Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/r20fIszgEcU_gD05OJhQt-4g8Js.roa
File: r20fIszgEcU_gD05OJhQt-4g8Js.roa (raw, json)
Hash identifier: FmwA8bfOsv8jsXWAjLMIE4pdY63OD8uUablsj+mncY8=
Subject key identifier: AF:6D:1F:22:CC:E0:11:C5:3F:80:3D:39:38:98:50:B7:EE:20:F0:9B
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01840D5BE8668A2B86A0FA177556AA772B30
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/r20fIszgEcU_gD05OJhQt-4g8Js.roa
Signing time: Tue 25 Oct 2022 04:17:17 +0000
ROA not before: Tue 25 Oct 2022 04:17:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a10:cc46:1000::/36 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:5b:e8:66:8a:2b:86:a0:fa:17:75:56:aa:77:2b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Oct 25 04:17:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af6d1f22cce011c53f803d39389850b7ee20f09b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:11:5a:a8:cb:a9:5c:00:9f:48:4c:20:4d:7c:
2b:69:31:ed:be:31:f2:2d:84:98:c4:71:bf:b8:5f:
4f:1b:ec:02:15:1e:d3:52:b6:59:fe:0a:60:a3:4a:
87:87:38:22:f4:4e:56:eb:8d:0c:88:4d:7a:54:ce:
c6:de:d5:d9:e4:13:44:86:82:7a:f9:94:b1:ff:29:
6f:c8:a3:59:c2:c1:c6:c6:74:bc:b2:f2:07:b0:5e:
a2:c3:72:18:a4:7f:f3:ff:13:60:ad:8f:6d:e7:51:
01:b3:e8:33:ab:d1:55:10:a3:25:0a:7e:49:9d:24:
92:9b:d2:a5:1b:8f:a3:c3:ac:23:3b:0d:3b:86:69:
d2:7d:51:33:1d:2b:4e:69:ae:6a:f3:f6:3c:95:aa:
c3:41:8c:0f:d2:b9:96:e5:21:e7:9f:50:b8:23:71:
29:67:14:fb:6b:03:f1:3a:ba:1a:4b:21:65:68:a6:
e7:06:05:5a:e5:31:64:53:c9:39:dd:6a:30:93:19:
f4:f5:2d:1a:7f:46:49:95:9c:5c:43:c1:7c:5f:e5:
1b:f9:02:76:8b:b9:9a:d9:fd:2f:35:8a:1f:52:99:
09:13:d4:b4:71:ec:c9:0d:de:07:87:77:11:30:2c:
9c:a0:d0:01:dc:29:b0:8b:11:8a:d6:50:48:0f:2a:
c4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:6D:1F:22:CC:E0:11:C5:3F:80:3D:39:38:98:50:B7:EE:20:F0:9B
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/r20fIszgEcU_gD05OJhQt-4g8Js.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
2a10:cc46:1000::/36
Signature Algorithm: sha256WithRSAEncryption
75:c1:1a:51:a0:3a:1b:35:84:92:7c:a8:c8:07:98:01:c7:d7:
22:23:0d:52:b2:0e:be:17:e3:0b:f2:f2:ca:3e:b8:79:10:dd:
a8:0f:dd:37:58:67:3c:f6:a7:50:13:19:dc:7b:89:f8:3a:78:
77:5c:60:c7:59:7d:4b:59:a1:c9:50:87:90:ec:6d:df:3a:61:
ee:18:d9:f1:a8:aa:ff:a5:23:b8:df:5f:cb:b7:aa:de:af:f4:
da:cc:ce:cb:bb:c5:9d:1b:7d:a4:51:7a:85:5e:9e:37:2c:2c:
c9:64:61:8d:7c:84:64:6e:3c:16:0d:3d:54:d5:b3:2f:ce:ec:
d3:64:9a:ca:6c:2e:b6:71:cb:60:b8:37:f0:b1:53:06:d0:47:
cd:04:43:ee:35:f8:66:a8:57:8b:01:36:d0:00:06:ff:5d:c2:
d2:40:10:a8:83:28:48:ce:cb:82:78:f2:3d:2e:46:19:8f:0b:
66:24:cc:73:fd:61:33:be:03:b7:93:9c:25:32:dd:63:93:9c:
9e:b6:f3:15:12:b3:57:eb:d1:f6:7c:04:c7:b4:81:60:b1:cb:
ef:c1:09:81:1c:5e:92:37:7c:d8:49:bb:29:88:95:59:c6:9e:
b1:01:d1:8e:43:26:45:b1:30:e4:13:8d:11:ca:29:2b:49:cf:
67:7e:71:04
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAYQNW+hmiiuGoPoXdVaqdyswMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMDI1MDQxNzE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjZkMWYyMmNjZTAxMWM1M2Y4MDNkMzkzODk4NTBiN2VlMjBmMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhhFaqMupXACfSEwgTXwraTHtvjHy
LYSYxHG/uF9PG+wCFR7TUrZZ/gpgo0qHhzgi9E5W640MiE16VM7G3tXZ5BNEhoJ6
+ZSx/ylvyKNZwsHGxnS8svIHsF6iw3IYpH/z/xNgrY9t51EBs+gzq9FVEKMlCn5J
nSSSm9KlG4+jw6wjOw07hmnSfVEzHStOaa5q8/Y8larDQYwP0rmW5SHnn1C4I3Ep
ZxT7awPxOroaSyFlaKbnBgVa5TFkU8k53Wowkxn09S0af0ZJlZxcQ8F8X+Ub+QJ2
i7ma2f0vNYofUpkJE9S0cezJDd4Hh3cRMCycoNAB3CmwixGK1lBIDyrEgQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFK9tHyLM4BHFP4A9OTiYULfuIPCbMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvcjIwZklzemdFY1VfZ0QwNU9KaFF0LTRnOEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjA2BAIAATAwAwQAHyq3
AwQCLYiIAwQAVcrLAwQAXrF6AwQCixxgAwQAwjJcAwQAwjJeAwQAwjJvMGwEAgAC
MGYDBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGACoO
l8ECAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcAKg/kBAECAwcEKhDMQAHA
AwYEKhDMRhAwDQYJKoZIhvcNAQELBQADggEBAHXBGlGgOhs1hJJ8qMgHmAHH1yIj
DVKyDr4X4wvy8so+uHkQ3agP3TdYZzz2p1ATGdx7ifg6eHdcYMdZfUtZoclQh5Ds
bd86Ye4Y2fGoqv+lI7jfX8u3qt6v9NrMzsu7xZ0bfaRReoVenjcsLMlkYY18hGRu
PBYNPVTVsy/O7NNkmspsLrZxy2C4N/CxUwbQR80EQ+41+GaoV4sBNtAABv9dwtJA
EKiDKEjOy4J48j0uRhmPC2YkzHP9YTO+A7eTnCUy3WOTnJ628xUSs1fr0fZ8BMe0
gWCxy+/BCYEcXpI3fNhJuymIlVnGnrEB0Y5DJkWxMOQTjRHKKStJz2d+cQQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:03 2023 by rpki-client on console-ams.rpki-client.org