Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/cW_WFj1myFWJ3vG3jGJpfvlrpug.roa
File: cW_WFj1myFWJ3vG3jGJpfvlrpug.roa (raw, json)
Hash identifier: NyZmVWJRbgMm/bFcMyM8iiD41TRlMobFNdBXHvfSW2w=
Subject key identifier: 71:6F:D6:16:3D:66:C8:55:89:DE:F1:B7:8C:62:69:7E:F9:6B:A6:E8
Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Certificate serial: 09465F8D
Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/cW_WFj1myFWJ3vG3jGJpfvlrpug.roa
Signing time: Sat 01 Jan 2022 10:05:12 +0000
ROA not before: Sat 01 Jan 2022 10:05:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197595
IP address blocks: 185.157.160.0/23 maxlen: 23
185.157.162.0/24 maxlen: 24
217.64.149.0/24 maxlen: 24
217.64.150.0/24 maxlen: 24
217.64.148.0/24 maxlen: 24
2a07:a880:4603::/48 maxlen: 48
2a07:a880:3101::/48 maxlen: 48
2a07:a880:4601::/48 maxlen: 48
2a07:a880:4701::/48 maxlen: 48
2a07:a880:4604::/48 maxlen: 48
2a07:a880:4602::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155606925 (0x9465f8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973
Validity
Not Before: Jan 1 10:05:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=716fd6163d66c85589def1b78c62697ef96ba6e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:3d:61:1d:e3:c3:e9:b4:8f:eb:1d:ab:96:1c:
4e:bd:99:1b:48:2c:34:19:5f:da:74:a2:31:57:13:
05:cd:e3:e9:2f:58:3d:50:2c:69:c2:fb:89:7c:2f:
4d:ad:5e:f9:00:63:20:63:c2:a7:d8:4a:39:64:12:
c7:f0:6a:ab:6e:e9:fe:41:71:97:fb:84:66:1b:b8:
4f:5b:34:de:5e:a1:dd:8f:74:53:97:da:15:97:4f:
fa:55:07:fe:32:69:10:70:9a:5f:1a:af:15:d6:93:
82:7e:29:58:87:97:e4:92:42:8a:f0:e1:12:47:7d:
31:31:c6:b0:f1:cd:9a:c1:f3:65:3c:92:59:2b:b9:
ed:11:12:5a:97:f9:5a:d1:8c:37:c9:c8:46:36:55:
3d:6c:23:e5:e1:59:10:6d:48:02:fd:f5:5d:c7:d5:
6f:00:8d:c4:3c:6b:9f:61:6a:a6:40:73:97:3a:a9:
e2:f9:2a:1e:b2:c2:a8:92:9a:51:57:5b:ce:70:85:
32:5d:e7:18:67:68:d2:8f:6e:e4:25:1c:d6:79:2a:
7b:98:76:3c:43:fd:39:5e:bc:e0:5a:ea:fb:0c:8f:
70:52:bc:a2:d4:fc:67:99:96:43:b7:85:c2:d9:1f:
9d:08:41:4a:e1:5d:fb:0a:69:bd:fe:78:41:a6:b4:
73:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6F:D6:16:3D:66:C8:55:89:DE:F1:B7:8C:62:69:7E:F9:6B:A6:E8
X509v3 Authority Key Identifier:
keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/cW_WFj1myFWJ3vG3jGJpfvlrpug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.160.0-185.157.162.255
217.64.148.0-217.64.150.255
IPv6:
2a07:a880:3101::/48
2a07:a880:4601::-2a07:a880:4604:ffff:ffff:ffff:ffff:ffff
2a07:a880:4701::/48
Signature Algorithm: sha256WithRSAEncryption
b7:36:4d:58:bc:61:5e:0d:40:00:4e:3b:e2:19:b1:63:87:fa:
a0:11:f3:8e:e7:9f:c3:02:3f:b4:1b:cb:75:2f:1f:c6:0d:e4:
d6:b5:22:16:fd:67:02:9f:fe:1a:bd:e1:f8:cf:c4:07:2f:20:
c8:57:ee:fa:b5:25:42:7e:87:ca:58:69:f6:31:3d:5a:a3:e0:
b8:14:4f:a6:1a:22:d0:da:ef:c7:d1:4b:2c:bd:b9:6a:23:fc:
66:4a:b1:11:2e:79:d9:f3:21:c1:9b:15:1c:4d:f6:87:09:2c:
bc:38:8e:17:2e:59:25:19:87:c0:3b:26:1e:14:82:13:e6:c6:
cf:fd:87:9a:8b:d5:b0:31:13:f6:d6:27:91:69:90:4a:a9:78:
0a:48:4b:ed:65:1c:f7:bf:9b:5a:8a:5e:7d:ef:a8:9b:b5:42:
10:50:98:0d:a2:f1:05:84:56:26:10:02:5f:52:ef:ac:4e:ec:
c8:1f:1b:00:41:f9:16:8f:68:45:fc:c6:4e:ca:d3:0b:7e:66:
60:07:8c:16:93:a7:86:d8:24:8d:5c:93:8a:c6:97:83:b2:69:
5a:a4:ab:2f:4a:a9:50:d8:65:a4:e5:be:7f:bd:dc:5e:0b:4e:
69:0c:12:eb:30:68:61:ca:54:fb:c4:e2:25:29:7c:c4:5a:bc:
f7:60:76:d9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIECUZfjTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWIzYTcxNzY2NWExMTM3ZTk5ZGM4ZmFkMjJlM2U3Zjk4ZGI4OTczMB4XDTIyMDEw
MTEwMDUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE2ZmQ2MTYzZDY2
Yzg1NTg5ZGVmMWI3OGM2MjY5N2VmOTZiYTZlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALo9YR3jw+m0j+sdq5YcTr2ZG0gsNBlf2nSiMVcTBc3j6S9Y
PVAsacL7iXwvTa1e+QBjIGPCp9hKOWQSx/Bqq27p/kFxl/uEZhu4T1s03l6h3Y90
U5faFZdP+lUH/jJpEHCaXxqvFdaTgn4pWIeX5JJCivDhEkd9MTHGsPHNmsHzZTyS
WSu57RESWpf5WtGMN8nIRjZVPWwj5eFZEG1IAv31XcfVbwCNxDxrn2FqpkBzlzqp
4vkqHrLCqJKaUVdbznCFMl3nGGdo0o9u5CUc1nkqe5h2PEP9OV684Frq+wyPcFK8
otT8Z5mWQ7eFwtkfnQhBSuFd+wppvf54Qaa0c48CAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBRxb9YWPWbIVYne8beMYml++Wum6DAfBgNVHSMEGDAWgBQps6cXZloRN+md
yPrSLj5/mNuJczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tiT25GMlphRVRmcG5jajYwaTQtZjVqYmlYTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvYWNkMjhlLTUyYWUtNGFjOS1iMDI4LTY2OWY3YTc2MTYzMS8x
L2NXX1dGajFteUZXSjN2RzNqR0pwZnZscnB1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
YWNkMjhlLTUyYWUtNGFjOS1iMDI4LTY2OWY3YTc2MTYzMS8xL0tiT25GMlphRVRm
cG5jajYwaTQtZjVqYmlYTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwIgQCAAEwHDAMAwQFuZ2gAwQAuZ2iMAwDBALZQJQD
BADZQJYwLAQCAAIwJgMHACoHqIAxATASAwcAKgeogEYBAwcAKgeogEYEAwcAKgeo
gEcBMA0GCSqGSIb3DQEBCwUAA4IBAQC3Nk1YvGFeDUAATjviGbFjh/qgEfOO55/D
Aj+0G8t1Lx/GDeTWtSIW/WcCn/4aveH4z8QHLyDIV+76tSVCfofKWGn2MT1ao+C4
FE+mGiLQ2u/H0UssvblqI/xmSrERLnnZ8yHBmxUcTfaHCSy8OI4XLlklGYfAOyYe
FIIT5sbP/Yeai9WwMRP21ieRaZBKqXgKSEvtZRz3v5tail5976ibtUIQUJgNovEF
hFYmEAJfUu+sTuzIHxsAQfkWj2hF/MZOytMLfmZgB4wWk6eG2CSNXJOKxpeDsmla
pKsvSqlQ2GWk5b5/vdxeC05pDBLrMGhhylT7xOIlKXzEWrz3YHbZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:18 2023 by rpki-client on console-ams.rpki-client.org