Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/c_3ryY9my_HcgU413xu5OacoNGk.roa
File: c_3ryY9my_HcgU413xu5OacoNGk.roa (raw, json)
Hash identifier: vrzG39lYR0j6dVsvDyi3bl9Fimjasi8ykdwiSFwy8E0=
Subject key identifier: 73:FD:EB:C9:8F:66:CB:F1:DC:81:4E:35:DF:1B:B9:39:A7:28:34:69
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 06F52BB1
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/c_3ryY9my_HcgU413xu5OacoNGk.roa
Signing time: Sat 01 Jan 2022 07:01:18 +0000
ROA not before: Sat 01 Jan 2022 07:01:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35661
IP address blocks: 185.10.16.0/22 maxlen: 24
45.157.116.0/22 maxlen: 24
194.147.97.0/24 maxlen: 24
185.154.152.0/22 maxlen: 24
188.214.24.0/24 maxlen: 24
2a03:5840::/32 maxlen: 32
2a0d:e680::/32 maxlen: 32
2a07:8dc0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116730801 (0x6f52bb1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Jan 1 07:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73fdebc98f66cbf1dc814e35df1bb939a7283469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:53:c3:2c:78:46:43:47:fb:e6:dd:61:c1:37:
77:aa:85:f0:a7:07:c9:e7:b3:34:7c:e8:88:e0:70:
da:9e:6d:21:85:84:a8:e6:dc:0c:84:1a:f0:96:1e:
92:5a:a8:4a:f2:50:f7:93:96:4a:b1:87:df:05:0f:
26:07:8d:ef:b5:c5:cb:14:ed:ac:3e:e6:51:83:bc:
e8:bd:4c:1f:c4:7f:4d:fb:a6:52:08:db:c5:b8:67:
3b:77:0b:a8:ac:6e:70:93:d0:56:ad:e9:e1:f6:f4:
cd:9c:52:3d:20:31:5b:16:7d:e9:2b:2e:78:de:28:
4f:6f:2c:e4:a4:e1:a4:82:ca:d1:5c:cd:79:aa:ad:
1f:f2:ee:7b:ad:e6:ef:6f:0c:3c:cc:c7:86:52:b8:
20:c1:ad:08:9f:62:1f:91:ad:84:45:4c:24:56:0d:
1e:73:8a:ef:9f:a9:71:8d:41:e1:32:de:2d:b6:2c:
0d:e0:5d:b6:40:77:61:f2:21:1a:ec:88:0f:2a:f4:
c2:c1:91:d0:53:06:87:2c:ad:f2:c2:4e:2c:2c:47:
3d:4d:98:78:ed:97:47:4c:b6:f1:7d:1a:04:03:f8:
83:58:b1:c1:f2:aa:ce:6b:3a:66:19:0a:83:9b:c4:
69:f4:07:40:8a:62:db:65:42:20:a6:50:81:56:52:
fb:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FD:EB:C9:8F:66:CB:F1:DC:81:4E:35:DF:1B:B9:39:A7:28:34:69
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/c_3ryY9my_HcgU413xu5OacoNGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.116.0/22
185.10.16.0/22
185.154.152.0/22
188.214.24.0/24
194.147.97.0/24
IPv6:
2a03:5840::/32
2a07:8dc0::/29
2a0d:e680::/32
Signature Algorithm: sha256WithRSAEncryption
66:fa:49:b6:eb:33:0b:78:62:23:16:e4:90:2c:a2:e3:d5:86:
19:7b:b8:18:ef:91:bb:37:db:d4:c4:77:47:6d:9b:92:6a:57:
94:66:98:6a:57:30:f0:d9:f1:cc:f2:a6:2e:ec:e0:ba:65:4d:
