Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/U1zrj_E9mYgOjA2vtUgda6kAdaU.roa
File: U1zrj_E9mYgOjA2vtUgda6kAdaU.roa (raw, json)
Hash identifier: I9GcsZ0+cGqR88YNT5BWgPc1N8h42NVpF5dE3zJP7oc=
Subject key identifier: 53:5C:EB:8F:F1:3D:99:88:0E:8C:0D:AF:B5:48:1D:6B:A9:00:75:A5
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0AC8ADB4
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/U1zrj_E9mYgOjA2vtUgda6kAdaU.roa
Signing time: Sat 01 Jan 2022 03:02:34 +0000
ROA not before: Sat 01 Jan 2022 03:02:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 193.35.152.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
185.249.202.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 180923828 (0xac8adb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 03:02:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=535ceb8ff13d99880e8c0dafb5481d6ba90075a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:a2:e5:57:a4:37:e6:aa:3f:ad:d7:00:19:48:
7a:50:62:bd:79:a1:1a:b6:a6:9e:6c:68:44:e8:70:
4e:61:a9:30:f8:fb:f9:34:e2:be:c1:96:6a:b7:52:
6e:bf:d4:bd:02:7c:a5:c0:77:ec:25:11:4a:7e:eb:
da:9f:e8:71:d8:c6:69:4a:74:87:71:7c:97:91:63:
06:6c:8b:01:f5:55:55:0e:0d:9d:f5:4b:5f:43:00:
ae:99:3e:ff:81:61:9f:f3:48:f9:c0:6e:1b:ca:8a:
13:db:d9:3d:4e:0e:59:ad:19:8b:15:ab:19:dc:88:
9c:02:2a:04:02:a6:92:28:57:2b:3f:78:cc:09:ac:
62:8c:d0:80:fc:80:f3:6e:a7:02:ca:48:5a:e8:62:
48:4e:23:28:0c:7b:ba:81:74:3c:78:19:a0:1d:18:
d2:c5:ed:79:7b:89:a4:65:da:b3:73:12:e7:94:0c:
3e:fa:0a:6c:a0:90:6f:37:f3:f4:a9:0c:58:ab:54:
22:ff:57:d7:35:f4:a3:a3:c9:89:40:4d:fa:20:04:
76:f4:9f:0d:10:10:5f:b3:b1:cb:61:42:38:84:42:
77:56:30:ff:9e:7f:0e:e1:36:06:98:6f:90:91:60:
ff:04:8e:e6:68:8d:e9:54:dd:a4:47:fd:f2:0e:f8:
d7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:5C:EB:8F:F1:3D:99:88:0E:8C:0D:AF:B5:48:1D:6B:A9:00:75:A5
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/U1zrj_E9mYgOjA2vtUgda6kAdaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.175.0/24
185.184.24.0/24
185.243.180.0/23
185.249.200.0/22
193.35.152.0/24
193.35.155.0/24
193.160.140.0/24
193.223.106.0/24
Signature Algorithm: sha256WithRSAEncryption
68:3c:1b:69:c2:9b:ef:14:67:83:68:d2:fa:9f:3f:65:4f:4b:
b5:52:c2:15:ef:65:96:8a:80:d1:8b:20:03:de:72:78:43:8a:
65:7b:19:c5:03:e9:34:ae:61:00:32:9a:78:cd:b7:bc:98:20:
1e:ec:c5:16:ea:93:0c:57:a3:a8:b9:0b:35:12:16:bf:7d:b2:
26:58:44:84:5f:59:36:2d:43:02:2c:d1:f5:4a:ca:af:11:17:
8f:23:71:16:a0:74:51:25:b4:52:2b:d7:ea:99:83:72:ed:ae:
54:eb:4a:a8:f1:9b:00:93:e8:f7:b9:1c:d4:6e:57:03:8b:c7:
7a:6a:9d:19:48:32:06:df:48:a5:f2:dd:80:61:f9:ae:cc:d5:
5d:aa:56:98:14:46:eb:46:b6:12:56:97:71:65:38:fa:53:85:
ed:73:fd:90:81:3d:16:c2:12:ba:3f:c6:b2:a1:d4:7b:6f:d6:
e0:d2:83:05:63:97:16:7d:73:ae:94:c0:a0:7c:ae:8d:f0:05:
12:7c:a5:99:00:1b:2a:8f:4f:bb:a6:28:5f:d2:d5:03:db:98:
58:d0:33:31:59:e0:83:40:8a:2c:68:6a:be:5e:ac:0b:33:13:
a8:51:e2:12:79:25:e1:1b:5e:ab:88:78:27:c3:88:ec:f6:26:
29:19:8a:62
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIECsittDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NjE2YzQxOTUxNTJlZmZlZGJmN2IzYWZlZTJhYTcyZTE5MDkwZTRkMB4XDTIyMDEw
MTAzMDIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM1Y2ViOGZmMTNk
OTk4ODBlOGMwZGFmYjU0ODFkNmJhOTAwNzVhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPii5VekN+aqP63XABlIelBivXmhGramnmxoROhwTmGpMPj7
+TTivsGWardSbr/UvQJ8pcB37CURSn7r2p/ocdjGaUp0h3F8l5FjBmyLAfVVVQ4N
nfVLX0MArpk+/4Fhn/NI+cBuG8qKE9vZPU4OWa0ZixWrGdyInAIqBAKmkihXKz94
zAmsYozQgPyA826nAspIWuhiSE4jKAx7uoF0PHgZoB0Y0sXteXuJpGXas3MS55QM
PvoKbKCQbzfz9KkMWKtUIv9X1zX0o6PJiUBN+iAEdvSfDRAQX7Oxy2FCOIRCd1Yw
/55/DuE2BphvkJFg/wSO5miN6VTdpEf98g7412ECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRTXOuP8T2ZiA6MDa+1SB1rqQB1pTAfBgNVHSMEGDAWgBTGFsQZUVLv/tv3
s6/uKqcuGQkOTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hoYkVHVkZTN183Yjk3T3Y3aXFuTGhrSkRrMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvYWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8x
L1UxenJqX0U5bVlnT2pBMnZ0VWdkYTZrQWRhVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
YWQ2NTIxLWQzYTktNGIxMy1iZTY5LTM5ZmRiOTg2ZjA1OS8xL3hoYkVHVkZTN183
Yjk3T3Y3aXFuTGhrSkRrMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEALlYrwMEALm4GAMEAbnztAMEArn5
yAMEAMEjmAMEAMEjmwMEAMGgjAMEAMHfajANBgkqhkiG9w0BAQsFAAOCAQEAaDwb
acKb7xRng2jS+p8/ZU9LtVLCFe9lloqA0YsgA95yeEOKZXsZxQPpNK5hADKaeM23
vJggHuzFFuqTDFejqLkLNRIWv32yJlhEhF9ZNi1DAizR9UrKrxEXjyNxFqB0USW0
UivX6pmDcu2uVOtKqPGbAJPo97kc1G5XA4vHemqdGUgyBt9IpfLdgGH5rszVXapW
mBRG60a2ElaXcWU4+lOF7XP9kIE9FsISuj/GsqHUe2/W4NKDBWOXFn1zrpTAoHyu
jfAFEnylmQAbKo9Pu6YoX9LVA9uYWNAzMVngg0CKLGhqvl6sCzMTqFHiEnkl4Rte
q4h4J8OI7PYmKRmKYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:24 2024 by rpki-client on console-ams.rpki-client.org