Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/7oUIxClodooU99omB3LTLKjCCeU.roa
File: 7oUIxClodooU99omB3LTLKjCCeU.roa (raw, json)
Hash identifier: xS65vX8MzETFS4ZH56SLPnBYKeZbeGNhXyW6SqiQjr8=
Subject key identifier: EE:85:08:C4:29:68:76:8A:14:F7:DA:26:07:72:D3:2C:A8:C2:09:E5
Certificate issuer: /CN=d26a4409ea91f506d633871c6c35540d460337d1
Certificate serial: 0181EC91D828E8A7E237196935F3F86D8743
Authority key identifier: D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/7oUIxClodooU99omB3LTLKjCCeU.roa
Signing time: Mon 11 Jul 2022 09:23:09 +0000
ROA not before: Mon 11 Jul 2022 09:23:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60203
IP address blocks: 171.22.10.0/24 maxlen: 24
171.22.8.0/24 maxlen: 24
171.22.11.0/24 maxlen: 24
171.22.9.0/24 maxlen: 24
185.62.21.0/24 maxlen: 24
185.62.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ec:91:d8:28:e8:a7:e2:37:19:69:35:f3:f8:6d:87:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d26a4409ea91f506d633871c6c35540d460337d1
Validity
Not Before: Jul 11 09:23:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee8508c42968768a14f7da260772d32ca8c209e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f2:65:9a:fa:51:5d:2d:70:af:db:a4:06:5e:
9a:c8:ba:06:f2:dd:d4:0f:8a:45:2b:c0:65:f5:1a:
91:6f:5e:20:65:83:60:84:42:eb:dc:d3:66:67:a9:
89:41:62:23:c9:82:42:1d:d5:fb:71:f5:fe:3a:7a:
aa:62:0c:8a:5f:57:fa:2b:c3:ea:f4:d2:f1:52:a2:
51:b1:2a:03:41:f5:2f:4f:43:87:ad:2f:5b:cf:2f:
19:e9:26:e4:89:67:e4:12:c0:eb:6a:dc:e3:c1:00:
ec:c8:71:97:c4:01:74:ac:d7:4b:c4:c1:88:20:a5:
84:27:35:53:15:64:c1:9b:4e:86:67:95:3e:1c:d4:
94:6c:f4:42:f2:b9:e5:4d:ed:69:c5:5c:5d:cb:9b:
d6:6c:e1:be:c4:f8:01:5a:bd:ae:37:6f:64:d0:f4:
78:b9:63:e6:9b:08:2b:37:6a:85:43:65:6f:5f:3b:
14:46:f3:ef:1f:8b:bd:cf:c8:c8:2b:c3:46:1c:ff:
80:e1:d4:c8:68:3c:e3:e9:c8:ec:c8:49:ff:96:e4:
a6:61:bc:e5:26:d6:9e:d3:7a:fc:eb:d5:2c:4e:6c:
58:e2:64:e8:62:5d:5f:0c:0d:42:4a:a0:49:c2:49:
93:29:7b:d9:20:0c:39:3a:56:47:00:4b:0e:e2:26:
99:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:85:08:C4:29:68:76:8A:14:F7:DA:26:07:72:D3:2C:A8:C2:09:E5
X509v3 Authority Key Identifier:
keyid:D2:6A:44:09:EA:91:F5:06:D6:33:87:1C:6C:35:54:0D:46:03:37:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mpECeqR9QbWM4ccbDVUDUYDN9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/7oUIxClodooU99omB3LTLKjCCeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f41051-0810-43ff-b196-cfefdfdfbe6b/1/0mpECeqR9QbWM4ccbDVUDUYDN9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.8.0/22
