Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/F2iElg2JzEnMA-bkDc2cnyS1wgw.roa
File: F2iElg2JzEnMA-bkDc2cnyS1wgw.roa (raw, json)
Hash identifier: DFvVOfVcgxzAWkzRep+br00CWrijkqulb1qaK+Sx5JY=
Subject key identifier: 17:68:84:96:0D:89:CC:49:CC:03:E6:E4:0D:CD:9C:9F:24:B5:C2:0C
Certificate issuer: /CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Certificate serial: 03C0C0EF
Authority key identifier: 70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/F2iElg2JzEnMA-bkDc2cnyS1wgw.roa
Signing time: Sat 01 Jan 2022 12:57:18 +0000
ROA not before: Sat 01 Jan 2022 12:57:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33951
IP address blocks: 193.239.206.0/23 maxlen: 23
95.175.0.0/19 maxlen: 19
194.63.132.0/22 maxlen: 22
91.193.96.0/22 maxlen: 22
217.11.135.0/24 maxlen: 24
2a04:1200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62963951 (0x3c0c0ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=700a1231d1c27a754e46ef10e92a730ae15d0f55
Validity
Not Before: Jan 1 12:57:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=176884960d89cc49cc03e6e40dcd9c9f24b5c20c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ea:54:62:eb:96:6f:a2:7b:f6:f1:92:03:04:
c7:68:53:4a:24:fe:3d:1d:23:c6:cf:57:cf:10:d0:
af:09:02:96:03:32:fb:5b:61:34:15:09:37:90:69:
21:18:0e:34:5d:9c:e9:52:05:f2:82:66:1b:c4:2b:
6d:41:32:8c:82:a6:e5:38:b9:2b:7e:b2:3f:af:2a:
d2:38:e8:33:31:5c:2e:00:4d:21:b8:3b:65:2d:4a:
f4:f2:8e:e5:98:3b:bd:67:48:d9:c9:12:24:25:cd:
b8:f2:62:ca:96:11:a2:a9:8f:e9:d5:27:a0:b1:14:
b2:99:9d:88:87:a8:a0:b7:49:d4:f3:a5:bd:20:20:
1d:ac:77:4b:59:87:8e:8a:d9:50:94:93:bd:5f:6b:
f2:51:c9:ec:1e:40:ab:18:cc:63:71:e6:16:9e:18:
5d:ea:3f:c8:a5:3e:8e:61:16:8a:c6:e3:45:a5:f1:
e1:fa:aa:6c:ba:91:63:71:b2:01:36:d8:e4:7e:72:
c9:aa:66:24:76:96:aa:43:97:77:86:5a:37:5e:d7:
56:10:b2:8e:52:b0:c7:7f:ac:41:ac:77:6e:ed:e8:
a9:93:fd:0f:f4:12:7a:db:1f:2f:76:27:5a:ec:dc:
28:b6:db:29:6f:55:a0:2b:99:df:84:e5:02:6d:e0:
55:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:68:84:96:0D:89:CC:49:CC:03:E6:E4:0D:CD:9C:9F:24:B5:C2:0C
X509v3 Authority Key Identifier:
keyid:70:0A:12:31:D1:C2:7A:75:4E:46:EF:10:E9:2A:73:0A:E1:5D:0F:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cAoSMdHCenVORu8Q6SpzCuFdD1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/F2iElg2JzEnMA-bkDc2cnyS1wgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/dcc2b4-9ded-4678-8398-ab79a3789f8f/1/cAoSMdHCenVORu8Q6SpzCuFdD1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.96.0/22
95.175.0.0/19
193.239.206.0/23
194.63.132.0/22
217.11.135.0/24
IPv6:
2a04:1200::/29
