Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/cLDlUMGCLk-AlrWPaiB9-lyFsHQ.roa
File: cLDlUMGCLk-AlrWPaiB9-lyFsHQ.roa (raw, json)
Hash identifier: Pv2po81Vz8YpVSVhPM4JZmWK024ypFG5dAdgGsIFeOY=
Subject key identifier: 70:B0:E5:50:C1:82:2E:4F:80:96:B5:8F:6A:20:7D:FA:5C:85:B0:74
Certificate issuer: /CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Certificate serial: 0A707ACA
Authority key identifier: D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/cLDlUMGCLk-AlrWPaiB9-lyFsHQ.roa
Signing time: Mon 24 Jan 2022 11:14:09 +0000
ROA not before: Mon 24 Jan 2022 11:14:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31287
IP address blocks: 151.237.41.204/32 maxlen: 32
151.237.84.0/22 maxlen: 22
151.237.80.0/22 maxlen: 22
85.187.192.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175143626 (0xa707aca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2622fdec8fadfca58e7575c29f10e73ae775715
Validity
Not Before: Jan 24 11:14:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70b0e550c1822e4f8096b58f6a207dfa5c85b074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:4a:ab:af:ed:30:29:a3:ac:c9:5f:66:cf:46:
fe:cb:bd:97:8f:77:90:c0:e8:dd:95:b4:da:4a:bf:
c6:dc:75:ff:58:fa:7a:89:48:46:f6:92:db:46:b4:
a6:a2:a0:3b:49:c6:ab:2a:fa:71:15:22:ce:de:1b:
ec:5e:a8:e0:44:f3:88:ea:bd:93:92:79:81:05:6b:
36:50:36:80:3e:82:15:90:62:3b:13:38:3b:e2:f5:
bf:f3:84:21:ee:d4:c5:d8:7e:29:d4:94:1f:b6:28:
0d:80:f3:36:88:3a:fe:d0:f2:a0:93:78:3e:bf:a9:
fc:2f:33:30:e1:68:d1:d5:da:2d:0a:72:8f:25:7d:
39:29:fb:8a:bd:9f:88:2f:c2:6a:41:de:e5:c0:20:
b4:7b:c5:6b:1d:11:81:1f:a4:94:83:54:e5:68:14:
86:3e:32:7c:6f:a2:28:3e:30:45:53:6c:2f:c8:1f:
68:4f:c7:7c:a3:f4:cf:70:17:a4:f3:bc:a6:8b:ad:
a8:85:a6:56:5f:b6:93:ac:86:97:45:ec:e0:d2:7e:
98:d1:4c:ea:8f:37:61:63:08:56:f8:be:69:28:47:
c0:f5:71:4f:b5:4f:75:69:55:27:5e:a3:1c:b5:f9:
a4:e3:be:fc:95:f9:bd:b0:31:65:6b:80:aa:4a:ff:
5b:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B0:E5:50:C1:82:2E:4F:80:96:B5:8F:6A:20:7D:FA:5C:85:B0:74
X509v3 Authority Key Identifier:
keyid:D2:62:2F:DE:C8:FA:DF:CA:58:E7:57:5C:29:F1:0E:73:AE:77:57:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0mIv3sj638pY51dcKfEOc653VxU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/cLDlUMGCLk-AlrWPaiB9-lyFsHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/85f02e-f1ac-44fb-92eb-f05aa229d638/1/0mIv3sj638pY51dcKfEOc653VxU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.192.0/21
151.237.41.204/32
151.237.80.0/21
Signature Algorithm: sha256WithRSAEncryption