185.62.20.0/23
Signature Algorithm: sha256WithRSAEncryption
04:30:ee:63:e7:32:ae:99:7a:4a:7e:76:d8:4c:fb:b7:71:55:
49:9a:41:db:b5:4f:93:9b:ff:fd:74:79:b5:59:1c:6e:73:c2:
57:bc:d4:b2:54:94:77:79:30:ba:de:96:5a:50:e4:f0:ed:0c:
33:e4:54:72:3f:9b:ab:96:17:a1:28:9c:bb:db:c4:30:7c:8e:
26:62:b4:56:a9:e9:2c:ad:c6:72:71:cc:5b:10:cb:6d:ee:0f:
3a:87:9d:f1:9b:0e:05:1c:2b:9b:63:4d:7f:a4:54:58:61:c6:
46:9d:ee:f6:22:62:41:22:5c:07:fe:34:10:ba:11:24:da:d8:
bf:3e:cd:16:af:2b:f9:f5:33:e9:66:a8:67:73:3e:d5:31:b0:
c7:ce:06:48:35:2d:0c:5c:88:f2:1d:87:e8:67:f0:41:fa:8b:
0a:eb:7d:66:9c:42:e8:39:a3:ef:f9:49:fb:bd:b5:bd:4e:01:
8f:9c:1a:08:7a:84:ff:a6:f6:80:07:42:e8:97:7b:2a:8e:95:
f9:85:b2:82:9f:91:0a:a5:31:01:3b:dd:c9:0e:21:db:e3:3e:
c6:e5:f8:ba:a7:9c:34:3f:4a:97:19:1c:bc:1a:76:c7:25:a9:
50:d9:78:0d:e4:b6:bc:0f:8b:76:6f:ec:90:09:0d:86:79:26:
2a:49:e6:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYHskdgo6KfiNxlpNfP4bYdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNmE0NDA5ZWE5MWY1MDZkNjMzODcxYzZjMzU1NDBkNDYw
MzM3ZDEwHhcNMjIwNzExMDkyMzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTg1MDhjNDI5Njg3NjhhMTRmN2RhMjYwNzcyZDMyY2E4YzIwOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvJlmvpRXS1wr9ukBl6ayLoG8t3U
D4pFK8Bl9RqRb14gZYNghELr3NNmZ6mJQWIjyYJCHdX7cfX+OnqqYgyKX1f6K8Pq
9NLxUqJRsSoDQfUvT0OHrS9bzy8Z6SbkiWfkEsDratzjwQDsyHGXxAF0rNdLxMGI
IKWEJzVTFWTBm06GZ5U+HNSUbPRC8rnlTe1pxVxdy5vWbOG+xPgBWr2uN29k0PR4
uWPmmwgrN2qFQ2VvXzsURvPvH4u9z8jIK8NGHP+A4dTIaDzj6cjsyEn/luSmYbzl
Jtae03r869UsTmxY4mToYl1fDA1CSqBJwkmTKXvZIAw5OlZHAEsO4iaZIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO6FCMQpaHaKFPfaJgdy0yyowgnlMB8GA1UdIwQY
MBaAFNJqRAnqkfUG1jOHHGw1VA1GAzfRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYt
Y2ZlZmRmZGZiZTZiLzEvN29VSXhDbG9kb29VOTlvbUIzTFRMS2pDQ2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9mNDEwNTEtMDgxMC00M2ZmLWIxOTYtY2ZlZmRmZGZiZTZi
LzEvMG1wRUNlcVI5UWJXTTRjY2JEVlVEVVlETjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCqxYIAwQB
uT4UMA0GCSqGSIb3DQEBCwUAA4IBAQAEMO5j5zKumXpKfnbYTPu3cVVJmkHbtU+T
m//9dHm1WRxuc8JXvNSyVJR3eTC63pZaUOTw7Qwz5FRyP5urlhehKJy728QwfI4m
YrRWqeksrcZyccxbEMtt7g86h53xmw4FHCubY01/pFRYYcZGne72ImJBIlwH/jQQ
uhEk2ti/Ps0Wryv59TPpZqhncz7VMbDHzgZINS0MXIjyHYfoZ/BB+osK631mnELo
OaPv+Un7vbW9TgGPnBoIeoT/pvaAB0Lol3sqjpX5hbKCn5EKpTEBO93JDiHb4z7G
5fi6p5w0P0qXGRy8GnbHJalQ2XgN5La8D4t2b+yQCQ2GeSYqSeYl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:20 2023 by rpki-client on console-ams.rpki-client.org