Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/F-9YIWz90eXTHjSvwSoTGoVMpWM.roa
File: F-9YIWz90eXTHjSvwSoTGoVMpWM.roa (raw, json)
Hash identifier: 3cTRqct7oCAF+kEQiE6LRDHpBoIt6dJsNIcGb2w80WA=
Subject key identifier: 17:EF:58:21:6C:FD:D1:E5:D3:1E:34:AF:C1:2A:13:1A:85:4C:A5:63
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 0A08A3EF
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/F-9YIWz90eXTHjSvwSoTGoVMpWM.roa
Signing time: Wed 27 Apr 2022 19:18:49 +0000
ROA not before: Wed 27 Apr 2022 19:18:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41313
IP address blocks: 185.40.164.0/22 maxlen: 24
46.35.160.0/19 maxlen: 24
80.95.16.0/21 maxlen: 24
80.95.22.0/24 maxlen: 24
93.175.244.0/23 maxlen: 23
185.18.228.0/22 maxlen: 24
212.21.128.0/19 maxlen: 24
151.252.192.0/20 maxlen: 24
79.110.120.0/21 maxlen: 24
95.158.128.0/18 maxlen: 24
2a00:e200::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168338415 (0xa08a3ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Apr 27 19:18:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=17ef58216cfdd1e5d31e34afc12a131a854ca563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6f:5f:12:ac:79:94:f7:61:f0:d6:bf:45:ef:
1f:83:d4:f9:f3:a3:0e:0a:b6:ba:4d:41:49:d2:68:
82:bb:0d:51:64:6f:e2:06:1f:37:aa:18:4a:36:15:
2b:21:c8:4b:28:42:c6:94:6f:19:2a:e0:67:8b:e4:
e4:3a:66:be:ca:6e:63:1c:bc:4e:47:1d:f9:67:be:
84:50:bc:62:fb:b4:37:ef:e4:f4:b8:7b:c4:74:07:
e5:2c:89:29:09:7c:2e:3d:24:1a:6f:b3:fe:b0:4f:
ae:60:0d:7e:e4:f5:cb:fd:ce:d3:c6:61:6f:ca:02:
99:c8:41:16:e6:7d:2a:8b:e5:74:48:df:20:9a:f8:
6f:cc:a1:a9:fd:d1:b6:d7:ab:dc:30:16:39:5e:d8:
bb:80:5c:ea:7e:c2:d0:f1:7f:f3:13:74:6c:86:0e:
7f:0c:bf:8d:b7:11:72:84:3b:bc:d0:da:d8:97:f9:
ff:59:e6:03:c6:78:d7:92:7b:1f:bf:ac:0d:5a:83:
31:b9:8d:d4:80:a7:54:ad:50:e9:48:ea:8a:4e:73:
aa:57:b2:e3:18:9f:13:2d:be:d5:c9:ae:76:2d:49:
4d:af:24:20:8c:c2:bb:99:92:61:c4:0c:2c:8f:84:
e4:54:52:6f:32:e1:b4:5e:b9:1f:8b:8d:82:4f:f6:
39:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:EF:58:21:6C:FD:D1:E5:D3:1E:34:AF:C1:2A:13:1A:85:4C:A5:63
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/F-9YIWz90eXTHjSvwSoTGoVMpWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.35.160.0/19
79.110.120.0/21
80.95.16.0/21
93.175.244.0/23
95.158.128.0/18
151.252.192.0/20
185.18.228.0/22
185.40.164.0/22
212.21.128.0/19
IPv6:
2a00:e200::/32
Signature Algorithm: sha256WithRSAEncryption
8a:cb:ab:b4:64:5a:08:28:d8:d4:a0:b9:6c:31:05:4b:28:9f:
27:09:d0:5d:a4:3d:52:bf:c0:74:4f:79:e2:64:ab:55:5d:b9:
3a:0c:7b:90:e8:1e:b5:6c:e5:5a:42:cd:5c:fd:4b:0e:29:5d:
54:b6:c2:74:43:71:de:62:3f:ad:3f:29:61:d4:55:9b:db:55:
1d:9a:9e:29:02:84:9a:68:c3:de:2b:1d:a9:a6:3a:e3:e3:ef:
3f:d7:90:b1:e1:74:89:61:05:0f:28:43:08:c6:84:3c:f7:46:
75:71:2c:5e:d0:26:46:58:89:08:c3:09:e3:da:93:6e:e1:be:
b1:b9:39:c9:c2:fb:58:21:7a:32:9c:36:0c:06:56:a2:11:54:
b1:e9:38:bf:88:23:ea:9c:17:50:fc:51:78:13:c3:59:4e:c4:
0b:9c:9a:56:44:17:89:9c:1c:69:67:61:e6:ab:ee:2d:3e:80:
7c:e6:4b:e0:11:94:82:6e:d5:e7:ce:22:51:31:3e:a3:9b:9b:
7d:5f:99:80:96:df:73:09:06:c5:bd:0e:8f:a8:0b:9f:66:15:
d7:5c:d8:59:3e:85:a8:b0:00:b6:35:02:5f:df:5d:ca:1d:ce:
26:b3:d8:2e:15:f2:4f:f2:09:0e:bf:34:70:a2:d9:a6:84:af:
f3:dd:54:97
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIECgij7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmVjOTAzMGM3MGEzZDQxOTJkNTljMjhkY2M4ZDU0NzY5NDM0MGIzMB4XDTIyMDQy
NzE5MTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTdlZjU4MjE2Y2Zk
ZDFlNWQzMWUzNGFmYzEyYTEzMWE4NTRjYTU2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJtvXxKseZT3YfDWv0XvH4PU+fOjDgq2uk1BSdJogrsNUWRv
4gYfN6oYSjYVKyHISyhCxpRvGSrgZ4vk5DpmvspuYxy8Tkcd+We+hFC8Yvu0N+/k
9Lh7xHQH5SyJKQl8Lj0kGm+z/rBPrmANfuT1y/3O08Zhb8oCmchBFuZ9KovldEjf
IJr4b8yhqf3Rtter3DAWOV7Yu4Bc6n7C0PF/8xN0bIYOfwy/jbcRcoQ7vNDa2Jf5
/1nmA8Z415J7H7+sDVqDMbmN1ICnVK1Q6Ujqik5zqley4xifEy2+1cmudi1JTa8k
IIzCu5mSYcQMLI+E5FRSbzLhtF65H4uNgk/2OTsCAwEAAaOCAkgwggJEMB0GA1Ud
DgQWBBQX71ghbP3R5dMeNK/BKhMahUylYzAfBgNVHSMEGDAWgBTr7JAwxwo9QZLV
nCjcyNVHaUNAszAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzYteVFNTWNLUFVHUzFad28zTWpWUjJsRFFMTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8x
L0YtOVlJV3o5MGVYVEhqU3Z3U29UR29WTXBXTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MzcyYjg3LTk1ZjQtNGM5OC1hNmY0LTRhNmY4NjgzMjY1Yy8xLzYteVFNTWNLUFVH
UzFad28zTWpWUjJsRFFMTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBe
BggrBgEFBQcBBwEB/wRPME0wPAQCAAEwNgMEBS4joAMEA09ueAMEA1BfEAMEAV2v
9AMEBl+egAMEBJf8wAMEArkS5AMEArkopAMEBdQVgDANBAIAAjAHAwUAKgDiADAN
BgkqhkiG9w0BAQsFAAOCAQEAisurtGRaCCjY1KC5bDEFSyifJwnQXaQ9Ur/AdE95
4mSrVV25Ogx7kOgetWzlWkLNXP1LDildVLbCdENx3mI/rT8pYdRVm9tVHZqeKQKE
mmjD3isdqaY64+PvP9eQseF0iWEFDyhDCMaEPPdGdXEsXtAmRliJCMMJ49qTbuG+
sbk5ycL7WCF6Mpw2DAZWohFUsek4v4gj6pwXUPxReBPDWU7EC5yaVkQXiZwcaWdh
5qvuLT6AfOZL4BGUgm7V584iUTE+o5ubfV+ZgJbfcwkGxb0Oj6gLn2YV11zYWT6F
qLAAtjUCX99dyh3OJrPYLhXyT/IJDr80cKLZpoSv891Ulw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:37 2023 by rpki-client on console-ams.rpki-client.org