7d:59:ab:2c:48:94:b3:58:4e:2f:a3:10:ca:b8:5e:d3:79:5d:
47:cf:98:1f:e0:21:7e:f7:b1:3f:44:0f:fc:15:9a:2a:3a:a4:
b9:52:8e:16:aa:4a:57:21:06:a5:41:94:4c:c1:ca:b9:c3:56:
c4:b0:b8:f5:5b:98:dd:46:0c:8b:e5:ee:54:e2:83:32:7f:ef:
40:1c:72:6c:0b:5f:72:c2:62:03:42:fa:78:a7:1a:9e:60:ab:
8b:8f:0d:db:01:1d:28:ff:50:30:f5:ed:b9:9f:64:c5:f1:ce:
3d:92:3a:be:40:08:ad:33:26:a0:8b:3c:d3:76:be:07:10:8a:
89:13:0f:92:9b:b2:c1:74:0b:87:3c:8f:50:a4:ac:1c:79:74:
de:6a:d3:5f:ac:fa:78:d8:c9:5e:19:1b:48:5d:19:fe:a2:24:
70:3b:39:bd:30:fb:8a:0e:42:79:f6:46:55:90:02:5e:d6:0e:
37:bb:65:f9:31:17:37:26:3a:37:4e:78:5e:6e:ec:6d:b4:ad:
19:63:c9:16:91:42:c2:62:52:7d:bc:14:72:af:28:66:12:8a:
63:13:72:e5:e6:fb:c3:13:35:ad:45:fd:79:28:8e:c1:a2:7d:
43:04:df:5c:c8:d4:4e:d7:18:e8:76:2e:67:a4:b0:f2:99:6a:
48:57:bf:fc
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgIECnB6yjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MjYyMmZkZWM4ZmFkZmNhNThlNzU3NWMyOWYxMGU3M2FlNzc1NzE1MB4XDTIyMDEy
NDExMTQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBiMGU1NTBjMTgy
MmU0ZjgwOTZiNThmNmEyMDdkZmE1Yzg1YjA3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNKq6/tMCmjrMlfZs9G/su9l493kMDo3ZW02kq/xtx1/1j6
eolIRvaS20a0pqKgO0nGqyr6cRUizt4b7F6o4ETziOq9k5J5gQVrNlA2gD6CFZBi
OxM4O+L1v/OEIe7Uxdh+KdSUH7YoDYDzNog6/tDyoJN4Pr+p/C8zMOFo0dXaLQpy
jyV9OSn7ir2fiC/CakHe5cAgtHvFax0RgR+klINU5WgUhj4yfG+iKD4wRVNsL8gf
aE/HfKP0z3AXpPO8poutqIWmVl+2k6yGl0Xs4NJ+mNFM6o83YWMIVvi+aShHwPVx
T7VPdWlVJ16jHLX5pOO+/JX5vbAxZWuAqkr/WzUCAwEAAaOCAhYwggISMB0GA1Ud
DgQWBBRwsOVQwYIuT4CWtY9qIH36XIWwdDAfBgNVHSMEGDAWgBTSYi/eyPrfyljn
V1wp8Q5zrndXFTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBtSXYzc2o2MzhwWTUxZGNLZkVPYzY1M1Z4VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvODVmMDJlLWYxYWMtNDRmYi05MmViLWYwNWFhMjI5ZDYzOC8x
L2NMRGxVTUdDTGstQWxyV1BhaUI5LWx5RnNIUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
ODVmMDJlLWYxYWMtNDRmYi05MmViLWYwNWFhMjI5ZDYzOC8xLzBtSXYzc2o2Mzhw
WTUxZGNLZkVPYzY1M1Z4VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAs
BggrBgEFBQcBBwEB/wQdMBswGQQCAAEwEwMEA1W7wAMFAJftKcwDBAOX7VAwDQYJ
KoZIhvcNAQELBQADggEBAH1ZqyxIlLNYTi+jEMq4XtN5XUfPmB/gIX73sT9ED/wV
mio6pLlSjhaqSlchBqVBlEzByrnDVsSwuPVbmN1GDIvl7lTigzJ/70AccmwLX3LC
YgNC+ninGp5gq4uPDdsBHSj/UDD17bmfZMXxzj2SOr5ACK0zJqCLPNN2vgcQiokT
D5KbssF0C4c8j1CkrBx5dN5q01+s+njYyV4ZG0hdGf6iJHA7Ob0w+4oOQnn2RlWQ
Al7WDje7ZfkxFzcmOjdOeF5u7G20rRljyRaRQsJiUn28FHKvKGYSimMTcuXm+8MT
Na1F/XkojsGifUME31zI1E7XGOh2LmeksPKZakhXv/w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:32 2023 by rpki-client on console-ams.rpki-client.org