Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/e210b9-7a3f-410b-ba56-0724089289bb/1/uCBu5h5j6fAErJuZQVqarAr1d6s.roa
File: uCBu5h5j6fAErJuZQVqarAr1d6s.roa (raw, json)
Hash identifier: fPk6nyMkEHYP1/iXfyeXHo/grRsp+4yMAboLAvjb3aY=
Subject key identifier: B8:20:6E:E6:1E:63:E9:F0:04:AC:9B:99:41:5A:9A:AC:0A:F5:77:AB
Certificate issuer: /CN=3fa40fcfa836bb0b5b3e129404cb31e85250b01f
Certificate serial: 1A2CB81C
Authority key identifier: 3F:A4:0F:CF:A8:36:BB:0B:5B:3E:12:94:04:CB:31:E8:52:50:B0:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P6QPz6g2uwtbPhKUBMsx6FJQsB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/e210b9-7a3f-410b-ba56-0724089289bb/1/uCBu5h5j6fAErJuZQVqarAr1d6s.roa
Signing time: Sat 01 Jan 2022 13:57:44 +0000
ROA not before: Sat 01 Jan 2022 13:57:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30798
IP address blocks: 62.204.0.0/19 maxlen: 19
213.185.32.0/20 maxlen: 20
213.185.32.0/19 maxlen: 19
213.185.48.0/21 maxlen: 21
213.185.56.0/22 maxlen: 22
213.185.60.0/22 maxlen: 22
89.236.64.0/18 maxlen: 18
217.112.240.0/20 maxlen: 20
45.154.68.0/22 maxlen: 22
2001:40e8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 439138332 (0x1a2cb81c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fa40fcfa836bb0b5b3e129404cb31e85250b01f
Validity
Not Before: Jan 1 13:57:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8206ee61e63e9f004ac9b99415a9aac0af577ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:54:9c:03:78:fb:94:9b:f3:71:5c:43:82:e0:
3e:fb:43:08:a2:1c:dc:06:3b:a5:b4:ac:78:4c:cb:
50:5f:30:a4:d3:94:93:c3:68:65:e4:b7:8c:af:aa:
c2:5f:fb:85:02:39:4f:9b:19:1e:81:38:f9:b1:f0:
5f:26:1b:ab:0e:17:df:f1:bb:f6:9a:69:8b:69:5b:
f6:1f:16:e3:b1:2c:07:58:50:f4:3b:f3:ec:9d:2c:
5f:c6:7f:31:4d:b5:c7:de:e7:25:f1:37:ca:59:ea:
d9:65:d6:56:ff:c5:68:4c:c3:e5:7c:16:c1:3a:42:
65:92:33:4a:fa:59:31:2d:a8:51:8f:e3:1c:2f:4b:
5c:11:96:e8:01:54:2f:ba:c7:58:d9:7d:5b:fd:96:
f5:8f:bb:8b:24:96:54:d7:d3:57:7b:cb:0c:33:66:
3e:e8:f8:f0:db:55:f6:42:cd:36:c7:e3:54:fd:bc:
e0:ef:e9:e2:47:0c:36:f0:33:dc:30:85:cf:2e:45:
76:35:b5:94:b1:67:9c:f5:ce:da:bf:14:73:10:34:
e2:29:09:37:90:56:0a:d2:eb:23:be:d2:98:eb:9f:
c9:73:40:55:58:4a:ac:92:27:1e:eb:b1:60:c2:7c:
a2:55:87:8b:f9:31:fe:80:82:10:46:b3:9a:f7:51:
6e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:20:6E:E6:1E:63:E9:F0:04:AC:9B:99:41:5A:9A:AC:0A:F5:77:AB
X509v3 Authority Key Identifier:
keyid:3F:A4:0F:CF:A8:36:BB:0B:5B:3E:12:94:04:CB:31:E8:52:50:B0:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P6QPz6g2uwtbPhKUBMsx6FJQsB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e210b9-7a3f-410b-ba56-0724089289bb/1/uCBu5h5j6fAErJuZQVqarAr1d6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e210b9-7a3f-410b-ba56-0724089289bb/1/P6QPz6g2uwtbPhKUBMsx6FJQsB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.68.0/22
