Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/i2YJ3lLuwTBUGQqOYRyH2A_GtZ4.roa
File: i2YJ3lLuwTBUGQqOYRyH2A_GtZ4.roa (raw, json)
Hash identifier: 3y7C257s5EsvjTTdoxkPM/kdVPtv2mmNaqsv0XaOzWQ=
Subject key identifier: 8B:66:09:DE:52:EE:C1:30:54:19:0A:8E:61:1C:87:D8:0F:C6:B5:9E
Certificate issuer: /CN=51f866f32b47c69d478ad95354e257e51a236a57
Certificate serial: 450E1D3F
Authority key identifier: 51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/i2YJ3lLuwTBUGQqOYRyH2A_GtZ4.roa
Signing time: Sat 12 Feb 2022 10:00:36 +0000
ROA not before: Sat 12 Feb 2022 10:00:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39288
IP address blocks: 158.255.92.0/22 maxlen: 24
158.255.92.0/23 maxlen: 24
193.138.118.0/24 maxlen: 24
46.21.208.0/20 maxlen: 20
46.21.208.0/21 maxlen: 21
46.21.216.0/21 maxlen: 21
94.232.152.0/22 maxlen: 22
94.232.152.0/21 maxlen: 21
158.255.88.0/21 maxlen: 21
158.255.88.0/22 maxlen: 22
94.232.156.0/22 maxlen: 22
2a02:2928::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1158552895 (0x450e1d3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51f866f32b47c69d478ad95354e257e51a236a57
Validity
Not Before: Feb 12 10:00:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b6609de52eec13054190a8e611c87d80fc6b59e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fa:58:16:f9:f7:79:71:90:c2:e0:5d:f1:1e:
ae:36:10:aa:f6:76:4c:cb:b8:44:c7:8c:00:3b:c4:
b3:30:83:57:38:4d:e1:7c:83:f1:6c:18:da:11:6c:
df:3b:63:a9:ff:93:84:96:97:27:ff:6d:6c:e8:94:
01:34:54:fb:5c:65:ae:f6:b8:89:c2:c9:df:bd:d9:
2a:3c:60:41:18:47:e5:2f:14:97:65:9a:b4:fa:cb:
d9:77:33:14:0a:ba:fe:a1:c6:a5:8a:ea:dc:ff:4f:
7a:7a:44:00:23:04:23:11:d4:c1:4a:ed:d2:60:db:
cd:ea:df:8c:70:76:6f:99:4a:db:6f:46:79:29:d5:
1b:69:7a:6a:4c:e1:95:de:2d:cd:e0:70:1c:ba:56:
cf:f4:09:5f:e2:b3:cb:c5:5c:dc:4b:ce:36:65:8d:
4b:d4:6e:46:36:71:f1:75:5d:d5:be:ae:ff:9c:3b:
35:86:de:0e:b2:f0:88:85:4e:62:5a:f1:91:fb:b1:
7a:53:55:1b:84:bb:8d:9d:86:37:1f:6f:2c:50:b2:
5a:65:2d:ee:67:b8:2f:cb:eb:86:84:c7:6e:2b:79:
52:51:83:9f:29:76:65:1f:0c:a8:98:0d:af:1a:7a:
2b:c5:8a:57:03:81:b1:bc:be:16:11:52:dd:e9:af:
88:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:66:09:DE:52:EE:C1:30:54:19:0A:8E:61:1C:87:D8:0F:C6:B5:9E
X509v3 Authority Key Identifier:
keyid:51:F8:66:F3:2B:47:C6:9D:47:8A:D9:53:54:E2:57:E5:1A:23:6A:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ufhm8ytHxp1HitlTVOJX5Rojalc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/i2YJ3lLuwTBUGQqOYRyH2A_GtZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/dcb6fb-0e86-4d34-adc3-d93fd49ae8ef/1/Ufhm8ytHxp1HitlTVOJX5Rojalc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.208.0/20
