Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/cuFXOiubs8EofSwLiNH8Z-flbUw.roa
File: cuFXOiubs8EofSwLiNH8Z-flbUw.roa (raw, json)
Hash identifier: u0qTElUvnfbX2sSAmS2q5vKxSZ05WOMv15iEMnOrDEE=
Subject key identifier: 72:E1:57:3A:2B:9B:B3:C1:28:7D:2C:0B:88:D1:FC:67:E7:E5:6D:4C
Certificate issuer: /CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Certificate serial: 0A188A4B
Authority key identifier: E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/cuFXOiubs8EofSwLiNH8Z-flbUw.roa
Signing time: Sat 01 Jan 2022 07:01:49 +0000
ROA not before: Sat 01 Jan 2022 07:01:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1836
IP address blocks: 195.234.43.0/24 maxlen: 24
185.221.42.0/24 maxlen: 24
185.221.40.0/24 maxlen: 24
2a09:f00:b::/48 maxlen: 48
2a09:f00:a::/48 maxlen: 48
2001:67c:690::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169380427 (0xa188a4b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Validity
Not Before: Jan 1 07:01:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72e1573a2b9bb3c1287d2c0b88d1fc67e7e56d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7a:14:d4:b1:1c:06:33:bf:2d:a6:80:3c:af:
eb:28:5a:e2:43:4c:96:27:65:0f:f2:ba:97:c4:8f:
e9:00:21:cf:5a:0c:fc:a8:c7:94:e7:1b:3a:0a:58:
69:fa:81:66:7c:f7:70:c3:b9:87:ed:d7:46:d2:1f:
fc:f1:c7:a7:e3:2d:16:d2:b7:85:d1:d2:78:ea:b2:
d6:fa:b4:30:41:85:72:2a:95:90:6a:71:bf:17:40:
d2:94:e3:ef:dc:a6:02:f2:02:65:37:9a:23:8a:dc:
ca:0f:9c:14:eb:2c:17:1f:36:74:5d:4f:d6:9d:fc:
e8:02:1a:1b:c9:bf:33:91:e2:72:cf:49:06:ba:48:
9e:bf:dd:4c:44:f0:27:9b:25:ea:30:c8:75:6e:e3:
bd:b9:14:ee:05:f9:60:64:92:e2:60:09:81:b7:ce:
21:97:ef:22:98:76:e1:a6:8e:78:85:ac:f0:7d:41:
09:2e:1a:cb:1c:fb:64:74:d6:9c:06:60:35:91:94:
a8:2f:e6:9b:6d:e8:b2:50:dd:a1:62:21:ac:ca:b4:
ff:1a:bb:53:53:ec:6a:3d:29:c1:1d:ec:cb:52:44:
bb:b0:c8:6d:67:9b:10:01:52:17:9e:52:3f:ce:ff:
1e:42:e7:75:b6:d5:0b:50:e2:42:28:93:9f:f5:69:
15:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E1:57:3A:2B:9B:B3:C1:28:7D:2C:0B:88:D1:FC:67:E7:E5:6D:4C
X509v3 Authority Key Identifier:
keyid:E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/cuFXOiubs8EofSwLiNH8Z-flbUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/6LVvnuGP2_rzCg2leYLicnPby0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.40.0/24
185.221.42.0/24
195.234.43.0/24
IPv6:
2001:67c:690::/48
2a09:f00:a::/47
Signature Algorithm: sha256WithRSAEncryption
04:6c:16:6e:ab:02:f8:b7:e3:07:c2:5b:92:13:17:01:4e:d3:
3d:75:96:e0:ec:6d:b9:3c:64:ec:7c:b0:f7:da:f4:96:18:db:
4e:4c:e7:b7:13:23:ce:b5:7e:0f:af:82:82:8a:2a:36:8c:0b:
ed:64:4f:43:83:96:2e:80:d2:44:f3:7e:2f:b2:65:8b:8e:bf:
7b:4f:08:4b:91:cf:49:02:9c:78:3e:1c:ee:46:fa:14:08:0b:
26:1a:f5:95:bc:6d:e6:70:cc:4e:9d:16:f1:c1:1c:5e:0f:81:
64:20:37:10:bb:0c:e7:71:71:f9:b9:f4:6e:da:da:ff:d8:f8:
8c:60:24:cf:8b:e7:41:3f:7b:82:69:3f:d6:d8:3a:7a:5a:7e:
ef:c6:a5:b5:f7:ec:fc:b7:4c:e5:7d:94:1b:d4:03:da:ed:b0:
17:ac:8f:49:06:f8:94:31:05:e4:15:89:39:b4:c4:dd:a5:cd:
c2:2d:c3:d1:6f:38:d8:17:6c:14:a5:48:c0:78:f7:c9:db:69:
fc:2c:ef:8a:10:9a:a9:c2:c9:40:39:6a:c2:58:79:15:c1:29:
cf:6d:13:c8:1e:90:5e:77:c2:b2:d2:19:7f:da:fe:b0:3b:82:
5c:99:b1:4b:6a:a2:a5:33:bd:e9:ae:09:b0:47:5e:35:dc:f4:
ef:e7:16:0f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEChiKSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGI1NmY5ZWUxOGZkYmZhZjMwYTBkYTU3OTgyZTI3MjczZGJjYjQyMB4XDTIyMDEw
MTA3MDE0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzJlMTU3M2EyYjli
YjNjMTI4N2QyYzBiODhkMWZjNjdlN2U1NmQ0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKB6FNSxHAYzvy2mgDyv6yha4kNMlidlD/K6l8SP6QAhz1oM
/KjHlOcbOgpYafqBZnz3cMO5h+3XRtIf/PHHp+MtFtK3hdHSeOqy1vq0MEGFciqV
kGpxvxdA0pTj79ymAvICZTeaI4rcyg+cFOssFx82dF1P1p386AIaG8m/M5Hics9J
BrpInr/dTETwJ5sl6jDIdW7jvbkU7gX5YGSS4mAJgbfOIZfvIph24aaOeIWs8H1B
CS4ayxz7ZHTWnAZgNZGUqC/mm23oslDdoWIhrMq0/xq7U1Psaj0pwR3sy1JEu7DI
bWebEAFSF55SP87/HkLndbbVC1DiQiiTn/VpFX8CAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRy4Vc6K5uzwSh9LAuI0fxn5+VtTDAfBgNVHSMEGDAWgBTotW+e4Y/b+vMK
DaV5guJyc9vLQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZMVnZudUdQMl9yekNnMmxlWUxpY25QYnkwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNjM5NTdiLTNmYzEtNDVjMS1hOWM2LTczNTViMjA0M2U1NC8x
L2N1RlhPaXViczhFb2ZTd0xpTkg4Wi1mbGJVdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NjM5NTdiLTNmYzEtNDVjMS1hOWM2LTczNTViMjA0M2U1NC8xLzZMVnZudUdQMl9y
ekNnMmxlWUxpY25QYnkwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALndKAMEALndKgMEAMPqKzAYBAIA
AjASAwcAIAEGfAaQAwcBKgkPAAAKMA0GCSqGSIb3DQEBCwUAA4IBAQAEbBZuqwL4
t+MHwluSExcBTtM9dZbg7G25PGTsfLD32vSWGNtOTOe3EyPOtX4Pr4KCiio2jAvt
ZE9Dg5YugNJE834vsmWLjr97TwhLkc9JApx4PhzuRvoUCAsmGvWVvG3mcMxOnRbx
wRxeD4FkIDcQuwzncXH5ufRu2tr/2PiMYCTPi+dBP3uCaT/W2Dp6Wn7vxqW19+z8
t0zlfZQb1APa7bAXrI9JBviUMQXkFYk5tMTdpc3CLcPRbzjYF2wUpUjAePfJ22n8
LO+KEJqpwslAOWrCWHkVwSnPbRPIHpBed8Ky0hl/2v6wO4JcmbFLaqKlM73prgmw
R1413PTv5xYP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:10 2023 by rpki-client on console-fra.rpki-client.org