Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/82ba9d-3882-47fd-91d5-4b7e5c5a9d4b/1/CWrpcEBuPF8VeXqm0fhoPCVInU0.roa
File: CWrpcEBuPF8VeXqm0fhoPCVInU0.roa (raw, json)
Hash identifier: UutDa3tCixn8hlHcqv104E2tdY3f4rSw8mBOPEW67S8=
Subject key identifier: 09:6A:E9:70:40:6E:3C:5F:15:79:7A:A6:D1:F8:68:3C:25:48:9D:4D
Certificate issuer: /CN=c131d46561744a681016c8d6f9a61b9c17cb7f0f
Certificate serial: 0184BB8B7A2717F902FD9FA206258B08C28A
Authority key identifier: C1:31:D4:65:61:74:4A:68:10:16:C8:D6:F9:A6:1B:9C:17:CB:7F:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wTHUZWF0SmgQFsjW-aYbnBfLfw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/82ba9d-3882-47fd-91d5-4b7e5c5a9d4b/1/CWrpcEBuPF8VeXqm0fhoPCVInU0.roa
Signing time: Mon 28 Nov 2022 00:03:10 +0000
ROA not before: Mon 28 Nov 2022 00:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210433
IP address blocks: 185.81.201.0/24 maxlen: 24
185.81.203.0/24 maxlen: 24
2a03:6260::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bb:8b:7a:27:17:f9:02:fd:9f:a2:06:25:8b:08:c2:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c131d46561744a681016c8d6f9a61b9c17cb7f0f
Validity
Not Before: Nov 28 00:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=096ae970406e3c5f15797aa6d1f8683c25489d4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ea:76:62:4d:e0:13:5f:61:27:e6:16:56:9e:
68:e4:8d:3e:8a:96:1a:13:61:cf:0b:d6:36:f6:54:
99:20:59:bd:94:0a:0b:29:89:6f:ac:9f:b9:36:c1:
e8:7b:ae:68:93:9a:60:26:06:43:e4:81:dd:05:e7:
b4:1c:59:d4:8c:fa:1d:2a:3b:06:0f:a2:81:6f:17:
b6:9e:79:01:1f:a0:f2:e2:4d:50:9c:32:4a:3b:15:
74:b4:b3:10:59:82:d3:54:37:76:0c:23:c2:f9:49:
d7:4a:74:0c:26:d2:34:2a:5b:a2:f6:0b:13:5d:66:
a7:9e:ce:cc:f9:2d:71:81:99:39:95:03:37:9d:05:
39:54:8f:88:24:6a:94:96:d9:b9:20:c5:e4:aa:56:
37:1d:3a:b5:5b:24:5f:7f:53:10:75:b2:73:6e:e5:
95:93:6f:d1:01:1e:95:22:1d:6d:f2:52:74:94:0d:
40:04:26:e0:57:90:3f:17:c4:18:37:f2:82:f6:8a:
26:5b:bb:07:17:a9:87:11:16:1d:4b:a8:a3:8e:dc:
a1:ef:b6:85:6f:38:33:cb:db:15:8d:16:a4:c1:d5:
94:d8:6e:0a:20:ba:b8:35:0e:55:02:da:58:ee:81:
d7:83:61:d3:eb:4b:a5:da:0d:ef:be:24:3c:fd:dd:
08:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:6A:E9:70:40:6E:3C:5F:15:79:7A:A6:D1:F8:68:3C:25:48:9D:4D
X509v3 Authority Key Identifier:
keyid:C1:31:D4:65:61:74:4A:68:10:16:C8:D6:F9:A6:1B:9C:17:CB:7F:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wTHUZWF0SmgQFsjW-aYbnBfLfw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/82ba9d-3882-47fd-91d5-4b7e5c5a9d4b/1/CWrpcEBuPF8VeXqm0fhoPCVInU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/82ba9d-3882-47fd-91d5-4b7e5c5a9d4b/1/wTHUZWF0SmgQFsjW-aYbnBfLfw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.201.0/24