94.232.152.0/21
158.255.88.0/21
193.138.118.0/24
IPv6:
2a02:2928::/32
Signature Algorithm: sha256WithRSAEncryption
93:79:6c:92:c8:98:f9:98:02:b8:d6:ef:c7:87:55:49:2e:93:
9e:c8:d8:75:6c:54:76:4d:f1:59:05:92:aa:23:91:d8:6b:48:
72:f9:80:7b:bf:2c:45:ee:94:09:0b:28:68:fd:97:af:81:f0:
8f:23:88:aa:ba:c7:ac:89:9d:ca:8a:94:10:12:22:79:24:2e:
65:ec:7e:b4:47:f6:50:4b:e8:d2:6d:42:dd:80:de:a7:0f:a0:
26:5a:06:fe:4d:b1:13:6f:0d:b4:c8:b2:2e:e5:df:eb:a2:2b:
77:37:b2:02:8f:5b:7d:93:c7:83:9c:84:da:64:f9:44:47:75:
78:49:51:4f:17:42:66:14:e4:8e:c4:e4:a7:ba:e4:17:51:8b:
13:a5:12:05:dc:53:2d:44:65:43:88:b5:e6:2e:b3:6d:9f:b2:
f9:52:ab:c1:7a:7e:04:e7:b7:1a:04:c4:0c:b0:63:93:61:4a:
de:1b:9d:32:40:79:8b:5a:76:81:a0:d9:5f:2e:5d:cd:ff:e2:
43:31:3a:57:31:cb:d7:cb:12:b7:54:a1:cf:f4:ae:eb:54:cf:
2c:74:0a:54:7f:1e:d2:95:a9:26:1e:44:38:00:3a:aa:44:3c:
d4:68:60:4d:20:f1:3d:ea:2d:75:f9:68:25:26:b2:35:df:f7:
e7:ef:b5:61
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIERQ4dPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MWY4NjZmMzJiNDdjNjlkNDc4YWQ5NTM1NGUyNTdlNTFhMjM2YTU3MB4XDTIyMDIx
MjEwMDAzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI2NjA5ZGU1MmVl
YzEzMDU0MTkwYThlNjExYzg3ZDgwZmM2YjU5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMn6WBb593lxkMLgXfEerjYQqvZ2TMu4RMeMADvEszCDVzhN
4XyD8WwY2hFs3ztjqf+ThJaXJ/9tbOiUATRU+1xlrva4icLJ373ZKjxgQRhH5S8U
l2WatPrL2XczFAq6/qHGpYrq3P9PenpEACMEIxHUwUrt0mDbzerfjHB2b5lK229G
eSnVG2l6akzhld4tzeBwHLpWz/QJX+Kzy8Vc3EvONmWNS9RuRjZx8XVd1b6u/5w7
NYbeDrLwiIVOYlrxkfuxelNVG4S7jZ2GNx9vLFCyWmUt7me4L8vrhoTHbit5UlGD
nyl2ZR8MqJgNrxp6K8WKVwOBsby+FhFS3emviHUCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSLZgneUu7BMFQZCo5hHIfYD8a1njAfBgNVHSMEGDAWgBRR+GbzK0fGnUeK
2VNU4lflGiNqVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VmaG04eXRIeHAxSGl0bFRWT0pYNVJvamFsYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8x
L2kyWUozbEx1d1RCVUdRcU9ZUnlIMkFfR3RaNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
ZGNiNmZiLTBlODYtNGQzNC1hZGMzLWQ5M2ZkNDlhZThlZi8xL1VmaG04eXRIeHAx
SGl0bFRWT0pYNVJvamFsYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBC4V0AMEA17omAMEA57/WAMEAMGK
djANBAIAAjAHAwUAKgIpKDANBgkqhkiG9w0BAQsFAAOCAQEAk3lsksiY+ZgCuNbv
x4dVSS6TnsjYdWxUdk3xWQWSqiOR2GtIcvmAe78sRe6UCQsoaP2Xr4HwjyOIqrrH
rImdyoqUEBIieSQuZex+tEf2UEvo0m1C3YDepw+gJloG/k2xE28NtMiyLuXf66Ir
dzeyAo9bfZPHg5yE2mT5REd1eElRTxdCZhTkjsTkp7rkF1GLE6USBdxTLURlQ4i1
5i6zbZ+y+VKrwXp+BOe3GgTEDLBjk2FK3hudMkB5i1p2gaDZXy5dzf/iQzE6VzHL
18sSt1Shz/Su61TPLHQKVH8e0pWpJh5EOAA6qkQ81GhgTSDxPeotdfloJSayNd/3
5++1YQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:47 2023 by rpki-client on console-ams.rpki-client.org