Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/xUKir1n418QVUGEHegWEuaPakWw.roa
File: xUKir1n418QVUGEHegWEuaPakWw.roa (raw, json)
Hash identifier: O3xhXduCdJ2UmQpRFtzrZ7j7BWVDqvKjN6T+YZ+HZKw=
Subject key identifier: C5:42:A2:AF:59:F8:D7:C4:15:50:61:07:7A:05:84:B9:A3:DA:91:6C
Certificate issuer: /CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Certificate serial: 38122A03
Authority key identifier: 1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/xUKir1n418QVUGEHegWEuaPakWw.roa
Signing time: Sat 01 Jan 2022 09:53:43 +0000
ROA not before: Sat 01 Jan 2022 09:53:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34568
IP address blocks: 193.138.81.0/24 maxlen: 24
193.28.228.0/24 maxlen: 24
194.116.234.0/23 maxlen: 24
77.87.248.0/21 maxlen: 24
91.234.22.0/24 maxlen: 24
185.217.192.0/22 maxlen: 24
84.246.120.0/21 maxlen: 24
2a01:1f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940714499 (0x38122a03)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c7ad7754795ddd605f28838bb7cc359df7a266a
Validity
Not Before: Jan 1 09:53:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c542a2af59f8d7c4155061077a0584b9a3da916c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ec:26:29:5a:28:ce:a2:e1:c8:e4:ef:0e:87:
da:d9:b0:a3:ac:fc:58:be:49:63:f9:af:a4:ee:84:
4d:72:72:ee:64:a5:53:e0:89:f7:36:f7:36:53:8a:
e1:f0:e6:f8:65:67:ab:6b:da:46:d8:03:af:a2:55:
60:a6:ce:6d:c4:80:ac:c0:e5:7d:8e:68:94:87:90:
58:eb:49:d1:30:a4:66:2a:56:fe:1c:45:60:16:8b:
f1:89:22:a0:3a:7b:1c:40:d3:9b:97:4f:e4:1a:ed:
cb:48:6d:52:ef:a1:f0:62:1b:d1:a8:83:3a:fd:af:
da:22:07:a5:26:c6:df:fe:6f:b6:9e:99:ca:9d:1d:
4b:00:3f:59:71:5a:54:5f:9b:cb:36:ab:34:94:25:
55:08:4d:b9:fa:55:78:50:75:17:6e:16:9a:f6:5f:
76:8c:6b:5b:fc:a1:75:7e:08:48:7d:22:54:80:c6:
d8:ac:25:6f:f8:f0:c9:aa:db:85:84:de:6a:cf:63:
f0:ba:93:ed:8e:2d:9c:34:d8:b4:b0:8d:06:e8:ae:
2c:ac:cf:c4:d0:19:15:b2:fe:10:84:cd:a3:b1:70:
21:55:fd:2e:e3:de:b3:8b:b2:6a:78:0c:40:7a:37:
bf:08:2e:af:35:91:17:7f:c6:8f:83:27:93:34:c8:
5e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:42:A2:AF:59:F8:D7:C4:15:50:61:07:7A:05:84:B9:A3:DA:91:6C
X509v3 Authority Key Identifier:
keyid:1C:7A:D7:75:47:95:DD:D6:05:F2:88:38:BB:7C:C3:59:DF:7A:26:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHrXdUeV3dYF8og4u3zDWd96Jmo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/xUKir1n418QVUGEHegWEuaPakWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/c5a9e3-6722-4b6a-be58-ada5c20e3f7b/1/HHrXdUeV3dYF8og4u3zDWd96Jmo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.248.0/21
84.246.120.0/21
91.234.22.0/24
185.217.192.0/22
193.28.228.0/24
193.138.81.0/24
194.116.234.0/23
IPv6:
