Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/0LVYDe3urUXjBSgxsJZp5IU-6s0.roa
File: 0LVYDe3urUXjBSgxsJZp5IU-6s0.roa (raw, json)
Hash identifier: M6FoxXvdm9mmZssydjb4uEo5GO739gOeK05AUU6vXfo=
Subject key identifier: D0:B5:58:0D:ED:EE:AD:45:E3:05:28:31:B0:96:69:E4:85:3E:EA:CD
Certificate issuer: /CN=aca1f4713024804c445403af63fa644b2a935d24
Certificate serial: 01853F8866016F255FC42C1630D57B153316
Authority key identifier: AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/0LVYDe3urUXjBSgxsJZp5IU-6s0.roa
Signing time: Fri 23 Dec 2022 15:09:41 +0000
ROA not before: Fri 23 Dec 2022 15:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51088
IP address blocks: 185.44.244.0/22 maxlen: 22
185.240.112.0/22 maxlen: 22
185.225.220.0/22 maxlen: 22
2a01:77e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:88:66:01:6f:25:5f:c4:2c:16:30:d5:7b:15:33:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca1f4713024804c445403af63fa644b2a935d24
Validity
Not Before: Dec 23 15:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0b5580dedeead45e3052831b09669e4853eeacd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:bc:e9:15:39:3b:b8:4e:92:e2:1b:38:55:1d:
e9:7b:be:d7:94:07:db:3c:27:52:6b:e0:49:10:28:
c3:04:a6:f9:c8:51:6c:9f:dd:71:de:ae:59:52:04:
a8:f6:1b:88:ce:7c:4c:ab:37:43:c4:36:6e:36:58:
84:f3:a6:4f:d3:79:a6:c1:75:ee:25:07:5c:48:70:
27:82:33:e1:13:c3:c2:aa:c7:af:64:3d:15:9a:9c:
73:e8:f1:5e:17:eb:af:fc:7d:0e:7a:e8:cb:91:f1:
b9:45:2e:e4:eb:fc:b6:ac:94:df:b4:99:9c:7c:98:
05:50:a0:fd:83:ea:30:38:5b:f1:29:00:fb:8a:91:
99:a6:6f:a7:ec:fc:fd:f0:60:30:53:7d:59:38:fb:
25:1c:16:19:28:35:c7:37:b1:31:8f:54:33:09:a0:
d2:ca:cb:78:89:01:df:44:a5:3f:8f:8b:f1:9d:7c:
1f:7c:73:f0:ba:9b:74:3c:41:8a:a6:ce:78:4a:94:
99:b8:6b:75:9c:c2:b9:97:ca:66:32:6e:4a:fe:5f:
a9:10:57:54:06:56:e7:de:ce:34:5b:61:d4:eb:d5:
1c:b9:42:7b:ca:7e:14:e6:a4:be:f5:51:64:ab:96:
35:e9:56:87:c6:f1:69:ed:cf:3b:10:a3:bf:35:cc:
4e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:B5:58:0D:ED:EE:AD:45:E3:05:28:31:B0:96:69:E4:85:3E:EA:CD
X509v3 Authority Key Identifier:
keyid:AC:A1:F4:71:30:24:80:4C:44:54:03:AF:63:FA:64:4B:2A:93:5D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKH0cTAkgExEVAOvY_pkSyqTXSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/0LVYDe3urUXjBSgxsJZp5IU-6s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/c6d6be-bf4a-43e5-a908-5ca016a10054/1/rKH0cTAkgExEVAOvY_pkSyqTXSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.244.0/22
185.225.220.0/22
185.240.112.0/22
IPv6:
