Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/iShUm6vD0ydWP95wABK_iY_yTEE.roa
File: iShUm6vD0ydWP95wABK_iY_yTEE.roa (raw, json)
Hash identifier: s7l8KiRLs73r3aZLGnzB76jkvz2s+XRu6ZPTmlG/+QI=
Subject key identifier: 89:28:54:9B:AB:C3:D3:27:56:3F:DE:70:00:12:BF:89:8F:F2:4C:41
Certificate issuer: /CN=9e563c426d1aae4ed1e7f59536749022089e8479
Certificate serial: 01847B658E58C02ACAEDF4F076F1BF96DC4D
Authority key identifier: 9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/iShUm6vD0ydWP95wABK_iY_yTEE.roa
Signing time: Tue 15 Nov 2022 13:06:03 +0000
ROA not before: Tue 15 Nov 2022 13:06:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3238
IP address blocks: 213.204.32.0/19 maxlen: 24
79.133.0.0/19 maxlen: 19
194.110.176.0/20 maxlen: 24
212.17.160.0/19 maxlen: 24
194.112.0.0/20 maxlen: 24
82.199.160.0/19 maxlen: 24
2a00:5500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:65:8e:58:c0:2a:ca:ed:f4:f0:76:f1:bf:96:dc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e563c426d1aae4ed1e7f59536749022089e8479
Validity
Not Before: Nov 15 13:06:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8928549babc3d327563fde700012bf898ff24c41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fc:bf:fa:04:6d:29:2b:e8:86:87:ce:da:7b:
73:09:28:da:dd:05:29:d8:c4:28:26:96:76:b9:90:
f8:ff:6f:4f:f1:b4:b0:51:79:ef:fd:17:0d:59:d8:
13:26:01:c6:a9:d6:37:02:1f:22:68:03:71:d8:2e:
0d:83:80:b7:03:00:36:5c:c8:15:e4:c6:a2:2d:3f:
60:e7:d7:1b:72:20:89:35:be:98:09:6a:92:23:24:
ab:dc:65:4a:c6:f9:be:a0:82:8c:3d:d5:cc:9f:51:
80:a2:b4:72:9b:f1:be:80:ee:1d:ea:e5:85:ec:75:
96:09:81:49:86:25:f7:02:90:38:00:dd:95:12:c9:
cc:8f:4b:20:37:e4:69:fe:ca:99:19:87:1d:bd:01:
bf:d1:a4:ac:94:06:04:e2:96:3a:d6:88:61:f3:e8:
d7:cd:3a:1e:6b:d9:18:0d:25:1d:45:71:2c:39:bd:
72:7b:ac:42:ea:00:f8:24:43:56:5e:ef:f9:7d:4f:
f9:27:ea:44:4c:85:7f:6d:a4:fe:e3:e3:e1:51:9d:
51:01:a5:96:eb:32:ee:d4:e8:14:fb:86:96:1c:1c:
94:6f:c2:5b:e6:9d:16:f8:ff:7c:c2:39:aa:ff:97:
e0:cf:75:6a:de:3f:43:01:2d:c5:45:a4:2e:b1:4b:
90:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:28:54:9B:AB:C3:D3:27:56:3F:DE:70:00:12:BF:89:8F:F2:4C:41
X509v3 Authority Key Identifier:
keyid:9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/iShUm6vD0ydWP95wABK_iY_yTEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.0.0/19
82.199.160.0/19
194.110.176.0/20
194.112.0.0/20
212.17.160.0/19
213.204.32.0/19
IPv6:
2a00:5500::/32
Signature Algorithm: sha256WithRSAEncryption
