Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/vt5Ud4Ckk5wypZQS4kr7aEs_KJw.roa
File: vt5Ud4Ckk5wypZQS4kr7aEs_KJw.roa (raw, json)
Hash identifier: 7Jkx9BBpivcn327ixpUn1julNf1OB+yjPZPcYbM4v7k=
Subject key identifier: BE:DE:54:77:80:A4:93:9C:32:A5:94:12:E2:4A:FB:68:4B:3F:28:9C
Certificate issuer: /CN=ca1efd8e63169d8fdbf98b7139fcddedaf016cb2
Certificate serial: 09D8591A
Authority key identifier: CA:1E:FD:8E:63:16:9D:8F:DB:F9:8B:71:39:FC:DD:ED:AF:01:6C:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yh79jmMWnY_b-YtxOfzd7a8BbLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/vt5Ud4Ckk5wypZQS4kr7aEs_KJw.roa
Signing time: Sat 01 Jan 2022 15:57:58 +0000
ROA not before: Sat 01 Jan 2022 15:57:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29003
IP address blocks: 185.95.220.0/22 maxlen: 22
81.90.48.0/20 maxlen: 20
2a02:8f0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165173530 (0x9d8591a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1efd8e63169d8fdbf98b7139fcddedaf016cb2
Validity
Not Before: Jan 1 15:57:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bede547780a4939c32a59412e24afb684b3f289c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fc:90:9e:01:cb:f5:03:69:2f:5f:f5:ff:22:
3e:ae:f7:ce:47:d5:83:a0:33:b0:51:49:11:f3:24:
9f:b8:c9:da:6a:03:5c:54:f9:71:f4:1a:50:89:ae:
32:a5:5a:ff:51:df:0c:c9:30:36:66:d9:fe:81:ae:
26:b5:8a:5e:92:c9:0f:71:4e:32:05:02:c4:ad:fd:
9c:be:70:e3:60:76:77:dd:30:3c:a5:e9:0e:11:cb:
84:75:67:5a:90:7b:2f:1e:cd:da:5f:7c:96:59:55:
2b:7d:d8:be:61:27:c8:0d:c2:b8:0e:11:05:9a:bc:
4a:4a:b1:bb:80:22:64:1e:6f:e6:4a:92:fd:1f:ce:
c8:0c:e7:85:ca:77:a2:23:54:f2:b5:1a:93:ea:95:
cb:07:e3:e2:27:55:9b:ad:08:91:be:e7:43:61:3f:
e1:7a:bf:4d:69:85:2b:6e:a5:e6:15:ba:a1:46:12:
3f:30:83:83:c5:21:a5:61:54:47:e9:d7:7c:c4:91:
17:20:3d:ca:ec:71:38:e3:11:5b:e5:ff:8f:f0:93:
0f:cc:c8:bf:a4:1c:64:b4:b4:84:5c:d8:6c:98:97:
bc:34:0e:b7:31:c5:18:b6:62:8a:9c:b6:87:66:49:
00:8b:9e:d3:8d:b1:84:6d:3e:00:57:eb:c8:fe:94:
52:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DE:54:77:80:A4:93:9C:32:A5:94:12:E2:4A:FB:68:4B:3F:28:9C
X509v3 Authority Key Identifier:
keyid:CA:1E:FD:8E:63:16:9D:8F:DB:F9:8B:71:39:FC:DD:ED:AF:01:6C:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yh79jmMWnY_b-YtxOfzd7a8BbLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/vt5Ud4Ckk5wypZQS4kr7aEs_KJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/d961fe-d8aa-48e5-96fd-f07f06cbea2d/1/yh79jmMWnY_b-YtxOfzd7a8BbLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.48.0/20
185.95.220.0/22
IPv6:
2a02:8f0::/32
