Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mi4M1xlJY7scVUpmVqXPNIUfyeI.roa
File: mi4M1xlJY7scVUpmVqXPNIUfyeI.roa (raw, json)
Hash identifier: QyLvdhULvcx3GY0TiW2oMYAWNnsvMYoETgREh+V2KMU=
Subject key identifier: 9A:2E:0C:D7:19:49:63:BB:1C:55:4A:66:56:A5:CF:34:85:1F:C9:E2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182DD4A4B8939331C0AA52784B58DFA630A
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mi4M1xlJY7scVUpmVqXPNIUfyeI.roa
Signing time: Sat 27 Aug 2022 03:13:29 +0000
ROA not before: Sat 27 Aug 2022 03:13:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
193.58.239.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c7:400::/38 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:dd:4a:4b:89:39:33:1c:0a:a5:27:84:b5:8d:fa:63:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 27 03:13:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a2e0cd7194963bb1c554a6656a5cf34851fc9e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:be:d8:00:54:14:34:44:98:55:e1:83:44:fb:
52:6d:9e:0e:5d:2d:2c:80:86:fd:0c:94:f5:48:62:
af:13:e1:3a:64:7b:3b:b6:32:1e:b2:0a:20:4e:3c:
7c:87:f5:40:39:f9:2b:25:dd:ac:f9:11:7a:79:a4:
25:d4:f7:4d:e5:a4:a4:22:51:4e:41:5a:4a:b8:6e:
14:a3:14:2b:ec:af:df:64:81:ee:70:02:70:2b:ce:
01:21:54:bf:52:88:7d:41:7d:25:5f:7f:16:8e:4e:
0c:be:12:41:23:ca:e6:b5:46:4d:0e:26:8f:a1:a8:
a0:d4:3d:cb:60:68:f9:bb:bf:1c:c2:2e:b3:e9:16:
28:a8:3f:69:d3:7d:03:19:a1:b0:83:86:2f:a0:04:
42:5f:cf:25:ab:ab:d9:a1:70:ea:ea:c1:e1:71:63:
29:9b:d9:c1:cc:64:4f:e4:2b:cd:ea:cc:1e:82:0b:
02:30:d8:31:60:d6:21:63:da:d4:cc:65:77:be:7a:
b1:eb:10:b6:82:33:dc:85:6a:31:1d:c9:fa:98:a2:
6f:f1:02:35:d9:d9:59:77:ee:19:01:13:18:68:65:
7e:03:d5:c1:03:f7:55:7c:37:5e:db:40:ba:6f:e6:
d3:98:c9:1c:0b:e2:97:3d:25:ca:8f:a8:9c:f0:fc:
fb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2E:0C:D7:19:49:63:BB:1C:55:4A:66:56:A5:CF:34:85:1F:C9:E2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/mi4M1xlJY7scVUpmVqXPNIUfyeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
193.58.239.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c7:400::/38
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
Signature Algorithm: sha256WithRSAEncryption
b8:ef:7e:89:d1:4a:84:13:bb:c9:df:3e:c7:4e:29:d0:18:d3:
9f:37:8d:09:6b:66:c0:c9:7c:a0:b1:f4:24:41:6e:14:dd:93:
6c:5b:3a:a1:4d:d8:65:fe:b4:d4:b5:09:89:a0:db:2b:ee:97:
a7:19:51:de:97:70:3b:e4:de:58:43:00:7e:ab:5b:43:4d:fb:
17:6b:a6:86:a5:4a:46:2f:6c:0b:84:90:94:ac:da:ce:d7:b6:
1d:d3:27:21:f7:db:0c:8a:2b:8e:e2:b9:37:ab:1b:6b:e5:94:
75:e2:2c:13:03:71:d3:52:05:2e:5a:9b:78:cc:f7:73:38:27:
f4:e2:81:53:09:cd:12:19:32:6c:85:9a:4d:a7:16:f2:c6:fb:
65:50:5c:9c:ac:cd:ba:bb:06:4d:d8:c9:af:b9:a7:ca:34:8e:
47:2b:18:c8:e9:fc:af:3f:39:4e:b5:ff:b9:1b:66:81:ca:6c:
92:a7:56:5a:54:17:7b:32:51:a4:bc:aa:d2:89:52:6a:0a:9b:
77:c6:a9:f5:5b:68:6c:57:ec:48:fa:c4:fc:19:63:36:24:9f:
4e:c7:3e:14:49:27:5f:0a:6c:72:bc:81:d0:ed:4e:9a:35:0b:
d6:94:a8:d7:28:11:cd:67:f0:e7:c1:b1:13:8d:25:f6:5d:5c:
7f:e4:f5:31
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYLdSkuJOTMcCqUnhLWN+mMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODI3MDMxMzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJlMGNkNzE5NDk2M2JiMWM1NTRhNjY1NmE1Y2YzNDg1MWZjOWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL7YAFQUNESYVeGDRPtSbZ4OXS0s
gIb9DJT1SGKvE+E6ZHs7tjIesgogTjx8h/VAOfkrJd2s+RF6eaQl1PdN5aSkIlFO
QVpKuG4UoxQr7K/fZIHucAJwK84BIVS/Uoh9QX0lX38Wjk4MvhJBI8rmtUZNDiaP
oaig1D3LYGj5u78cwi6z6RYoqD9p030DGaGwg4YvoARCX88lq6vZoXDq6sHhcWMp
m9nBzGRP5CvN6sweggsCMNgxYNYhY9rUzGV3vnqx6xC2gjPchWoxHcn6mKJv8QI1
2dlZd+4ZARMYaGV+A9XBA/dVfDde20C6b+bTmMkcC+KXPSXKj6ic8Pz7rwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFJouDNcZSWO7HFVKZlalzzSFH8niMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbWk0TTF4bEpZN3NjVlVwbVZxWFBOSVVmeWVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjA2BAIAATAwAwQCLYiI
AwQAVcrLAwQAXrF6AwQCixxgAwQAwTrvAwQAwjJcAwQAwjJeAwQAwjJvMGQEAgAC
MF4DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGAioO
l8cEAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcAKg/kBAECAwcEKhDMQAHA
MA0GCSqGSIb3DQEBCwUAA4IBAQC4736J0UqEE7vJ3z7HTinQGNOfN40Ja2bAyXyg
sfQkQW4U3ZNsWzqhTdhl/rTUtQmJoNsr7penGVHel3A75N5YQwB+q1tDTfsXa6aG
pUpGL2wLhJCUrNrO17Yd0ych99sMiiuO4rk3qxtr5ZR14iwTA3HTUgUuWpt4zPdz
OCf04oFTCc0SGTJshZpNpxbyxvtlUFycrM26uwZN2MmvuafKNI5HKxjI6fyvPzlO
tf+5G2aBymySp1ZaVBd7MlGkvKrSiVJqCpt3xqn1W2hsV+xI+sT8GWM2JJ9Oxz4U
SSdfCmxyvIHQ7U6aNQvWlKjXKBHNZ/DnwbETjSX2XVx/5PUx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org