Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/Y195xXpGj31MsrklDuvweaVtWQY.roa
File: Y195xXpGj31MsrklDuvweaVtWQY.roa (raw, json)
Hash identifier: bnJT4z1ql6TOqbnoY/FWMNmvTV0WjMX1xylYJ8oaGRY=
Subject key identifier: 63:5F:79:C5:7A:46:8F:7D:4C:B2:B9:25:0E:EB:F0:79:A5:6D:59:06
Certificate issuer: /CN=3948869ce54b9d3b2f3e39aee2c9c8eb19cb5b0f
Certificate serial: 0A417993
Authority key identifier: 39:48:86:9C:E5:4B:9D:3B:2F:3E:39:AE:E2:C9:C8:EB:19:CB:5B:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OUiGnOVLnTsvPjmu4snI6xnLWw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/Y195xXpGj31MsrklDuvweaVtWQY.roa
Signing time: Sat 01 Jan 2022 04:57:33 +0000
ROA not before: Sat 01 Jan 2022 04:57:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201503
IP address blocks: 185.72.210.0/24 maxlen: 24
185.72.208.0/24 maxlen: 24
185.72.208.0/22 maxlen: 22
82.163.120.0/22 maxlen: 22
82.163.132.0/22 maxlen: 22
2a05:3950::/31 maxlen: 31
2a05:3950:f000::/36 maxlen: 36
2a05:3950:8660::/48 maxlen: 48
2a05:3950:8000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172063123 (0xa417993)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3948869ce54b9d3b2f3e39aee2c9c8eb19cb5b0f
Validity
Not Before: Jan 1 04:57:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=635f79c57a468f7d4cb2b9250eebf079a56d5906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:37:2c:f6:eb:eb:62:a8:55:21:b3:d9:e0:43:
b0:9f:35:bd:f6:1c:ea:a8:71:5f:87:c6:a9:3d:60:
45:8b:df:81:d9:0a:56:f9:54:d9:2f:f8:f3:33:d5:
b8:47:bc:31:9e:51:05:e5:af:49:da:7b:b8:62:7f:
4c:9e:36:25:9c:cc:03:9a:e7:e5:b2:6a:55:9f:49:
83:f5:c6:03:88:66:5b:17:68:22:ec:7a:94:91:98:
f2:99:12:21:06:f1:2e:5b:a1:97:68:0e:12:1d:b3:
63:3f:99:e4:d0:a6:c2:84:86:2b:df:77:ce:11:9d:
a1:86:de:04:89:30:36:d6:25:cd:f5:b3:2d:d7:e4:
b2:61:83:a8:35:82:fd:1f:4e:af:09:c7:8d:03:7f:
55:8d:2e:8a:3d:74:1f:e7:b1:75:13:53:57:86:33:
80:8b:0e:8a:d9:5c:65:f9:43:76:a7:d0:c2:e9:2f:
9a:0f:dc:05:4d:9e:2c:03:f3:1c:bc:f2:61:b6:24:
e2:bd:f2:37:5c:d1:5a:1d:32:3a:8d:c9:c3:71:3f:
68:9d:8d:3b:3a:cd:02:6c:a1:6c:cc:fb:de:7a:60:
80:25:95:3c:2d:30:4c:6d:44:ee:69:52:e5:73:df:
4f:32:a3:eb:46:a3:6a:36:2b:8c:d7:38:44:92:29:
56:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:5F:79:C5:7A:46:8F:7D:4C:B2:B9:25:0E:EB:F0:79:A5:6D:59:06
X509v3 Authority Key Identifier:
keyid:39:48:86:9C:E5:4B:9D:3B:2F:3E:39:AE:E2:C9:C8:EB:19:CB:5B:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OUiGnOVLnTsvPjmu4snI6xnLWw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/Y195xXpGj31MsrklDuvweaVtWQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/dd0189-7969-4fd5-9747-28bdabca70cb/1/OUiGnOVLnTsvPjmu4snI6xnLWw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.120.0/22
