Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/dCA82_ir9OqyNMmfhOM37IMSeXw.roa
File: dCA82_ir9OqyNMmfhOM37IMSeXw.roa (raw, json)
Hash identifier: stPju58iBJTZQOtuvt2lDaHB46TgsRGp3hQZy+7C/nw=
Subject key identifier: 74:20:3C:DB:F8:AB:F4:EA:B2:34:C9:9F:84:E3:37:EC:83:12:79:7C
Certificate issuer: /CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Certificate serial: 01852CAB0FA0D2EE23100375B37F666EF67B
Authority key identifier: EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/dCA82_ir9OqyNMmfhOM37IMSeXw.roa
Signing time: Mon 19 Dec 2022 23:14:46 +0000
ROA not before: Mon 19 Dec 2022 23:14:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51262
IP address blocks: 185.147.10.0/23 maxlen: 23
185.147.9.0/24 maxlen: 24
2a0a:dc01::/32 maxlen: 32
2a0a:dc05::/32 maxlen: 32
2a0a:dc02::/32 maxlen: 32
2a0a:dc00::/32 maxlen: 32
2a0a:dc06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2c:ab:0f:a0:d2:ee:23:10:03:75:b3:7f:66:6e:f6:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Validity
Not Before: Dec 19 23:14:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74203cdbf8abf4eab234c99f84e337ec8312797c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:67:5a:ee:a5:59:0a:51:2a:be:fe:86:27:6e:
eb:0b:a6:d3:5a:27:75:0a:92:ae:2b:e6:dd:00:58:
5d:28:07:2f:0b:e1:92:0c:7c:2d:9d:52:66:49:ae:
29:aa:90:60:28:85:cf:89:35:59:35:fb:4b:55:02:
51:73:16:dd:ab:54:fe:ce:ec:e9:15:a6:c8:10:76:
c7:4e:c2:5c:10:57:2f:5b:49:64:13:04:12:67:bf:
1b:68:d2:56:30:97:51:db:60:2d:f0:45:61:01:14:
8e:2a:f2:93:54:b6:a9:11:51:57:f8:57:ec:a6:e6:
bb:d0:cd:55:32:03:2b:7f:a2:0d:88:6f:c2:d3:7d:
9b:09:69:c3:f0:27:0a:d4:12:f3:4a:67:ca:cc:f9:
7d:dd:6d:0f:4b:40:5e:0c:d7:e5:f2:f8:7f:26:2b:
e2:1f:5b:81:28:89:39:07:4c:d1:e0:a0:d5:6e:0d:
73:2a:8c:da:57:b5:49:dc:1c:44:e0:ab:d7:88:fa:
ed:bb:2b:5c:8c:f6:2a:2f:84:1f:e2:b3:06:16:cc:
45:d0:fa:52:ad:31:fd:2d:c7:66:5a:eb:bd:41:e2:
20:19:ac:40:4a:b6:8b:84:f4:0a:98:76:01:3e:24:
6e:26:c6:65:c5:a9:99:fc:07:3e:2e:cf:11:8d:17:
e7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:20:3C:DB:F8:AB:F4:EA:B2:34:C9:9F:84:E3:37:EC:83:12:79:7C
X509v3 Authority Key Identifier:
keyid:EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/dCA82_ir9OqyNMmfhOM37IMSeXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.9.0-185.147.11.255
IPv6:
2a0a:dc00::-2a0a:dc02:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:dc05::-2a0a:dc06:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
