTBhZGFlOGJiNDc4MzkzYWFiMTc1YjYzODY0NGM3
NGNjYjcwHhcNMjIwOTE1MTQwMDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODM2OTVlNzBiYzAwYzk3NWFhYjIzZmZjMGY5MzhiODg5MGJlN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyzWvPEnMunbYOVdTYKOYBQvmDs6
MtSM5BNZy6iSZ/8vYyWWpWaBhaa05UgZFZLkWTa2e6FS7LxjwbMiSe5kgmSm+mYR
ne90IsM4dY0iqT4StlfcKE4A6PvfHF44X5Iq+2RV78pNw01CgkR5O/yggWHychTc
2OSSi0J0PsgT31hBsPMoAjT8jpYwemyXzjevC3WCLvwiXbJImIaeVHzKfsMKbxVz
URUotUNlVwt2j0sag820wmWJVwHZN42dYck40O+vAeD4PGOgbHUbKe1LWgr/TN2I
gOIh9F6DqoxZkWToODzwBOP63mFhss+xdLSRSrSaH3i/C9IMP/KHjOqCGwIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFEg2lecLwAyXWqsj/8D5OLiJC+fJMB8GA1UdIwQY
MBaAFN2+bgra6LtHg5OqsXW2OGRMdMy3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjkt
NmJhYTNiNTQ4ZDIzLzEvU0RhVjV3dkFESmRhcXlQX3dQazR1SWtMNThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNjdiNzgtNThjOC00MzExLTllNjktNmJhYTNiNTQ4ZDIz
LzEvM2I1dUN0cm91MGVEazZxeGRiWTRaRXgwekxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAuBAIAATAoMAwDBAEfgvID
BAMfgvADBAFb2powDAMEAbLUOgMEBrLUAAMEArnGPDANBAIAAjAHAwUDKgoVwDAN
BgkqhkiG9w0BAQsFAAOCAQEAk1+4LPxRbf3qVgldwUnnxsPgTBce2a9pVy/RoUoJ
SdcprVUlfyUdl5jxxzZ/rZfHIrsKxBnX447XhtDtTpOqIHjp6GV24quHTuXk6oUh
9HvGM/C0UiCHy5v6Ahgo7KiWdAMxghqrk7afYtw1f4VdKWCQFKKnV+bL1JFrL3DE
v8QXX+89vQK1l7+l3SPoVZX8RQtispSBuBf/hZoQTe5+UuCGs6k04W5lsYDmPy1h
MyAK6EDuhLIADTwgyQolpDJmzMJqDDSTW/HQs70FXxSwnHxswIqAXpX0aVRP7NEx
1Vgr88+lpxdkByXSBBVmZffFXuOPLNXn/D9V0ly6EYDhfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org