Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/UZ6zAv6xbGq0Vcra7_VhwNX0WvA.roa
File: UZ6zAv6xbGq0Vcra7_VhwNX0WvA.roa (raw, json)
Hash identifier: DCZqfjc/j8xKpkmA0mc3gWCNqa4zj25uJNHICRrXMfs=
Subject key identifier: 51:9E:B3:02:FE:B1:6C:6A:B4:55:CA:DA:EF:F5:61:C0:D5:F4:5A:F0
Certificate issuer: /CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Certificate serial: 0183A3008E674A44CEAE501A0A1CE7BDECF9
Authority key identifier: 02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/UZ6zAv6xbGq0Vcra7_VhwNX0WvA.roa
Signing time: Tue 04 Oct 2022 12:37:46 +0000
ROA not before: Tue 04 Oct 2022 12:37:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208731
IP address blocks: 147.78.192.0/23 maxlen: 24
185.203.112.0/24 maxlen: 24
2a0f:98c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a3:00:8e:67:4a:44:ce:ae:50:1a:0a:1c:e7:bd:ec:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02fc5c064f5159c8a1fa4066c8cb8ff701671dd2
Validity
Not Before: Oct 4 12:37:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=519eb302feb16c6ab455cadaeff561c0d5f45af0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4a:7c:91:2e:e0:86:1a:09:ea:73:8b:86:01:
96:d0:e0:a0:dd:66:6b:c5:53:9a:aa:18:6f:44:60:
ca:80:41:83:0b:87:3e:9a:83:b5:05:09:b5:7a:34:
67:bb:76:67:ea:aa:27:e2:67:ee:0c:8d:f8:ca:f3:
9d:d0:8a:df:ab:30:b6:62:6e:59:af:91:3b:a5:87:
56:42:2f:18:c5:8e:c8:2b:3b:36:fc:ee:f3:f1:cd:
42:ab:21:5c:b6:67:ff:f6:35:07:07:4d:a5:7e:d0:
a0:9d:ab:7c:2c:ed:3b:59:b0:86:b9:5d:5d:82:49:
91:eb:d7:9b:34:f8:ce:a3:68:a0:5c:82:7d:fe:8a:
01:af:89:10:87:b5:97:41:63:f7:c1:b9:44:70:61:
f5:89:2f:0b:5b:46:0c:69:f6:8a:51:47:ee:f8:7d:
e4:26:0c:f6:1f:56:8c:56:0a:d6:12:b1:1e:f9:fc:
62:23:48:67:26:18:26:b1:21:77:cc:e3:5b:7f:0d:
02:9e:58:b8:be:7b:09:d9:40:07:b3:c3:93:2c:c8:
8e:73:13:e8:c2:32:22:58:8a:21:58:8b:01:55:ed:
7b:b4:10:b0:28:a1:72:29:65:ec:db:6f:63:74:8e:
79:65:00:ff:6b:08:b1:9f:90:53:ea:3c:18:97:db:
d2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:9E:B3:02:FE:B1:6C:6A:B4:55:CA:DA:EF:F5:61:C0:D5:F4:5A:F0
X509v3 Authority Key Identifier:
keyid:02:FC:5C:06:4F:51:59:C8:A1:FA:40:66:C8:CB:8F:F7:01:67:1D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AvxcBk9RWcih-kBmyMuP9wFnHdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/UZ6zAv6xbGq0Vcra7_VhwNX0WvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/b15a7d-5aee-4d40-be5a-792a91c5ca2b/1/AvxcBk9RWcih-kBmyMuP9wFnHdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.192.0/23
185.203.112.0/24
IPv6:
