Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t62wHIUB-85FPZMJOw2_8BV2nBI.roa
File: t62wHIUB-85FPZMJOw2_8BV2nBI.roa (raw, json)
Hash identifier: zRvGiJaCYmcafz+76yTM+PLMZahUz5ByqaWi64P/LMA=
Subject key identifier: B7:AD:B0:1C:85:01:FB:CE:45:3D:93:09:3B:0D:BF:F0:15:76:9C:12
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0185039A4A45F5A1FB71E0F0B2AF18143961
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t62wHIUB-85FPZMJOw2_8BV2nBI.roa
Signing time: Sun 11 Dec 2022 23:52:01 +0000
ROA not before: Sun 11 Dec 2022 23:52:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25198
IP address blocks: 185.238.189.0/24 maxlen: 24
185.238.190.0/24 maxlen: 24
2a0e:97c0:a80::/44 maxlen: 48
2a0e:97c0:300::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:03:9a:4a:45:f5:a1:fb:71:e0:f0:b2:af:18:14:39:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Dec 11 23:52:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7adb01c8501fbce453d93093b0dbff015769c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:32:c7:0c:e5:ed:50:2b:2b:ab:9d:a9:f2:12:
83:d7:91:7b:d0:d7:0d:e2:42:12:70:6b:10:64:3b:
1d:24:90:c8:ee:c5:a0:78:94:8f:3d:9b:2c:16:d3:
19:04:18:7b:f0:85:be:9d:45:bb:5b:20:9b:79:6d:
21:c2:b4:0a:35:c1:7c:0d:2e:91:71:3f:00:c2:6e:
5f:18:98:de:06:b2:ba:40:4d:78:53:ca:82:6d:f8:
70:25:7a:d4:2a:29:43:89:5e:82:fc:ab:49:23:61:
a2:7b:8a:12:84:f2:6e:85:bb:89:4a:ad:e1:1b:76:
6a:b1:1d:c3:bf:42:a9:bb:c8:cf:cb:af:b1:52:1d:
ec:f6:fa:dd:c0:a5:fb:72:f3:b0:ad:e3:1e:9d:be:
0c:79:ee:ab:bd:a2:7e:b3:01:bf:83:82:f4:f2:cf:
78:71:ae:7b:92:f7:b6:fb:57:72:75:7b:90:39:0d:
ff:4d:9b:a9:fe:a9:98:39:ec:e3:9a:9a:15:14:a6:
74:fa:2b:5f:ae:12:99:c5:7a:e6:e4:5c:52:5c:f2:
83:47:f0:eb:a4:cf:f8:3a:41:ef:58:f0:fc:33:3d:
61:de:9e:6a:10:af:8a:55:36:ed:13:35:c2:1a:7b:
b6:c0:70:03:54:1b:84:83:71:f8:f3:3e:05:82:62:
9f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:AD:B0:1C:85:01:FB:CE:45:3D:93:09:3B:0D:BF:F0:15:76:9C:12
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/t62wHIUB-85FPZMJOw2_8BV2nBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.189.0-185.238.190.255
IPv6:
2a0e:97c0:300::/44
2a0e:97c0:a80::/44
Signature Algorithm: sha256WithRSAEncryption
cb:3e:38:53:a5:4d:11:8a:92:20:66:a9:1c:62:b2:5b:15:29:
fe:83:da:d5:48:dd:64:e0:85:94:5b:c3:10:cb:25:e8:a3:42:
af:6d:8f:e3:b5:c7:7d:0c:53:ad:f9:50:35:84:a9:d4:0c:c1:
ba:5b:63:50:25:ff:db:18:bf:f6:ed:6e:76:9b:19:03:c7:83:
60:48:74:94:a4:0f:36:8a:0e:b2:d3:40:00:28:23:e4:a9:d1:
00:f4:43:cc:01:95:00:51:f7:71:9d:0a:fe:9d:08:ab:20:04:
b6:ce:9a:40:15:21:64:4f:c3:95:34:19:ad:32:fa:a3:80:bc:
37:f2:ad:0f:dd:ee:8f:ad:11:03:66:15:2c:25:fd:2b:11:8c:
00:b1:d0:61:7b:e1:28:41:9b:d6:d7:2e:ef:35:20:df:6c:e5:
b0:a6:cb:9d:0d:6f:2d:6c:3a:21:c5:8d:d0:34:10:f8:69:6a:
6b:d0:7e:54:66:b5:a3:aa:93:af:87:1d:47:7f:94:b1:e1:b1:
f3:e2:7d:a1:8e:5d:9a:09:53:8d:8c:b3:c6:7a:f9:a1:73:c2:
91:28:8f:32:e9:3e:d1:60:be:11:f5:3d:02:ee:ea:87:71:f6:
55:c5:a4:5b:e5:4f:e4:17:4b:54:88:33:1b:12:af:a3:4f:c5:
4c:d1:f2:64
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYUDmkpF9aH7ceDwsq8YFDlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMjExMjM1MjAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2FkYjAxYzg1MDFmYmNlNDUzZDkzMDkzYjBkYmZmMDE1NzY5YzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDLHDOXtUCsrq52p8hKD15F70NcN
4kIScGsQZDsdJJDI7sWgeJSPPZssFtMZBBh78IW+nUW7WyCbeW0hwrQKNcF8DS6R
cT8Awm5fGJjeBrK6QE14U8qCbfhwJXrUKilDiV6C/KtJI2Gie4oShPJuhbuJSq3h
G3ZqsR3Dv0Kpu8jPy6+xUh3s9vrdwKX7cvOwreMenb4Mee6rvaJ+swG/g4L08s94
ca57kve2+1dydXuQOQ3/TZup/qmYOezjmpoVFKZ0+itfrhKZxXrm5FxSXPKDR/Dr
pM/4OkHvWPD8Mz1h3p5qEK+KVTbtEzXCGnu2wHADVBuEg3H48z4FgmKfNwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLetsByFAfvORT2TCTsNv/AVdpwSMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvdDYyd0hJVUItODVGUFpNSk93Ml84QlYybkJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAUBAIAATAOMAwDBAC57r0D
BAC57r4wGAQCAAIwEgMHBCoOl8ADAAMHBCoOl8AKgDANBgkqhkiG9w0BAQsFAAOC
AQEAyz44U6VNEYqSIGapHGKyWxUp/oPa1UjdZOCFlFvDEMsl6KNCr22P47XHfQxT
rflQNYSp1AzBultjUCX/2xi/9u1udpsZA8eDYEh0lKQPNooOstNAACgj5KnRAPRD
zAGVAFH3cZ0K/p0IqyAEts6aQBUhZE/DlTQZrTL6o4C8N/KtD93uj60RA2YVLCX9
KxGMALHQYXvhKEGb1tcu7zUg32zlsKbLnQ1vLWw6IcWN0DQQ+Glqa9B+VGa1o6qT
r4cdR3+UseGx8+J9oY5dmglTjYyzxnr5oXPCkSiPMuk+0WC+EfU9Au7qh3H2VcWk
W+VP5BdLVIgzGxKvo0/FTNHyZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:33 2024 by rpki-client on console-ams.rpki-client.org