Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/ClcKR8Bhv2ggUUgoq6qGOvwdXHE.roa
File: ClcKR8Bhv2ggUUgoq6qGOvwdXHE.roa (raw, json)
Hash identifier: 3cCuUWmH3qo8Hr0bTWm0G8r9nlIC/WMaUyUEqDC7ACw=
Subject key identifier: 0A:57:0A:47:C0:61:BF:68:20:51:48:28:AB:AA:86:3A:FC:1D:5C:71
Certificate issuer: /CN=c7a4d2f68913eace6c9f5092bdc7dd20f574f438
Certificate serial: 355284CC
Authority key identifier: C7:A4:D2:F6:89:13:EA:CE:6C:9F:50:92:BD:C7:DD:20:F5:74:F4:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x6TS9okT6s5sn1CSvcfdIPV09Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/ClcKR8Bhv2ggUUgoq6qGOvwdXHE.roa
Signing time: Sat 01 Jan 2022 11:55:45 +0000
ROA not before: Sat 01 Jan 2022 11:55:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202632
IP address blocks: 213.91.64.0/21 maxlen: 21
213.91.64.0/22 maxlen: 22
213.91.68.0/22 maxlen: 22
185.12.168.0/22 maxlen: 22
185.210.180.0/22 maxlen: 22
185.210.181.0/24 maxlen: 24
31.47.0.0/19 maxlen: 19
31.47.4.0/23 maxlen: 23
31.47.0.0/24 maxlen: 24
31.47.9.0/24 maxlen: 24
31.47.8.0/24 maxlen: 24
31.47.10.0/24 maxlen: 24
31.47.16.0/20 maxlen: 20
31.47.14.0/23 maxlen: 23
217.71.48.0/24 maxlen: 24
217.71.56.0/21 maxlen: 21
213.91.112.0/20 maxlen: 20
213.91.112.0/21 maxlen: 21
213.91.124.0/24 maxlen: 24
213.91.125.0/24 maxlen: 24
213.91.127.0/24 maxlen: 24
213.91.126.0/24 maxlen: 24
2a03:9240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 894600396 (0x355284cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7a4d2f68913eace6c9f5092bdc7dd20f574f438
Validity
Not Before: Jan 1 11:55:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a570a47c061bf6820514828abaa863afc1d5c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4f:f7:ee:33:1e:38:fe:3a:d5:53:46:bb:1e:
e2:a4:fa:0c:ad:ca:b2:93:26:1b:01:48:8c:a2:0e:
b2:2d:cd:1b:a6:91:9e:f2:4d:3e:16:5d:36:45:78:
41:a9:0b:07:4b:da:cf:76:fd:15:db:2f:3e:6e:7b:
a3:55:6d:01:09:de:86:ef:b0:fd:72:1a:bf:45:33:
88:b3:da:5b:6b:0c:26:85:54:eb:f0:fa:05:6c:9d:
bc:ee:18:cd:2c:e2:1e:90:16:2c:f4:60:80:aa:1f:
25:6c:c2:44:1e:b9:d1:a8:04:9d:a6:26:82:66:33:
f7:cf:8a:ca:95:5f:81:71:f8:01:05:09:5d:e8:a9:
55:9c:25:c8:41:07:60:ea:37:a8:91:09:a4:93:0b:
80:f4:52:63:69:64:f6:40:10:33:45:d7:23:08:f8:
d0:ad:52:78:ed:08:b4:ce:88:53:c3:f6:49:16:bd:
56:c5:c2:12:73:50:c0:da:a2:bd:62:f0:8f:85:14:
a0:ba:50:31:15:2c:9f:50:af:43:ca:d7:a3:a9:fe:
04:46:b4:0f:61:a7:ca:da:b5:51:a3:93:33:29:0d:
70:1e:bc:79:27:ba:67:e6:58:ca:98:ef:e4:c5:86:
26:e0:87:ca:0e:58:66:c2:f5:d1:c7:a9:e4:52:6f:
00:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:57:0A:47:C0:61:BF:68:20:51:48:28:AB:AA:86:3A:FC:1D:5C:71
X509v3 Authority Key Identifier:
keyid:C7:A4:D2:F6:89:13:EA:CE:6C:9F:50:92:BD:C7:DD:20:F5:74:F4:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x6TS9okT6s5sn1CSvcfdIPV09Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/ClcKR8Bhv2ggUUgoq6qGOvwdXHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/f03ca1-726b-4de9-b419-f9a1bbc36845/1/x6TS9okT6s5sn1CSvcfdIPV09Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.0.0/19
