Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/UxIE3kB6HwVxblBserdC00PfpS0.roa
File: UxIE3kB6HwVxblBserdC00PfpS0.roa (raw, json)
Hash identifier: ZfwWASeGxmsJIbNw7u6SaHZc6iGIO9lPhb7QXsUm/OU=
Subject key identifier: 53:12:04:DE:40:7A:1F:05:71:6E:50:6C:7A:B7:42:D3:43:DF:A5:2D
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0185607A3C9DCFC6C5EFE42DE4B575C2B7C8
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/UxIE3kB6HwVxblBserdC00PfpS0.roa
Signing time: Fri 30 Dec 2022 00:41:41 +0000
ROA not before: Fri 30 Dec 2022 00:41:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43624
IP address blocks: 193.57.137.0/24 maxlen: 24
93.185.166.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:60:7a:3c:9d:cf:c6:c5:ef:e4:2d:e4:b5:75:c2:b7:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Dec 30 00:41:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=531204de407a1f05716e506c7ab742d343dfa52d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:d9:19:99:0f:9b:d9:9e:d5:5f:1c:eb:69:88:
95:69:ab:52:a0:ff:0f:29:b8:5d:d8:46:38:39:e5:
20:99:d8:92:a4:ea:91:7c:b7:8e:4a:b4:86:64:81:
e5:dd:68:33:23:db:28:c3:cc:ca:62:f1:b5:77:b4:
cb:6a:ae:c0:e3:ba:dc:03:29:38:5f:07:ca:cf:97:
75:2e:50:f3:57:e8:3b:c3:dc:c7:1f:6e:78:ad:14:
08:9f:09:19:4c:4a:db:cb:af:7a:8b:55:8d:bd:d6:
85:f7:e6:e1:7a:9a:c8:57:5f:a9:c5:5b:bf:55:9d:
c8:e1:32:94:c2:1a:6d:8a:84:4b:80:44:55:cd:75:
b3:42:21:54:06:83:78:93:8a:e2:63:f1:a3:ee:14:
4a:13:98:1c:95:ef:8e:fa:b9:9f:fb:fe:7d:ff:c4:
78:4f:22:c1:8e:30:16:2b:22:a6:7d:cb:d8:1c:42:
33:fc:69:86:7e:78:e0:b2:cb:33:25:4e:cc:10:b9:
13:d7:d3:8f:f1:a8:94:c3:13:d3:62:12:75:06:45:
cf:c4:7c:04:c7:f3:cd:69:d5:f1:3d:ab:9e:27:15:
bb:78:69:3f:17:b2:8a:50:0e:74:88:c6:18:19:be:
bd:3e:f5:92:c8:08:46:97:d2:43:fa:13:db:a2:4b:
c7:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:12:04:DE:40:7A:1F:05:71:6E:50:6C:7A:B7:42:D3:43:DF:A5:2D
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/UxIE3kB6HwVxblBserdC00PfpS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.166.0/24
193.57.137.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:03:71:3b:0e:78:3b:8f:6b:b1:01:7e:d6:c3:e5:0a:ad:9a:
3a:2a:6d:76:8f:43:de:c5:82:a2:e5:2d:63:8c:7d:9a:86:73:
8c:2e:3c:04:71:da:a2:a5:56:d4:d0:2f:3d:5d:4b:94:68:95:
49:99:79:ca:b3:6a:e5:a8:89:c7:48:b5:36:db:de:64:84:2d:
10:fc:57:1b:f2:ce:03:94:a7:51:e9:6b:15:75:6b:83:11:63:
53:75:34:37:8a:47:af:63:2e:f4:5b:99:9d:65:09:a9:d2:59:
59:75:f0:36:c0:b6:4b:55:c4:42:63:e7:84:50:a4:79:e7:09:
36:14:0b:ae:0f:38:24:8d:70:d6:5a:54:c8:32:e0:20:b6:67:
97:70:d1:2a:18:76:30:b7:7f:94:9d:38:7e:28:9a:99:65:03:
d7:2b:fb:d8:a3:e9:d1:59:36:be:d9:32:b3:7e:fe:7a:a0:cb:
d2:45:0e:37:f1:fe:57:8e:9d:6e:bb:cf:4c:f0:51:01:2e:ee:
9c:9c:87:96:ff:b9:60:05:47:60:52:d1:f8:d2:6b:a5:d2:50:
f2:0e:81:d6:7b:e6:31:5b:32:f9:2d:41:08:bb:de:94:96:71:
98:8b:20:98:10:3a:39:e0:b3:74:5d:dc:e6:08:78:d4:37:92:
63:40:4f:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVgejydz8bF7+Qt5LV1wrfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMjMwMDA0MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MzEyMDRkZTQwN2ExZjA1NzE2ZTUwNmM3YWI3NDJkMzQzZGZhNTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltkZmQ+b2Z7VXxzraYiVaatSoP8P
Kbhd2EY4OeUgmdiSpOqRfLeOSrSGZIHl3WgzI9sow8zKYvG1d7TLaq7A47rcAyk4
XwfKz5d1LlDzV+g7w9zHH254rRQInwkZTErby696i1WNvdaF9+bheprIV1+pxVu/
VZ3I4TKUwhptioRLgERVzXWzQiFUBoN4k4riY/Gj7hRKE5gcle+O+rmf+/59/8R4
TyLBjjAWKyKmfcvYHEIz/GmGfnjgssszJU7MELkT19OP8aiUwxPTYhJ1BkXPxHwE
x/PNadXxPaueJxW7eGk/F7KKUA50iMYYGb69PvWSyAhGl9JD+hPbokvHpQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFMSBN5Aeh8FcW5QbHq3QtND36UtMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvVXhJRTNrQjZId1Z4YmxCc2VyZEMwMFBmcFMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXbmmAwQA
wTmJMA0GCSqGSIb3DQEBCwUAA4IBAQDUA3E7Dng7j2uxAX7Ww+UKrZo6Km12j0Pe
xYKi5S1jjH2ahnOMLjwEcdqipVbU0C89XUuUaJVJmXnKs2rlqInHSLU2295khC0Q
/Fcb8s4DlKdR6WsVdWuDEWNTdTQ3ikevYy70W5mdZQmp0llZdfA2wLZLVcRCY+eE
UKR55wk2FAuuDzgkjXDWWlTIMuAgtmeXcNEqGHYwt3+UnTh+KJqZZQPXK/vYo+nR
WTa+2TKzfv56oMvSRQ438f5Xjp1uu89M8FEBLu6cnIeW/7lgBUdgUtH40mul0lDy
DoHWe+YxWzL5LUEIu96UlnGYiyCYEDo54LN0XdzmCHjUN5JjQE+Z
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org