Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/spxy8HzTw68aO7BHkeSSPAAClCI.roa
File: spxy8HzTw68aO7BHkeSSPAAClCI.roa (raw, json)
Hash identifier: p+kW42Jrd4Z40tQQhg08jgpvcrpsVLUgtLYGrK0zro4=
Subject key identifier: B2:9C:72:F0:7C:D3:C3:AF:1A:3B:B0:47:91:E4:92:3C:00:02:94:22
Certificate issuer: /CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Certificate serial: D65E4F
Authority key identifier: E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/spxy8HzTw68aO7BHkeSSPAAClCI.roa
Signing time: Thu 07 Apr 2022 10:21:21 +0000
ROA not before: Thu 07 Apr 2022 10:21:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42600
IP address blocks: 185.139.201.0/24 maxlen: 24
185.139.200.0/24 maxlen: 24
185.139.200.0/22 maxlen: 24
185.139.203.0/24 maxlen: 24
185.139.202.0/24 maxlen: 24
185.46.90.0/24 maxlen: 24
185.46.89.0/24 maxlen: 24
185.46.88.0/24 maxlen: 24
185.46.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14048847 (0xd65e4f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e740eed28f2d994eb2b831cb8efc6470306d7461
Validity
Not Before: Apr 7 10:21:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b29c72f07cd3c3af1a3bb04791e4923c00029422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:61:ba:5e:e8:8e:c6:51:dc:4b:34:6b:40:1c:
34:d0:c4:0f:6d:bf:e4:d9:85:b0:cd:ba:63:b5:4d:
97:63:72:17:7a:0d:8e:90:51:0e:dd:34:0e:e1:c1:
c7:9c:cc:c4:9a:0f:14:9f:de:f8:a1:b1:03:7f:39:
e7:ea:6c:3a:71:90:63:2c:b2:65:3e:05:a1:77:0d:
b4:88:4f:58:db:75:50:9c:d8:87:ec:c4:31:c7:15:
bc:75:99:8a:77:8f:b4:a5:a4:70:6d:79:5d:94:4d:
28:a5:d3:0e:fa:a9:6e:07:83:82:ab:02:1d:5f:cb:
17:da:c5:ad:24:b4:46:15:35:67:08:b2:d7:e2:91:
a0:a2:1a:b8:ef:9a:43:35:82:c2:48:55:ad:c4:b0:
20:5a:2b:aa:78:96:20:ac:5f:e2:83:6d:d8:b8:0f:
54:b5:44:ca:65:53:ea:9d:a7:4d:77:d3:9e:bb:a2:
3d:cc:70:07:1b:ba:43:9d:e1:91:00:fd:a8:23:8b:
78:2d:3a:ca:32:a1:06:83:e8:f0:e8:38:c1:42:23:
17:59:7d:8c:6c:ad:36:bc:0e:fa:7d:d2:45:3e:04:
4e:4e:13:64:c2:b2:f7:33:aa:cb:5b:2c:a6:be:93:
9d:dc:e9:08:17:9d:51:76:88:fb:d0:1e:86:eb:2a:
1b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:9C:72:F0:7C:D3:C3:AF:1A:3B:B0:47:91:E4:92:3C:00:02:94:22
X509v3 Authority Key Identifier:
keyid:E7:40:EE:D2:8F:2D:99:4E:B2:B8:31:CB:8E:FC:64:70:30:6D:74:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/50Du0o8tmU6yuDHLjvxkcDBtdGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/spxy8HzTw68aO7BHkeSSPAAClCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/4d200d-eae5-44da-8ee3-09595e9cd6c2/1/50Du0o8tmU6yuDHLjvxkcDBtdGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.88.0/22
185.139.200.0/22
