Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fD82h6BIYPyHKfws_rR_WqHR72k.roa
File: fD82h6BIYPyHKfws_rR_WqHR72k.roa (raw, json)
Hash identifier: dtox2NCtNq0velnNr02+PzVJ4edvYHpCws2p0SQmvXY=
Subject key identifier: 7C:3F:36:87:A0:48:60:FC:87:29:FC:2C:FE:B4:7F:5A:A1:D1:EF:69
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01846B8F9B1C8EDBE3209C45676B9EC77CAE
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fD82h6BIYPyHKfws_rR_WqHR72k.roa
Signing time: Sat 12 Nov 2022 11:18:04 +0000
ROA not before: Sat 12 Nov 2022 11:18:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6b:8f:9b:1c:8e:db:e3:20:9c:45:67:6b:9e:c7:7c:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 12 11:18:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c3f3687a04860fc8729fc2cfeb47f5aa1d1ef69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0a:0a:2b:48:88:79:7f:f3:ec:10:d8:71:28:
78:c4:0a:0d:a1:a9:8e:5a:68:4b:70:b6:9c:c1:0a:
57:e6:c3:a6:f0:3e:31:2b:61:94:16:7c:81:35:f5:
dc:4f:e0:1e:5e:08:97:79:2a:c2:58:89:17:55:31:
14:15:20:fd:fe:d9:aa:1a:21:15:cc:e7:22:9e:1f:
e0:a1:2c:97:79:b2:ca:21:47:52:78:b2:fe:f5:e2:
e9:b5:98:d1:2f:cc:f7:eb:9b:c6:12:36:ab:67:ec:
83:fe:76:3b:8c:52:5d:a8:97:07:ab:b4:23:48:b0:
04:37:07:06:71:4d:d6:88:90:a7:5d:2f:d3:18:ad:
72:05:2b:75:80:d8:92:47:0a:ef:5b:32:94:f3:99:
5f:af:5f:89:b1:2b:56:40:84:b9:f0:e3:8d:8c:9d:
1d:06:45:87:e7:ce:b6:aa:8b:11:23:dc:85:75:3e:
32:f3:b6:f9:67:31:81:b2:a3:93:ff:6c:b7:80:06:
ef:ba:22:4c:dc:0b:32:45:ce:38:1a:c3:82:60:6f:
5f:af:33:06:d1:e5:2e:34:98:42:e9:86:6f:44:f7:
c4:3e:47:e2:f5:48:12:f6:c9:e1:7d:c1:b8:41:c7:
28:6f:4d:38:52:5b:be:81:b5:54:27:e0:3b:f2:f3:
85:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:3F:36:87:A0:48:60:FC:87:29:FC:2C:FE:B4:7F:5A:A1:D1:EF:69
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/fD82h6BIYPyHKfws_rR_WqHR72k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
b3:46:cb:a2:3a:24:ea:95:f5:2a:41:8a:7c:f6:7d:ef:ee:e4:
89:19:55:ea:22:65:e4:da:eb:61:0d:0f:38:81:b0:a0:66:76:
a9:34:9b:68:9e:22:52:91:dd:e7:f3:c4:6c:30:b8:88:d4:f9:
1d:59:13:fb:ee:b8:67:38:dd:ee:79:fd:49:c0:86:5a:4d:8e:
72:18:5c:46:14:83:91:96:47:29:e4:5f:b3:01:d9:f9:71:b9:
eb:cf:09:48:4e:cf:c3:0a:14:80:0a:a6:51:7d:69:10:93:40:
98:bd:d4:2a:5a:9b:eb:0b:82:6c:ea:98:c6:30:fa:bb:db:32:
58:a2:ac:22:64:e2:a6:31:16:69:54:2f:0a:31:15:4e:20:77:
36:5d:80:74:25:19:82:c5:a5:de:d7:b0:35:c9:ee:18:c6:f5:
8b:37:c4:ed:ba:d2:77:a3:ea:81:6d:d5:04:58:0f:d5:97:bb:
ff:f7:a4:30:b6:8a:ab:f3:6a:27:cf:d1:41:98:2b:39:22:e3:
9c:e8:d9:3d:e3:79:18:e8:41:2e:59:3e:c4:50:d3:dd:c1:d5:
1f:1c:cd:17:ac:be:89:db:02:70:4d:ba:d0:3e:f3:36:ba:fc:
18:9c:36:b8:8e:80:ad:9b:36:7c:13:ff:f2:a3:41:31:f8:04:
da:91:80:6e
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYRrj5scjtvjIJxFZ2uex3yuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTEyMTExODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzNmMzY4N2EwNDg2MGZjODcyOWZjMmNmZWI0N2Y1YWExZDFlZjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwoKK0iIeX/z7BDYcSh4xAoNoamO
WmhLcLacwQpX5sOm8D4xK2GUFnyBNfXcT+AeXgiXeSrCWIkXVTEUFSD9/tmqGiEV
zOcinh/goSyXebLKIUdSeLL+9eLptZjRL8z365vGEjarZ+yD/nY7jFJdqJcHq7Qj
SLAENwcGcU3WiJCnXS/TGK1yBSt1gNiSRwrvWzKU85lfr1+JsStWQIS58OONjJ0d
BkWH5862qosRI9yFdT4y87b5ZzGBsqOT/2y3gAbvuiJM3AsyRc44GsOCYG9frzMG
0eUuNJhC6YZvRPfEPkfi9UgS9snhfcG4Qccob004Ulu+gbVUJ+A78vOFwQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFHw/NoegSGD8hyn8LP60f1qh0e9pMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvZkQ4Mmg2QklZUHlIS2Z3c19yUl9XcUhSNzJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjA2BAIAATAwAwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJvMGwEAgAC
MGYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcAKg/kBAECAwcEKhDMQAHA
AwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBALNGy6I6JOqV9SpBinz2fe/u5IkZ
VeoiZeTa62ENDziBsKBmdqk0m2ieIlKR3efzxGwwuIjU+R1ZE/vuuGc43e55/UnA
hlpNjnIYXEYUg5GWRynkX7MB2flxuevPCUhOz8MKFIAKplF9aRCTQJi91Cpam+sL
gmzqmMYw+rvbMliirCJk4qYxFmlULwoxFU4gdzZdgHQlGYLFpd7XsDXJ7hjG9Ys3
xO260nej6oFt1QRYD9WXu//3pDC2iqvzaifP0UGYKzki45zo2T3jeRjoQS5ZPsRQ
093B1R8czResvonbAnBNutA+8za6/BicNriOgK2bNnwT//KjQTH4BNqRgG4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org