Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/u0mnIXXeSW5Cm4BqviHQtZdatK4.roa
File: u0mnIXXeSW5Cm4BqviHQtZdatK4.roa (raw, json)
Hash identifier: pZi0LlGosr8doJuXlGJaxxrUce/Bq4ndvyRhriZpdFU=
Subject key identifier: BB:49:A7:21:75:DE:49:6E:42:9B:80:6A:BE:21:D0:B5:97:5A:B4:AE
Certificate issuer: /CN=f7742725862b90bda4510a02e804fef3ad1142dc
Certificate serial: 1B97ED68
Authority key identifier: F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/u0mnIXXeSW5Cm4BqviHQtZdatK4.roa
Signing time: Fri 11 Mar 2022 13:18:26 +0000
ROA not before: Fri 11 Mar 2022 13:18:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15836
IP address blocks: 5.32.168.0/21 maxlen: 21
185.46.60.0/22 maxlen: 22
212.28.64.0/19 maxlen: 20
87.255.64.0/19 maxlen: 20
217.26.160.0/20 maxlen: 20
2a03:a80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 462941544 (0x1b97ed68)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7742725862b90bda4510a02e804fef3ad1142dc
Validity
Not Before: Mar 11 13:18:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb49a72175de496e429b806abe21d0b5975ab4ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a6:6f:9a:83:c0:52:99:73:52:30:88:a3:20:
c7:61:95:b2:f2:5c:58:dc:c1:7c:e1:73:ae:42:64:
f6:ab:94:60:54:a2:51:84:89:92:ca:6c:22:f2:8f:
c3:8d:fa:2a:ea:f7:84:61:be:c8:83:b1:0f:aa:c7:
1b:aa:8d:e6:d1:e7:6d:f9:00:84:a9:f7:68:12:5f:
50:c9:40:05:f1:b0:be:23:34:b5:bf:99:1a:e4:ef:
93:3e:8c:1d:d4:8b:24:f2:bc:05:41:4a:33:64:b2:
f8:3f:2a:6b:b1:c8:97:f6:2f:7a:f1:c7:f7:2d:03:
71:a1:b4:56:7b:fb:4b:26:d0:b3:b4:ad:49:1d:90:
6c:48:2d:9f:68:4b:cf:cc:fe:0f:89:c2:d9:ff:24:
c1:1b:e1:e6:0c:cb:fd:0d:e5:35:a6:2b:cb:29:aa:
15:c4:91:f8:6c:65:36:43:8e:0e:ba:db:1e:87:76:
59:ac:53:51:26:c9:be:ff:1f:1a:1f:72:11:21:3c:
aa:bf:21:98:33:57:f7:88:c6:53:34:16:89:08:2e:
33:97:e2:be:73:99:f9:17:66:71:51:b2:0a:71:6f:
5a:cd:75:32:28:2b:87:95:98:1f:69:d5:7f:fe:d1:
20:c4:8c:cd:a8:9a:63:fa:4a:3a:13:a7:17:62:35:
b4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:49:A7:21:75:DE:49:6E:42:9B:80:6A:BE:21:D0:B5:97:5A:B4:AE
X509v3 Authority Key Identifier:
keyid:F7:74:27:25:86:2B:90:BD:A4:51:0A:02:E8:04:FE:F3:AD:11:42:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93QnJYYrkL2kUQoC6AT-860RQtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/u0mnIXXeSW5Cm4BqviHQtZdatK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/8e7e30-c2b8-4591-8cfe-7b8e9d335ca8/1/93QnJYYrkL2kUQoC6AT-860RQtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.168.0/21
87.255.64.0/19
185.46.60.0/22
212.28.64.0/19
217.26.160.0/20
IPv6:
2a03:a80::/32
Signature Algorithm: sha256WithRSAEncryption