2a01:1f8::/32
Signature Algorithm: sha256WithRSAEncryption
18:d6:bb:d6:6b:08:5c:fe:2e:95:b4:49:d4:c7:0c:c4:61:b6:
8e:d1:10:bf:25:af:91:6e:89:73:82:33:7f:6a:21:ed:6c:f4:
9b:db:8e:8e:07:38:8b:3a:76:f2:42:32:4c:ee:23:c4:a3:fe:
33:6e:7e:99:98:c3:14:19:f8:29:7c:26:c5:b4:5a:e9:0e:d9:
2e:fc:8b:7b:dd:88:45:37:17:2c:65:c0:c3:3e:e3:7d:51:ce:
5c:6e:55:4d:c3:f8:ac:9f:a1:0a:9f:0f:34:aa:9b:3b:9a:d9:
e9:0d:98:12:cc:d1:1e:57:82:c4:07:19:ed:ab:60:c8:df:96:
4d:93:99:13:34:f2:21:0c:29:03:9f:50:a5:3c:08:ae:78:29:
c7:62:2e:c1:78:ab:6c:bf:ef:3e:86:21:5b:e2:cf:98:33:f9:
00:aa:e9:bc:2b:4e:5a:6e:21:e2:6c:5e:da:7f:02:fb:17:45:
80:ce:4f:f0:95:df:1c:8a:88:50:fb:b1:43:24:ee:c3:61:50:
f4:42:94:62:20:d3:1f:8d:79:b1:26:2c:20:9c:51:97:f0:48:
05:60:ff:42:74:df:90:6d:ad:4d:d2:a3:42:c8:ae:39:f4:07:
1a:63:6f:f9:ba:6e:98:cb:24:53:ea:01:68:15:a8:95:f8:29:
6c:9b:cc:f3
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEOBIqAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzdhZDc3NTQ3OTVkZGQ2MDVmMjg4MzhiYjdjYzM1OWRmN2EyNjZhMB4XDTIyMDEw
MTA5NTM0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzU0MmEyYWY1OWY4
ZDdjNDE1NTA2MTA3N2EwNTg0YjlhM2RhOTE2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAITsJilaKM6i4cjk7w6H2tmwo6z8WL5JY/mvpO6ETXJy7mSl
U+CJ9zb3NlOK4fDm+GVnq2vaRtgDr6JVYKbObcSArMDlfY5olIeQWOtJ0TCkZipW
/hxFYBaL8YkioDp7HEDTm5dP5Brty0htUu+h8GIb0aiDOv2v2iIHpSbG3/5vtp6Z
yp0dSwA/WXFaVF+byzarNJQlVQhNufpVeFB1F24WmvZfdoxrW/yhdX4ISH0iVIDG
2Kwlb/jwyarbhYTeas9j8LqT7Y4tnDTYtLCNBuiuLKzPxNAZFbL+EITNo7FwIVX9
LuPes4uyangMQHo3vwgurzWRF3/Gj4MnkzTIXuECAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTFQqKvWfjXxBVQYQd6BYS5o9qRbDAfBgNVHSMEGDAWgBQcetd1R5Xd1gXy
iDi7fMNZ33omajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hIclhkVWVWM2RZRjhvZzR1M3pEV2Q5Nkptby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvYzVhOWUzLTY3MjItNGI2YS1iZTU4LWFkYTVjMjBlM2Y3Yi8x
L3hVS2lyMW40MThRVlVHRUhlZ1dFdWFQYWtXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
YzVhOWUzLTY3MjItNGI2YS1iZTU4LWFkYTVjMjBlM2Y3Yi8xL0hIclhkVWVWM2RZ
RjhvZzR1M3pEV2Q5Nkptby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEA01X+AMEA1T2eAMEAFvqFgMEArnZ
wAMEAMEc5AMEAMGKUQMEAcJ06jANBAIAAjAHAwUAKgEB+DANBgkqhkiG9w0BAQsF
AAOCAQEAGNa71msIXP4ulbRJ1McMxGG2jtEQvyWvkW6Jc4Izf2oh7Wz0m9uOjgc4
izp28kIyTO4jxKP+M25+mZjDFBn4KXwmxbRa6Q7ZLvyLe92IRTcXLGXAwz7jfVHO
XG5VTcP4rJ+hCp8PNKqbO5rZ6Q2YEszRHleCxAcZ7atgyN+WTZOZEzTyIQwpA59Q
pTwIrngpx2IuwXirbL/vPoYhW+LPmDP5AKrpvCtOWm4h4mxe2n8C+xdFgM5P8JXf
HIqIUPuxQyTuw2FQ9EKUYiDTH415sSYsIJxRl/BIBWD/QnTfkG2tTdKjQsiuOfQH
GmNv+bpumMskU+oBaBWolfgpbJvM8w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:48 2023 by rpki-client on console-ams.rpki-client.org