Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/u69euTuoL1ioXPG7sljM65KUKXw.roa
File: u69euTuoL1ioXPG7sljM65KUKXw.roa (raw, json)
Hash identifier: LFEcprdbNlWhW/S8X+eFx3YPFYw9+gdsguq4rbDhT1w=
Subject key identifier: BB:AF:5E:B9:3B:A8:2F:58:A8:5C:F1:BB:B2:58:CC:EB:92:94:29:7C
Certificate issuer: /CN=b06551937efc96e145e33a1ebca24492dc120ecb
Certificate serial: 09DE7476
Authority key identifier: B0:65:51:93:7E:FC:96:E1:45:E3:3A:1E:BC:A2:44:92:DC:12:0E:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sGVRk378luFF4zoevKJEktwSDss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/u69euTuoL1ioXPG7sljM65KUKXw.roa
Signing time: Sat 01 Jan 2022 15:01:42 +0000
ROA not before: Sat 01 Jan 2022 15:01:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47288
IP address blocks: 93.184.144.0/24 maxlen: 24
93.184.145.0/24 maxlen: 24
93.184.147.0/24 maxlen: 24
93.184.146.0/24 maxlen: 24
93.184.149.0/24 maxlen: 24
93.184.148.0/24 maxlen: 24
93.184.151.0/24 maxlen: 24
93.184.150.0/24 maxlen: 24
93.184.152.0/24 maxlen: 24
93.184.157.0/24 maxlen: 24
93.184.159.0/24 maxlen: 24
93.184.158.0/24 maxlen: 24
93.184.154.0/24 maxlen: 24
93.184.153.0/24 maxlen: 24
93.184.156.0/24 maxlen: 24
93.184.155.0/24 maxlen: 24
185.168.152.0/24 maxlen: 24
185.168.154.0/24 maxlen: 24
185.168.154.0/23 maxlen: 23
185.168.153.0/24 maxlen: 24
185.168.155.0/24 maxlen: 24
2a00:dc00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165573750 (0x9de7476)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b06551937efc96e145e33a1ebca24492dc120ecb
Validity
Not Before: Jan 1 15:01:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bbaf5eb93ba82f58a85cf1bbb258cceb9294297c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:28:cc:a8:6b:8e:1e:0c:16:97:81:60:e6:08:
e5:23:cc:52:13:40:ce:df:41:5f:d0:56:91:ce:d2:
eb:a5:bb:dd:f4:cf:c8:e9:8a:36:99:59:7e:fd:e0:
7f:d8:ff:10:90:9b:cb:3e:0d:b1:fa:c3:2a:a1:2c:
3c:99:1d:04:bd:a1:05:7a:07:1a:35:8a:7b:10:6e:
e1:4a:b8:82:4b:b6:21:bc:6c:80:22:b2:01:d2:f1:
9f:64:3c:4d:24:7c:dd:f0:3d:1a:f4:d2:35:0c:96:
35:a1:80:54:73:45:54:42:d3:26:32:bf:e2:38:b6:
99:d9:81:73:fc:e0:2e:5f:8e:0b:c1:df:c0:03:76:
50:db:c1:27:d1:52:bc:67:57:32:3b:8e:ce:52:bb:
b0:40:75:58:be:59:7b:4b:e9:62:e8:95:20:ae:26:
46:ae:e3:76:31:cd:14:69:0f:45:b3:e6:c4:6c:53:
68:05:b4:22:a3:b9:7c:90:b4:d6:6d:37:4d:7e:43:
0a:bc:94:89:f8:40:72:ff:91:7d:5f:76:29:13:a2:
9b:f6:5a:e6:e7:4b:54:c6:1d:fb:a3:31:d2:64:4a:
50:c7:a5:f6:8e:ea:45:23:ef:21:1d:75:1e:dd:fe:
74:54:31:88:5b:87:00:07:5a:ef:53:2c:a7:a8:4f:
86:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:AF:5E:B9:3B:A8:2F:58:A8:5C:F1:BB:B2:58:CC:EB:92:94:29:7C
X509v3 Authority Key Identifier:
keyid:B0:65:51:93:7E:FC:96:E1:45:E3:3A:1E:BC:A2:44:92:DC:12:0E:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sGVRk378luFF4zoevKJEktwSDss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/u69euTuoL1ioXPG7sljM65KUKXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/2c4731-89d5-4e9b-b4aa-bf09ad32c888/1/sGVRk378luFF4zoevKJEktwSDss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.184.144.0/20
185.168.152.0/22
IPv6:
2a00:dc00::/32
Signature Algorithm: sha256WithRSAEncryption
cb:dd:17:52:e0:e5:d5:7f:89:d2:0d:a8:77:b5:2a:c9:8f:71:
9e:c5:e7:a2:47:cf:9d:ec:91:ee:4d:8f:39:d3:7d:5b:2e:42:
6c:c0:76:bd:c1:68:5b:a7:57:63:3d:65:24:f2:b7:bc:57:81:
72:ef:02:9c:33:52:e7:46:59:01:29:ef:c1:f0:ca:48:64:a6:
89:16:19:f2:11:df:70:16:c0:cc:21:5a:b5:b6:c3:fa:37:0c:
f1:ef:2b:47:09:3c:86:99:9c:e8:4e:9f:2c:5b:68:bd:54:5b:
2d:e7:99:c7:06:2e:93:d4:89:65:25:81:d0:d7:bb:ef:37:4e:
8b:08:43:47:4a:cf:5e:08:5c:b4:bd:29:47:15:51:84:36:7b:
67:d1:11:50:c8:b4:45:8d:2d:2b:ce:54:2a:97:a6:7d:0a:a7:
4a:b5:94:bd:6f:4c:20:b8:85:ea:2d:bf:ff:bf:b4:1d:c9:2d:
28:39:a4:42:0b:05:19:a7:b1:80:4b:dc:c0:c1:ef:07:5b:b4:
55:78:3a:b9:fa:49:e5:b6:88:f7:cf:aa:a4:40:32:76:25:b8:
f6:91:05:fe:e4:1f:0c:59:f5:6f:4f:e5:3e:f4:e7:26:e7:dd:
27:67:6c:5d:8c:b7:d2:e6:ab:ff:55:5c:70:af:88:7c:35:49:
71:65:e5:45
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECd50djANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDY1NTE5MzdlZmM5NmUxNDVlMzNhMWViY2EyNDQ5MmRjMTIwZWNiMB4XDTIyMDEw
MTE1MDE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmJhZjVlYjkzYmE4
MmY1OGE4NWNmMWJiYjI1OGNjZWI5Mjk0Mjk3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoozKhrjh4MFpeBYOYI5SPMUhNAzt9BX9BWkc7S66W73fTP
yOmKNplZfv3gf9j/EJCbyz4NsfrDKqEsPJkdBL2hBXoHGjWKexBu4Uq4gku2Ibxs
gCKyAdLxn2Q8TSR83fA9GvTSNQyWNaGAVHNFVELTJjK/4ji2mdmBc/zgLl+OC8Hf
wAN2UNvBJ9FSvGdXMjuOzlK7sEB1WL5Ze0vpYuiVIK4mRq7jdjHNFGkPRbPmxGxT
aAW0IqO5fJC01m03TX5DCryUifhAcv+RfV92KROim/Za5udLVMYd+6Mx0mRKUMel
9o7qRSPvIR11Ht3+dFQxiFuHAAda71Msp6hPhrECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS7r165O6gvWKhc8buyWMzrkpQpfDAfBgNVHSMEGDAWgBSwZVGTfvyW4UXj
Oh68okSS3BIOyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NHVlJrMzc4bHVGRjR6b2V2S0pFa3R3U0Rzcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvMmM0NzMxLTg5ZDUtNGU5Yi1iNGFhLWJmMDlhZDMyYzg4OC8x
L3U2OWV1VHVvTDFpb1hQRzdzbGpNNjVLVUtYdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
MmM0NzMxLTg5ZDUtNGU5Yi1iNGFhLWJmMDlhZDMyYzg4OC8xL3NHVlJrMzc4bHVG
RjR6b2V2S0pFa3R3U0Rzcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBF24kAMEArmomDANBAIAAjAHAwUA
KgDcADANBgkqhkiG9w0BAQsFAAOCAQEAy90XUuDl1X+J0g2od7UqyY9xnsXnokfP
neyR7k2POdN9Wy5CbMB2vcFoW6dXYz1lJPK3vFeBcu8CnDNS50ZZASnvwfDKSGSm
iRYZ8hHfcBbAzCFatbbD+jcM8e8rRwk8hpmc6E6fLFtovVRbLeeZxwYuk9SJZSWB
0Ne77zdOiwhDR0rPXghctL0pRxVRhDZ7Z9ERUMi0RY0tK85UKpemfQqnSrWUvW9M
ILiF6i2//7+0HcktKDmkQgsFGaexgEvcwMHvB1u0VXg6ufpJ5baI98+qpEAydiW4
9pEF/uQfDFn1b0/lPvTnJufdJ2dsXYy30uar/1VccK+IfDVJcWXlRQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:57 2023 by rpki-client on console-ams.rpki-client.org