62.204.0.0/19
89.236.64.0/18
213.185.32.0/19
217.112.240.0/20
IPv6:
2001:40e8::/32
Signature Algorithm: sha256WithRSAEncryption
d7:d6:5e:65:f4:1d:15:48:56:f4:8f:2f:48:65:8c:50:a1:71:
0a:94:50:f7:ba:5b:69:e9:a1:c2:93:53:54:1e:4f:2e:65:40:
5e:a3:8c:69:64:0f:31:e1:c2:1f:4c:40:de:ed:63:b5:54:0f:
49:c8:f7:8a:76:d9:d5:7d:09:fc:e7:66:32:b8:da:71:e5:8d:
e5:29:33:85:44:4f:e6:80:cb:2d:a3:6e:01:fe:40:ba:6b:9e:
0f:9b:d5:57:b5:a6:69:e8:ae:27:73:d0:a7:03:30:7c:e6:84:
f3:97:0c:95:47:8f:66:85:6d:25:f1:59:61:6b:38:7f:60:ba:
85:cc:1e:cd:f3:8c:f6:e4:9e:67:d7:87:6b:68:52:ea:fe:c7:
4a:16:0e:a8:5d:25:be:9d:fd:b0:11:0b:9a:5d:e3:bb:ac:c8:
b3:71:92:07:ec:7e:46:fd:00:12:d9:8d:33:12:47:6e:24:63:
52:cb:96:a0:66:1b:31:b0:bd:75:0d:87:27:7c:a4:4c:d7:69:
2b:e0:e0:0d:7b:01:1d:66:9f:90:af:1b:02:7c:cd:66:17:c6:
62:76:e4:36:28:80:95:e9:04:49:8a:85:31:c8:a6:3e:3d:71:
a7:6b:a1:48:03:14:9c:ad:5a:b1:07:00:d5:01:0f:11:16:38:
20:70:b5:50
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGiy4HDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZmE0MGZjZmE4MzZiYjBiNWIzZTEyOTQwNGNiMzFlODUyNTBiMDFmMB4XDTIyMDEw
MTEzNTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjgyMDZlZTYxZTYz
ZTlmMDA0YWM5Yjk5NDE1YTlhYWMwYWY1NzdhYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFUnAN4+5Sb83FcQ4LgPvtDCKIc3AY7pbSseEzLUF8wpNOU
k8NoZeS3jK+qwl/7hQI5T5sZHoE4+bHwXyYbqw4X3/G79pppi2lb9h8W47EsB1hQ
9Dvz7J0sX8Z/MU21x97nJfE3ylnq2WXWVv/FaEzD5XwWwTpCZZIzSvpZMS2oUY/j
HC9LXBGW6AFUL7rHWNl9W/2W9Y+7iySWVNfTV3vLDDNmPuj48NtV9kLNNsfjVP28
4O/p4kcMNvAz3DCFzy5FdjW1lLFnnPXO2r8UcxA04ikJN5BWCtLrI77SmOufyXNA
VVhKrJInHuuxYMJ8olWHi/kx/oCCEEazmvdRbh0CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBS4IG7mHmPp8ASsm5lBWpqsCvV3qzAfBgNVHSMEGDAWgBQ/pA/PqDa7C1s+
EpQEyzHoUlCwHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1A2UVB6NmcydXd0YlBoS1VCTXN4NkZKUXNCOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvZTIxMGI5LTdhM2YtNDEwYi1iYTU2LTA3MjQwODkyODliYi8x
L3VDQnU1aDVqNmZBRXJKdVpRVnFhckFyMWQ2cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
ZTIxMGI5LTdhM2YtNDEwYi1iYTU2LTA3MjQwODkyODliYi8xL1A2UVB6NmcydXd0
YlBoS1VCTXN4NkZKUXNCOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAi2aRAMEBT7MAAMEBlnsQAMEBdW5
IAMEBNlw8DANBAIAAjAHAwUAIAFA6DANBgkqhkiG9w0BAQsFAAOCAQEA19ZeZfQd
FUhW9I8vSGWMUKFxCpRQ97pbaemhwpNTVB5PLmVAXqOMaWQPMeHCH0xA3u1jtVQP
Scj3inbZ1X0J/OdmMrjaceWN5SkzhURP5oDLLaNuAf5AumueD5vVV7WmaeiuJ3PQ
pwMwfOaE85cMlUePZoVtJfFZYWs4f2C6hcwezfOM9uSeZ9eHa2hS6v7HShYOqF0l
vp39sBELml3ju6zIs3GSB+x+Rv0AEtmNMxJHbiRjUsuWoGYbMbC9dQ2HJ3ykTNdp
K+DgDXsBHWafkK8bAnzNZhfGYnbkNiiAlekESYqFMcimPj1xp2uhSAMUnK1asQcA
1QEPERY4IHC1UA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:27 2023 by rpki-client on console-fra.rpki-client.org