Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/vTku53hOWi8IUO1sfzGMGUTc64s.roa
File: vTku53hOWi8IUO1sfzGMGUTc64s.roa (raw, json)
Hash identifier: 5f7NulGnizahT4AolQhLlSkU549uVdOZQh9xlh7dLvM=
Subject key identifier: BD:39:2E:E7:78:4E:5A:2F:08:50:ED:6C:7F:31:8C:19:44:DC:EB:8B
Certificate issuer: /CN=d3860a9b36585fb8aa051fc37fcc6a0773990cbf
Certificate serial: 0182FE234E8DBC43A944B463650651D25674
Authority key identifier: D3:86:0A:9B:36:58:5F:B8:AA:05:1F:C3:7F:CC:6A:07:73:99:0C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04YKmzZYX7iqBR_Df8xqB3OZDL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/vTku53hOWi8IUO1sfzGMGUTc64s.roa
Signing time: Fri 02 Sep 2022 12:18:22 +0000
ROA not before: Fri 02 Sep 2022 12:18:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62303
IP address blocks: 185.235.81.0/24 maxlen: 24
185.235.83.0/24 maxlen: 24
185.235.82.0/24 maxlen: 24
2a0d:4d00:81::/48 maxlen: 48
2a0d:4d00:82::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:fe:23:4e:8d:bc:43:a9:44:b4:63:65:06:51:d2:56:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3860a9b36585fb8aa051fc37fcc6a0773990cbf
Validity
Not Before: Sep 2 12:18:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd392ee7784e5a2f0850ed6c7f318c1944dceb8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:cf:7d:cd:1d:f1:92:88:ea:36:76:f7:07:08:
96:ed:87:e6:d5:ec:9d:80:db:66:db:dd:fd:a4:8c:
78:d2:b0:77:94:7c:c5:52:4c:51:71:a5:8b:25:59:
5c:a1:fe:57:3b:4c:c0:18:74:35:eb:00:a4:c6:a9:
63:bb:87:a1:de:23:d6:1e:ed:ec:0e:d7:de:47:11:
a5:72:0b:35:77:c0:7a:f8:8f:c7:24:66:68:aa:6e:
6e:a4:51:02:a1:90:fa:50:4f:99:1e:e5:cf:d0:af:
8b:58:a5:d6:db:3b:c1:73:9e:0c:5d:be:94:1c:1a:
5a:48:98:c9:fd:2f:07:1c:2f:1e:41:d3:91:0a:77:
64:06:0f:65:69:06:92:09:d8:ed:9c:48:28:79:02:
cf:f8:ff:0a:08:53:b8:1a:67:d2:42:5d:bc:a2:29:
44:7d:74:18:19:15:cb:b6:43:0a:14:f7:7f:86:e5:
c7:ee:d2:28:9a:04:0c:6b:9f:0a:c7:95:d3:15:c1:
1f:11:f3:34:0a:ee:0a:95:81:74:1d:89:73:48:38:
56:fd:6a:df:d6:bc:a5:aa:32:8c:6e:ab:8c:26:07:
f4:28:21:71:9c:9b:99:11:a2:06:04:15:75:3c:6e:
37:39:bf:5f:76:20:80:64:9b:1d:de:00:6e:0d:97:
f8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:39:2E:E7:78:4E:5A:2F:08:50:ED:6C:7F:31:8C:19:44:DC:EB:8B
X509v3 Authority Key Identifier:
keyid:D3:86:0A:9B:36:58:5F:B8:AA:05:1F:C3:7F:CC:6A:07:73:99:0C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04YKmzZYX7iqBR_Df8xqB3OZDL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/vTku53hOWi8IUO1sfzGMGUTc64s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/03c430-fb04-40ea-85d1-c92c6165de18/1/04YKmzZYX7iqBR_Df8xqB3OZDL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.81.0-185.235.83.255
