Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/7U8oEJjwUgii9XSyZ-S7Kpu4QvE.roa
File: 7U8oEJjwUgii9XSyZ-S7Kpu4QvE.roa (raw, json)
Hash identifier: JRbWFVd6p+HcrHsoBBiDyjpbIV4aCQjjmRduWrVr+HY=
Subject key identifier: ED:4F:28:10:98:F0:52:08:A2:F5:74:B2:67:E4:BB:2A:9B:B8:42:F1
Certificate issuer: /CN=08953a5f11a8279cdf8798960de1e22eb1227d95
Certificate serial: 01852F13355F24B4FEE362F6E5A3871F5738
Authority key identifier: 08:95:3A:5F:11:A8:27:9C:DF:87:98:96:0D:E1:E2:2E:B1:22:7D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJU6XxGoJ5zfh5iWDeHiLrEifZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/7U8oEJjwUgii9XSyZ-S7Kpu4QvE.roa
Signing time: Tue 20 Dec 2022 10:27:46 +0000
ROA not before: Tue 20 Dec 2022 10:27:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21472
IP address blocks: 162.33.228.0/23 maxlen: 23
185.149.176.0/22 maxlen: 22
195.49.144.0/22 maxlen: 22
91.224.190.0/23 maxlen: 23
5.2.16.0/21 maxlen: 21
5.2.16.0/23 maxlen: 23
5.2.18.0/23 maxlen: 23
5.2.23.0/24 maxlen: 24
5.2.20.0/23 maxlen: 23
185.79.56.0/24 maxlen: 24
185.79.56.0/22 maxlen: 22
2a00:e740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:13:35:5f:24:b4:fe:e3:62:f6:e5:a3:87:1f:57:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08953a5f11a8279cdf8798960de1e22eb1227d95
Validity
Not Before: Dec 20 10:27:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed4f281098f05208a2f574b267e4bb2a9bb842f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3d:2b:f5:75:52:83:9e:e6:cc:ed:db:c9:fc:
3b:1f:31:d7:b7:05:e1:d6:35:5d:8a:38:c9:09:8e:
6b:ea:bd:0a:b9:cb:0b:0a:9c:bd:a0:2f:bb:e9:0a:
17:c8:5e:84:de:9f:ba:18:82:c0:24:2e:0f:0d:cc:
ce:a7:34:f1:70:6f:fb:a9:cd:23:f3:62:06:e8:31:
0b:cf:d5:2e:6a:99:a0:01:20:21:d4:8d:e4:49:48:
12:05:d9:ec:ee:4b:d5:06:8e:0a:91:3e:9b:09:4b:
86:8c:21:af:4a:6f:25:74:ca:b1:4b:14:84:1d:9d:
64:b7:88:57:0e:03:10:43:cf:c5:c8:ab:1f:25:95:
27:33:e9:79:81:48:8a:c5:8a:f4:f3:2b:9a:eb:ab:
cc:c9:c0:2c:a1:47:67:a3:bb:41:5c:61:cf:c3:1f:
a4:b8:b7:4c:b7:00:a8:01:f0:93:b8:58:7f:f3:49:
d6:8f:58:88:ff:d3:2a:a2:6b:6f:75:90:16:86:4d:
17:6e:df:40:e7:29:a5:02:8a:da:d6:57:b0:cf:6d:
a1:85:78:34:30:ad:0f:26:51:9e:f8:ab:d6:85:7b:
61:6b:95:cb:11:83:0a:29:71:e8:96:2c:36:d1:ae:
cd:4c:c9:d7:ba:df:d6:c9:d3:71:79:53:13:42:e5:
64:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:4F:28:10:98:F0:52:08:A2:F5:74:B2:67:E4:BB:2A:9B:B8:42:F1
X509v3 Authority Key Identifier:
keyid:08:95:3A:5F:11:A8:27:9C:DF:87:98:96:0D:E1:E2:2E:B1:22:7D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJU6XxGoJ5zfh5iWDeHiLrEifZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/7U8oEJjwUgii9XSyZ-S7Kpu4QvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/CJU6XxGoJ5zfh5iWDeHiLrEifZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.16.0/21
