Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1-55Zta9uUZnuRA0db_UHzFTq4QI.roa
File: 1-55Zta9uUZnuRA0db_UHzFTq4QI.roa (raw, json)
Hash identifier: hkSQyx4DVIjVgQUCKLCBvcwFkCKDvWln63F9C9mChGE=
Subject key identifier: FB:9E:59:B5:AF:6E:51:99:EE:44:0D:1D:6F:F5:07:CC:54:EA:E1:02
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01825F5552E64C629F71292D9ED449406BAD
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1-55Zta9uUZnuRA0db_UHzFTq4QI.roa
Signing time: Tue 02 Aug 2022 16:13:23 +0000
ROA not before: Tue 02 Aug 2022 16:13:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205220
IP address blocks: 91.186.220.0/22 maxlen: 24
178.253.40.0/22 maxlen: 24
178.253.38.0/23 maxlen: 24
83.147.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5f:55:52:e6:4c:62:9f:71:29:2d:9e:d4:49:40:6b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Aug 2 16:13:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb9e59b5af6e5199ee440d1d6ff507cc54eae102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:25:a1:f2:1d:bf:83:d6:7f:9a:0c:39:b8:f4:
ec:83:59:1c:4b:84:b0:04:9c:6e:f8:5c:c0:ba:52:
ce:ac:b9:8a:93:d3:9d:6c:f8:95:2d:97:a8:30:a8:
ce:99:2c:7e:24:f6:d9:5b:bc:38:2c:24:0c:6f:6a:
85:f1:2f:65:96:1e:96:43:45:50:57:71:e3:0c:36:
c3:54:28:d5:34:f2:d1:b2:6c:28:43:92:03:83:6c:
ea:c8:04:07:6a:4f:4c:a0:b6:85:f4:3c:e3:28:1b:
60:fb:1b:29:8c:e8:e3:e1:01:3a:bc:40:8f:9b:52:
e6:52:43:82:00:ac:90:1c:ac:b4:e1:bc:4e:ed:50:
0c:c9:88:a5:c5:16:d1:38:c5:48:0d:95:47:0d:e8:
74:25:cd:b1:93:a6:ad:4a:2c:13:58:c8:42:c8:69:
86:cf:4d:e3:49:14:40:e9:3f:3f:a7:6f:cd:62:52:
8e:d6:4e:5a:51:bb:70:71:2a:c0:7f:91:c1:9f:bd:
67:2a:bf:3f:98:56:31:5e:9b:30:09:fc:d3:75:f3:
f2:fe:c5:69:bf:2a:e1:f3:14:97:31:ad:9e:37:be:
90:47:71:48:6a:72:43:af:fa:d6:40:22:1e:df:83:
e3:03:00:40:73:ff:1f:4d:77:71:5d:c8:7c:90:76:
58:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:9E:59:B5:AF:6E:51:99:EE:44:0D:1D:6F:F5:07:CC:54:EA:E1:02
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/1-55Zta9uUZnuRA0db_UHzFTq4QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.248.0/22
91.186.220.0/22
178.253.38.0-178.253.43.255
Signature Algorithm: sha256WithRSAEncryption
77:2d:ce:5b:f9:87:f9:a5:f6:a9:2c:fe:dd:f4:86:8d:2d:4a:
e9:29:1b:4b:13:85:85:ee:96:8c:88:70:f9:a0:65:7b:7e:a6:
c9:c9:6c:f3:25:72:9c:ab:ef:8e:c1:b3:a8:87:8a:23:a2:9b:
0b:a1:e5:1d:f1:c3:28:ee:d8:10:7e:cc:85:03:2a:4a:36:6f:
7c:43:f0:4d:e4:3e:d4:a4:06:fa:83:ba:b6:b1:30:41:99:c9:
e3:ce:14:9b:64:2d:73:a1:09:d0:78:a6:aa:a6:75:e4:15:db:
de:9c:b8:43:88:8f:0c:e1:0d:32:a5:37:5b:20:17:67:6c:ff:
57:df:34:6d:e4:87:07:bc:0c:9e:74:cf:94:c3:f3:bb:0b:ba:
bd:db:43:46:64:68:c4:89:78:ed:cc:49:4b:4c:90:b7:4f:b1:
8b:d0:b9:64:18:77:e7:4e:cb:6d:99:96:eb:95:08:21:f4:d7:
bb:52:f8:be:03:e4:20:65:c2:b4:79:07:71:4d:b0:c5:ca:72:
a6:53:b5:0b:6d:e3:d9:c6:52:20:38:cb:28:a6:e3:a9:6b:2e:
7f:31:46:7c:2c:fd:b2:68:37:1e:b9:e8:43:6c:5b:96:2c:c6:
21:b0:c6:4f:f7:7d:fa:cc:d7:e3:b6:49:7f:bb:c0:ae:43:65:
7a:41:df:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYJfVVLmTGKfcSktntRJQGutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIwODAyMTYxMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjllNTliNWFmNmU1MTk5ZWU0NDBkMWQ2ZmY1MDdjYzU0ZWFlMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyWh8h2/g9Z/mgw5uPTsg1kcS4Sw
BJxu+FzAulLOrLmKk9OdbPiVLZeoMKjOmSx+JPbZW7w4LCQMb2qF8S9llh6WQ0VQ
V3HjDDbDVCjVNPLRsmwoQ5IDg2zqyAQHak9MoLaF9DzjKBtg+xspjOjj4QE6vECP
m1LmUkOCAKyQHKy04bxO7VAMyYilxRbROMVIDZVHDeh0Jc2xk6atSiwTWMhCyGmG
z03jSRRA6T8/p2/NYlKO1k5aUbtwcSrAf5HBn71nKr8/mFYxXpswCfzTdfPy/sVp
vyrh8xSXMa2eN76QR3FIanJDr/rWQCIe34PjAwBAc/8fTXdxXch8kHZYgwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPueWbWvblGZ7kQNHW/1B8xU6uECMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvMS01NVp0YTl1VVpudVJBMGRiX1VIekZUcTRRSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQz
NC8xL3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAlOT+AME
Alu63DAMAwQBsv0mAwQCsv0oMA0GCSqGSIb3DQEBCwUAA4IBAQB3Lc5b+Yf5pfap
LP7d9IaNLUrpKRtLE4WF7paMiHD5oGV7fqbJyWzzJXKcq++OwbOoh4ojopsLoeUd
8cMo7tgQfsyFAypKNm98Q/BN5D7UpAb6g7q2sTBBmcnjzhSbZC1zoQnQeKaqpnXk
FdvenLhDiI8M4Q0ypTdbIBdnbP9X3zRt5IcHvAyedM+Uw/O7C7q920NGZGjEiXjt
zElLTJC3T7GL0LlkGHfnTsttmZbrlQgh9Ne7Uvi+A+QgZcK0eQdxTbDFynKmU7UL
bePZxlIgOMsopuOpay5/MUZ8LP2yaDceuehDbFuWLMYhsMZP9336zNfjtkl/u8Cu
Q2V6Qd/4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-ams.rpki-client.org