185.12.168.0/22
185.210.180.0/22
213.91.64.0/21
213.91.112.0/20
217.71.48.0/24
217.71.56.0/21
IPv6:
2a03:9240::/32
Signature Algorithm: sha256WithRSAEncryption
1a:9c:ca:a7:8e:0c:e7:9a:8b:92:be:65:95:46:64:6b:d7:91:
ef:27:3c:fd:e3:c5:35:0f:4a:03:a5:2e:4c:f0:dc:dc:d8:00:
62:50:de:05:d1:2c:10:12:2a:0a:a5:9b:3c:a7:dc:b0:12:04:
85:2c:a5:98:c6:0d:a8:fc:2b:74:9d:c5:e9:51:68:ea:34:90:
fc:30:c2:8b:a5:e4:15:c6:62:50:aa:3d:68:00:b7:91:45:d9:
87:d7:22:54:6c:e7:0b:21:a3:76:6b:86:87:17:60:01:15:68:
77:29:9a:e4:6a:07:e8:51:93:49:ec:bd:4c:d9:a7:9e:05:ed:
ab:f6:92:d1:49:e0:06:39:6f:a7:db:9a:77:c6:ad:2f:7b:09:
b8:e2:b9:6e:11:d4:f3:21:3c:c0:69:92:48:57:ba:66:f4:18:
80:7c:6f:3e:7a:57:a5:c4:fe:d9:07:ad:d5:6a:3e:46:f2:7d:
e4:cb:21:8b:10:21:72:b5:d3:8b:23:cb:7b:47:74:7a:f1:fc:
af:93:c0:81:0d:09:0c:11:e1:97:8a:96:79:8b:59:2f:a2:22:
11:d5:bc:20:17:01:30:54:c4:f8:24:7a:e9:e5:b0:14:cb:9d:
b0:52:0e:70:bb:34:65:f0:47:c6:64:4a:42:ba:f9:7e:dc:d0:
73:8c:18:26
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIENVKEzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
N2E0ZDJmNjg5MTNlYWNlNmM5ZjUwOTJiZGM3ZGQyMGY1NzRmNDM4MB4XDTIyMDEw
MTExNTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE1NzBhNDdjMDYx
YmY2ODIwNTE0ODI4YWJhYTg2M2FmYzFkNWM3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIxP9+4zHjj+OtVTRrse4qT6DK3KspMmGwFIjKIOsi3NG6aR
nvJNPhZdNkV4QakLB0vaz3b9FdsvPm57o1VtAQnehu+w/XIav0UziLPaW2sMJoVU
6/D6BWydvO4YzSziHpAWLPRggKofJWzCRB650agEnaYmgmYz98+KypVfgXH4AQUJ
XeipVZwlyEEHYOo3qJEJpJMLgPRSY2lk9kAQM0XXIwj40K1SeO0ItM6IU8P2SRa9
VsXCEnNQwNqivWLwj4UUoLpQMRUsn1CvQ8rXo6n+BEa0D2Gnytq1UaOTMykNcB68
eSe6Z+ZYypjv5MWGJuCHyg5YZsL10cep5FJvAA0CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQKVwpHwGG/aCBRSCirqoY6/B1ccTAfBgNVHSMEGDAWgBTHpNL2iRPqzmyf
UJK9x90g9XT0ODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3g2VFM5b2tUNnM1c24xQ1N2Y2ZkSVBWMDlEZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvZjAzY2ExLTcyNmItNGRlOS1iNDE5LWY5YTFiYmMzNjg0NS8x
L0NsY0tSOEJodjJnZ1VVZ29xNnFHT3Z3ZFhIRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
ZjAzY2ExLTcyNmItNGRlOS1iNDE5LWY5YTFiYmMzNjg0NS8xL3g2VFM5b2tUNnM1
c24xQ1N2Y2ZkSVBWMDlEZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBR8vAAMEArkMqAMEArnStAMEA9Vb
QAMEBNVbcAMEANlHMAMEA9lHODANBAIAAjAHAwUAKgOSQDANBgkqhkiG9w0BAQsF
AAOCAQEAGpzKp44M55qLkr5llUZka9eR7yc8/ePFNQ9KA6UuTPDc3NgAYlDeBdEs
EBIqCqWbPKfcsBIEhSylmMYNqPwrdJ3F6VFo6jSQ/DDCi6XkFcZiUKo9aAC3kUXZ
h9ciVGznCyGjdmuGhxdgARVodyma5GoH6FGTSey9TNmnngXtq/aS0UngBjlvp9ua
d8atL3sJuOK5bhHU8yE8wGmSSFe6ZvQYgHxvPnpXpcT+2Qet1Wo+RvJ95MshixAh
crXTiyPLe0d0evH8r5PAgQ0JDBHhl4qWeYtZL6IiEdW8IBcBMFTE+CR66eWwFMud
sFIOcLs0ZfBHxmRKQrr5ftzQc4wYJg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:31 2023 by rpki-client on console-ams.rpki-client.org