Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/7XUjEysuZ7ZJR0dOPmPCmzV5Zto.roa
File: 7XUjEysuZ7ZJR0dOPmPCmzV5Zto.roa (raw, json)
Hash identifier: p1s8KBxofD7DuU44Z7MfOOafxy3Ly+L543B3rCdtNb0=
Subject key identifier: ED:75:23:13:2B:2E:67:B6:49:47:47:4E:3E:63:C2:9B:35:79:66:DA
Certificate issuer: /CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
Certificate serial: 1AF224ED
Authority key identifier: 08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/7XUjEysuZ7ZJR0dOPmPCmzV5Zto.roa
Signing time: Sat 01 Jan 2022 06:02:33 +0000
ROA not before: Sat 01 Jan 2022 06:02:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20495
IP address blocks: 185.33.119.0/24 maxlen: 32
185.33.116.0/24 maxlen: 32
185.33.116.0/23 maxlen: 23
185.33.118.0/24 maxlen: 32
185.33.117.0/24 maxlen: 32
185.33.118.0/23 maxlen: 23
2a00:cc20::/33 maxlen: 33
2a00:cc20:4000::/34 maxlen: 128
2a00:cc20::/34 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452076781 (0x1af224ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0811bc50cfed9d02e58196a2c81c988e30ba1260
Validity
Not Before: Jan 1 06:02:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed7523132b2e67b64947474e3e63c29b357966da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1c:a9:68:40:f4:b0:b8:c7:f1:42:67:86:fc:
4d:d5:0b:01:79:0d:14:f8:4c:45:66:07:60:7c:4b:
20:5d:d3:f9:43:65:d4:57:8a:dc:3e:1d:01:3d:a4:
68:e5:59:0c:17:28:d7:72:83:43:9d:bc:07:bc:14:
d8:b2:a5:eb:4d:07:0b:43:2e:e3:f0:3b:c7:05:e1:
9c:11:58:c8:a3:61:fc:cd:b4:b1:86:a6:f9:8c:4a:
a8:c2:9e:d1:2a:24:16:ad:b8:be:1d:b4:a2:a5:71:
90:f8:62:33:91:48:50:15:a2:75:bb:fd:d3:38:eb:
74:47:ea:4b:49:a4:b1:e2:b4:4a:30:18:68:e6:39:
9d:83:68:36:88:f3:da:c3:b1:94:c2:91:14:97:18:
fd:7e:71:a8:ea:7d:5b:49:2a:07:fc:d4:b7:01:bf:
5e:b1:d0:6b:6d:15:c6:79:2e:08:13:7a:78:fb:00:
9b:80:10:5c:d4:03:79:9d:a2:fd:28:ac:80:70:00:
bc:29:b2:c9:5a:5a:7e:18:b6:7a:db:4a:3d:68:94:
97:51:bb:d2:e0:05:f6:0f:04:35:a6:33:ae:c4:8e:
8f:7b:91:c0:0e:96:df:e0:bc:b6:c7:b3:11:a6:6c:
ab:2c:7f:a7:d8:0b:48:7b:1a:03:f7:26:79:a1:2a:
e9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:75:23:13:2B:2E:67:B6:49:47:47:4E:3E:63:C2:9B:35:79:66:DA
X509v3 Authority Key Identifier:
keyid:08:11:BC:50:CF:ED:9D:02:E5:81:96:A2:C8:1C:98:8E:30:BA:12:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBG8UM_tnQLlgZaiyByYjjC6EmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/7XUjEysuZ7ZJR0dOPmPCmzV5Zto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0c8194-76d1-465e-a746-ee5a6743be56/1/CBG8UM_tnQLlgZaiyByYjjC6EmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.116.0/22
IPv6:
2a00:cc20::/33
