Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SXABi9SO67Qv0DYQ1kB2gc88yME.roa
File: SXABi9SO67Qv0DYQ1kB2gc88yME.roa (raw, json)
Hash identifier: wXsIp+Gv00HLx6UK9YRARRcwhSCZkfuLFYRt/0IoGPA=
Subject key identifier: 49:70:01:8B:D4:8E:EB:B4:2F:D0:36:10:D6:40:76:81:CF:3C:C8:C1
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018411621B6D97A5890094896F761B7CE59B
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SXABi9SO67Qv0DYQ1kB2gc88yME.roa
Signing time: Tue 25 Oct 2022 23:02:32 +0000
ROA not before: Tue 25 Oct 2022 23:02:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0e:97c6:4000::/34 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:800::/37 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:11:62:1b:6d:97:a5:89:00:94:89:6f:76:1b:7c:e5:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 25 23:02:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4970018bd48eebb42fd03610d6407681cf3cc8c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e6:e0:58:e6:2f:37:b2:ff:6a:29:b4:67:0f:
18:60:60:b9:46:3b:f0:e0:3a:5e:5f:12:1a:41:81:
9b:fc:1c:1e:fe:3a:0d:4a:81:a0:55:52:cd:3e:15:
95:9f:0a:3b:33:71:7b:4c:08:62:65:0a:18:34:a7:
c4:80:c1:34:a1:76:e5:93:c6:13:b2:79:d5:8b:ef:
6d:06:57:90:6a:20:61:df:db:ae:7e:7a:ef:1d:ba:
e4:71:af:c3:63:59:29:11:5c:3f:43:3e:eb:6b:9d:
72:81:87:0c:cf:65:7e:80:e7:4e:a2:0d:fa:08:1a:
78:d2:0b:6e:ca:e3:88:5b:b8:e0:ab:22:68:ec:7c:
1f:00:88:71:5a:92:7c:99:49:ea:46:25:04:fa:36:
7f:83:2c:fa:90:3c:ab:ac:b9:04:82:00:92:00:cf:
3f:b2:65:12:23:8a:bd:47:03:e8:54:df:6c:00:be:
ec:bd:21:20:05:d4:ac:50:7f:f7:7b:9b:02:36:fc:
dc:55:b1:7a:b7:91:0a:e1:3b:8d:ce:1e:e3:b4:47:
89:47:e8:b0:e0:1d:5f:02:0b:71:11:01:33:30:70:
d4:fc:ac:fb:ce:27:84:a6:20:00:b8:9e:5d:de:12:
3f:a8:29:a3:7f:90:a5:f3:b8:f7:0a:a1:96:84:7c:
d4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:70:01:8B:D4:8E:EB:B4:2F:D0:36:10:D6:40:76:81:CF:3C:C8:C1
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/SXABi9SO67Qv0DYQ1kB2gc88yME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c1:800::/37
2a0e:97c6:4000::/34
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
2d:a8:7d:02:d0:05:69:a1:58:98:9e:c6:0f:db:82:0d:2e:06:
92:0f:51:eb:74:6b:8d:f5:52:76:b6:3c:08:1b:0d:4b:58:ef:
33:45:29:92:83:d9:f0:ed:3c:22:84:dc:9f:d8:26:20:23:33:
67:c0:67:7e:ff:2b:88:db:85:22:7d:59:9a:c7:4e:0c:95:62:
92:25:1d:56:6a:f9:d8:6c:db:db:e7:ea:85:3c:30:55:77:72:
4b:31:b0:f8:af:1e:b8:fc:9d:88:3d:54:2e:50:f1:03:a2:aa:
7e:59:55:4f:26:6c:75:80:6a:e6:2e:43:04:f4:91:2b:77:28:
2c:f8:a2:83:5f:b2:2f:c0:ff:a2:3e:a4:1a:25:ef:75:73:de:
b9:2c:6f:35:5d:62:f3:c1:bf:27:84:6a:a9:43:2c:1c:a7:7b:
27:45:1c:a1:0d:d1:c3:0f:ed:78:13:93:55:a5:7b:9b:b2:91:
14:78:ca:e0:80:ee:da:aa:80:df:f4:5e:7a:c4:f6:62:ca:91:
6d:3b:62:7b:53:67:09:48:1b:e8:43:9b:cf:1a:23:64:ff:99:
c9:e6:de:dc:87:e0:1f:fd:5f:fa:7b:cf:65:d0:24:8a:ce:7a:
92:69:38:9f:59:1a:7e:33:84:ce:fe:e7:c0:4d:b0:16:e5:d0:
e1:04:d7:09
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYQRYhttl6WJAJSJb3YbfOWbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDI1MjMwMjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTcwMDE4YmQ0OGVlYmI0MmZkMDM2MTBkNjQwNzY4MWNmM2NjOGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhObgWOYvN7L/aim0Zw8YYGC5Rjvw
4DpeXxIaQYGb/Bwe/joNSoGgVVLNPhWVnwo7M3F7TAhiZQoYNKfEgME0oXblk8YT
snnVi+9tBleQaiBh39uufnrvHbrkca/DY1kpEVw/Qz7ra51ygYcMz2V+gOdOog36
CBp40gtuyuOIW7jgqyJo7HwfAIhxWpJ8mUnqRiUE+jZ/gyz6kDyrrLkEggCSAM8/
smUSI4q9RwPoVN9sAL7svSEgBdSsUH/3e5sCNvzcVbF6t5EK4TuNzh7jtEeJR+iw
4B1fAgtxEQEzMHDU/Kz7zieEpiAAuJ5d3hI/qCmjf5Cl87j3CqGWhHzUdQIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFElwAYvUjuu0L9A2ENZAdoHPPMjBMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvU1hBQmk5U082N1F2MERZUTFrQjJnYzg4eU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjA2BAIAATAwAwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJvMHwEAgAC
MHYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwYDKg6XwQgDBgYqDpfGQAMHACoOsQcJ8gMHACoOsQcRZQMHACoOsQcXhgMH
ACoP5AQBAgMHBCoQzEABwAMGBCoQzEYQMA0GCSqGSIb3DQEBCwUAA4IBAQAtqH0C
0AVpoViYnsYP24INLgaSD1HrdGuN9VJ2tjwIGw1LWO8zRSmSg9nw7TwihNyf2CYg
IzNnwGd+/yuI24UifVmax04MlWKSJR1WavnYbNvb5+qFPDBVd3JLMbD4rx64/J2I
PVQuUPEDoqp+WVVPJmx1gGrmLkME9JErdygs+KKDX7IvwP+iPqQaJe91c965LG81
XWLzwb8nhGqpQywcp3snRRyhDdHDD+14E5NVpXubspEUeMrggO7aqoDf9F56xPZi
ypFtO2J7U2cJSBvoQ5vPGiNk/5nJ5t7ch+Af/V/6e89l0CSKznqSaTifWRp+M4TO
/ufATbAW5dDhBNcJ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-fra.rpki-client.org