Signature Algorithm: sha256WithRSAEncryption
65:c3:b4:f7:73:6d:45:20:49:b7:cb:ac:4d:d0:dd:ae:7b:1d:
13:49:21:cd:f0:05:a0:2e:0b:a6:8f:cd:56:9c:dd:31:34:2c:
c5:91:de:ce:31:4f:48:49:fb:ea:a8:d4:b1:1b:45:da:8f:c1:
bd:51:45:d8:01:8e:bd:1d:d4:4c:fb:b6:cb:7d:e8:66:07:97:
4e:e7:6c:75:f9:86:83:08:1e:3b:7a:2b:ba:53:f9:45:2f:67:
01:0b:50:38:c7:02:91:53:e7:e2:41:ae:18:f2:c0:0a:02:f7:
bb:a3:1b:5e:f1:08:d7:b6:2d:25:c6:7a:1e:d3:52:2a:30:f6:
d3:a0:8d:a2:92:d4:81:87:4a:26:c9:11:8b:1d:d3:d5:a1:65:
74:1f:28:2f:53:16:58:2b:22:88:41:c6:80:f5:8f:0a:9a:59:
62:f3:e0:dd:56:18:f0:66:dd:ef:16:04:da:69:6d:e4:d8:75:
5f:9c:8d:dd:39:3e:b2:18:6f:4d:fe:b3:31:29:a2:e9:a7:cb:
fa:af:b9:f2:bb:37:34:6c:9f:39:32:f4:c8:76:23:93:dc:3a:
53:35:57:a2:b0:96:e6:aa:75:57:4c:a0:9f:ad:03:3f:0f:54:
db:99:fa:c2:9b:d4:13:b5:75:5e:57:24:1b:c2:6d:16:11:d6:
d6:51:79:fc
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECdhZGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YTFlZmQ4ZTYzMTY5ZDhmZGJmOThiNzEzOWZjZGRlZGFmMDE2Y2IyMB4XDTIyMDEw
MTE1NTc1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmVkZTU0Nzc4MGE0
OTM5YzMyYTU5NDEyZTI0YWZiNjg0YjNmMjg5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKr8kJ4By/UDaS9f9f8iPq73zkfVg6AzsFFJEfMkn7jJ2moD
XFT5cfQaUImuMqVa/1HfDMkwNmbZ/oGuJrWKXpLJD3FOMgUCxK39nL5w42B2d90w
PKXpDhHLhHVnWpB7Lx7N2l98lllVK33YvmEnyA3CuA4RBZq8Skqxu4AiZB5v5kqS
/R/OyAznhcp3oiNU8rUak+qVywfj4idVm60Ikb7nQ2E/4Xq/TWmFK26l5hW6oUYS
PzCDg8UhpWFUR+nXfMSRFyA9yuxxOOMRW+X/j/CTD8zIv6QcZLS0hFzYbJiXvDQO
tzHFGLZiipy2h2ZJAIue042xhG0+AFfryP6UUiMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS+3lR3gKSTnDKllBLiSvtoSz8onDAfBgNVHSMEGDAWgBTKHv2OYxadj9v5
i3E5/N3trwFssjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3loNzlqbU1XbllfYi1ZdHhPZnpkN2E4QmJMSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvZDk2MWZlLWQ4YWEtNDhlNS05NmZkLWYwN2YwNmNiZWEyZC8x
L3Z0NVVkNENrazV3eXBaUVM0a3I3YUVzX0tKdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
ZDk2MWZlLWQ4YWEtNDhlNS05NmZkLWYwN2YwNmNiZWEyZC8xL3loNzlqbU1Xbllf
Yi1ZdHhPZnpkN2E4QmJMSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFFaMAMEArlf3DANBAIAAjAHAwUA
KgII8DANBgkqhkiG9w0BAQsFAAOCAQEAZcO093NtRSBJt8usTdDdrnsdE0khzfAF
oC4Lpo/NVpzdMTQsxZHezjFPSEn76qjUsRtF2o/BvVFF2AGOvR3UTPu2y33oZgeX
TudsdfmGgwgeO3orulP5RS9nAQtQOMcCkVPn4kGuGPLACgL3u6MbXvEI17YtJcZ6
HtNSKjD206CNopLUgYdKJskRix3T1aFldB8oL1MWWCsiiEHGgPWPCppZYvPg3VYY
8Gbd7xYE2mlt5Nh1X5yN3Tk+shhvTf6zMSmi6afL+q+58rs3NGyfOTL0yHYjk9w6
UzVXorCW5qp1V0ygn60DPw9U25n6wpvUE7V1XlckG8JtFhHW1lF5/A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:50 2023 by rpki-client on console-ams.rpki-client.org