Signature Algorithm: sha256WithRSAEncryption
84:7c:f4:e7:08:6e:48:65:79:62:79:7c:20:59:8a:a9:67:74:
5a:b6:d6:86:8b:81:2d:d9:72:df:73:90:32:78:42:28:37:0d:
a3:ef:43:04:31:1b:16:49:46:8a:8f:a3:54:e5:d0:3c:ac:17:
3d:b7:dc:df:84:95:1c:d6:3f:1a:65:3e:0a:14:14:f5:f8:60:
bf:12:d9:69:fe:79:04:c6:bb:48:3c:37:00:ba:79:4e:6c:1f:
bd:59:7f:40:60:d6:fb:0b:df:ce:51:d6:e1:fd:3b:74:b0:d7:
2c:44:83:ad:40:2e:63:30:dd:b9:03:91:b2:48:6d:e2:96:77:
d5:0b:59:5c:6c:23:41:39:62:3a:ab:f2:af:77:d5:f1:3c:0a:
e5:e5:3b:54:0a:c3:bd:4f:c9:64:37:c7:21:7c:51:f8:88:38:
1e:6c:ad:1f:fe:2f:f3:4f:36:25:76:a1:59:7e:0a:51:c3:c4:
04:a9:e4:20:83:f7:27:81:16:96:7d:11:f0:0b:c5:1f:2a:c7:
22:47:d2:0a:c8:8e:94:ca:1e:c4:7d:82:b6:47:cf:e5:3b:8a:
d5:a2:b9:fa:1e:3b:d3:2b:98:cf:82:6d:c4:a2:ba:2a:f9:31:
dc:f2:01:97:7c:53:a5:ae:fd:06:f0:8c:21:80:1b:ba:46:d8:
00:cc:cf:5a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEANZeTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzQwZWVkMjhmMmQ5OTRlYjJiODMxY2I4ZWZjNjQ3MDMwNmQ3NDYxMB4XDTIyMDQw
NzEwMjEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjI5YzcyZjA3Y2Qz
YzNhZjFhM2JiMDQ3OTFlNDkyM2MwMDAyOTQyMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPVhul7ojsZR3Es0a0AcNNDED22/5NmFsM26Y7VNl2NyF3oN
jpBRDt00DuHBx5zMxJoPFJ/e+KGxA3855+psOnGQYyyyZT4FoXcNtIhPWNt1UJzY
h+zEMccVvHWZinePtKWkcG15XZRNKKXTDvqpbgeDgqsCHV/LF9rFrSS0RhU1Zwiy
1+KRoKIauO+aQzWCwkhVrcSwIForqniWIKxf4oNt2LgPVLVEymVT6p2nTXfTnrui
PcxwBxu6Q53hkQD9qCOLeC06yjKhBoPo8Og4wUIjF1l9jGytNrwO+n3SRT4ETk4T
ZMKy9zOqy1sspr6TndzpCBedUXaI+9AehusqGzcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSynHLwfNPDrxo7sEeR5JI8AAKUIjAfBgNVHSMEGDAWgBTnQO7Sjy2ZTrK4
McuO/GRwMG10YTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzUwRHUwbzh0bVU2eXVESExqdnhrY0RCdGRHRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvNGQyMDBkLWVhZTUtNDRkYS04ZWUzLTA5NTk1ZTljZDZjMi8x
L3NweHk4SHpUdzY4YU83QkhrZVNTUEFBQ2xDSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
NGQyMDBkLWVhZTUtNDRkYS04ZWUzLTA5NTk1ZTljZDZjMi8xLzUwRHUwbzh0bVU2
eXVESExqdnhrY0RCdGRHRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkuWAMEArmLyDANBgkqhkiG9w0B
AQsFAAOCAQEAhHz05whuSGV5Ynl8IFmKqWd0WrbWhouBLdly33OQMnhCKDcNo+9D
BDEbFklGio+jVOXQPKwXPbfc34SVHNY/GmU+ChQU9fhgvxLZaf55BMa7SDw3ALp5
TmwfvVl/QGDW+wvfzlHW4f07dLDXLESDrUAuYzDduQORskht4pZ31QtZXGwjQTli
Oqvyr3fV8TwK5eU7VArDvU/JZDfHIXxR+Ig4HmytH/4v8082JXahWX4KUcPEBKnk
IIP3J4EWln0R8AvFHyrHIkfSCsiOlMoexH2CtkfP5TuK1aK5+h470yuYz4JtxKK6
Kvkx3PIBl3xTpa79BvCMIYAbukbYAMzPWg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:05 2023 by rpki-client on console-fra.rpki-client.org