Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/cUmetWbPL4dAmm7OP5Rm6EFZBwE.roa
File: cUmetWbPL4dAmm7OP5Rm6EFZBwE.roa (raw, json)
Hash identifier: CO9sgsnP7lRVSedB9j5BVsoBks+IpzS5xJFrfqjOX3Q=
Subject key identifier: 71:49:9E:B5:66:CF:2F:87:40:9A:6E:CE:3F:94:66:E8:41:59:07:01
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 1672CEF2
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/cUmetWbPL4dAmm7OP5Rm6EFZBwE.roa
Signing time: Wed 20 Apr 2022 08:00:01 +0000
ROA not before: Wed 20 Apr 2022 08:00:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35244
IP address blocks: 95.157.0.0/18 maxlen: 18
195.234.128.0/24 maxlen: 24
46.128.0.0/16 maxlen: 16
83.243.112.0/21 maxlen: 21
194.105.96.0/21 maxlen: 21
193.25.118.0/23 maxlen: 23
109.125.64.0/18 maxlen: 18
77.47.0.0/17 maxlen: 17
195.46.44.0/22 maxlen: 22
85.233.32.0/19 maxlen: 19
185.169.204.0/22 maxlen: 22
88.215.64.0/18 maxlen: 18
2a02:2455::/33 maxlen: 33
2001:4c50::/32 maxlen: 32
2a02:2457:300::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 376622834 (0x1672cef2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Apr 20 08:00:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71499eb566cf2f87409a6ece3f9466e841590701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2a:eb:25:49:91:f1:77:a6:f2:d5:56:bd:a0:
7a:00:e4:10:f3:cb:e2:24:05:51:07:de:61:fc:3b:
2b:2b:4e:bd:7b:33:1f:45:3f:df:80:a3:df:ad:1c:
33:c6:d6:42:9e:1c:62:43:a9:d1:ca:97:db:f4:a2:
bc:e2:22:3a:83:d8:f5:59:fa:ae:14:d3:e5:9e:89:
3d:b5:1f:ca:26:97:c0:ef:95:b5:f3:60:52:38:55:
e5:b8:80:d4:51:f8:47:1f:ec:bd:f6:fc:02:0f:fd:
4e:a9:10:35:c4:03:26:bd:2c:0e:77:3d:8e:7a:37:
66:58:46:3f:d2:6c:63:ae:74:e1:60:c8:c2:79:c2:
98:96:d4:e5:92:e8:24:5f:2d:3d:89:8a:87:3d:eb:
14:64:50:3e:e0:36:5a:77:3b:5b:ae:4c:e7:f1:08:
a9:3d:4a:d6:91:b4:8b:7e:6f:43:84:06:0d:e4:2b:
5e:7b:6b:ee:ff:f3:43:31:3f:84:e5:92:2c:86:f2:
ec:45:d0:67:71:16:10:2e:71:c3:9e:b3:e2:59:c5:
af:04:a8:f3:c2:39:93:b5:bf:19:99:81:02:97:9f:
0e:61:61:8f:53:ae:05:0e:e8:12:d0:a7:40:18:f6:
cd:98:46:36:5c:85:db:a7:48:d1:39:2d:69:78:57:
75:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:49:9E:B5:66:CF:2F:87:40:9A:6E:CE:3F:94:66:E8:41:59:07:01
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/cUmetWbPL4dAmm7OP5Rm6EFZBwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.128.0.0/16
77.47.0.0/17
83.243.112.0/21
85.233.32.0/19
88.215.64.0/18
95.157.0.0/18
109.125.64.0/18
185.169.204.0/22
193.25.118.0/23
194.105.96.0/21
195.46.44.0/22
195.234.128.0/24
IPv6:
2001:4c50::/32
2a02:2455::/33
2a02:2457:300::/40
Signature Algorithm: sha256WithRSAEncryption
a1:81:3e:22:8a:58:cf:0d:4d:c7:0a:5a:b1:21:f3:d0:9a:96:
85:cc:5f:0e:f8:1e:0d:b7:2e:52:76:0b:20:37:e8:4f:5b:7a:
88:76:f5:54:f1:b8:d3:35:6d:c9:35:03:f9:8c:7f:7d:ac:50:
75:4c:37:7f:92:79:51:33:46:9f:d4:c5:4e:ad:41:69:1f:eb:
6e:f9:5e:d5:34:1d:4a:8d:97:7d:ea:01:9a:52:ab:fa:6e:c0:
71:d3:ff:54:72:0d:60:d6:da:c3:d3:f0:1d:dc:de:2a:6b:78:
ec:46:4e:b1:a5:ad:29:48:d1:5a:fd:ae:ec:78:61:66:1a:a2:
00:82:ac:09:16:e5:d4:87:99:44:6e:16:ec:d6:64:98:7a:86:
00:cb:2f:ca:18:41:4f:4c:ca:e3:b9:73:b1:af:b9:a5:c3:b4:
3d:2d:16:8e:6e:7e:af:63:ef:8b:bd:1a:b6:b9:8a:92:0d:bf:
34:52:7d:bf:eb:11:8d:cf:9f:a0:26:9f:32:8f:0c:7a:4a:b4:
36:21:43:3c:cf:b4:3c:56:f5:ac:e0:34:3b:0a:96:3d:24:6e:
b1:fc:d5:85:75:3a:8a:7e:84:b5:05:e5:86:74:7d:2e:39:7e:
aa:dd:f4:c3:c6:e9:52:35:66:90:c0:92:ee:a2:39:bb:1c:a1:
bc:13:0e:10
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIEFnLO8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGI3NjlhNTNkZDg2MzUyZDM0NDBmMjIyYmRmOTA3Y2YwOWMyZGJhMB4XDTIyMDQy
MDA4MDAwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzE0OTllYjU2NmNm
MmY4NzQwOWE2ZWNlM2Y5NDY2ZTg0MTU5MDcwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANEq6yVJkfF3pvLVVr2gegDkEPPL4iQFUQfeYfw7KytOvXsz
H0U/34Cj360cM8bWQp4cYkOp0cqX2/SivOIiOoPY9Vn6rhTT5Z6JPbUfyiaXwO+V
tfNgUjhV5biA1FH4Rx/svfb8Ag/9TqkQNcQDJr0sDnc9jno3ZlhGP9JsY6504WDI
wnnCmJbU5ZLoJF8tPYmKhz3rFGRQPuA2Wnc7W65M5/EIqT1K1pG0i35vQ4QGDeQr
Xntr7v/zQzE/hOWSLIby7EXQZ3EWEC5xw56z4lnFrwSo88I5k7W/GZmBApefDmFh
j1OuBQ7oEtCnQBj2zZhGNlyF26dI0TktaXhXdQECAwEAAaOCAmkwggJlMB0GA1Ud
DgQWBBRxSZ61Zs8vh0Cabs4/lGboQVkHATAfBgNVHSMEGDAWgBT0t2mlPdhjUtNE
DyIr35B88JwtujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlMZHBwVDNZWTFMVFJBOGlLOS1RZlBDY0xiby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvNzBkNTBmLWZmM2MtNGY2My04ZGVjLWQ3YzM2YzI3YzA4Ny8x
L2NVbWV0V2JQTDRkQW1tN09QNVJtNkVGWkJ3RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
NzBkNTBmLWZmM2MtNGY2My04ZGVjLWQ3YzM2YzI3YzA4Ny8xLzlMZHBwVDNZWTFM
VFJBOGlLOS1RZlBDY0xiby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB/
BggrBgEFBQcBBwEB/wRwMG4wTQQCAAEwRwMDAC6AAwQHTS8AAwQDU/NwAwQFVekg
AwQGWNdAAwQGX50AAwQGbX1AAwQCuanMAwQBwRl2AwQDwmlgAwQCwy4sAwQAw+qA
MB0EAgACMBcDBQAgAUxQAwYHKgIkVQADBgAqAiRXAzANBgkqhkiG9w0BAQsFAAOC
AQEAoYE+IopYzw1NxwpasSHz0JqWhcxfDvgeDbcuUnYLIDfoT1t6iHb1VPG40zVt
yTUD+Yx/faxQdUw3f5J5UTNGn9TFTq1BaR/rbvle1TQdSo2XfeoBmlKr+m7AcdP/
VHINYNbaw9PwHdzeKmt47EZOsaWtKUjRWv2u7HhhZhqiAIKsCRbl1IeZRG4W7NZk
mHqGAMsvyhhBT0zK47lzsa+5pcO0PS0Wjm5+r2Pvi70atrmKkg2/NFJ9v+sRjc+f
oCafMo8Mekq0NiFDPM+0PFb1rOA0OwqWPSRusfzVhXU6in6EtQXlhnR9Ljl+qt30
w8bpUjVmkMCS7qI5uxyhvBMOEA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:52 2023 by rpki-client on console-ams.rpki-client.org