Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/upw38JD5sRwTtSZ_LZeoW9q5_SA.roa
File: upw38JD5sRwTtSZ_LZeoW9q5_SA.roa (raw, json)
Hash identifier: c6wgKWt53hVg+6Y95XXdO3LG2bq82+ruE/eU8NCjYk4=
Subject key identifier: BA:9C:37:F0:90:F9:B1:1C:13:B5:26:7F:2D:97:A8:5B:DA:B9:FD:20
Certificate issuer: /CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Certificate serial: 087AADBC
Authority key identifier: C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/upw38JD5sRwTtSZ_LZeoW9q5_SA.roa
Signing time: Sat 01 Jan 2022 15:04:19 +0000
ROA not before: Sat 01 Jan 2022 15:04:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41872
IP address blocks: 185.161.20.0/22 maxlen: 22
94.100.144.0/20 maxlen: 20
37.209.176.0/20 maxlen: 20
37.110.200.0/21 maxlen: 24
212.35.0.0/19 maxlen: 19
91.190.0.0/19 maxlen: 19
81.92.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142257596 (0x87aadbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ff935057c3bdbadbdf49f343562c5e30016044
Validity
Not Before: Jan 1 15:04:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba9c37f090f9b11c13b5267f2d97a85bdab9fd20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8a:a4:20:28:ff:94:76:4a:23:c0:bb:87:52:
2c:63:42:83:8d:17:a3:c0:bd:94:d6:c6:69:f9:9a:
74:20:2a:8f:df:fe:18:d3:ef:bf:98:70:53:a8:fd:
5e:e7:10:bc:39:9e:a0:56:20:fe:ad:4e:3e:8a:8a:
86:ff:ed:cf:5c:39:5f:3d:cc:e6:26:c2:f7:0f:1f:
29:d5:99:0e:cf:30:c9:97:e6:ff:87:87:99:1f:dc:
53:96:3b:c4:e2:a0:c5:eb:a2:91:eb:94:3d:64:89:
16:4f:02:69:5a:0c:d2:48:6e:b4:c0:33:0c:63:80:
40:ea:94:bf:33:f9:3d:f9:06:9b:df:74:15:e0:c8:
d9:67:4b:f0:c3:36:83:ce:fc:2a:8a:76:55:46:8a:
3d:4e:e0:36:de:ab:cf:78:af:c8:4f:60:5b:a7:a2:
27:54:11:7a:ba:cd:34:fb:d4:53:5a:28:11:8e:ba:
5d:40:02:85:31:92:4a:f1:7a:72:10:82:1f:8c:84:
1d:e1:27:7c:cd:a5:e4:27:b1:c7:9e:8e:2f:54:ea:
19:f3:be:b1:de:84:cf:64:7b:6c:9d:50:96:6f:2e:
41:4a:a8:27:2e:22:a3:ac:dd:39:ae:f9:8d:8e:08:
82:86:01:9f:c0:43:c0:46:a7:96:2a:3e:eb:0d:c7:
32:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9C:37:F0:90:F9:B1:1C:13:B5:26:7F:2D:97:A8:5B:DA:B9:FD:20
X509v3 Authority Key Identifier:
keyid:C4:FF:93:50:57:C3:BD:BA:DB:DF:49:F3:43:56:2C:5E:30:01:60:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xP-TUFfDvbrb30nzQ1YsXjABYEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/upw38JD5sRwTtSZ_LZeoW9q5_SA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2b059a-325d-4385-811f-17e1a2569568/1/xP-TUFfDvbrb30nzQ1YsXjABYEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.110.200.0/21
37.209.176.0/20
81.92.96.0/20
91.190.0.0/19
94.100.144.0/20
185.161.20.0/22
212.35.0.0/19