a7:ca:90:9e:84:15:8b:25:27:76:c2:31:08:80:d7:56:ee:07:
aa:38:fb:8a:b6:4a:ea:0b:28:c5:42:b6:8c:cd:8e:5e:6e:cf:
85:9f:8e:59:78:3a:6f:d4:5e:31:fe:91:6f:89:10:84:2d:1d:
f5:97:f2:db:8c:25:64:c3:c1:42:65:86:14:b8:81:8b:34:5c:
54:67:22:23:e4:8a:25:cc:e0:a2:79:9c:a9:94:1d:5d:d7:57:
25:a8:ab:0d:ab:91:81:2b:83:a4:8c:7f:d3:cd:47:65:6a:9a:
29:ed:ef:f5:fb:48:17:7e:67:55:b4:05:02:84:b6:52:06:6d:
a7:24:f8:0d:c9:5b:43:9e:fc:e6:71:2f:e3:de:e8:aa:74:15:
49:d4:08:35:16:06:a3:d5:8d:98:de:a2:a5:0a:b1:4b:c5:78:
a9:09:ba:af:5a:e3:e0:25:cd:47:42:b8:a2:f7:cc:1d:1d:99:
bc:6c:20:a0:1a:bf:6a:f9:5e:a7:74:ee:9c:d5:98:2f:fb:c2:
ef:30:37:64
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEBvUrsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Nzc3MDVlODliYjY1YjQ3MmU0ZTAxODRkNmZlOWJmYjhjNTg2MzVhMB4XDTIyMDEw
MTA3MDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzNmZGViYzk4ZjY2
Y2JmMWRjODE0ZTM1ZGYxYmI5MzlhNzI4MzQ2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpTwyx4RkNH++bdYcE3d6qF8KcHyeezNHzoiOBw2p5tIYWE
qObcDIQa8JYeklqoSvJQ95OWSrGH3wUPJgeN77XFyxTtrD7mUYO86L1MH8R/Tfum
UgjbxbhnO3cLqKxucJPQVq3p4fb0zZxSPSAxWxZ96SsueN4oT28s5KThpILK0VzN
eaqtH/Lue63m728MPMzHhlK4IMGtCJ9iH5GthEVMJFYNHnOK75+pcY1B4TLeLbYs
DeBdtkB3YfIhGuyIDyr0wsGR0FMGhyyt8sJOLCxHPU2YeO2XR0y28X0aBAP4g1ix
wfKqzms6ZhkKg5vEafQHQIpi22VCIKZQgVZS+9kCAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBRz/evJj2bL8dyBTjXfG7k5pyg0aTAfBgNVHSMEGDAWgBT3dwXom7ZbRy5O
AYTW/pv7jFhjWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkzY0Y2SnUyVzBjdVRnR0UxdjZiLTR4WVkxby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvMDIyODM5LTY5ODQtNDBkNC04NzE2LTZjYjg5NzkxZDdmZC8x
L2NfM3J5WTlteV9IY2dVNDEzeHU1T2Fjb05Hay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
MDIyODM5LTY5ODQtNDBkNC04NzE2LTZjYjg5NzkxZDdmZC8xLzkzY0Y2SnUyVzBj
dVRnR0UxdjZiLTR4WVkxby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwJAQCAAEwHgMEAi2ddAMEArkKEAMEArmamAMEALzW
GAMEAMKTYTAbBAIAAjAVAwUAKgNYQAMFAyoHjcADBQAqDeaAMA0GCSqGSIb3DQEB
CwUAA4IBAQBm+km26zMLeGIjFuSQLKLj1YYZe7gY75G7N9vUxHdHbZuSaleUZphq
VzDw2fHM8qYu7OC6ZU2nypCehBWLJSd2wjEIgNdW7geqOPuKtkrqCyjFQraMzY5e
bs+Fn45ZeDpv1F4x/pFviRCELR31l/LbjCVkw8FCZYYUuIGLNFxUZyIj5IolzOCi
eZyplB1d11clqKsNq5GBK4OkjH/TzUdlapop7e/1+0gXfmdVtAUChLZSBm2nJPgN
yVtDnvzmcS/j3uiqdBVJ1Ag1Fgaj1Y2Y3qKlCrFLxXipCbqvWuPgJc1HQrii98wd
HZm8bCCgGr9q+V6ndO6c1Zgv+8LvMDdk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:59 2023 by rpki-client on console-ams.rpki-client.org