03:d2:77:8b:d3:1f:b7:7d:45:5f:d9:06:f0:ee:8d:a6:de:70:
f2:18:08:c3:cf:2d:d1:95:e1:ca:71:c7:00:52:ee:3d:a1:bf:
ba:7b:70:74:42:7b:60:eb:40:27:f3:de:70:98:ee:97:31:10:
fa:12:65:f1:62:5c:fd:14:c4:a3:c1:b1:23:c0:8a:3a:02:1c:
15:ed:7d:ea:24:77:ec:9d:58:e6:ff:da:20:67:39:f0:55:d3:
7d:f6:cf:53:20:0a:a2:66:7e:b7:59:6b:e9:18:19:ac:8c:83:
f6:86:bc:b3:a2:10:15:fd:ef:86:60:09:2d:ec:1d:f7:c5:e4:
e8:89:41:cf:5b:89:1d:5e:b6:2a:40:f0:79:9c:17:95:a2:5e:
85:76:85:02:dd:fe:18:34:6a:78:3d:1e:1a:b7:0d:a7:e8:fe:
79:30:f9:79:c9:f5:c6:68:b7:20:58:f6:f6:02:a1:31:b7:87:
b2:04:11:a1:c9:93:17:16:d2:5d:89:88:49:71:4b:92:84:2e:
22:72:99:3d:fb:9b:42:2b:59:b8:d4:66:2f:8d:0a:60:c3:18:
41:18:8f:2a:37:53:5e:f3:b3:f4:9d:2c:02:be:56:d2:cc:d0:
e2:ab:e8:92:c2:73:e7:13:6d:b5:63:10:0e:fe:e4:05:d8:b3:
27:4f:5b:23
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEG5ftaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Nzc0MjcyNTg2MmI5MGJkYTQ1MTBhMDJlODA0ZmVmM2FkMTE0MmRjMB4XDTIyMDMx
MTEzMTgyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI0OWE3MjE3NWRl
NDk2ZTQyOWI4MDZhYmUyMWQwYjU5NzVhYjRhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6mb5qDwFKZc1IwiKMgx2GVsvJcWNzBfOFzrkJk9quUYFSi
UYSJkspsIvKPw436Kur3hGG+yIOxD6rHG6qN5tHnbfkAhKn3aBJfUMlABfGwviM0
tb+ZGuTvkz6MHdSLJPK8BUFKM2Sy+D8qa7HIl/YvevHH9y0DcaG0Vnv7SybQs7St
SR2QbEgtn2hLz8z+D4nC2f8kwRvh5gzL/Q3lNaYryymqFcSR+GxlNkOODrrbHod2
WaxTUSbJvv8fGh9yESE8qr8hmDNX94jGUzQWiQguM5fivnOZ+RdmcVGyCnFvWs11
Migrh5WYH2nVf/7RIMSMzaiaY/pKOhOnF2I1tH0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBS7Sachdd5JbkKbgGq+IdC1l1q0rjAfBgNVHSMEGDAWgBT3dCclhiuQvaRR
CgLoBP7zrRFC3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkzUW5KWVlya0wya1VRb0M2QVQtODYwUlF0dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvOGU3ZTMwLWMyYjgtNDU5MS04Y2ZlLTdiOGU5ZDMzNWNhOC8x
L3UwbW5JWFhlU1c1Q200QnF2aUhRdFpkYXRLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
OGU3ZTMwLWMyYjgtNDU5MS04Y2ZlLTdiOGU5ZDMzNWNhOC8xLzkzUW5KWVlya0wy
a1VRb0M2QVQtODYwUlF0dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAwUgqAMEBVf/QAMEArkuPAMEBdQc
QAMEBNkaoDANBAIAAjAHAwUAKgMKgDANBgkqhkiG9w0BAQsFAAOCAQEAA9J3i9Mf
t31FX9kG8O6Npt5w8hgIw88t0ZXhynHHAFLuPaG/untwdEJ7YOtAJ/PecJjulzEQ
+hJl8WJc/RTEo8GxI8CKOgIcFe196iR37J1Y5v/aIGc58FXTffbPUyAKomZ+t1lr
6RgZrIyD9oa8s6IQFf3vhmAJLewd98Xk6IlBz1uJHV62KkDweZwXlaJehXaFAt3+
GDRqeD0eGrcNp+j+eTD5ecn1xmi3IFj29gKhMbeHsgQRocmTFxbSXYmISXFLkoQu
InKZPfubQitZuNRmL40KYMMYQRiPKjdTXvOz9J0sAr5W0szQ4qvoksJz5xNttWMQ
Dv7kBdizJ09bIw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:07 2023 by rpki-client on console-ams.rpki-client.org