Signature Algorithm: sha256WithRSAEncryption
36:2a:2c:dc:01:e5:cd:65:2e:af:18:ae:8c:e8:e9:4e:06:43:
4e:bf:df:ce:75:44:6c:bf:b1:81:9b:aa:2b:f0:ee:6d:ec:72:
49:cf:de:60:9d:fa:7a:39:59:86:e5:fa:67:07:11:14:90:ec:
03:d2:79:b0:3c:9c:25:65:9c:ac:c9:35:c5:06:f6:21:9b:81:
17:b9:61:c2:2d:d9:7d:83:76:57:20:d1:0f:49:1d:e3:e0:70:
f7:69:0f:cd:a6:26:d5:8f:5e:ed:72:31:4c:26:58:62:5a:64:
e9:6f:1f:45:21:91:cb:22:b9:e3:7a:73:75:4e:dc:00:37:f3:
84:85:e5:d3:73:0a:c8:bb:0b:48:92:85:ff:21:ff:43:d4:6e:
e0:d0:77:b0:29:57:2c:20:fe:6c:e4:d6:05:9a:65:5d:73:36:
ed:c3:5f:16:af:b1:34:0d:06:05:ca:62:e6:be:29:9c:6e:cc:
e0:dd:74:22:79:71:67:bb:ab:ee:82:8a:83:15:06:38:a8:2d:
f4:23:be:4f:28:88:6f:08:fb:f4:72:8e:0a:01:6d:6d:3f:54:
5f:3c:da:98:c4:1a:68:35:83:4a:6f:fa:f9:ab:f2:e1:08:a2:
2d:02:1f:46:49:cb:f5:76:b4:f0:05:7a:e1:f7:6a:cf:c8:d8:
a9:52:b9:95
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECHqtvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NGZmOTM1MDU3YzNiZGJhZGJkZjQ5ZjM0MzU2MmM1ZTMwMDE2MDQ0MB4XDTIyMDEw
MTE1MDQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmE5YzM3ZjA5MGY5
YjExYzEzYjUyNjdmMmQ5N2E4NWJkYWI5ZmQyMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWKpCAo/5R2SiPAu4dSLGNCg40Xo8C9lNbGafmadCAqj9/+
GNPvv5hwU6j9XucQvDmeoFYg/q1OPoqKhv/tz1w5Xz3M5ibC9w8fKdWZDs8wyZfm
/4eHmR/cU5Y7xOKgxeuikeuUPWSJFk8CaVoM0khutMAzDGOAQOqUvzP5PfkGm990
FeDI2WdL8MM2g878Kop2VUaKPU7gNt6rz3ivyE9gW6eiJ1QRerrNNPvUU1ooEY66
XUAChTGSSvF6chCCH4yEHeEnfM2l5Cexx56OL1TqGfO+sd6Ez2R7bJ1Qlm8uQUqo
Jy4io6zdOa75jY4IgoYBn8BDwEanlio+6w3HMvUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBS6nDfwkPmxHBO1Jn8tl6hb2rn9IDAfBgNVHSMEGDAWgBTE/5NQV8O9utvf
SfNDVixeMAFgRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hQLVRVRmZEdmJyYjMwbnpRMVlzWGpBQllFUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvMmIwNTlhLTMyNWQtNDM4NS04MTFmLTE3ZTFhMjU2OTU2OC8x
L3VwdzM4SkQ1c1J3VHRTWl9MWmVvVzlxNV9TQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
MmIwNTlhLTMyNWQtNDM4NS04MTFmLTE3ZTFhMjU2OTU2OC8xL3hQLVRVRmZEdmJy
YjMwbnpRMVlzWGpBQllFUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAyVuyAMEBCXRsAMEBFFcYAMEBVu+
AAMEBF5kkAMEArmhFAMEBdQjADANBgkqhkiG9w0BAQsFAAOCAQEANios3AHlzWUu
rxiujOjpTgZDTr/fznVEbL+xgZuqK/DubexySc/eYJ36ejlZhuX6ZwcRFJDsA9J5
sDycJWWcrMk1xQb2IZuBF7lhwi3ZfYN2VyDRD0kd4+Bw92kPzaYm1Y9e7XIxTCZY
Ylpk6W8fRSGRyyK543pzdU7cADfzhIXl03MKyLsLSJKF/yH/Q9Ru4NB3sClXLCD+
bOTWBZplXXM27cNfFq+xNA0GBcpi5r4pnG7M4N10InlxZ7ur7oKKgxUGOKgt9CO+
TyiIbwj79HKOCgFtbT9UXzzamMQaaDWDSm/6+avy4QiiLQIfRknL9Xa08AV64fdq
z8jYqVK5lQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:16 2023 by rpki-client on console-ams.rpki-client.org