Signature Algorithm: sha256WithRSAEncryption
53:7b:8c:d1:b8:c3:3e:d1:31:bc:1e:ab:c1:31:76:4e:dc:d1:
20:83:94:d4:02:99:dc:3e:b2:a4:7e:7c:9c:90:69:0a:5b:d5:
ee:d0:dd:8c:a2:6a:b4:03:20:83:b0:61:cd:f6:0f:e6:60:a8:
2d:e5:6e:55:12:0a:9b:dc:66:4b:31:30:c9:2f:e8:f9:25:06:
9e:91:1c:66:da:b5:4e:e2:10:a1:49:11:11:c7:81:c2:16:8e:
09:24:cf:53:0b:27:a3:48:e5:32:23:64:30:8c:d7:b6:44:ca:
91:7a:c1:a4:48:24:ae:14:22:71:ce:c0:75:3e:af:57:a3:1a:
6a:ba:ed:76:e4:ff:b6:c7:2f:39:f8:af:74:34:cf:7f:63:fc:
9d:d8:d5:0d:b3:86:8d:f0:36:1d:fd:e7:d4:08:35:41:59:14:
c2:64:a3:b4:f8:e1:40:aa:a0:dc:23:ef:11:c4:8d:4e:b1:e7:
83:29:9e:9c:0c:85:b1:aa:80:6e:8d:02:06:37:95:0a:82:b1:
07:cb:18:d3:d1:89:9c:5f:1c:06:ce:22:a2:4a:ff:08:59:36:
0f:87:61:bd:10:7c:90:ce:0b:b7:33:c1:40:6f:f2:fd:25:a4:
10:b8:0f:ee:08:e4:46:ce:1b:96:ba:4b:50:eb:da:e3:5b:f9:
5f:dd:dc:0c
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEA8DA7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDBhMTIzMWQxYzI3YTc1NGU0NmVmMTBlOTJhNzMwYWUxNWQwZjU1MB4XDTIyMDEw
MTEyNTcxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTc2ODg0OTYwZDg5
Y2M0OWNjMDNlNmU0MGRjZDljOWYyNGI1YzIwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7qVGLrlm+ie/bxkgMEx2hTSiT+PR0jxs9XzxDQrwkClgMy
+1thNBUJN5BpIRgONF2c6VIF8oJmG8QrbUEyjIKm5Ti5K36yP68q0jjoMzFcLgBN
Ibg7ZS1K9PKO5Zg7vWdI2ckSJCXNuPJiypYRoqmP6dUnoLEUspmdiIeooLdJ1POl
vSAgHax3S1mHjorZUJSTvV9r8lHJ7B5AqxjMY3HmFp4YXeo/yKU+jmEWisbjRaXx
4fqqbLqRY3GyATbY5H5yyapmJHaWqkOXd4ZaN17XVhCyjlKwx3+sQax3bu3oqZP9
D/QSetsfL3YnWuzcKLbbKW9VoCuZ34TlAm3gVRkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQXaISWDYnMScwD5uQNzZyfJLXCDDAfBgNVHSMEGDAWgBRwChIx0cJ6dU5G
7xDpKnMK4V0PVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NBb1NNZEhDZW5WT1J1OFE2U3B6Q3VGZEQxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvZGNjMmI0LTlkZWQtNDY3OC04Mzk4LWFiNzlhMzc4OWY4Zi8x
L0YyaUVsZzJKekVuTUEtYmtEYzJjbnlTMXdndy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
ZGNjMmI0LTlkZWQtNDY3OC04Mzk4LWFiNzlhMzc4OWY4Zi8xL2NBb1NNZEhDZW5W
T1J1OFE2U3B6Q3VGZEQxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAlvBYAMEBV+vAAMEAcHvzgMEAsI/
hAMEANkLhzANBAIAAjAHAwUDKgQSADANBgkqhkiG9w0BAQsFAAOCAQEAU3uM0bjD
PtExvB6rwTF2TtzRIIOU1AKZ3D6ypH58nJBpClvV7tDdjKJqtAMgg7BhzfYP5mCo
LeVuVRIKm9xmSzEwyS/o+SUGnpEcZtq1TuIQoUkREceBwhaOCSTPUwsno0jlMiNk
MIzXtkTKkXrBpEgkrhQicc7AdT6vV6MaarrtduT/tscvOfivdDTPf2P8ndjVDbOG
jfA2Hf3n1Ag1QVkUwmSjtPjhQKqg3CPvEcSNTrHngymenAyFsaqAbo0CBjeVCoKx
B8sY09GJnF8cBs4iokr/CFk2D4dhvRB8kM4LtzPBQG/y/SWkELgP7gjkRs4blrpL
UOva41v5X93cDA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:27 2023 by rpki-client on console-ams.rpki-client.org