Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/ulPiXRGSToBKYlTNmSfHhgmAvKI.roa
File: ulPiXRGSToBKYlTNmSfHhgmAvKI.roa (raw, json)
Hash identifier: QRDOzvrRE21Ao1dUQj6cM7VGa8f1ldc14uOMl9YW8fE=
Subject key identifier: BA:53:E2:5D:11:92:4E:80:4A:62:54:CD:99:27:C7:86:09:80:BC:A2
Certificate issuer: /CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Certificate serial: 0547314F
Authority key identifier: D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/ulPiXRGSToBKYlTNmSfHhgmAvKI.roa
Signing time: Sat 01 Jan 2022 06:04:06 +0000
ROA not before: Sat 01 Jan 2022 06:04:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49767
IP address blocks: 194.31.216.0/22 maxlen: 22
109.72.0.0/20 maxlen: 20
2a02:2930::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88551759 (0x547314f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ff0fecd7bf44148931788dfe7f20d67a67a0db
Validity
Not Before: Jan 1 06:04:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba53e25d11924e804a6254cd9927c7860980bca2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f7:7b:29:68:20:96:d6:b1:f4:f5:a1:d8:69:
4a:17:be:18:0b:82:3b:40:b3:d6:1b:19:02:79:56:
25:7b:3e:07:1a:fc:71:02:a2:6c:30:9c:77:af:78:
6f:ff:c8:90:ab:18:3e:36:ad:ce:cf:69:d4:9f:e9:
ed:06:f7:62:22:ca:0a:59:a6:57:61:c6:e4:3b:c6:
f8:db:0b:4e:9b:d1:aa:13:97:e3:e8:dd:51:33:ce:
bb:79:e7:78:f9:27:a6:9a:aa:60:b2:50:b5:ef:92:
ea:f9:26:3c:7d:dc:e0:01:21:84:ed:d5:2a:2e:cf:
74:16:0c:ea:86:03:ed:c0:28:53:ea:0b:ff:c2:47:
f8:3e:f1:ee:89:f7:81:4e:8f:3a:2e:b5:e7:90:1c:
96:87:36:db:55:76:f3:cc:4e:97:66:c2:fe:a8:61:
c4:e3:ca:d7:d5:a8:4c:8d:de:9d:13:a4:d3:6a:5c:
7a:1f:41:cb:54:cf:33:f5:7e:59:e0:49:1e:4c:e6:
71:c2:0b:2b:46:7e:2b:46:d4:90:2c:73:33:82:24:
1e:13:d6:80:ba:8e:88:5d:cf:62:80:12:4d:71:d3:
96:b7:92:50:1e:3e:a6:eb:3b:9c:91:43:d6:9b:5e:
62:cc:02:45:b2:f0:b1:84:cd:5f:6b:4d:a7:63:45:
ed:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:53:E2:5D:11:92:4E:80:4A:62:54:CD:99:27:C7:86:09:80:BC:A2
X509v3 Authority Key Identifier:
keyid:D4:FF:0F:EC:D7:BF:44:14:89:31:78:8D:FE:7F:20:D6:7A:67:A0:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1P8P7Ne_RBSJMXiN_n8g1npnoNs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/ulPiXRGSToBKYlTNmSfHhgmAvKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0c0c65-9f82-4450-9165-f0c21f8186f0/1/1P8P7Ne_RBSJMXiN_n8g1npnoNs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.72.0.0/20
194.31.216.0/22
IPv6:
2a02:2930::/32
Signature Algorithm: sha256WithRSAEncryption
