Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/CUqtR3hKUnVQKu5ugPiIW_Oak40.roa
File: CUqtR3hKUnVQKu5ugPiIW_Oak40.roa (raw, json)
Hash identifier: VlZ4svD4F+N0X4ZKqlmUqXKNxLjHPZuZkMYGrDm2sDg=
Subject key identifier: 09:4A:AD:47:78:4A:52:75:50:2A:EE:6E:80:F8:88:5B:F3:9A:93:8D
Certificate issuer: /CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Certificate serial: 0A62B12A
Authority key identifier: 54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/CUqtR3hKUnVQKu5ugPiIW_Oak40.roa
Signing time: Sat 01 Jan 2022 08:05:39 +0000
ROA not before: Sat 01 Jan 2022 08:05:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49544
IP address blocks: 185.189.181.0/24 maxlen: 24
185.189.180.0/24 maxlen: 24
185.189.183.0/24 maxlen: 24
185.189.182.0/24 maxlen: 24
2a0b:f380::/48 maxlen: 48
2a0b:f380:3e8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174240042 (0xa62b12a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5403e5f8405d6085b8df4bfce1dd9bb3e78c2199
Validity
Not Before: Jan 1 08:05:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=094aad47784a5275502aee6e80f8885bf39a938d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f2:d7:2f:65:ea:f2:bf:06:6e:e7:c2:a7:06:
00:72:97:63:77:4a:ce:d3:92:11:61:f4:08:b5:0c:
cd:24:28:59:6b:d5:65:22:84:93:2c:61:f8:ee:7a:
1c:91:6e:bb:1e:5d:1b:2c:f7:e9:bd:ef:dd:4f:bc:
29:3e:ac:f6:82:6d:e0:ae:3e:1e:c9:7f:0e:d0:f4:
3f:b3:78:ca:71:9f:b7:38:4a:41:b0:47:b8:4a:dc:
90:38:e8:67:83:38:26:03:fb:11:79:b3:2b:8b:eb:
9c:24:1d:95:a3:0f:99:18:36:d3:63:1e:19:98:c4:
35:18:3d:84:92:db:6f:37:d5:34:8e:af:07:08:cd:
c5:57:75:60:d2:2e:bf:fd:6a:71:97:d4:19:c0:c5:
93:0f:08:32:4d:71:86:a6:cf:79:b8:a0:33:77:0d:
c2:7b:c0:a4:f0:41:22:ee:61:df:d5:ac:b5:a0:21:
b1:e1:09:aa:61:b6:0b:17:b6:2a:9d:d8:3c:d7:98:
b8:81:dc:54:d5:73:b6:d6:39:49:c6:ff:f1:0d:fb:
9e:2a:b4:43:89:ac:f0:6a:2a:0d:68:65:98:56:20:
6a:2c:a1:c0:f3:03:6a:6c:95:cd:5e:11:1f:c5:94:
90:a7:b0:a5:30:ca:39:90:bf:d4:ae:6b:0b:0d:42:
4b:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:4A:AD:47:78:4A:52:75:50:2A:EE:6E:80:F8:88:5B:F3:9A:93:8D
X509v3 Authority Key Identifier:
keyid:54:03:E5:F8:40:5D:60:85:B8:DF:4B:FC:E1:DD:9B:B3:E7:8C:21:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VAPl-EBdYIW430v84d2bs-eMIZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/CUqtR3hKUnVQKu5ugPiIW_Oak40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/aee8d9-21ed-4db7-bd70-15a42ac9efa8/1/VAPl-EBdYIW430v84d2bs-eMIZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.180.0/22
IPv6:
2a0b:f380::/48
2a0b:f380:3e8::/48
Signature Algorithm: sha256WithRSAEncryption
