Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/riQbayUEgDqxFVznus8JGaidFIk.roa
File: riQbayUEgDqxFVznus8JGaidFIk.roa (raw, json)
Hash identifier: qp/vxwzP9RRUS5WeZBIEPvu88pD9F5hhB7B6+X+2Ft4=
Subject key identifier: AE:24:1B:6B:25:04:80:3A:B1:15:5C:E7:BA:CF:09:19:A8:9D:14:89
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 0182A4E656853E2F61B5117925B2381DCCF8
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/riQbayUEgDqxFVznus8JGaidFIk.roa
Signing time: Tue 16 Aug 2022 04:25:35 +0000
ROA not before: Tue 16 Aug 2022 04:25:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49157
IP address blocks: 185.131.176.0/24 maxlen: 24
185.131.178.0/24 maxlen: 24
185.131.177.0/24 maxlen: 24
185.131.179.0/24 maxlen: 24
83.136.237.0/24 maxlen: 24
185.151.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a4:e6:56:85:3e:2f:61:b5:11:79:25:b2:38:1d:cc:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Aug 16 04:25:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae241b6b2504803ab1155ce7bacf0919a89d1489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4c:79:37:ea:0d:18:52:78:a8:8c:91:45:ed:
b4:48:73:9b:4a:e0:e2:8e:dc:9e:1d:ec:34:20:dd:
dc:60:57:51:d6:93:8e:1d:9a:7a:5e:af:af:95:04:
44:49:c5:ad:f4:0d:33:9a:f1:bc:eb:05:e7:15:db:
5a:5c:18:3b:66:2f:9a:67:1e:e5:b6:7c:60:72:47:
62:68:7b:ba:4e:9f:6b:3e:22:fe:49:81:96:79:c6:
01:4a:f7:1e:54:12:6f:a1:d3:63:1b:6e:6b:5f:b7:
4a:d9:08:2e:32:da:e9:c3:c9:42:47:58:79:42:40:
a1:42:4c:a5:30:9b:7d:fb:23:20:28:cd:1f:b8:7a:
31:44:7b:c0:50:91:8c:89:57:f8:a1:f1:a9:be:7e:
4c:46:a7:36:71:df:16:fd:30:75:7a:04:68:09:a8:
15:38:9d:c9:c7:51:13:ec:ce:f8:c2:e6:3f:d9:4f:
42:96:57:ef:c5:93:15:c0:ee:b4:0d:fc:9e:15:bf:
b6:eb:eb:1f:8e:6b:d5:e8:3e:c9:6e:ce:2b:d7:27:
f7:77:6f:b3:fe:b3:b2:22:98:cd:07:0c:81:c0:83:
bc:c7:10:ef:dd:e5:12:60:be:1c:ea:06:e0:b9:26:
36:f6:93:86:4f:b1:c2:d4:40:3e:bf:a3:6d:74:55:
64:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:24:1B:6B:25:04:80:3A:B1:15:5C:E7:BA:CF:09:19:A8:9D:14:89
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/riQbayUEgDqxFVznus8JGaidFIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.237.0/24
185.131.176.0/22
185.151.199.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:2a:5d:82:ac:42:12:5b:98:f8:bf:93:4c:5c:33:cf:05:ca:
ad:b9:88:39:af:fc:4c:76:43:73:02:1d:45:76:3e:52:37:3a:
db:71:e1:19:ab:cf:a6:1e:16:9f:d7:d8:9f:d9:7d:ba:f2:e9:
d0:04:f4:fb:71:54:2c:ed:51:6e:b6:c4:87:ff:e8:fd:0a:5f:
11:d3:19:55:81:b8:a6:61:20:48:4b:50:37:a3:f8:0f:79:04:
e7:91:36:85:ff:1c:0f:73:06:eb:d1:78:df:02:45:82:82:45:
82:b7:74:fb:55:0d:95:8b:76:89:11:2d:d8:b4:c7:a3:0d:19:
33:f5:21:24:4a:c9:79:7a:1c:93:ce:c0:37:9b:8a:cd:e5:79:
02:25:3b:db:de:bc:86:d0:4b:c9:7d:87:db:1a:70:ed:3f:37:
64:ef:f2:37:06:e1:f7:80:a6:62:35:59:4d:a6:54:44:70:a2:
d8:ee:8e:3d:48:87:97:1d:89:77:a8:4e:55:15:e8:ab:24:e8:
7e:cd:88:b9:ae:a7:91:1f:84:66:a7:f0:6e:2c:db:64:71:26:
d7:e2:f0:eb:45:f4:8f:de:70:bc:40:61:26:ea:a2:56:14:b9:
21:54:67:3f:a1:08:ce:f1:e9:0a:cd:7d:31:98:c9:62:e5:e9:
90:d3:96:05
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYKk5laFPi9htRF5JbI4Hcz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjIwODE2MDQyNTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTI0MWI2YjI1MDQ4MDNhYjExNTVjZTdiYWNmMDkxOWE4OWQxNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEx5N+oNGFJ4qIyRRe20SHObSuDi
jtyeHew0IN3cYFdR1pOOHZp6Xq+vlQREScWt9A0zmvG86wXnFdtaXBg7Zi+aZx7l
tnxgckdiaHu6Tp9rPiL+SYGWecYBSvceVBJvodNjG25rX7dK2QguMtrpw8lCR1h5
QkChQkylMJt9+yMgKM0fuHoxRHvAUJGMiVf4ofGpvn5MRqc2cd8W/TB1egRoCagV
OJ3Jx1ET7M74wuY/2U9CllfvxZMVwO60DfyeFb+26+sfjmvV6D7Jbs4r1yf3d2+z
/rOyIpjNBwyBwIO8xxDv3eUSYL4c6gbguSY29pOGT7HC1EA+v6NtdFVk5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFK4kG2slBIA6sRVc57rPCRmonRSJMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvcmlRYmF5VUVnRHF4RlZ6bnVzOEpHYWlkRklrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAU4jtAwQC
uYOwAwQAuZfHMA0GCSqGSIb3DQEBCwUAA4IBAQAqKl2CrEISW5j4v5NMXDPPBcqt
uYg5r/xMdkNzAh1Fdj5SNzrbceEZq8+mHhaf19if2X268unQBPT7cVQs7VFutsSH
/+j9Cl8R0xlVgbimYSBIS1A3o/gPeQTnkTaF/xwPcwbr0XjfAkWCgkWCt3T7VQ2V
i3aJES3YtMejDRkz9SEkSsl5ehyTzsA3m4rN5XkCJTvb3ryG0EvJfYfbGnDtPzdk
7/I3BuH3gKZiNVlNplREcKLY7o49SIeXHYl3qE5VFeirJOh+zYi5rqeRH4Rmp/Bu
LNtkcSbX4vDrRfSP3nC8QGEm6qJWFLkhVGc/oQjO8ekKzX0xmMli5emQ05YF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:00 2023 by rpki-client on console-ams.rpki-client.org