Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/U1MBXgHChCPYxBHfTKA0UbN-GvQ.roa
File: U1MBXgHChCPYxBHfTKA0UbN-GvQ.roa (raw, json)
Hash identifier: 1BabtexQ0xmLo92KWsLouHbVv7eFQS029prQPhY0kLM=
Subject key identifier: 53:53:01:5E:01:C2:84:23:D8:C4:11:DF:4C:A0:34:51:B3:7E:1A:F4
Certificate issuer: /CN=78811e8e36e22280bb2f65a7d2c6034ecf86716c
Certificate serial: 0A1838E0
Authority key identifier: 78:81:1E:8E:36:E2:22:80:BB:2F:65:A7:D2:C6:03:4E:CF:86:71:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eIEejjbiIoC7L2Wn0sYDTs-GcWw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/U1MBXgHChCPYxBHfTKA0UbN-GvQ.roa
Signing time: Sat 01 Jan 2022 00:52:10 +0000
ROA not before: Sat 01 Jan 2022 00:52:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59702
IP address blocks: 207.189.192.0/20 maxlen: 20
81.25.144.0/20 maxlen: 20
213.244.240.0/21 maxlen: 21
146.66.232.0/21 maxlen: 21
185.16.200.0/22 maxlen: 22
185.80.216.0/22 maxlen: 22
216.158.96.0/20 maxlen: 20
172.103.88.0/21 maxlen: 21
2a03:780::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169359584 (0xa1838e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=78811e8e36e22280bb2f65a7d2c6034ecf86716c
Validity
Not Before: Jan 1 00:52:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5353015e01c28423d8c411df4ca03451b37e1af4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8d:b5:00:0f:30:e1:34:ea:54:a2:b2:8a:45:
b3:4c:a1:69:45:8d:41:58:09:c2:eb:9a:84:bf:0f:
eb:05:99:a1:13:9f:6c:49:95:46:71:d2:5c:2a:d1:
ed:8e:f1:7c:c7:53:90:56:38:5b:77:50:77:a0:dd:
41:23:c8:27:00:2d:af:50:b0:86:58:59:dd:f2:4a:
9a:02:ea:bc:02:8c:ec:b6:b6:7f:45:94:73:1a:c7:
7b:f6:cb:32:0b:7a:8d:aa:aa:b5:8e:27:39:8a:8a:
a8:2a:1c:02:3a:58:c2:aa:25:e9:8b:7c:af:8c:a1:
b4:9f:43:d6:d1:40:7f:92:30:3f:d5:28:db:95:fa:
6d:b6:88:0b:b3:b2:9c:ab:5d:03:50:d2:e7:ff:dd:
d3:7a:a9:0a:b0:1c:28:6a:6c:98:70:a8:7d:e3:de:
a1:af:bf:e8:34:16:b1:60:76:d0:a8:20:9b:8f:af:
8c:02:30:91:1e:e3:40:bd:d7:17:46:09:39:cd:0b:
db:99:b5:66:ae:93:2d:fb:42:ba:09:b1:cd:6e:72:
9d:f5:78:ce:e1:95:69:62:e7:da:f4:3f:06:5b:da:
f9:01:85:01:17:42:fd:aa:06:af:9e:71:21:c2:61:
2d:34:a7:21:45:ea:9d:22:f2:bc:dd:de:54:e2:39:
03:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:53:01:5E:01:C2:84:23:D8:C4:11:DF:4C:A0:34:51:B3:7E:1A:F4
X509v3 Authority Key Identifier:
keyid:78:81:1E:8E:36:E2:22:80:BB:2F:65:A7:D2:C6:03:4E:CF:86:71:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eIEejjbiIoC7L2Wn0sYDTs-GcWw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/U1MBXgHChCPYxBHfTKA0UbN-GvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/171251-6a75-4e9e-acf0-825e5a061df9/1/eIEejjbiIoC7L2Wn0sYDTs-GcWw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.144.0/20
146.66.232.0/21
172.103.88.0/21