9f:8b:b4:80:3f:5c:da:dd:f8:b8:4b:0a:16:f5:3b:0b:18:9d:
dc:94:1d:db:1e:cb:19:5d:0f:44:6a:bd:f0:40:d2:d7:d5:53:
6d:8e:2b:76:22:7e:e3:c4:0c:18:68:ef:c9:c7:a6:77:04:3b:
05:74:74:76:79:6d:8b:0e:7b:ef:c5:db:b9:53:ed:ca:5f:1c:
1f:cb:9f:c6:db:c4:3e:31:ed:f8:7e:fc:56:57:0d:3a:23:56:
c8:42:33:d9:28:c9:32:fe:be:cd:8c:6b:73:37:ee:d4:e6:c8:
c6:76:2c:ee:68:45:25:ee:d0:e9:c3:ed:8c:5d:56:90:42:c1:
c8:be:0e:c8:21:62:48:1b:59:e0:95:0c:45:d8:52:00:24:64:
c3:17:0c:6c:f8:5f:36:d2:1e:2f:8e:75:b2:52:1d:dc:3e:52:
a6:1b:90:78:28:67:5c:0f:28:35:d6:9d:73:e1:22:3f:96:38:
f8:9c:e0:6f:44:b3:c4:07:04:51:ba:44:fc:63:ca:37:55:54:
2d:e8:32:71:44:88:8b:f9:ca:e2:c6:84:0a:87:c6:80:d4:9a:
9e:e1:1c:2c:70:5d:df:45:55:d4:25:e5:c2:23:f1:c9:3f:f3:
bc:71:37:81:24:96:c6:0f:67:9d:e7:e4:42:9f:c1:76:c5:07:
34:18:3f:80
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYR7ZY5YwCrK7fTwdvG/ltxNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTYzYzQyNmQxYWFlNGVkMWU3ZjU5NTM2NzQ5MDIyMDg5
ZTg0NzkwHhcNMjIxMTE1MTMwNjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTI4NTQ5YmFiYzNkMzI3NTYzZmRlNzAwMDEyYmY4OThmZjI0YzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/y/+gRtKSvohofO2ntzCSja3QUp
2MQoJpZ2uZD4/29P8bSwUXnv/RcNWdgTJgHGqdY3Ah8iaANx2C4Ng4C3AwA2XMgV
5MaiLT9g59cbciCJNb6YCWqSIySr3GVKxvm+oIKMPdXMn1GAorRym/G+gO4d6uWF
7HWWCYFJhiX3ApA4AN2VEsnMj0sgN+Rp/sqZGYcdvQG/0aSslAYE4pY61ohh8+jX
zToea9kYDSUdRXEsOb1ye6xC6gD4JENWXu/5fU/5J+pETIV/baT+4+PhUZ1RAaWW
6zLu1OgU+4aWHByUb8Jb5p0W+P98wjmq/5fgz3Vq3j9DAS3FRaQusUuQBQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFIkoVJurw9MnVj/ecAASv4mP8kxBMB8GA1UdIwQY
MBaAFJ5WPEJtGq5O0ef1lTZ0kCIInoR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAt
YWZiY2YzNjZiYjA3LzEvaVNoVW02dkQweWRXUDk1d0FCS19pWV95VEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAtYWZiY2YzNjZiYjA3
LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFT4UAAwQF
UsegAwQEwm6wAwQEwnAAAwQF1BGgAwQF1cwgMA0EAgACMAcDBQAqAFUAMA0GCSqG
SIb3DQEBCwUAA4IBAQCfi7SAP1za3fi4SwoW9TsLGJ3clB3bHssZXQ9Ear3wQNLX
1VNtjit2In7jxAwYaO/Jx6Z3BDsFdHR2eW2LDnvvxdu5U+3KXxwfy5/G28Q+Me34
fvxWVw06I1bIQjPZKMky/r7NjGtzN+7U5sjGdizuaEUl7tDpw+2MXVaQQsHIvg7I
IWJIG1nglQxF2FIAJGTDFwxs+F820h4vjnWyUh3cPlKmG5B4KGdcDyg11p1z4SI/
ljj4nOBvRLPEBwRRukT8Y8o3VVQt6DJxRIiL+crixoQKh8aA1Jqe4RwscF3fRVXU
JeXCI/HJP/O8cTeBJJbGD2ed5+RCn8F2xQc0GD+A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:51 2023 by rpki-client on console-ams.rpki-client.org