91.224.190.0/23
162.33.228.0/23
185.79.56.0/22
185.149.176.0/22
195.49.144.0/22
IPv6:
2a00:e740::/32
Signature Algorithm: sha256WithRSAEncryption
8c:9b:f4:36:6f:b3:06:6b:8a:2d:1b:99:00:74:c1:70:25:59:
10:59:78:25:54:05:2d:36:c2:e0:af:70:db:15:5f:35:0c:0d:
38:93:95:d1:15:51:2e:58:3c:cf:89:ed:86:52:20:a5:bd:80:
94:9b:43:ec:6c:ca:0a:f7:75:4d:85:89:72:f1:e6:8b:7d:87:
13:51:99:ec:57:7c:15:0d:aa:fe:fd:ef:41:4f:95:d3:65:61:
26:30:52:50:5c:e5:3c:26:3c:2e:de:cb:cf:31:f8:06:79:3f:
9e:fb:3b:e1:62:29:f5:c7:90:7e:42:82:76:c6:cf:4b:cd:38:
a8:26:99:bb:d4:75:1a:16:7a:9c:03:d8:88:26:98:c0:a0:d5:
19:6f:14:b2:59:cd:51:26:6e:26:19:6f:5a:1b:cf:63:32:8c:
e8:96:7b:d0:d7:b5:c9:4b:4b:9a:7e:d9:97:e7:ec:10:0a:5f:
08:65:64:d0:10:39:fa:7d:be:7a:a9:49:b2:01:6a:02:95:c5:
41:46:96:23:0f:87:19:cf:7f:dc:64:1c:1a:d5:c9:6a:0a:5c:
9e:b5:e3:f6:47:52:57:a5:b0:a4:f7:46:9a:b3:93:82:13:a5:
bd:73:71:cb:34:96:7a:a6:89:dc:f1:ef:96:37:26:fc:e1:6b:
73:eb:87:13
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYUvEzVfJLT+42L25aOHH1c4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OTUzYTVmMTFhODI3OWNkZjg3OTg5NjBkZTFlMjJlYjEy
MjdkOTUwHhcNMjIxMjIwMTAyNzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDRmMjgxMDk4ZjA1MjA4YTJmNTc0YjI2N2U0YmIyYTliYjg0MmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD0r9XVSg57mzO3byfw7HzHXtwXh
1jVdijjJCY5r6r0KucsLCpy9oC+76QoXyF6E3p+6GILAJC4PDczOpzTxcG/7qc0j
82IG6DELz9UuapmgASAh1I3kSUgSBdns7kvVBo4KkT6bCUuGjCGvSm8ldMqxSxSE
HZ1kt4hXDgMQQ8/FyKsfJZUnM+l5gUiKxYr08yua66vMycAsoUdno7tBXGHPwx+k
uLdMtwCoAfCTuFh/80nWj1iI/9MqomtvdZAWhk0Xbt9A5ymlAora1lewz22hhXg0
MK0PJlGe+KvWhXtha5XLEYMKKXHoliw20a7NTMnXut/WydNxeVMTQuVkjwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFO1PKBCY8FIIovV0smfkuyqbuELxMB8GA1UdIwQY
MBaAFAiVOl8RqCec34eYlg3h4i6xIn2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0pVNlh4R29KNXpmaDVpV0RlSGlMckVpZlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jYzk0YzgtNzJlNC00Mzk4LWIzN2It
NzExNjk1NjdlMzljLzEvN1U4b0VKandVZ2lpOVhTeVotUzdLcHU0UXZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jYzk0YzgtNzJlNC00Mzk4LWIzN2ItNzExNjk1NjdlMzlj
LzEvQ0pVNlh4R29KNXpmaDVpV0RlSGlMckVpZlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBQIQAwQB
W+C+AwQBoiHkAwQCuU84AwQCuZWwAwQCwzGQMA0EAgACMAcDBQAqAOdAMA0GCSqG
SIb3DQEBCwUAA4IBAQCMm/Q2b7MGa4otG5kAdMFwJVkQWXglVAUtNsLgr3DbFV81
DA04k5XRFVEuWDzPie2GUiClvYCUm0PsbMoK93VNhYly8eaLfYcTUZnsV3wVDar+
/e9BT5XTZWEmMFJQXOU8Jjwu3svPMfgGeT+e+zvhYin1x5B+QoJ2xs9LzTioJpm7
1HUaFnqcA9iIJpjAoNUZbxSyWc1RJm4mGW9aG89jMozolnvQ17XJS0uaftmX5+wQ
Cl8IZWTQEDn6fb56qUmyAWoClcVBRpYjD4cZz3/cZBwa1clqClyeteP2R1JXpbCk
90aas5OCE6W9c3HLNJZ6ponc8e+WNyb84Wtz64cT
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:58 2023 by rpki-client on console-ams.rpki-client.org