Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/57cc6e-8b1a-4827-999c-172df6bcd45b/1/iUOuERWiUBk8uaKR8S2q9UikOco.roa
File: iUOuERWiUBk8uaKR8S2q9UikOco.roa (raw, json)
Hash identifier: 6JbU7rUbuO9BCgPxgiE6bc+2ZVutLxK+zdmPDsJQEXo=
Subject key identifier: 89:43:AE:11:15:A2:50:19:3C:B9:A2:91:F1:2D:AA:F5:48:A4:39:CA
Certificate issuer: /CN=12cd9add16137e8bab98d78e2a3360bc8bd6f0f1
Certificate serial: 36F31B01
Authority key identifier: 12:CD:9A:DD:16:13:7E:8B:AB:98:D7:8E:2A:33:60:BC:8B:D6:F0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Es2a3RYTfourmNeOKjNgvIvW8PE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/57cc6e-8b1a-4827-999c-172df6bcd45b/1/iUOuERWiUBk8uaKR8S2q9UikOco.roa
Signing time: Sat 01 Jan 2022 10:56:14 +0000
ROA not before: Sat 01 Jan 2022 10:56:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15389
IP address blocks: 198.137.136.0/22 maxlen: 22
185.74.208.0/22 maxlen: 22
193.34.105.0/24 maxlen: 24
193.34.104.0/22 maxlen: 22
81.18.224.0/20 maxlen: 20
178.19.192.0/20 maxlen: 20
212.55.32.0/19 maxlen: 19
88.85.32.0/19 maxlen: 19
217.172.80.0/20 maxlen: 20
2a02:e90::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 921901825 (0x36f31b01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12cd9add16137e8bab98d78e2a3360bc8bd6f0f1
Validity
Not Before: Jan 1 10:56:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8943ae1115a250193cb9a291f12daaf548a439ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5f:9b:f0:6a:3e:95:e1:fa:25:d5:36:2c:66:
69:c2:26:80:5c:39:42:95:47:c2:25:42:d3:47:e1:
8a:a7:cb:e2:6f:31:03:9c:5b:0c:a0:ac:e1:0f:ce:
a9:52:98:7b:e3:95:dc:fa:d0:e6:57:94:f0:82:d8:
26:99:e4:23:86:76:1a:d3:51:93:e1:44:8b:3b:13:
df:04:00:a5:41:5d:6a:7b:50:6c:6b:fb:49:4a:62:
d1:50:33:4f:43:ad:18:c5:d2:70:2a:1a:f2:95:65:
c1:aa:5e:bf:2b:b4:5e:1c:f0:b8:75:47:20:6f:59:
17:9e:6f:99:df:74:fb:23:a8:8c:44:dd:ee:15:ab:
36:d3:d2:1f:6f:79:f3:6e:b8:d6:e5:c4:19:04:1a:
fa:eb:40:e5:6a:8e:c5:b9:2f:0f:50:0e:cb:25:55:
37:18:92:46:0b:cb:c5:97:43:67:c5:7b:95:58:42:
2d:c7:54:25:9b:0f:4e:98:7f:f1:a7:eb:52:b1:e2:
24:7c:0a:1c:28:20:3f:b9:6a:57:ff:55:95:2f:55:
8a:f3:7f:21:dd:8a:50:15:7e:c1:69:a6:e8:ed:45:
92:74:89:58:4a:73:2c:12:df:9e:55:57:2f:2a:71:
ac:8f:47:11:25:0c:6d:b1:43:11:e4:bd:06:75:9e:
67:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:43:AE:11:15:A2:50:19:3C:B9:A2:91:F1:2D:AA:F5:48:A4:39:CA
X509v3 Authority Key Identifier:
keyid:12:CD:9A:DD:16:13:7E:8B:AB:98:D7:8E:2A:33:60:BC:8B:D6:F0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Es2a3RYTfourmNeOKjNgvIvW8PE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/57cc6e-8b1a-4827-999c-172df6bcd45b/1/iUOuERWiUBk8uaKR8S2q9UikOco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/57cc6e-8b1a-4827-999c-172df6bcd45b/1/Es2a3RYTfourmNeOKjNgvIvW8PE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.18.224.0/20
