Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/uTb7mUL5TQXDKiPOGhqCpb1pajI.roa
File: uTb7mUL5TQXDKiPOGhqCpb1pajI.roa (raw, json)
Hash identifier: GH87pYptpEv2yISTyhPLqGf1/UfJ2M0Fy78RJP+Yr6s=
Subject key identifier: B9:36:FB:99:42:F9:4D:05:C3:2A:23:CE:1A:1A:82:A5:BD:69:6A:32
Certificate issuer: /CN=c77171a5e45506c86c9016bbe5b14b3db8bc6cc3
Certificate serial: 08DA7660
Authority key identifier: C7:71:71:A5:E4:55:06:C8:6C:90:16:BB:E5:B1:4B:3D:B8:BC:6C:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3FxpeRVBshskBa75bFLPbi8bMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/uTb7mUL5TQXDKiPOGhqCpb1pajI.roa
Signing time: Sat 01 Jan 2022 08:03:17 +0000
ROA not before: Sat 01 Jan 2022 08:03:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49250
IP address blocks: 91.223.233.0/24 maxlen: 28
185.191.12.0/22 maxlen: 24
91.212.183.0/24 maxlen: 28
37.1.104.0/21 maxlen: 24
2a00:d540::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148534880 (0x8da7660)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c77171a5e45506c86c9016bbe5b14b3db8bc6cc3
Validity
Not Before: Jan 1 08:03:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b936fb9942f94d05c32a23ce1a1a82a5bd696a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a5:1f:92:cd:c6:f3:58:fe:43:30:06:8c:a0:
e9:1a:4e:6b:fa:2c:76:48:43:49:ff:24:f6:5f:36:
fa:88:4b:62:30:bc:b9:66:a8:9c:6a:93:15:bf:7b:
9b:20:1b:35:1f:04:ea:37:a9:e5:54:81:e4:8e:eb:
0a:02:48:57:48:27:a4:1f:b8:fe:35:8c:2e:c2:70:
8f:12:59:cd:32:05:0f:55:b3:75:14:d1:7f:44:19:
ee:2a:a4:d7:5f:87:90:3c:4a:21:46:b5:a2:fc:a8:
bb:b2:5e:bc:68:c0:86:db:9e:02:6f:f0:03:00:7c:
49:05:e7:e4:6d:30:08:7c:a6:fc:50:e3:bc:26:4a:
8b:97:ba:e4:fb:cf:7a:89:d5:d2:a9:ba:96:db:02:
ca:ce:9b:a0:84:77:4f:47:39:a7:4a:51:e1:a7:a8:
8e:bf:5c:70:32:79:9a:62:c8:9a:49:7b:21:2f:df:
79:15:cb:3c:af:cf:3b:69:5e:d4:3d:fb:42:b2:16:
d5:71:6d:17:6c:4a:bb:74:be:fb:30:40:9b:4e:cc:
af:32:4e:ba:0b:0f:e1:36:32:18:c1:80:7a:40:f1:
71:b0:95:6d:4b:ca:fb:47:1f:bc:62:15:35:f3:15:
b7:a9:68:ee:ee:63:57:08:92:35:6d:6a:dc:f7:b0:
18:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:36:FB:99:42:F9:4D:05:C3:2A:23:CE:1A:1A:82:A5:BD:69:6A:32
X509v3 Authority Key Identifier:
keyid:C7:71:71:A5:E4:55:06:C8:6C:90:16:BB:E5:B1:4B:3D:B8:BC:6C:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3FxpeRVBshskBa75bFLPbi8bMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/uTb7mUL5TQXDKiPOGhqCpb1pajI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/x3FxpeRVBshskBa75bFLPbi8bMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.104.0/21