a7:b8:ea:21:a7:07:ff:f6:72:fa:78:8d:77:21:4b:e1:fb:98:
05:75:92:8e:db:57:39:f4:4e:d8:a4:9e:d9:f7:3b:fe:f0:09:
96:85:cd:5e:08:47:f0:27:54:c2:6c:77:65:cb:2c:55:e8:cc:
8d:64:24:a1:1a:49:ee:99:91:18:c5:0f:4f:0c:8c:2c:37:2c:
4e:c3:c5:66:94:a6:5b:54:1e:c8:b5:29:44:27:36:24:07:bd:
af:78:b7:2d:35:f1:56:94:4b:77:dd:c0:e5:07:e2:04:6c:aa:
57:fe:d3:87:8c:ed:5b:d8:86:90:e5:9c:ed:5b:e5:60:fb:85:
15:58:f5:f4:29:3b:e3:08:08:39:d2:c6:94:bf:bc:bc:3d:67:
4e:1d:62:f4:a5:ab:9e:3a:3d:86:42:ef:55:cc:bd:9d:4b:ec:
87:f9:e9:10:00:47:5b:02:38:6a:b8:fb:7b:62:47:d9:a0:1d:
25:69:7d:10:4a:65:d1:e7:39:7d:a3:22:f8:9a:4b:04:b3:94:
99:55:ed:78:9b:42:30:95:3c:d6:d9:6e:51:12:f6:07:cb:00:
c4:af:67:9e:cf:2c:c7:fe:cb:d7:d5:dd:c0:20:74:b1:8b:b8:
6b:0b:b1:4e:df:fc:72:50:44:37:61:6b:2a:0f:26:a9:fb:8e:
b2:08:ad:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECmKxKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDAzZTVmODQwNWQ2MDg1YjhkZjRiZmNlMWRkOWJiM2U3OGMyMTk5MB4XDTIyMDEw
MTA4MDUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDk0YWFkNDc3ODRh
NTI3NTUwMmFlZTZlODBmODg4NWJmMzlhOTM4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzy1y9l6vK/Bm7nwqcGAHKXY3dKztOSEWH0CLUMzSQoWWvV
ZSKEkyxh+O56HJFuux5dGyz36b3v3U+8KT6s9oJt4K4+Hsl/DtD0P7N4ynGftzhK
QbBHuErckDjoZ4M4JgP7EXmzK4vrnCQdlaMPmRg202MeGZjENRg9hJLbbzfVNI6v
BwjNxVd1YNIuv/1qcZfUGcDFkw8IMk1xhqbPebigM3cNwnvApPBBIu5h39WstaAh
seEJqmG2Cxe2Kp3YPNeYuIHcVNVzttY5Scb/8Q37niq0Q4ms8GoqDWhlmFYgaiyh
wPMDamyVzV4RH8WUkKewpTDKOZC/1K5rCw1CS1kCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQJSq1HeEpSdVAq7m6A+Ihb85qTjTAfBgNVHSMEGDAWgBRUA+X4QF1ghbjf
S/zh3Zuz54whmTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZBUGwtRUJkWUlXNDMwdjg0ZDJicy1lTUlaay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvYWVlOGQ5LTIxZWQtNGRiNy1iZDcwLTE1YTQyYWM5ZWZhOC8x
L0NVcXRSM2hLVW5WUUt1NXVnUGlJV19PYWs0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
YWVlOGQ5LTIxZWQtNGRiNy1iZDcwLTE1YTQyYWM5ZWZhOC8xL1ZBUGwtRUJkWUlX
NDMwdjg0ZDJicy1lTUlaay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEArm9tDAYBAIAAjASAwcAKgvzgAAA
AwcAKgvzgAPoMA0GCSqGSIb3DQEBCwUAA4IBAQCnuOohpwf/9nL6eI13IUvh+5gF
dZKO21c59E7YpJ7Z9zv+8AmWhc1eCEfwJ1TCbHdlyyxV6MyNZCShGknumZEYxQ9P
DIwsNyxOw8VmlKZbVB7ItSlEJzYkB72veLctNfFWlEt33cDlB+IEbKpX/tOHjO1b
2IaQ5ZztW+Vg+4UVWPX0KTvjCAg50saUv7y8PWdOHWL0paueOj2GQu9VzL2dS+yH
+ekQAEdbAjhquPt7YkfZoB0laX0QSmXR5zl9oyL4mksEs5SZVe14m0IwlTzW2W5R
EvYHywDEr2eezyzH/svX1d3AIHSxi7hrC7FO3/xyUEQ3YWsqDyap+46yCK2L
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:58 2023 by rpki-client on console-ams.rpki-client.org