2a01:77e0::/32
Signature Algorithm: sha256WithRSAEncryption
88:95:64:fa:51:59:ae:36:ab:25:0c:e5:cf:a1:ca:03:9c:17:
21:85:6c:9c:30:82:4b:6e:7a:f2:27:eb:60:6d:9e:cb:c8:da:
fb:f5:b0:13:8f:f7:5e:4e:d0:b5:a5:04:6d:f0:8a:b1:0d:be:
5f:31:51:c9:4c:63:9b:e3:aa:f9:df:34:05:b3:e5:a9:b7:63:
4b:b3:a1:3c:24:6d:b9:b5:8a:01:9f:35:fb:73:9d:2c:52:0f:
23:86:67:09:46:10:dc:b0:3e:4d:71:9d:7c:e7:66:76:76:d5:
8b:e4:ae:01:2d:ef:52:02:8c:2e:0b:75:13:ab:98:3e:ef:f3:
b8:6d:fd:41:c8:8e:56:a9:35:85:c9:57:8a:40:a1:01:b0:17:
da:93:4e:08:b8:a7:57:86:e8:16:63:97:d7:10:9d:ef:ce:dd:
e8:3e:8c:1d:ec:55:1f:b8:11:dc:8b:b7:0b:1c:f8:97:34:2f:
4f:09:e2:5f:d4:92:be:f7:6b:7f:0e:36:63:99:45:96:3a:15:
e4:21:cd:ca:22:c2:f0:57:f3:c4:3d:1c:ad:8b:38:a8:55:bd:
38:c9:df:19:66:7c:a3:28:a5:10:44:20:9c:62:86:50:77:29:
c6:17:87:7a:70:17:0b:19:cc:ad:f1:00:71:f8:5f:36:a4:7d:
f2:83:0d:6b
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYU/iGYBbyVfxCwWMNV7FTMWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTFmNDcxMzAyNDgwNGM0NDU0MDNhZjYzZmE2NDRiMmE5
MzVkMjQwHhcNMjIxMjIzMTUwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGI1NTgwZGVkZWVhZDQ1ZTMwNTI4MzFiMDk2NjllNDg1M2VlYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLzpFTk7uE6S4hs4VR3pe77XlAfb
PCdSa+BJECjDBKb5yFFsn91x3q5ZUgSo9huIznxMqzdDxDZuNliE86ZP03mmwXXu
JQdcSHAngjPhE8PCqsevZD0Vmpxz6PFeF+uv/H0OeujLkfG5RS7k6/y2rJTftJmc
fJgFUKD9g+owOFvxKQD7ipGZpm+n7Pz98GAwU31ZOPslHBYZKDXHN7Exj1QzCaDS
yst4iQHfRKU/j4vxnXwffHPwupt0PEGKps54SpSZuGt1nMK5l8pmMm5K/l+pEFdU
Blbn3s40W2HU69UcuUJ7yn4U5qS+9VFkq5Y16VaHxvFp7c87EKO/NcxOswIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNC1WA3t7q1F4wUoMbCWaeSFPurNMB8GA1UdIwQY
MBaAFKyh9HEwJIBMRFQDr2P6ZEsqk10kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgt
NWNhMDE2YTEwMDU0LzEvMExWWURlM3VyVVhqQlNneHNKWnA1SVUtNnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9jNmQ2YmUtYmY0YS00M2U1LWE5MDgtNWNhMDE2YTEwMDU0
LzEvcktIMGNUQWtnRXhFVkFPdllfcGtTeXFUWFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuSz0AwQC
ueHcAwQCufBwMA0EAgACMAcDBQAqAXfgMA0GCSqGSIb3DQEBCwUAA4IBAQCIlWT6
UVmuNqslDOXPocoDnBchhWycMIJLbnryJ+tgbZ7LyNr79bATj/deTtC1pQRt8Iqx
Db5fMVHJTGOb46r53zQFs+Wpt2NLs6E8JG25tYoBnzX7c50sUg8jhmcJRhDcsD5N
cZ1852Z2dtWL5K4BLe9SAowuC3UTq5g+7/O4bf1ByI5WqTWFyVeKQKEBsBfak04I
uKdXhugWY5fXEJ3vzt3oPowd7FUfuBHci7cLHPiXNC9PCeJf1JK+92t/DjZjmUWW
OhXkIc3KIsLwV/PEPRytizioVb04yd8ZZnyjKKUQRCCcYoZQdynGF4d6cBcLGcyt
8QBx+F82pH3ygw1r
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:32 2023 by rpki-client on console-ams.rpki-client.org