Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XIfvCRfKa62_2-wiU0pz33Ar-Ik.roa
File: XIfvCRfKa62_2-wiU0pz33Ar-Ik.roa (raw, json)
Hash identifier: urup4w3QWtUEEBdUlRkh4SDOuRExg4OFJipH4uSKQOw=
Subject key identifier: 5C:87:EF:09:17:CA:6B:AD:BF:DB:EC:22:53:4A:73:DF:70:2B:F8:89
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0183ECFB3F052737C9276CBBB8C3BFC7306E
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XIfvCRfKa62_2-wiU0pz33Ar-Ik.roa
Signing time: Tue 18 Oct 2022 21:23:52 +0000
ROA not before: Tue 18 Oct 2022 21:23:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50007
IP address blocks: 85.208.104.0/24 maxlen: 24
2a09:f180::/48 maxlen: 48
2a09:98c0::/48 maxlen: 48
2a09:9940::/48 maxlen: 48
2a09:4040::/48 maxlen: 48
2a09:1140::/48 maxlen: 48
2a06:3b00::/48 maxlen: 48
2a09:6a80::/48 maxlen: 48
2a09:40c0::/48 maxlen: 48
2a09:9740::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ec:fb:3f:05:27:37:c9:27:6c:bb:b8:c3:bf:c7:30:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Oct 18 21:23:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c87ef0917ca6badbfdbec22534a73df702bf889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:5c:d6:90:a0:f7:07:9e:5a:3f:42:3c:53:e1:
74:9b:be:12:fc:90:1e:04:9f:7b:d0:f5:0f:3d:98:
ff:fe:dd:37:78:b0:cd:65:7e:60:a5:5f:33:31:5d:
44:de:7b:bf:81:17:6a:9b:1b:31:b9:78:a8:61:52:
37:36:44:4a:78:8d:e5:7a:e7:ab:4e:b7:a1:54:71:
5e:df:e3:20:84:1a:06:88:ce:6c:08:d7:91:3f:ce:
52:c0:06:98:84:86:e2:f7:3b:3b:7d:24:2c:f6:d3:
26:7f:dc:c0:56:17:e9:03:c8:40:c3:a0:2e:b7:1a:
b2:c1:2f:7f:a0:b2:e7:ef:e7:ce:ce:75:c9:af:49:
dd:c8:b5:c7:0b:87:f8:95:d5:de:65:84:ea:26:03:
c3:f5:a5:3d:a0:b7:f7:c5:70:b9:a4:42:cd:ed:fb:
76:a3:14:7d:a3:ae:5b:fc:e2:28:78:87:83:a9:55:
4e:f0:f9:f5:04:ef:26:65:f8:e6:50:85:9b:cc:fe:
ce:f1:f7:18:a5:5f:92:9c:36:b8:9c:bd:2e:f6:ad:
39:bd:bf:46:b2:89:74:c1:28:f9:a0:a8:ae:79:73:
fa:94:56:87:98:12:31:cd:77:73:2e:55:bf:75:42:
53:f6:77:d9:10:6c:18:04:3d:52:cf:93:de:d7:e5:
b9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:87:EF:09:17:CA:6B:AD:BF:DB:EC:22:53:4A:73:DF:70:2B:F8:89
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/XIfvCRfKa62_2-wiU0pz33Ar-Ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.104.0/24
IPv6:
2a06:3b00::/48
2a09:1140::/48
2a09:4040::/48
2a09:40c0::/48
2a09:6a80::/48
2a09:9740::/48
2a09:98c0::/48
2a09:9940::/48