IPv6:
2a0d:4d00:81::-2a0d:4d00:82:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4e:b1:dc:46:bb:d1:25:fa:09:88:7a:5d:16:54:43:ae:62:90:
12:83:df:f5:da:8e:cb:57:11:71:0c:ae:03:93:3e:d5:ad:90:
60:ff:f6:ff:19:86:40:03:3a:bf:c1:4f:42:f5:48:04:b6:54:
fb:95:7e:06:0e:e6:aa:30:cd:09:6c:66:f5:e5:4e:e9:2c:21:
8d:7c:e3:59:e6:5c:5a:d2:d3:31:3a:a5:43:77:b2:64:7b:23:
75:87:c7:ef:20:3e:b9:8f:d0:ea:9b:96:ad:ff:e8:2d:62:43:
14:52:c8:cc:d1:35:20:4a:7d:b5:13:4a:ce:07:4e:6b:77:8e:
20:e1:4d:f3:b8:e9:df:f3:6e:7b:ea:e3:ff:b6:f9:05:37:34:
8f:51:64:3e:05:0a:40:12:c8:f2:70:9d:4d:f7:0f:58:d7:4a:
64:19:81:19:69:b5:d2:0f:f2:92:3a:35:d9:b5:83:54:09:55:
a8:fe:fe:a4:b5:4c:84:c9:7f:4a:87:a5:16:b9:c2:ad:df:d8:
53:98:dc:12:fe:22:0e:f7:ab:40:03:58:33:5c:16:ae:33:82:
2f:0c:b7:86:e8:41:c4:0a:a8:89:6d:db:57:b7:00:5b:a4:82:
0d:df:29:9f:59:a5:5f:5e:35:30:ea:9d:a4:fc:7a:24:a6:87:
0c:3f:b0:d4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYL+I06NvEOpRLRjZQZR0lZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODYwYTliMzY1ODVmYjhhYTA1MWZjMzdmY2M2YTA3NzM5
OTBjYmYwHhcNMjIwOTAyMTIxODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDM5MmVlNzc4NGU1YTJmMDg1MGVkNmM3ZjMxOGMxOTQ0ZGNlYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmc99zR3xkojqNnb3BwiW7Yfm1eyd
gNtm2939pIx40rB3lHzFUkxRcaWLJVlcof5XO0zAGHQ16wCkxqlju4eh3iPWHu3s
DtfeRxGlcgs1d8B6+I/HJGZoqm5upFECoZD6UE+ZHuXP0K+LWKXW2zvBc54MXb6U
HBpaSJjJ/S8HHC8eQdORCndkBg9laQaSCdjtnEgoeQLP+P8KCFO4GmfSQl28oilE
fXQYGRXLtkMKFPd/huXH7tIomgQMa58Kx5XTFcEfEfM0Cu4KlYF0HYlzSDhW/Wrf
1rylqjKMbquMJgf0KCFxnJuZEaIGBBV1PG43Ob9fdiCAZJsd3gBuDZf4UwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFL05Lud4TlovCFDtbH8xjBlE3OuLMB8GA1UdIwQY
MBaAFNOGCps2WF+4qgUfw3/MagdzmQy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRZS216WllYN2lxQlJfRGY4eHFCM09aREw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wM2M0MzAtZmIwNC00MGVhLTg1ZDEt
YzkyYzYxNjVkZTE4LzEvdlRrdTUzaE9XaThJVU8xc2Z6R01HVVRjNjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8wM2M0MzAtZmIwNC00MGVhLTg1ZDEtYzkyYzYxNjVkZTE4
LzEvMDRZS216WllYN2lxQlJfRGY4eHFCM09aREw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBAC561ED
BAK561AwGgQCAAIwFDASAwcAKg1NAACBAwcAKg1NAACCMA0GCSqGSIb3DQEBCwUA
A4IBAQBOsdxGu9El+gmIel0WVEOuYpASg9/12o7LVxFxDK4Dkz7VrZBg//b/GYZA
Azq/wU9C9UgEtlT7lX4GDuaqMM0JbGb15U7pLCGNfONZ5lxa0tMxOqVDd7JkeyN1
h8fvID65j9Dqm5at/+gtYkMUUsjM0TUgSn21E0rOB05rd44g4U3zuOnf82576uP/
tvkFNzSPUWQ+BQpAEsjycJ1N9w9Y10pkGYEZabXSD/KSOjXZtYNUCVWo/v6ktUyE
yX9Kh6UWucKt39hTmNwS/iIO96tAA1gzXBauM4IvDLeG6EHECqiJbdtXtwBbpIIN
3ymfWaVfXjUw6p2k/HokpocMP7DU
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:42 2023 by rpki-client on console-ams.rpki-client.org