82.163.132.0/22
185.72.208.0/22
IPv6:
2a05:3950::/31
Signature Algorithm: sha256WithRSAEncryption
33:5e:ab:55:9d:60:28:81:a8:3b:29:4d:27:bf:58:5e:cc:2b:
95:0e:a6:81:43:90:be:23:07:30:17:5d:40:c8:a0:03:ed:5e:
0b:a3:34:3a:b6:56:10:d2:80:43:34:20:e9:e4:6e:1c:62:01:
52:a7:6a:50:54:5a:79:65:f3:ee:f7:93:2a:8c:0b:b2:6b:e1:
d0:ec:de:cc:43:1f:02:3c:d2:eb:f4:90:cc:cf:37:af:71:79:
ae:b3:3d:64:7c:9d:1d:b3:4a:58:fb:95:34:57:6e:52:7f:b5:
85:36:be:4c:bc:11:42:15:8a:95:0d:c0:22:24:4e:39:93:2c:
93:1d:3b:83:3f:a7:0a:39:f4:aa:1b:e5:5e:31:cb:9a:ab:55:
6c:41:ca:45:b6:57:b2:41:c2:5a:a5:13:3f:03:f5:57:4f:62:
91:af:4d:fa:da:f5:3c:2c:d0:00:7f:e1:c5:64:5e:c8:f5:ae:
d1:36:b4:7d:00:4e:f8:51:a7:c6:cd:4d:79:40:7e:6d:e9:d6:
2f:e8:e5:7f:42:5b:1b:8c:d3:aa:c2:fc:11:6f:b6:ce:e4:d0:
bf:29:a3:08:a2:25:e0:65:e4:56:5b:e5:34:58:f0:3f:ec:54:
81:f7:c3:34:85:00:d8:1a:7d:33:f8:22:90:94:03:d3:a9:c6:
3a:4a:fe:af
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECkF5kzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTQ4ODY5Y2U1NGI5ZDNiMmYzZTM5YWVlMmM5YzhlYjE5Y2I1YjBmMB4XDTIyMDEw
MTA0NTczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjM1Zjc5YzU3YTQ2
OGY3ZDRjYjJiOTI1MGVlYmYwNzlhNTZkNTkwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKc3LPbr62KoVSGz2eBDsJ81vfYc6qhxX4fGqT1gRYvfgdkK
VvlU2S/48zPVuEe8MZ5RBeWvSdp7uGJ/TJ42JZzMA5rn5bJqVZ9Jg/XGA4hmWxdo
Iux6lJGY8pkSIQbxLluhl2gOEh2zYz+Z5NCmwoSGK993zhGdoYbeBIkwNtYlzfWz
LdfksmGDqDWC/R9OrwnHjQN/VY0uij10H+exdRNTV4YzgIsOitlcZflDdqfQwukv
mg/cBU2eLAPzHLzyYbYk4r3yN1zRWh0yOo3Jw3E/aJ2NOzrNAmyhbMz73npggCWV
PC0wTG1E7mlS5XPfTzKj60ajajYrjNc4RJIpVjECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBRjX3nFekaPfUyyuSUO6/B5pW1ZBjAfBgNVHSMEGDAWgBQ5SIac5UudOy8+
Oa7iycjrGctbDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09VaUduT1ZMblRzdlBqbXU0c25JNnhuTFd3OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvZGQwMTg5LTc5NjktNGZkNS05NzQ3LTI4YmRhYmNhNzBjYi8x
L1kxOTV4WHBHajMxTXNya2xEdXZ3ZWFWdFdRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
ZGQwMTg5LTc5NjktNGZkNS05NzQ3LTI4YmRhYmNhNzBjYi8xL09VaUduT1ZMblRz
dlBqbXU0c25JNnhuTFd3OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAlKjeAMEAlKjhAMEArlI0DANBAIA
AjAHAwUBKgU5UDANBgkqhkiG9w0BAQsFAAOCAQEAM16rVZ1gKIGoOylNJ79YXswr
lQ6mgUOQviMHMBddQMigA+1eC6M0OrZWENKAQzQg6eRuHGIBUqdqUFRaeWXz7veT
KowLsmvh0OzezEMfAjzS6/SQzM83r3F5rrM9ZHydHbNKWPuVNFduUn+1hTa+TLwR
QhWKlQ3AIiROOZMskx07gz+nCjn0qhvlXjHLmqtVbEHKRbZXskHCWqUTPwP1V09i
ka9N+tr1PCzQAH/hxWReyPWu0Ta0fQBO+FGnxs1NeUB+benWL+jlf0JbG4zTqsL8
EW+2zuTQvymjCKIl4GXkVlvlNFjwP+xUgffDNIUA2Bp9M/gikJQD06nGOkr+rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:02 2024 by rpki-client on console-ams.rpki-client.org