Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C1KUuMF9FzgFXXl0yUkOwcvxup8.roa
File: C1KUuMF9FzgFXXl0yUkOwcvxup8.roa (raw, json)
Hash identifier: VMQRIrjGzGRB6izExnt9wJ3yDEOdBbyoGRyY0CqDASk=
Subject key identifier: 0B:52:94:B8:C1:7D:17:38:05:5D:79:74:C9:49:0E:C1:CB:F1:BA:9F
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0183DDC71DF37099F83B22D2A00C4ABA4724
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C1KUuMF9FzgFXXl0yUkOwcvxup8.roa
Signing time: Sat 15 Oct 2022 22:32:37 +0000
ROA not before: Sat 15 Oct 2022 22:32:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:dd:c7:1d:f3:70:99:f8:3b:22:d2:a0:0c:4a:ba:47:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 15 22:32:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b5294b8c17d1738055d7974c9490ec1cbf1ba9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6f:11:06:0e:db:e8:38:b0:fb:7d:2d:7d:31:
5a:88:f3:22:8c:f5:97:82:cf:de:f6:5b:23:d0:7d:
3f:8c:ef:db:ba:7f:92:d9:80:e5:0c:4b:59:c7:88:
83:f5:ca:0d:9d:a3:d0:05:5e:fc:ca:b9:0e:51:01:
d6:91:a9:e3:8a:d6:dc:36:4b:40:0c:b2:26:87:65:
c4:91:26:3c:c9:d5:3d:97:fa:f7:42:71:36:f3:19:
24:8a:a8:9c:fb:2f:54:fc:52:5c:34:5d:c3:b5:8d:
83:c2:85:d4:c7:5d:ed:b7:f5:ab:c4:e9:0d:6a:e8:
d3:d7:13:34:de:60:93:39:af:50:a5:07:60:2a:ea:
6c:60:1c:86:e6:95:05:1d:60:73:79:c7:70:c1:c2:
7c:d4:a7:00:3c:31:a1:59:d1:83:81:cd:50:ed:54:
ed:85:64:83:33:b7:2f:fb:59:6d:cd:f8:a6:00:c1:
ef:69:f3:dd:b5:db:7d:a0:fc:00:f3:05:fa:85:54:
8c:2f:72:93:a8:f5:d6:22:1f:2f:dc:82:bb:f3:76:
ae:2c:38:45:14:b3:af:a5:02:bb:54:fd:8d:fc:2c:
53:f2:22:c1:0a:06:5b:6e:e7:f4:e0:5f:cf:0a:42:
58:69:a8:6f:77:50:be:a3:36:9a:2b:bc:6d:44:53:
d0:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:52:94:B8:C1:7D:17:38:05:5D:79:74:C9:49:0E:C1:CB:F1:BA:9F
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/C1KUuMF9FzgFXXl0yUkOwcvxup8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
b4:36:37:2c:36:f4:04:79:9e:a2:4e:be:61:6a:74:e9:d1:cf:
d4:32:a6:51:a3:a1:f4:60:85:cc:02:c0:ba:f7:ea:9f:11:16:
c5:af:d4:d9:ff:72:ed:ec:c3:98:58:d6:b6:c9:2e:ac:8c:5b:
80:81:ea:c1:11:fc:e0:19:f3:60:9a:0e:ec:04:eb:b3:ce:17:
3e:9b:b5:06:a8:a1:80:ca:4c:1c:72:d3:12:cc:be:8b:4f:05:
03:17:d3:d3:58:ff:a7:d8:a3:c2:26:dd:9a:e7:5e:1f:5c:c6:
22:02:a9:08:c0:da:f8:69:43:32:f2:db:ad:f6:c3:fe:b8:5c:
a7:31:c7:5e:26:a0:14:3a:33:91:84:a8:23:ff:e3:66:54:93:
02:b5:20:08:6a:47:b9:a8:2e:64:93:5b:08:94:04:3b:c3:6a:
16:a8:3b:0f:1c:b1:c5:8e:fe:d1:03:2b:c8:27:94:94:38:99:
68:f4:32:2e:22:d9:b6:88:0f:80:53:d3:94:9c:2f:c0:d0:6b:
d5:0f:6c:92:8e:38:0a:64:7f:d4:86:b6:a8:f6:fe:a0:ea:fa:
06:0f:84:48:01:8c:30:89:e6:32:15:22:22:95:04:09:06:f4:
94:a0:ed:f5:54:71:53:9f:84:a3:59:f3:a5:c2:65:57:ad:d7:
8b:e6:f3:1f
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYPdxx3zcJn4OyLSoAxKukckMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDE1MjIzMjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjUyOTRiOGMxN2QxNzM4MDU1ZDc5NzRjOTQ5MGVjMWNiZjFiYTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmm8RBg7b6Diw+30tfTFaiPMijPWX
gs/e9lsj0H0/jO/bun+S2YDlDEtZx4iD9coNnaPQBV78yrkOUQHWkanjitbcNktA
DLImh2XEkSY8ydU9l/r3QnE28xkkiqic+y9U/FJcNF3DtY2DwoXUx13tt/WrxOkN
aujT1xM03mCTOa9QpQdgKupsYByG5pUFHWBzecdwwcJ81KcAPDGhWdGDgc1Q7VTt
hWSDM7cv+1ltzfimAMHvafPdtdt9oPwA8wX6hVSML3KTqPXWIh8v3IK783auLDhF
FLOvpQK7VP2N/CxT8iLBCgZbbuf04F/PCkJYaahvd1C+ozaaK7xtRFPQRQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFAtSlLjBfRc4BV15dMlJDsHL8bqfMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQzFLVXVNRjlGemdGWFhsMHlVa093Y3Z4dXA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjA2BAIAATAwAwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJvMGwEAgAC
MGYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcAKg/kBAECAwcEKhDMQAHA
AwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBALQ2Nyw29AR5nqJOvmFqdOnRz9Qy
plGjofRghcwCwLr36p8RFsWv1Nn/cu3sw5hY1rbJLqyMW4CB6sER/OAZ82CaDuwE
67POFz6btQaooYDKTBxy0xLMvotPBQMX09NY/6fYo8Im3ZrnXh9cxiICqQjA2vhp
QzLy2632w/64XKcxx14moBQ6M5GEqCP/42ZUkwK1IAhqR7moLmSTWwiUBDvDahao
Ow8cscWO/tEDK8gnlJQ4mWj0Mi4i2baID4BT05ScL8DQa9UPbJKOOApkf9SGtqj2
/qDq+gYPhEgBjDCJ5jIVIiKVBAkG9JSg7fVUcVOfhKNZ86XCZVet14vm8x8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:56 2023 by rpki-client on console-ams.rpki-client.org