185.16.200.0/22
185.80.216.0/22
207.189.192.0/20
213.244.240.0/21
216.158.96.0/20
IPv6:
2a03:780::/32
Signature Algorithm: sha256WithRSAEncryption
97:f2:4e:17:34:d6:3b:d9:aa:38:b9:a4:0b:86:0f:e9:30:7f:
b5:74:09:f0:20:54:f3:38:f3:87:d5:80:f8:d1:3e:7b:43:37:
7d:38:65:3c:38:0f:1a:b2:02:27:e1:5d:14:a1:02:db:73:b1:
06:10:0e:87:ad:b2:88:06:48:08:26:2a:5c:de:30:bd:d3:fc:
6b:56:60:f0:b9:b0:e0:fc:e6:e1:16:86:9d:32:e3:c7:29:ad:
c3:5c:93:e6:fa:6f:46:87:a8:5b:9e:0c:24:89:f2:71:87:33:
2d:16:ff:76:39:ec:8f:1a:67:e3:8a:21:a7:7d:b7:7c:49:74:
25:d2:33:87:57:f2:13:67:26:6b:91:7a:7b:f9:fc:72:b0:f7:
bb:66:70:f5:11:55:6c:0c:37:90:0c:74:86:66:07:9f:da:8a:
85:9f:8a:bd:72:b0:a7:90:c1:01:c8:d1:ad:4a:fe:bb:05:57:
88:ac:8f:32:9c:7e:57:1a:59:87:79:1d:f9:71:14:51:08:aa:
02:7a:ee:13:d8:3e:a5:d4:3c:a9:c0:46:05:d3:ea:05:ec:6c:
b9:cb:82:85:51:40:a1:c7:33:01:4d:fe:4a:1e:ac:b0:ca:79:
09:ee:9a:df:10:c3:da:a0:72:18:32:07:2d:e7:9c:ca:83:f1:
e1:45:f6:86
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEChg44DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODgxMWU4ZTM2ZTIyMjgwYmIyZjY1YTdkMmM2MDM0ZWNmODY3MTZjMB4XDTIyMDEw
MTAwNTIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM1MzAxNWUwMWMy
ODQyM2Q4YzQxMWRmNGNhMDM0NTFiMzdlMWFmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+NtQAPMOE06lSisopFs0yhaUWNQVgJwuuahL8P6wWZoROf
bEmVRnHSXCrR7Y7xfMdTkFY4W3dQd6DdQSPIJwAtr1CwhlhZ3fJKmgLqvAKM7La2
f0WUcxrHe/bLMgt6jaqqtY4nOYqKqCocAjpYwqol6Yt8r4yhtJ9D1tFAf5IwP9Uo
25X6bbaIC7OynKtdA1DS5//d03qpCrAcKGpsmHCofePeoa+/6DQWsWB20Kggm4+v
jAIwkR7jQL3XF0YJOc0L25m1Zq6TLftCugmxzW5ynfV4zuGVaWLn2vQ/Blva+QGF
ARdC/aoGr55xIcJhLTSnIUXqnSLyvN3eVOI5A0kCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBRTUwFeAcKEI9jEEd9MoDRRs34a9DAfBgNVHSMEGDAWgBR4gR6ONuIigLsv
ZafSxgNOz4ZxbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VJRWVqamJpSW9DN0wyV24wc1lEVHMtR2NXdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvMTcxMjUxLTZhNzUtNGU5ZS1hY2YwLTgyNWU1YTA2MWRmOS8x
L1UxTUJYZ0hDaENQWXhCSGZUS0EwVWJOLUd2US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
MTcxMjUxLTZhNzUtNGU5ZS1hY2YwLTgyNWU1YTA2MWRmOS8xL2VJRWVqamJpSW9D
N0wyV24wc1lEVHMtR2NXdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBFEZkAMEA5JC6AMEA6xnWAMEArkQ
yAMEArlQ2AMEBM+9wAMEA9X08AMEBNieYDANBAIAAjAHAwUAKgMHgDANBgkqhkiG
9w0BAQsFAAOCAQEAl/JOFzTWO9mqOLmkC4YP6TB/tXQJ8CBU8zjzh9WA+NE+e0M3
fThlPDgPGrICJ+FdFKEC23OxBhAOh62yiAZICCYqXN4wvdP8a1Zg8Lmw4Pzm4RaG
nTLjxymtw1yT5vpvRoeoW54MJInycYczLRb/djnsjxpn44ohp323fEl0JdIzh1fy
E2cma5F6e/n8crD3u2Zw9RFVbAw3kAx0hmYHn9qKhZ+KvXKwp5DBAcjRrUr+uwVX
iKyPMpx+VxpZh3kd+XEUUQiqAnruE9g+pdQ8qcBGBdPqBexsucuChVFAocczAU3+
Sh6ssMp5Ce6a3xDD2qByGDIHLeecyoPx4UX2hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:20 2024 by rpki-client on console-ams.rpki-client.org