88.85.32.0/19
178.19.192.0/20
185.74.208.0/22
193.34.104.0/22
198.137.136.0/22
212.55.32.0/19
217.172.80.0/20
IPv6:
2a02:e90::/32
Signature Algorithm: sha256WithRSAEncryption
28:ac:ee:f7:82:ab:1a:74:5b:70:24:9d:84:1c:d0:b4:ef:36:
62:e4:46:88:64:d8:5b:03:d8:42:0c:df:03:89:29:13:8d:89:
06:88:51:a4:d8:13:07:df:93:8b:13:fe:ff:62:fc:7b:86:c1:
bb:0c:e3:39:fd:9d:9a:16:ef:59:31:01:83:bb:55:68:85:e8:
2b:c2:35:6a:27:49:b5:7d:df:b8:44:53:fb:6e:31:f2:87:9f:
48:dd:9c:be:df:ef:23:44:8d:e4:c5:21:4a:4d:66:98:0c:85:
5d:98:ac:21:b8:a5:92:52:7f:c1:4f:d1:41:ab:63:8f:b9:6a:
af:86:42:fe:c4:39:56:75:a9:42:fb:c5:06:f9:e8:05:cb:c2:
4b:58:05:91:1e:ad:71:96:35:af:92:3f:73:87:f3:31:4a:2c:
a8:1c:86:fd:61:4c:3c:6f:f4:09:8c:e7:8c:4f:ae:30:03:34:
9e:b1:eb:18:7f:2e:ee:a6:4a:be:b2:26:d3:29:c9:85:e0:5b:
b4:41:02:41:d9:73:34:3b:ef:d9:f4:ea:fa:eb:08:62:ba:9d:
7a:fe:be:3a:43:fb:24:b4:fb:7b:2f:92:43:02:8a:b7:02:02:
0a:ca:20:31:d9:b9:ec:96:db:68:39:39:d2:e5:ea:06:02:a9:
8a:11:7e:72
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIENvMbATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MmNkOWFkZDE2MTM3ZThiYWI5OGQ3OGUyYTMzNjBiYzhiZDZmMGYxMB4XDTIyMDEw
MTEwNTYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODk0M2FlMTExNWEy
NTAxOTNjYjlhMjkxZjEyZGFhZjU0OGE0MzljYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxfm/BqPpXh+iXVNixmacImgFw5QpVHwiVC00fhiqfL4m8x
A5xbDKCs4Q/OqVKYe+OV3PrQ5leU8ILYJpnkI4Z2GtNRk+FEizsT3wQApUFdantQ
bGv7SUpi0VAzT0OtGMXScCoa8pVlwapevyu0XhzwuHVHIG9ZF55vmd90+yOojETd
7hWrNtPSH29582641uXEGQQa+utA5WqOxbkvD1AOyyVVNxiSRgvLxZdDZ8V7lVhC
LcdUJZsPTph/8afrUrHiJHwKHCggP7lqV/9VlS9VivN/Id2KUBV+wWmm6O1FknSJ
WEpzLBLfnlVXLypxrI9HESUMbbFDEeS9BnWeZ0sCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBSJQ64RFaJQGTy5opHxLar1SKQ5yjAfBgNVHSMEGDAWgBQSzZrdFhN+i6uY
144qM2C8i9bw8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VzMmEzUllUZm91cm1OZU9Lak5ndkl2VzhQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvNTdjYzZlLThiMWEtNDgyNy05OTljLTE3MmRmNmJjZDQ1Yi8x
L2lVT3VFUldpVUJrOHVhS1I4UzJxOVVpa09jby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
NTdjYzZlLThiMWEtNDgyNy05OTljLTE3MmRmNmJjZDQ1Yi8xL0VzMmEzUllUZm91
cm1OZU9Lak5ndkl2VzhQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBFES4AMEBVhVIAMEBLITwAMEArlK
0AMEAsEiaAMEAsaJiAMEBdQ3IAMEBNmsUDANBAIAAjAHAwUAKgIOkDANBgkqhkiG
9w0BAQsFAAOCAQEAKKzu94KrGnRbcCSdhBzQtO82YuRGiGTYWwPYQgzfA4kpE42J
BohRpNgTB9+TixP+/2L8e4bBuwzjOf2dmhbvWTEBg7tVaIXoK8I1aidJtX3fuERT
+24x8oefSN2cvt/vI0SN5MUhSk1mmAyFXZisIbilklJ/wU/RQatjj7lqr4ZC/sQ5
VnWpQvvFBvnoBcvCS1gFkR6tcZY1r5I/c4fzMUosqByG/WFMPG/0CYznjE+uMAM0
nrHrGH8u7qZKvrIm0ynJheBbtEECQdlzNDvv2fTq+usIYrqdev6+OkP7JLT7ey+S
QwKKtwICCsogMdm57JbbaDk50uXqBgKpihF+cg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:23 2023 by rpki-client on console-ams.rpki-client.org