2a09:f180::/48
Signature Algorithm: sha256WithRSAEncryption
27:7e:0a:f7:a9:8f:1d:7e:ba:fe:fe:2b:40:0f:46:bc:5d:01:
97:fa:49:de:20:c8:58:89:37:5d:30:96:a7:59:49:cf:12:eb:
b0:11:60:aa:9a:9d:eb:de:2f:80:ac:b5:8b:27:bd:50:f9:c1:
01:08:eb:0e:12:e7:01:ae:ed:24:ee:5d:68:6d:e3:a3:f3:22:
58:d4:2d:0e:a3:ff:a1:d6:59:d3:fe:8a:e4:63:1d:98:33:30:
66:70:0b:fa:d5:0f:2c:f8:76:21:3d:1c:e5:be:eb:aa:3a:89:
e2:db:cb:97:24:8f:64:c1:fa:76:9f:f5:d6:31:51:de:75:c0:
08:d6:8f:0c:f2:20:5a:05:de:95:e0:80:5d:53:f5:f9:e9:a8:
b2:e6:aa:cd:cc:93:ca:ea:fd:1f:c3:4a:96:51:03:9e:92:9b:
bb:d4:2b:f5:3c:d6:3a:d2:b9:b1:cb:d5:2b:e9:98:91:9c:d0:
20:d1:d0:ca:f5:51:84:3f:04:7e:c2:e6:3e:fa:0b:6c:ac:75:
b3:16:1f:4f:15:7b:d9:2b:8a:e9:7e:89:40:58:66:20:49:37:
7f:b3:bc:ab:7b:7a:d5:72:32:fc:59:b7:5a:39:93:e5:bd:3d:
45:7d:e9:5f:48:d3:bc:3b:a7:51:21:38:20:9d:0a:fd:e8:69:
7b:b4:7d:b8
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYPs+z8FJzfJJ2y7uMO/xzBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIxMDE4MjEyMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg3ZWYwOTE3Y2E2YmFkYmZkYmVjMjI1MzRhNzNkZjcwMmJmODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1zWkKD3B55aP0I8U+F0m74S/JAe
BJ970PUPPZj//t03eLDNZX5gpV8zMV1E3nu/gRdqmxsxuXioYVI3NkRKeI3leuer
TrehVHFe3+MghBoGiM5sCNeRP85SwAaYhIbi9zs7fSQs9tMmf9zAVhfpA8hAw6Au
txqywS9/oLLn7+fOznXJr0ndyLXHC4f4ldXeZYTqJgPD9aU9oLf3xXC5pELN7ft2
oxR9o65b/OIoeIeDqVVO8Pn1BO8mZfjmUIWbzP7O8fcYpV+SnDa4nL0u9q05vb9G
sol0wSj5oKiueXP6lFaHmBIxzXdzLlW/dUJT9nfZEGwYBD1Sz5Pe1+W5vQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFFyH7wkXymutv9vsIlNKc99wK/iJMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWElmdkNSZkthNjJfMi13aVUwcHozM0FyLUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAMBAIAATAGAwQAVdBoMFcE
AgACMFEDBwAqBjsAAAADBwAqCRFAAAADBwAqCUBAAAADBwAqCUDAAAADBwAqCWqA
AAADBwAqCZdAAAADBwAqCZjAAAADBwAqCZlAAAADBwAqCfGAAAAwDQYJKoZIhvcN
AQELBQADggEBACd+Cvepjx1+uv7+K0APRrxdAZf6Sd4gyFiJN10wlqdZSc8S67AR
YKqaneveL4CstYsnvVD5wQEI6w4S5wGu7STuXWht46PzIljULQ6j/6HWWdP+iuRj
HZgzMGZwC/rVDyz4diE9HOW+66o6ieLby5ckj2TB+naf9dYxUd51wAjWjwzyIFoF
3pXggF1T9fnpqLLmqs3Mk8rq/R/DSpZRA56Sm7vUK/U81jrSubHL1SvpmJGc0CDR
0Mr1UYQ/BH7C5j76C2ysdbMWH08Ve9kriul+iUBYZiBJN3+zvKt7etVyMvxZt1o5
k+W9PUV96V9I07w7p1EhOCCdCv3oaXu0fbg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:22 2023 by rpki-client on console-ams.rpki-client.org