Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/X912oyNvQwbhdDXTmBUuW88uaJ0.roa
File: X912oyNvQwbhdDXTmBUuW88uaJ0.roa (raw, json)
Hash identifier: i7q0y6t5lbCMXf7TjFJfnr37oe4iv+pJHsgMp7DsH1g=
Subject key identifier: 5F:DD:76:A3:23:6F:43:06:E1:74:35:D3:98:15:2E:5B:CF:2E:68:9D
Certificate issuer: /CN=eeac122a92917cf953ff5c5de6a1ffe1199f122c
Certificate serial: 10BA6DD1
Authority key identifier: EE:AC:12:2A:92:91:7C:F9:53:FF:5C:5D:E6:A1:FF:E1:19:9F:12:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qwSKpKRfPlT_1xd5qH_4RmfEiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/X912oyNvQwbhdDXTmBUuW88uaJ0.roa
Signing time: Sat 01 Jan 2022 13:02:49 +0000
ROA not before: Sat 01 Jan 2022 13:02:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198651
IP address blocks: 185.153.200.0/24 maxlen: 24
185.153.202.0/24 maxlen: 24
185.153.203.0/24 maxlen: 24
2a07:8980::/29 maxlen: 29
2a07:8980:102::/48 maxlen: 48
2a07:8982::/32 maxlen: 32
2a07:8980:18::/48 maxlen: 48
2a07:8983::/36 maxlen: 36
2a07:8983:1000::/36 maxlen: 36
2a07:8980:101::/48 maxlen: 48
2a07:8981::/32 maxlen: 32
2a07:8980:1a::/48 maxlen: 48
2a07:8980::/32 maxlen: 32
2a07:8980:1000::/48 maxlen: 48
2a07:8980:6000::/48 maxlen: 48
2a07:8980:43::/48 maxlen: 48
2a07:8980:44::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280653265 (0x10ba6dd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeac122a92917cf953ff5c5de6a1ffe1199f122c
Validity
Not Before: Jan 1 13:02:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fdd76a3236f4306e17435d398152e5bcf2e689d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3d:1c:ff:49:bf:89:c1:04:19:b7:e8:e2:79:
5b:ae:a7:9a:47:13:f6:04:bc:31:a5:ac:8d:3c:d0:
94:0b:e4:7f:ef:d2:bd:72:13:f2:38:27:de:3f:dd:
d4:41:7a:f1:0b:e9:df:1e:da:54:5e:2b:27:59:ff:
6a:81:39:b5:40:e3:7c:68:87:cb:be:3d:e1:20:94:
72:f2:1a:91:5c:67:56:8e:56:0f:d1:57:a2:97:5b:
5f:b2:95:39:ef:04:bf:54:c8:24:28:3d:d2:3a:07:
78:31:21:9e:a9:aa:b5:cd:55:37:cf:e0:c0:ef:e6:
a1:44:b5:3e:5b:5c:b7:55:2d:c9:9c:80:fb:58:70:
93:9b:2e:4a:13:84:4c:b7:3a:b4:d7:61:68:fc:d3:
fd:34:8b:2e:83:5e:a8:07:cd:2d:fd:ac:7d:20:7b:
d1:c3:6c:86:e1:9d:05:e8:cc:c0:56:f4:60:c8:4d:
5d:20:6a:0f:35:df:56:f5:7d:24:d4:5f:1c:59:ae:
ac:0a:8b:32:33:5e:b9:11:46:35:ea:24:1c:36:73:
ec:b3:e5:27:4c:0b:cd:23:be:7c:e6:6d:f0:79:3f:
d6:8e:b2:af:81:cd:a6:42:de:14:93:c8:3c:f9:96:
e2:c3:e8:43:0c:90:82:a9:52:32:29:f3:81:b2:b0:
df:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:DD:76:A3:23:6F:43:06:E1:74:35:D3:98:15:2E:5B:CF:2E:68:9D
X509v3 Authority Key Identifier:
keyid:EE:AC:12:2A:92:91:7C:F9:53:FF:5C:5D:E6:A1:FF:E1:19:9F:12:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qwSKpKRfPlT_1xd5qH_4RmfEiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/X912oyNvQwbhdDXTmBUuW88uaJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/8ee451-f626-4324-98fe-41d2cc7b7034/1/7qwSKpKRfPlT_1xd5qH_4RmfEiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.200.0/24
