Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/sKyyKzRy4EsLKBfYcUTMfqo1MPA.roa
File: sKyyKzRy4EsLKBfYcUTMfqo1MPA.roa (raw, json)
Hash identifier: PfEULlhGLDaUGb2VJgEfh1QvT6Sh+B1GZeRb0imU2Iw=
Subject key identifier: B0:AC:B2:2B:34:72:E0:4B:0B:28:17:D8:71:44:CC:7E:AA:35:30:F0
Certificate issuer: /CN=d5620cec70974d037d7769758c74668305b32cf2
Certificate serial: 02A287
Authority key identifier: D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/sKyyKzRy4EsLKBfYcUTMfqo1MPA.roa
Signing time: Fri 18 Mar 2022 10:02:18 +0000
ROA not before: Fri 18 Mar 2022 10:02:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56694
IP address blocks: 94.198.50.0/23 maxlen: 24
185.9.144.0/22 maxlen: 24
188.127.224.0/20 maxlen: 24
94.198.52.0/22 maxlen: 24
188.127.240.0/21 maxlen: 24
188.127.248.0/22 maxlen: 24
188.127.253.0/24 maxlen: 24
188.127.254.0/23 maxlen: 24
185.130.248.0/22 maxlen: 24
152.89.216.0/22 maxlen: 24
2a06:dd00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172679 (0x2a287)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5620cec70974d037d7769758c74668305b32cf2
Validity
Not Before: Mar 18 10:02:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0acb22b3472e04b0b2817d87144cc7eaa3530f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a6:c9:3a:74:5c:31:11:26:25:a4:6e:83:f1:
97:89:e3:d5:83:d8:58:63:93:99:b7:57:39:81:af:
ab:f7:07:a3:b3:f6:02:62:d3:2f:f0:95:a5:0e:f8:
2d:3a:34:82:19:58:c3:2f:4e:dd:ab:01:8c:40:97:
6a:6a:80:fb:70:53:70:09:b2:89:80:96:0e:d6:31:
70:37:35:18:23:d1:76:8a:a0:58:cf:20:f1:28:5a:
f4:8a:b8:59:4a:bc:cb:6c:c2:2c:bb:95:9f:8e:0f:
3c:b9:a1:c8:8a:4c:fb:1c:cb:7e:e8:1a:d7:5b:c6:
cb:b1:90:1c:dd:60:a3:3d:14:95:f5:fb:5a:49:9c:
f3:b1:4a:99:d8:89:32:a4:26:82:86:af:09:a8:fb:
02:21:3c:c1:54:b1:62:33:27:10:0e:ec:f0:23:d7:
b9:3a:c0:02:d1:0c:dd:89:9f:73:96:33:39:7c:52:
50:77:91:17:e1:7a:0c:3f:f4:3f:d3:6a:fd:8c:36:
28:c7:02:95:15:70:b7:fc:55:67:98:b1:0a:c4:92:
c1:0d:43:3c:a8:b2:b9:dd:8c:bb:4d:76:f8:7e:1e:
71:15:ef:bb:43:d4:ad:20:1a:c1:cd:c9:e4:1f:49:
08:ce:25:ff:40:6d:76:a7:17:d4:5e:ef:a1:fb:ee:
a3:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:AC:B2:2B:34:72:E0:4B:0B:28:17:D8:71:44:CC:7E:AA:35:30:F0
X509v3 Authority Key Identifier:
keyid:D5:62:0C:EC:70:97:4D:03:7D:77:69:75:8C:74:66:83:05:B3:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WIM7HCXTQN9d2l1jHRmgwWzLPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/sKyyKzRy4EsLKBfYcUTMfqo1MPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/323a92-7d38-49ec-ba99-be434cb9f8f8/1/1WIM7HCXTQN9d2l1jHRmgwWzLPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.50.0-94.198.55.255
152.89.216.0/22
185.9.144.0/22
185.130.248.0/22
188.127.224.0-188.127.251.255
188.127.253.0-188.127.255.255