185.81.203.0/24
IPv6:
2a03:6260::/32
Signature Algorithm: sha256WithRSAEncryption
10:95:58:ba:b3:cc:94:72:88:33:9c:99:86:31:0c:8e:d0:ad:
47:fb:64:19:6f:9f:43:fd:24:87:be:92:fe:ee:cf:fd:75:ab:
f2:09:c4:28:13:ad:a8:0b:93:30:e7:0a:54:28:8e:4c:72:be:
67:74:9e:69:1d:c2:bf:c1:b3:64:af:df:84:ca:e2:33:e2:08:
d7:2d:69:ae:3b:6e:86:c0:32:14:a8:4e:bc:a2:81:e1:91:ae:
f5:cf:25:5e:dd:a1:9c:73:c8:29:60:65:b6:99:71:9e:b5:ba:
0b:2c:98:2f:7c:80:10:8e:5c:a8:6b:2e:ea:ac:33:78:5a:de:
71:58:12:01:ec:eb:32:3e:f1:f6:03:84:76:80:34:d8:06:98:
c2:af:0a:f7:b3:d4:35:db:f7:83:41:20:ec:1c:31:77:16:1b:
dc:5d:c0:6c:d7:48:55:1a:18:7b:07:1f:5a:37:c2:33:32:e7:
e8:56:4c:42:5c:df:a0:f0:bb:96:e5:11:4a:cf:b0:99:1e:16:
75:bc:ff:bc:d0:35:7f:72:e8:e3:9b:17:b2:25:83:5d:d9:c1:
01:c0:13:35:4c:1c:1f:ea:5b:12:78:54:42:3a:e3:8a:6c:85:
dd:df:ac:23:1a:94:da:76:4d:87:ff:bf:6e:e2:4c:0e:e6:8c:
42:17:0f:da
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYS7i3onF/kC/Z+iBiWLCMKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMzFkNDY1NjE3NDRhNjgxMDE2YzhkNmY5YTYxYjljMTdj
YjdmMGYwHhcNMjIxMTI4MDAwMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTZhZTk3MDQwNmUzYzVmMTU3OTdhYTZkMWY4NjgzYzI1NDg5ZDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+p2Yk3gE19hJ+YWVp5o5I0+ipYa
E2HPC9Y29lSZIFm9lAoLKYlvrJ+5NsHoe65ok5pgJgZD5IHdBee0HFnUjPodKjsG
D6KBbxe2nnkBH6Dy4k1QnDJKOxV0tLMQWYLTVDd2DCPC+UnXSnQMJtI0Klui9gsT
XWanns7M+S1xgZk5lQM3nQU5VI+IJGqUltm5IMXkqlY3HTq1WyRff1MQdbJzbuWV
k2/RAR6VIh1t8lJ0lA1ABCbgV5A/F8QYN/KC9oomW7sHF6mHERYdS6ijjtyh77aF
bzgzy9sVjRakwdWU2G4KILq4NQ5VAtpY7oHXg2HT60ul2g3vviQ8/d0IOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAlq6XBAbjxfFXl6ptH4aDwlSJ1NMB8GA1UdIwQY
MBaAFMEx1GVhdEpoEBbI1vmmG5wXy38PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1RIVVpXRjBTbWdRRnNqVy1hWWJuQmZMZnc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84MmJhOWQtMzg4Mi00N2ZkLTkxZDUt
NGI3ZTVjNWE5ZDRiLzEvQ1dycGNFQnVQRjhWZVhxbTBmaG9QQ1ZJblUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi84MmJhOWQtMzg4Mi00N2ZkLTkxZDUtNGI3ZTVjNWE5ZDRi
LzEvd1RIVVpXRjBTbWdRRnNqVy1hWWJuQmZMZnc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuVHJAwQA
uVHLMA0EAgACMAcDBQAqA2JgMA0GCSqGSIb3DQEBCwUAA4IBAQAQlVi6s8yUcogz
nJmGMQyO0K1H+2QZb59D/SSHvpL+7s/9davyCcQoE62oC5Mw5wpUKI5Mcr5ndJ5p
HcK/wbNkr9+EyuIz4gjXLWmuO26GwDIUqE68ooHhka71zyVe3aGcc8gpYGW2mXGe
tboLLJgvfIAQjlyoay7qrDN4Wt5xWBIB7OsyPvH2A4R2gDTYBpjCrwr3s9Q12/eD
QSDsHDF3FhvcXcBs10hVGhh7Bx9aN8IzMufoVkxCXN+g8LuW5RFKz7CZHhZ1vP+8
0DV/cujjmxeyJYNd2cEBwBM1TBwf6lsSeFRCOuOKbIXd36wjGpTadk2H/79u4kwO
5oxCFw/a
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org