Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9ff43e-f817-4ebe-a0d9-7a18931d985b/1/rlWyrA7MyZnV0ZSOWnXkwIO9DIE.roa
File: rlWyrA7MyZnV0ZSOWnXkwIO9DIE.roa (raw, json)
Hash identifier: LtoPTovdBF63icY2devdOzbP2GRKd8SvKhWHO7+BHIQ=
Subject key identifier: AE:55:B2:AC:0E:CC:C9:99:D5:D1:94:8E:5A:75:E4:C0:83:BD:0C:81
Certificate issuer: /CN=b67f1b87e6752f45439b8528cc968b4770a5a0fb
Certificate serial: 1158CFE1
Authority key identifier: B6:7F:1B:87:E6:75:2F:45:43:9B:85:28:CC:96:8B:47:70:A5:A0:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tn8bh-Z1L0VDm4UozJaLR3CloPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9ff43e-f817-4ebe-a0d9-7a18931d985b/1/rlWyrA7MyZnV0ZSOWnXkwIO9DIE.roa
Signing time: Sat 01 Jan 2022 14:04:29 +0000
ROA not before: Sat 01 Jan 2022 14:04:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61232
IP address blocks: 195.242.164.0/23 maxlen: 23
195.242.163.0/24 maxlen: 24
185.152.17.0/24 maxlen: 24
185.152.16.0/24 maxlen: 24
185.152.19.0/24 maxlen: 24
185.152.18.0/24 maxlen: 24
2a07:7cc6::/32 maxlen: 32
2a07:7cc3::/32 maxlen: 32
2a07:7cc7::/32 maxlen: 32
2a07:7cc1::/32 maxlen: 32
2a07:7cc4::/32 maxlen: 32
2a07:7cc0::/32 maxlen: 32
2a07:7cc2::/32 maxlen: 32
2a07:7cc5::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 291033057 (0x1158cfe1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b67f1b87e6752f45439b8528cc968b4770a5a0fb
Validity
Not Before: Jan 1 14:04:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae55b2ac0eccc999d5d1948e5a75e4c083bd0c81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ec:f0:05:2d:3e:23:89:95:29:32:22:4b:c9:
ea:ab:8b:7c:12:e6:db:a9:3e:7a:20:e5:ba:b6:de:
4e:d9:ef:1c:7f:d6:c4:1a:1b:8e:23:2c:d6:59:28:
04:df:b6:0a:41:52:23:fd:4c:da:24:05:7f:27:81:
f4:8a:8c:1b:23:3b:98:c4:a7:fe:9f:0f:ef:9a:a8:
be:90:53:29:45:78:09:5e:df:32:c9:4b:a8:50:c8:
08:bd:b1:44:84:c5:f9:01:f1:23:19:f5:9a:0a:7d:
db:35:6c:61:bd:eb:de:9a:61:f8:e2:81:44:1d:ba:
f5:4f:ef:f7:68:bd:df:5f:67:5b:dc:f7:07:b8:89:
e4:0d:70:08:c5:37:35:1b:49:47:f1:f2:ed:9f:b3:
0e:e4:93:c3:9b:e2:8c:11:7b:21:2d:9d:b4:2a:14:
9c:df:b6:7f:e2:c0:8a:d1:10:8b:a8:91:75:41:6e:
bc:63:35:61:13:37:8e:30:e1:29:ed:10:14:c1:fc:
77:cd:0b:63:aa:c2:44:01:e4:4e:a1:7d:ce:f9:a6:
af:19:e0:4d:45:38:33:f3:01:e7:c5:67:b4:2d:d2:
be:26:fe:a4:9d:b2:93:69:19:c8:bc:df:d9:e6:a2:
b4:91:c4:1a:d0:fa:da:cf:28:b5:a8:22:0e:ca:2c:
2c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:55:B2:AC:0E:CC:C9:99:D5:D1:94:8E:5A:75:E4:C0:83:BD:0C:81
X509v3 Authority Key Identifier:
keyid:B6:7F:1B:87:E6:75:2F:45:43:9B:85:28:CC:96:8B:47:70:A5:A0:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tn8bh-Z1L0VDm4UozJaLR3CloPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9ff43e-f817-4ebe-a0d9-7a18931d985b/1/rlWyrA7MyZnV0ZSOWnXkwIO9DIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9ff43e-f817-4ebe-a0d9-7a18931d985b/1/tn8bh-Z1L0VDm4UozJaLR3CloPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.16.0/22