2a0f:98c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:c8:ae:6b:4d:c8:7d:fc:ca:c9:2d:57:3a:a5:11:11:33:5a:
48:a0:c8:39:67:93:05:c9:9f:1d:7f:ab:e9:39:80:76:5b:a0:
5c:87:37:99:05:49:7c:76:32:40:a4:63:64:3c:ce:ea:05:38:
18:b5:c9:57:ae:15:49:83:35:fe:95:dd:f2:07:5a:08:79:61:
30:d6:e8:3d:dc:42:f1:ed:21:86:b6:c7:cf:85:a6:b1:4e:7f:
a7:b5:f3:8b:32:13:bb:b3:51:67:04:a2:44:cc:90:dc:37:f3:
2c:bd:48:d1:f4:a3:ee:ea:4e:5d:ec:38:19:8f:aa:85:d4:66:
96:e8:da:ae:57:3e:24:82:93:56:e5:b0:fa:28:42:61:6e:33:
b7:92:92:95:50:96:e8:75:06:ce:d2:68:31:a2:ae:c0:4a:f5:
d1:bd:2a:75:3c:5a:72:74:da:fa:b4:18:33:06:31:8f:ea:2e:
34:b3:8a:e0:25:28:94:43:61:0e:8d:13:d1:22:30:8b:d8:64:
7a:72:65:19:f2:72:ed:86:41:37:5d:c4:3c:63:b9:3a:39:db:
33:bb:6a:28:f9:b3:43:07:42:b7:8a:51:c7:a8:0b:d4:00:29:
dd:24:63:92:5d:ac:f6:b8:66:46:13:76:ba:90:23:fd:44:a4:
c0:c9:17:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYOjAI5nSkTOrlAaChznvez5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZmM1YzA2NGY1MTU5YzhhMWZhNDA2NmM4Y2I4ZmY3MDE2
NzFkZDIwHhcNMjIxMDA0MTIzNzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTllYjMwMmZlYjE2YzZhYjQ1NWNhZGFlZmY1NjFjMGQ1ZjQ1YWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUp8kS7ghhoJ6nOLhgGW0OCg3WZr
xVOaqhhvRGDKgEGDC4c+moO1BQm1ejRnu3Zn6qon4mfuDI34yvOd0IrfqzC2Ym5Z
r5E7pYdWQi8YxY7IKzs2/O7z8c1CqyFctmf/9jUHB02lftCgnat8LO07WbCGuV1d
gkmR69ebNPjOo2igXIJ9/ooBr4kQh7WXQWP3wblEcGH1iS8LW0YMafaKUUfu+H3k
Jgz2H1aMVgrWErEe+fxiI0hnJhgmsSF3zONbfw0Cnli4vnsJ2UAHs8OTLMiOcxPo
wjIiWIohWIsBVe17tBCwKKFyKWXs229jdI55ZQD/awixn5BT6jwYl9vSCwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFGeswL+sWxqtFXK2u/1YcDV9FrwMB8GA1UdIwQY
MBaAFAL8XAZPUVnIofpAZsjLj/cBZx3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEt
NzkyYTkxYzVjYTJiLzEvVVo2ekF2NnhiR3EwVmNyYTdfVmh3TlgwV3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9iMTVhN2QtNWFlZS00ZDQwLWJlNWEtNzkyYTkxYzVjYTJi
LzEvQXZ4Y0JrOVJXY2loLWtCbXlNdVA5d0ZuSGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBk07AAwQA
uctwMA0EAgACMAcDBQMqD5jAMA0GCSqGSIb3DQEBCwUAA4IBAQB0yK5rTch9/MrJ
LVc6pRERM1pIoMg5Z5MFyZ8df6vpOYB2W6BchzeZBUl8djJApGNkPM7qBTgYtclX
rhVJgzX+ld3yB1oIeWEw1ug93ELx7SGGtsfPhaaxTn+ntfOLMhO7s1FnBKJEzJDc
N/MsvUjR9KPu6k5d7DgZj6qF1GaW6NquVz4kgpNW5bD6KEJhbjO3kpKVUJbodQbO
0mgxoq7ASvXRvSp1PFpydNr6tBgzBjGP6i40s4rgJSiUQ2EOjRPRIjCL2GR6cmUZ
8nLthkE3XcQ8Y7k6Odszu2oo+bNDB0K3ilHHqAvUACndJGOSXaz2uGZGE3a6kCP9
RKTAyRcb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:34 2023 by rpki-client on console-ams.rpki-client.org