185.153.202.0/23
IPv6:
2a07:8980::/29
Signature Algorithm: sha256WithRSAEncryption
76:0e:23:23:33:0f:89:b9:28:68:71:c1:5a:3d:c7:fc:4a:52:
3d:ad:33:97:b4:09:cc:db:a2:a9:ec:fd:37:69:83:44:7f:81:
20:b7:5e:4c:1c:0e:18:37:55:9d:0c:54:19:6f:8e:3b:53:78:
27:cb:3d:19:6f:52:b8:a1:ea:da:5f:d8:1d:01:0b:19:31:e4:
05:1b:62:69:fa:a4:0c:f3:0b:9d:d8:68:3c:ec:9b:71:24:98:
22:e7:ff:6a:89:8d:b2:2d:5d:1c:b8:94:be:33:08:e5:56:58:
46:78:b1:1d:e3:8a:f2:e6:bb:ba:e4:3d:dd:fe:03:86:b9:f2:
7c:92:dd:5b:49:bf:73:be:1e:83:de:fa:a8:4a:c3:ff:dd:6c:
5b:63:58:bf:74:4e:96:28:c1:76:d2:fc:01:95:5a:0a:d4:0e:
62:1b:e4:a4:0f:57:4b:25:7c:c3:66:45:5d:d2:6a:ff:f8:f4:
ee:cd:38:40:0b:df:9b:b7:f9:fd:7c:af:fe:2e:2a:48:39:09:
64:fa:bf:b3:e9:89:4f:53:60:fa:dc:0d:21:c8:29:41:42:66:
f3:35:ba:d6:df:3c:32:fd:eb:02:d1:f0:c5:85:81:81:59:d4:
1e:b6:ad:28:db:98:2c:72:cb:0b:d8:6f:ba:b0:cc:46:8d:3b:
b9:43:ea:39
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEELpt0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWFjMTIyYTkyOTE3Y2Y5NTNmZjVjNWRlNmExZmZlMTE5OWYxMjJjMB4XDTIyMDEw
MTEzMDI0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZkZDc2YTMyMzZm
NDMwNmUxNzQzNWQzOTgxNTJlNWJjZjJlNjg5ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL49HP9Jv4nBBBm36OJ5W66nmkcT9gS8MaWsjTzQlAvkf+/S
vXIT8jgn3j/d1EF68Qvp3x7aVF4rJ1n/aoE5tUDjfGiHy7494SCUcvIakVxnVo5W
D9FXopdbX7KVOe8Ev1TIJCg90joHeDEhnqmqtc1VN8/gwO/moUS1Pltct1UtyZyA
+1hwk5suShOETLc6tNdhaPzT/TSLLoNeqAfNLf2sfSB70cNshuGdBejMwFb0YMhN
XSBqDzXfVvV9JNRfHFmurAqLMjNeuRFGNeokHDZz7LPlJ0wLzSO+fOZt8Hk/1o6y
r4HNpkLeFJPIPPmW4sPoQwyQgqlSMinzgbKw31UCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRf3XajI29DBuF0NdOYFS5bzy5onTAfBgNVHSMEGDAWgBTurBIqkpF8+VP/
XF3mof/hGZ8SLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzdxd1NLcEtSZlBsVF8xeGQ1cUhfNFJtZkVpdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTgvOGVlNDUxLWY2MjYtNDMyNC05OGZlLTQxZDJjYzdiNzAzNC8x
L1g5MTJveU52UXdiaGREWFRtQlV1Vzg4dWFKMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgv
OGVlNDUxLWY2MjYtNDMyNC05OGZlLTQxZDJjYzdiNzAzNC8xLzdxd1NLcEtSZlBs
VF8xeGQ1cUhfNFJtZkVpdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEALmZyAMEAbmZyjANBAIAAjAHAwUD
KgeJgDANBgkqhkiG9w0BAQsFAAOCAQEAdg4jIzMPibkoaHHBWj3H/EpSPa0zl7QJ
zNuiqez9N2mDRH+BILdeTBwOGDdVnQxUGW+OO1N4J8s9GW9SuKHq2l/YHQELGTHk
BRtiafqkDPMLndhoPOybcSSYIuf/aomNsi1dHLiUvjMI5VZYRnixHeOK8ua7uuQ9
3f4DhrnyfJLdW0m/c74eg976qErD/91sW2NYv3ROlijBdtL8AZVaCtQOYhvkpA9X
SyV8w2ZFXdJq//j07s04QAvfm7f5/Xyv/i4qSDkJZPq/s+mJT1Ng+twNIcgpQUJm
8zW61t88Mv3rAtHwxYWBgVnUHratKNuYLHLLC9hvurDMRo07uUPqOQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:34 2023 by rpki-client on console-ams.rpki-client.org