Signature Algorithm: sha256WithRSAEncryption
bd:37:79:06:ce:e0:c3:1e:3f:85:cb:3e:50:04:38:39:59:36:
13:32:30:30:7f:9b:7a:ea:ca:df:a8:bc:1c:d9:1d:ac:b8:7a:
2a:e9:fd:6c:f5:9e:89:63:18:10:c9:b6:be:6a:a2:17:ff:ba:
2c:e4:fb:d9:7b:71:5b:0c:47:9d:a5:3c:14:9a:b8:f3:b5:93:
b8:33:08:a9:92:fa:97:d9:64:a9:4d:06:10:7e:31:a6:79:58:
1e:f4:50:1d:4d:35:ed:8e:43:d4:85:50:96:0c:a1:19:7e:a0:
84:eb:d4:be:95:8f:c2:5f:f8:83:1f:4f:ea:ad:d3:26:3c:bf:
69:dc:1b:ae:81:d6:05:70:a7:8a:fd:be:eb:23:e8:6e:11:c8:
04:99:b8:17:4c:36:d3:35:4c:09:f1:43:ec:3e:65:44:09:84:
dc:02:fc:fb:24:2b:24:94:54:06:6d:35:c4:43:97:13:ae:49:
16:74:cb:b8:87:06:c5:8b:27:9a:e5:1e:7a:68:2d:f0:30:9c:
f5:4d:23:02:80:01:83:27:4f:ae:99:13:c5:9e:9d:f6:b9:99:
4d:6d:39:33:41:1e:20:ab:44:b8:4e:38:b0:0a:8c:5b:74:8c:
4c:63:e9:8a:37:aa:64:48:07:7b:4d:a7:f2:38:bd:18:db:4b:
68:cf:3d:31
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEGvIk7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODExYmM1MGNmZWQ5ZDAyZTU4MTk2YTJjODFjOTg4ZTMwYmExMjYwMB4XDTIyMDEw
MTA2MDIzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQ3NTIzMTMyYjJl
NjdiNjQ5NDc0NzRlM2U2M2MyOWIzNTc5NjZkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIQcqWhA9LC4x/FCZ4b8TdULAXkNFPhMRWYHYHxLIF3T+UNl
1FeK3D4dAT2kaOVZDBco13KDQ528B7wU2LKl600HC0Mu4/A7xwXhnBFYyKNh/M20
sYam+YxKqMKe0SokFq24vh20oqVxkPhiM5FIUBWidbv90zjrdEfqS0mkseK0SjAY
aOY5nYNoNojz2sOxlMKRFJcY/X5xqOp9W0kqB/zUtwG/XrHQa20VxnkuCBN6ePsA
m4AQXNQDeZ2i/SisgHAAvCmyyVpafhi2ettKPWiUl1G70uAF9g8ENaYzrsSOj3uR
wA6W3+C8tsezEaZsqyx/p9gLSHsaA/cmeaEq6V8CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBTtdSMTKy5ntklHR04+Y8KbNXlm2jAfBgNVHSMEGDAWgBQIEbxQz+2dAuWB
lqLIHJiOMLoSYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NCRzhVTV90blFMbGdaYWl5QnlZampDNkVtQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvMGM4MTk0LTc2ZDEtNDY1ZS1hNzQ2LWVlNWE2NzQzYmU1Ni8x
LzdYVWpFeXN1WjdaSlIwZE9QbVBDbXpWNVp0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
MGM4MTk0LTc2ZDEtNDY1ZS1hNzQ2LWVlNWE2NzQzYmU1Ni8xL0NCRzhVTV90blFM
bGdaYWl5QnlZampDNkVtQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEArkhdDAOBAIAAjAIAwYHKgDMIAAw
DQYJKoZIhvcNAQELBQADggEBAL03eQbO4MMeP4XLPlAEODlZNhMyMDB/m3rqyt+o
vBzZHay4eirp/Wz1noljGBDJtr5qohf/uizk+9l7cVsMR52lPBSauPO1k7gzCKmS
+pfZZKlNBhB+MaZ5WB70UB1NNe2OQ9SFUJYMoRl+oITr1L6Vj8Jf+IMfT+qt0yY8
v2ncG66B1gVwp4r9vusj6G4RyASZuBdMNtM1TAnxQ+w+ZUQJhNwC/PskKySUVAZt
NcRDlxOuSRZ0y7iHBsWLJ5rlHnpoLfAwnPVNIwKAAYMnT66ZE8Wenfa5mU1tOTNB
HiCrRLhOOLAKjFt0jExj6Yo3qmRIB3tNp/I4vRjbS2jPPTE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:01 2023 by rpki-client on console-fra.rpki-client.org