1f:b3:80:f4:f2:69:4f:39:b0:f0:60:0f:25:0b:d4:16:f3:a6:
1f:56:fe:af:55:3d:44:77:2d:f3:11:cb:bb:41:bd:5f:d4:f4:
5d:83:42:64:35:a5:00:11:4e:38:c0:8a:22:82:b9:0e:0e:d0:
70:a8:5d:6e:db:93:fd:4c:91:03:9a:25:18:25:d5:c8:30:fc:
fe:7e:36:22:c5:5b:b1:76:5e:51:9e:68:a5:f2:c0:ad:d4:9d:
0c:b4:64:dc:71:ad:a6:70:0d:3a:3b:7e:64:30:cb:3b:7f:0f:
4a:f2:b9:f6:29:91:bd:05:6f:31:09:a1:65:88:40:25:cc:45:
57:d8:8c:32:24:8e:d6:b7:d6:ca:65:05:12:6d:fe:12:f6:27:
58:b0:cf:c4:80:49:36:bf:64:8b:ee:12:6f:6a:dd:dc:ee:aa:
75:71:4c:d3:23:f8:22:67:01:f8:7b:73:c8:5c:9d:50:e6:05:
85:7d:4c:b5:22:a1:fc:78:e4:a6:28:5a:e0:93:fd:6f:ae:71:
78:90:f7:39:8e:90:82:5d:60:b0:be:ab:81:43:90:b0:c4:23:
26:fa:cb:53:a2:c9:d8:7a:0a:98:d0:16:3a:cd:ec:69:f4:75:
f6:f0:f0:2c:82:56:0b:38:81:b7:aa:96:43:39:10:4b:ca:c3:
dc:7b:94:33
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBUcxTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGZmMGZlY2Q3YmY0NDE0ODkzMTc4OGRmZTdmMjBkNjdhNjdhMGRiMB4XDTIyMDEw
MTA2MDQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE1M2UyNWQxMTky
NGU4MDRhNjI1NGNkOTkyN2M3ODYwOTgwYmNhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALv3eyloIJbWsfT1odhpShe+GAuCO0Cz1hsZAnlWJXs+Bxr8
cQKibDCcd694b//IkKsYPjatzs9p1J/p7Qb3YiLKClmmV2HG5DvG+NsLTpvRqhOX
4+jdUTPOu3nnePknppqqYLJQte+S6vkmPH3c4AEhhO3VKi7PdBYM6oYD7cAoU+oL
/8JH+D7x7on3gU6POi6155Acloc221V288xOl2bC/qhhxOPK19WoTI3enROk02pc
eh9By1TPM/V+WeBJHkzmccILK0Z+K0bUkCxzM4IkHhPWgLqOiF3PYoASTXHTlreS
UB4+pus7nJFD1pteYswCRbLwsYTNX2tNp2NF7VkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS6U+JdEZJOgEpiVM2ZJ8eGCYC8ojAfBgNVHSMEGDAWgBTU/w/s179EFIkx
eI3+fyDWemeg2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFQOFA3TmVfUkJTSk1YaU5fbjhnMW5wbm9Ocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMGMwYzY1LTlmODItNDQ1MC05MTY1LWYwYzIxZjgxODZmMC8x
L3VsUGlYUkdTVG9CS1lsVE5tU2ZIaGdtQXZLSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MGMwYzY1LTlmODItNDQ1MC05MTY1LWYwYzIxZjgxODZmMC8xLzFQOFA3TmVfUkJT
Sk1YaU5fbjhnMW5wbm9Ocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBG1IAAMEAsIf2DANBAIAAjAHAwUA
KgIpMDANBgkqhkiG9w0BAQsFAAOCAQEAH7OA9PJpTzmw8GAPJQvUFvOmH1b+r1U9
RHct8xHLu0G9X9T0XYNCZDWlABFOOMCKIoK5Dg7QcKhdbtuT/UyRA5olGCXVyDD8
/n42IsVbsXZeUZ5opfLArdSdDLRk3HGtpnANOjt+ZDDLO38PSvK59imRvQVvMQmh
ZYhAJcxFV9iMMiSO1rfWymUFEm3+EvYnWLDPxIBJNr9ki+4Sb2rd3O6qdXFM0yP4
ImcB+HtzyFydUOYFhX1MtSKh/Hjkpiha4JP9b65xeJD3OY6Qgl1gsL6rgUOQsMQj
JvrLU6LJ2HoKmNAWOs3safR19vDwLIJWCziBt6qWQzkQS8rD3HuUMw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:27 2023 by rpki-client on console-fra.rpki-client.org