Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2iTYPh3BBVnc_muWZ3dVI0Bas8c.roa
File: 2iTYPh3BBVnc_muWZ3dVI0Bas8c.roa (raw, json)
Hash identifier: bAkJNOZJVAtdIJrTyKQxIejQCIEmqHlON5qHpLNPM8g=
Subject key identifier: DA:24:D8:3E:1D:C1:05:59:DC:FE:6B:96:67:77:55:23:40:5A:B3:C7
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183BEC9D7C1BAC22E2FA3FCBB5F48CE5C22
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2iTYPh3BBVnc_muWZ3dVI0Bas8c.roa
Signing time: Sun 09 Oct 2022 22:07:22 +0000
ROA not before: Sun 09 Oct 2022 22:07:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
193.58.239.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0e:97c6:4000::/34 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:be:c9:d7:c1:ba:c2:2e:2f:a3:fc:bb:5f:48:ce:5c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 9 22:07:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da24d83e1dc10559dcfe6b9667775523405ab3c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:fc:ea:f1:eb:19:6f:66:1c:1f:76:43:f4:
49:d7:c1:23:05:cc:27:f8:17:73:7c:30:d6:e1:37:
61:5b:d8:65:21:7b:0d:ee:0a:b5:5c:49:6b:e4:89:
36:8b:95:9a:91:ff:e5:87:b0:2c:6b:88:5a:18:42:
26:9a:19:2c:76:ab:ed:b1:fc:21:4e:b2:d7:bf:5e:
83:0b:8e:1e:82:94:86:7a:19:b2:8c:5c:9e:8a:c4:
f1:df:dc:4d:a0:e0:0f:d5:a2:2b:f7:f5:cf:3a:24:
dd:fb:ea:af:1f:1e:4a:75:c0:12:82:1f:cd:65:c4:
d7:d1:56:76:7c:e0:1b:d4:0e:ae:85:c4:ed:f1:ae:
29:4a:1a:18:99:67:a4:02:33:56:e5:c9:cf:77:1d:
51:89:d6:c3:b4:57:45:a2:74:dc:e3:47:81:85:79:
ec:1a:82:5c:a0:8a:7b:d8:7e:2c:87:18:0f:a0:fc:
53:c4:f5:28:c7:dc:36:99:9b:01:3f:97:ed:c9:74:
4d:0d:20:fe:8c:45:e1:a0:80:c1:dc:ee:96:52:75:
cc:7f:96:7f:97:f8:f2:d4:78:7c:6d:45:33:5e:5f:
c5:e8:6a:8f:0e:b5:65:9b:94:44:ab:bd:94:66:2a:
b9:66:ed:19:c4:c3:16:62:eb:5e:87:b8:6e:a6:05:
76:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:24:D8:3E:1D:C1:05:59:DC:FE:6B:96:67:77:55:23:40:5A:B3:C7
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/2iTYPh3BBVnc_muWZ3dVI0Bas8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
193.58.239.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c6:4000::/34
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
73:e4:df:6e:76:ab:58:d7:b2:2a:43:b2:4b:da:35:ae:76:fd:
f8:cc:1e:21:ae:39:9f:f4:11:5a:13:0e:6b:9e:04:f4:ba:17:
47:00:ae:57:8e:c8:81:09:6b:e1:2d:ff:64:d6:db:d4:e6:ee:
bc:c8:05:da:4d:cc:ef:59:f9:b4:7e:23:9d:d2:f4:d4:a6:3a:
09:d7:7c:97:a7:26:b1:10:c8:5d:e7:dd:a0:fd:f8:74:29:85:
bd:ee:4c:f6:9a:a3:49:9d:a2:27:90:e8:0d:78:0b:db:dc:6c:
ff:55:8f:13:c2:a5:c2:47:b0:e3:29:fc:15:b2:f1:d8:a5:7a:
04:57:ae:51:63:9f:e8:92:f8:39:0e:3c:d5:e0:5c:5a:74:08:
6b:a0:ba:6f:41:fe:98:ec:82:c8:07:85:c9:e7:03:53:9d:72:
ad:91:ad:f3:e6:ae:fc:73:ca:a9:26:57:e3:ae:a7:4b:94:01:
50:40:8c:6c:a5:07:cf:00:72:07:16:d8:15:37:03:d6:72:75:
e7:c1:bf:5a:ed:e7:ed:5d:a3:56:55:4d:22:24:44:68:4d:bf:
02:de:92:99:a3:c6:96:c1:d0:4f:80:04:4b:47:11:01:83:e5:
ee:70:b1:3b:30:45:0f:d0:2c:dc:ed:a9:3b:06:c4:45:25:cc:
82:1a:1d:e6
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYO+ydfBusIuL6P8u19IzlwiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDA5MjIwNzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTI0ZDgzZTFkYzEwNTU5ZGNmZTZiOTY2Nzc3NTUyMzQwNWFiM2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAz86vHrGW9mHB92Q/RJ18EjBcwn
+BdzfDDW4TdhW9hlIXsN7gq1XElr5Ik2i5Wakf/lh7Asa4haGEImmhksdqvtsfwh
TrLXv16DC44egpSGehmyjFyeisTx39xNoOAP1aIr9/XPOiTd++qvHx5KdcASgh/N
ZcTX0VZ2fOAb1A6uhcTt8a4pShoYmWekAjNW5cnPdx1RidbDtFdFonTc40eBhXns
GoJcoIp72H4shxgPoPxTxPUox9w2mZsBP5ftyXRNDSD+jEXhoIDB3O6WUnXMf5Z/
l/jy1Hh8bUUzXl/F6GqPDrVlm5REq72UZiq5Zu0ZxMMWYuteh7hupgV2hwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFNok2D4dwQVZ3P5rlmd3VSNAWrPHMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvMmlUWVBoM0JCVm5jX211V1ozZFZJMEJhczhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDA8BAIAATA2AwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwTrvAwQAwjJcAwQAwjJeAwQAwjJv
MHQEAgACMG4DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8AC
YAMGACoOl8ECAwYGKg6XxkADBwAqDrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YDBwAq
D+QEAQIDBwQqEMxAAcADBgQqEMxGEDANBgkqhkiG9w0BAQsFAAOCAQEAc+Tfbnar
WNeyKkOyS9o1rnb9+MweIa45n/QRWhMOa54E9LoXRwCuV47IgQlr4S3/ZNbb1Obu
vMgF2k3M71n5tH4jndL01KY6Cdd8l6cmsRDIXefdoP34dCmFve5M9pqjSZ2iJ5Do
DXgL29xs/1WPE8Klwkew4yn8FbLx2KV6BFeuUWOf6JL4OQ481eBcWnQIa6C6b0H+
mOyCyAeFyecDU51yrZGt8+au/HPKqSZX466nS5QBUECMbKUHzwByBxbYFTcD1nJ1
58G/Wu3n7V2jVlVNIiREaE2/At6SmaPGlsHQT4AES0cRAYPl7nCxOzBFD9As3O2p
OwbERSXMghod5g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:12 2023 by rpki-client on console-fra.rpki-client.org