81:91:1b:c5:56:c2:d5:7f:eb:55:b8:a6:25:0b:0f:52:a2:0a:
2d:54:2f:48:c3:13:56:5d:8d:33:96:20:d5:54:5a:a4:f6:42:
ec:9d:df:97:a3:a9:8d:2a:27:43:62:e4:fc:34:5c:33:8a:e5:
d4:3c:5f:31:32:16:67:8b:7f:1f:cd:ba:64:fa:ca:1c:68:00:
87:ad:b4:db:39:08:8a:9d:c7:62:6f:e5:ef:ca:5c:dd:42:93:
53:20:b3:4e:80:17:8c:70:a8:bb:e4:24:4c:d8:a4:8d:bd:67:
5e:5e:85:3d:d1:6d:c6:2e:44:20:53:69:6c:10:bf:c3:e3:8e:
69:a2:92:53:36:5f:0b:c7:4c:46:88:f4:52:56:ea:bd:ad:c3:
eb:b8:08:9d:0e:c2:fa:d2:ea:b4:ef:f3:e0:08:33:d3:2b:e0:
3f:7e:9d:79:ce:71:ba:48:2c:b0:29:9b:5d:88:e9:6c:0e:39:
f9:86:26:9a:e1:55:74:b7:fc:ed:ce:3e:8f:c5:32:a3:df:b0:
67:dc:06:47:ed:00:20:ba:5d:0e:c9:94:57:14:73:8c:29:7a:
65:31:4f:e3:c6:26:43:1e:99:b9:8d:a1:92:8a:53:22:ae:62:
dc:a8:9a:06:46:f1:05:45:b4:fb:79:d3:2b:74:13:dd:a9:f3:
33:ef:77:b0
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYUsqw+g0u4jEAN1s39mbvZ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZTY5MTQyN2M2ZTQxODA2ZjZjZWIxZTIxOGE3ZGM2MzIw
ZmRlZWQwHhcNMjIxMjE5MjMxNDQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDIwM2NkYmY4YWJmNGVhYjIzNGM5OWY4NGUzMzdlYzgzMTI3OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiGda7qVZClEqvv6GJ27rC6bTWid1
CpKuK+bdAFhdKAcvC+GSDHwtnVJmSa4pqpBgKIXPiTVZNftLVQJRcxbdq1T+zuzp
FabIEHbHTsJcEFcvW0lkEwQSZ78baNJWMJdR22At8EVhARSOKvKTVLapEVFX+Ffs
pua70M1VMgMrf6INiG/C032bCWnD8CcK1BLzSmfKzPl93W0PS0BeDNfl8vh/Jivi
H1uBKIk5B0zR4KDVbg1zKozaV7VJ3BxE4KvXiPrtuytcjPYqL4Qf4rMGFsxF0PpS
rTH9LcdmWuu9QeIgGaxASraLhPQKmHYBPiRuJsZlxamZ/Ac+Ls8RjRfnWwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHQgPNv4q/TqsjTJn4TjN+yDEnl8MB8GA1UdIwQY
MBaAFO/mkUJ8bkGAb2zrHiGKfcYyD97tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMt
MzgxNGM1N2ZlOWJiLzEvZENBODJfaXI5T3F5Tk1tZmhPTTM3SU1TZVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMtMzgxNGM1N2ZlOWJi
LzEvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAUBAIAATAOMAwDBAC5kwkD
BAK5kwgwJQQCAAIwHzANAwQCKgrcAwUAKgrcAjAOAwUAKgrcBQMFACoK3AYwDQYJ
KoZIhvcNAQELBQADggEBAIGRG8VWwtV/61W4piULD1KiCi1UL0jDE1ZdjTOWINVU
WqT2Quyd35ejqY0qJ0Ni5Pw0XDOK5dQ8XzEyFmeLfx/NumT6yhxoAIettNs5CIqd
x2Jv5e/KXN1Ck1Mgs06AF4xwqLvkJEzYpI29Z15ehT3RbcYuRCBTaWwQv8Pjjmmi
klM2XwvHTEaI9FJW6r2tw+u4CJ0OwvrS6rTv8+AIM9Mr4D9+nXnOcbpILLApm12I
6WwOOfmGJprhVXS3/O3OPo/FMqPfsGfcBkftACC6XQ7JlFcUc4wpemUxT+PGJkMe
mbmNoZKKUyKuYtyomgZG8QVFtPt50yt0E92p8zPvd7A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:52 2023 by rpki-client on console-ams.rpki-client.org