IPv6:
2a06:dd00::/29
Signature Algorithm: sha256WithRSAEncryption
89:51:81:46:d6:e8:0c:04:cb:fb:d0:88:1a:34:78:a9:ef:ca:
74:d4:36:e0:39:c7:50:b5:6f:fa:ad:c0:d2:bc:0e:2f:db:a3:
92:ae:ee:33:cc:b5:68:70:41:1c:b9:3f:61:bf:d4:93:21:c0:
e3:62:93:04:29:bd:b6:5c:2f:44:03:da:14:28:73:b9:d7:a1:
90:3d:a7:3e:71:86:0c:6f:2a:60:d2:6c:16:fd:56:ac:23:56:
df:a4:78:30:6a:0c:96:38:f5:9d:f8:dc:a4:71:2d:25:7f:6c:
84:34:fd:a0:ed:a3:c6:52:a7:a7:36:11:3f:5d:97:95:56:05:
ee:c2:3e:dd:f6:18:7e:79:bd:54:3e:61:ed:0a:93:5d:65:9f:
d9:47:b7:52:16:fd:53:05:3d:cf:ff:04:50:6b:f8:da:c9:9d:
29:77:43:b2:ba:33:ff:c3:46:14:bc:ee:c9:72:58:44:11:c7:
4c:08:d7:5c:44:e5:8b:be:8b:ca:64:f1:57:2f:61:27:13:bb:
f8:e0:1a:6e:c8:5d:56:53:ad:ae:af:ea:77:61:36:58:ab:8d:
35:32:61:9b:09:53:d7:e0:e8:e2:f8:98:f6:9d:88:47:ce:e1:
12:1e:c7:87:fa:b4:5b:ef:1f:4e:4e:dd:37:01:36:c7:66:50:
50:a3:eb:81
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIDAqKHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
NjIwY2VjNzA5NzRkMDM3ZDc3Njk3NThjNzQ2NjgzMDViMzJjZjIwHhcNMjIwMzE4
MTAwMjE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiMGFjYjIyYjM0NzJl
MDRiMGIyODE3ZDg3MTQ0Y2M3ZWFhMzUzMGYwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsqbJOnRcMREmJaRug/GXiePVg9hYY5OZt1c5ga+r9wejs/YC
YtMv8JWlDvgtOjSCGVjDL07dqwGMQJdqaoD7cFNwCbKJgJYO1jFwNzUYI9F2iqBY
zyDxKFr0irhZSrzLbMIsu5Wfjg88uaHIikz7HMt+6BrXW8bLsZAc3WCjPRSV9fta
SZzzsUqZ2IkypCaChq8JqPsCITzBVLFiMycQDuzwI9e5OsAC0QzdiZ9zljM5fFJQ
d5EX4XoMP/Q/02r9jDYoxwKVFXC3/FVnmLEKxJLBDUM8qLK53Yy7TXb4fh5xFe+7
Q9StIBrBzcnkH0kIziX/QG12pxfUXu+h++6j4QIDAQABo4ICTTCCAkkwHQYDVR0O
BBYEFLCssis0cuBLCygX2HFEzH6qNTDwMB8GA1UdIwQYMBaAFNViDOxwl00DfXdp
dYx0ZoMFsyzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MVdJTTdIQ1hUUU45ZDJsMWpIUm1nd1d6TFBJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hNi8zMjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4LzEv
c0t5eUt6Unk0RXNMS0JmWWNVVE1mcW8xTVBBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8z
MjNhOTItN2QzOC00OWVjLWJhOTktYmU0MzRjYjlmOGY4LzEvMVdJTTdIQ1hUUU45
ZDJsMWpIUm1nd1d6TFBJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGMG
CCsGAQUFBwEHAQH/BFQwUjBBBAIAATA7MAwDBAFexjIDBANexjADBAKYWdgDBAK5
CZADBAK5gvgwDAMEBbx/4AMEArx/+DALAwQAvH/9AwMHvAAwDQQCAAIwBwMFAyoG
3QAwDQYJKoZIhvcNAQELBQADggEBAIlRgUbW6AwEy/vQiBo0eKnvynTUNuA5x1C1
b/qtwNK8Di/bo5Ku7jPMtWhwQRy5P2G/1JMhwONikwQpvbZcL0QD2hQoc7nXoZA9
pz5xhgxvKmDSbBb9VqwjVt+keDBqDJY49Z343KRxLSV/bIQ0/aDto8ZSp6c2ET9d
l5VWBe7CPt32GH55vVQ+Ye0Kk11ln9lHt1IW/VMFPc//BFBr+NrJnSl3Q7K6M//D
RhS87slyWEQRx0wI11xE5Yu+i8pk8VcvYScTu/jgGm7IXVZTra6v6ndhNlirjTUy
YZsJU9fg6OL4mPadiEfO4RIex4f6tFvvH05O3TcBNsdmUFCj64E=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:39 2023 by rpki-client on console-ams.rpki-client.org