195.242.163.0-195.242.165.255
IPv6:
2a07:7cc0::/29
Signature Algorithm: sha256WithRSAEncryption
54:7c:53:14:f4:5d:0c:11:b0:26:75:1b:32:07:2d:de:eb:4e:
f3:95:ac:31:d4:fb:6f:3d:54:f4:01:00:37:84:28:24:f8:88:
b5:e9:50:42:da:62:55:9a:53:51:4e:04:3c:3d:42:a1:86:ad:
92:3c:93:31:93:df:ef:38:4c:64:2f:8b:47:c0:73:8b:7a:0a:
a5:41:9b:af:c5:04:1b:c2:d5:4b:b5:a9:ba:f6:dc:37:72:30:
7d:84:9c:8a:b1:eb:9e:bd:c1:06:c0:c1:9e:47:86:7f:bc:80:
53:db:a0:12:f7:af:e6:3b:b8:88:cc:f6:8c:52:5f:d1:0b:ca:
8d:eb:e9:c6:61:35:b3:57:49:7d:f0:43:cf:26:18:6f:8a:e5:
74:4e:0c:f4:31:4d:1d:bd:3b:19:57:fa:67:47:3c:b0:19:e5:
8c:8d:74:eb:61:2f:4f:fb:14:82:ac:bb:12:5d:9d:34:4a:6f:
ed:73:3d:97:ad:c3:01:26:f4:76:15:36:c8:b4:68:72:59:ea:
13:1a:ea:71:dc:a9:e6:ed:22:18:de:31:8a:11:42:d3:3b:c4:
45:97:e5:af:0b:85:52:6d:73:91:a7:c6:83:ab:49:7f:50:16:
c9:21:ec:b5:17:e0:93:72:f0:b4:a5:f5:f6:90:a6:c2:7a:98:
02:4b:c6:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEEVjP4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjdmMWI4N2U2NzUyZjQ1NDM5Yjg1MjhjYzk2OGI0NzcwYTVhMGZiMB4XDTIyMDEw
MTE0MDQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU1NWIyYWMwZWNj
Yzk5OWQ1ZDE5NDhlNWE3NWU0YzA4M2JkMGM4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7s8AUtPiOJlSkyIkvJ6quLfBLm26k+eiDlurbeTtnvHH/W
xBobjiMs1lkoBN+2CkFSI/1M2iQFfyeB9IqMGyM7mMSn/p8P75qovpBTKUV4CV7f
MslLqFDICL2xRITF+QHxIxn1mgp92zVsYb3r3pph+OKBRB269U/v92i9319nW9z3
B7iJ5A1wCMU3NRtJR/Hy7Z+zDuSTw5vijBF7IS2dtCoUnN+2f+LAitEQi6iRdUFu
vGM1YRM3jjDhKe0QFMH8d80LY6rCRAHkTqF9zvmmrxngTUU4M/MB58VntC3Svib+
pJ2yk2kZyLzf2eaitJHEGtD62s8otagiDsosLHsCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBSuVbKsDszJmdXRlI5adeTAg70MgTAfBgNVHSMEGDAWgBS2fxuH5nUvRUOb
hSjMlotHcKWg+zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RuOGJoLVoxTDBWRG00VW96SmFMUjNDbG9Qcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvOWZmNDNlLWY4MTctNGViZS1hMGQ5LTdhMTg5MzFkOTg1Yi8x
L3JsV3lyQTdNeVpuVjBaU09Xblhrd0lPOURJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
OWZmNDNlLWY4MTctNGViZS1hMGQ5LTdhMTg5MzFkOTg1Yi8xL3RuOGJoLVoxTDBW
RG00VW96SmFMUjNDbG9Qcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEArmYEDAMAwQAw/KjAwQBw/KkMA0E
AgACMAcDBQMqB3zAMA0GCSqGSIb3DQEBCwUAA4IBAQBUfFMU9F0MEbAmdRsyBy3e
607zlawx1PtvPVT0AQA3hCgk+Ii16VBC2mJVmlNRTgQ8PUKhhq2SPJMxk9/vOExk
L4tHwHOLegqlQZuvxQQbwtVLtam69tw3cjB9hJyKseuevcEGwMGeR4Z/vIBT26AS
96/mO7iIzPaMUl/RC8qN6+nGYTWzV0l98EPPJhhviuV0Tgz0MU0dvTsZV/pnRzyw
GeWMjXTrYS9P+xSCrLsSXZ00Sm/tcz2XrcMBJvR2FTbItGhyWeoTGupx3Knm7SIY
3jGKEULTO8RFl+WvC4VSbXORp8aDq0l/UBbJIey1F+CTcvC0pfX2kKbCepgCS8Zl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:26 2024 by rpki-client on console-ams.rpki-client.org