91.212.183.0/24
91.223.233.0/24
185.191.12.0/22
IPv6:
2a00:d540::/29
Signature Algorithm: sha256WithRSAEncryption
52:7d:f6:fa:54:90:81:d3:b6:6d:d0:d0:e2:c5:09:fc:ab:01:
8f:27:d6:23:28:5a:18:00:23:92:8c:a4:eb:74:e8:d2:d7:56:
85:53:c8:00:07:73:99:ca:00:7c:49:7b:73:54:0a:0d:6e:99:
b3:7b:21:c2:ba:87:0b:2d:7b:0c:b2:e0:aa:88:e8:89:c8:f1:
a1:fd:9f:4b:b1:0c:8b:f8:9c:f0:3f:4b:b0:3a:e1:6d:31:20:
32:e3:8a:c1:c2:c7:18:5f:d8:46:98:26:85:27:ea:1c:55:d3:
00:4d:e1:89:08:3d:53:b2:d6:b8:ff:e3:c9:89:dc:94:01:14:
08:91:39:72:1e:90:b2:45:e4:3c:f2:72:7c:69:ca:c5:b6:cd:
14:9c:04:8b:0c:a0:71:86:dc:17:d9:61:1b:a2:fe:cc:bf:e9:
27:34:89:14:6b:dd:d2:5d:60:7a:21:e0:a2:af:7f:b2:cc:7f:
87:cf:52:8b:e7:4a:de:51:87:2a:45:b1:69:09:ad:b0:07:6e:
d8:d1:80:b4:12:36:f4:15:6b:0a:75:15:4a:99:b0:18:e5:0f:
5e:ab:2a:19:0e:e9:bf:75:f3:86:c2:37:f4:60:9c:91:93:28:
b4:9d:72:ce:0b:d8:c7:63:5e:46:64:29:d7:39:f7:93:9c:03:
ad:c3:d9:f4
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECNp2YDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzcxNzFhNWU0NTUwNmM4NmM5MDE2YmJlNWIxNGIzZGI4YmM2Y2MzMB4XDTIyMDEw
MTA4MDMxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjkzNmZiOTk0MmY5
NGQwNWMzMmEyM2NlMWExYTgyYTViZDY5NmEzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMalH5LNxvNY/kMwBoyg6RpOa/osdkhDSf8k9l82+ohLYjC8
uWaonGqTFb97myAbNR8E6jep5VSB5I7rCgJIV0gnpB+4/jWMLsJwjxJZzTIFD1Wz
dRTRf0QZ7iqk11+HkDxKIUa1ovyou7JevGjAhtueAm/wAwB8SQXn5G0wCHym/FDj
vCZKi5e65PvPeonV0qm6ltsCys6boIR3T0c5p0pR4aeojr9ccDJ5mmLImkl7IS/f
eRXLPK/PO2le1D37QrIW1XFtF2xKu3S++zBAm07MrzJOugsP4TYyGMGAekDxcbCV
bUvK+0cfvGIVNfMVt6lo7u5jVwiSNW1q3PewGI0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBS5NvuZQvlNBcMqI84aGoKlvWlqMjAfBgNVHSMEGDAWgBTHcXGl5FUGyGyQ
FrvlsUs9uLxswzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gzRnhwZVJWQnNoc2tCYTc1YkZMUGJpOGJNTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzMvN2Y4ZjU4LWQ4M2MtNDQwZS05OTBiLWI0MzhiNWI4OGNmMi8x
L3VUYjdtVUw1VFFYREtpUE9HaHFDcGIxcGFqSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMv
N2Y4ZjU4LWQ4M2MtNDQwZS05OTBiLWI0MzhiNWI4OGNmMi8xL3gzRnhwZVJWQnNo
c2tCYTc1YkZMUGJpOGJNTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAyUBaAMEAFvUtwMEAFvf6QMEArm/
DDANBAIAAjAHAwUDKgDVQDANBgkqhkiG9w0BAQsFAAOCAQEAUn32+lSQgdO2bdDQ
4sUJ/KsBjyfWIyhaGAAjkoyk63To0tdWhVPIAAdzmcoAfEl7c1QKDW6Zs3shwrqH
Cy17DLLgqojoicjxof2fS7EMi/ic8D9LsDrhbTEgMuOKwcLHGF/YRpgmhSfqHFXT
AE3hiQg9U7LWuP/jyYnclAEUCJE5ch6QskXkPPJyfGnKxbbNFJwEiwygcYbcF9lh
G6L+zL/pJzSJFGvd0l1geiHgoq9/ssx/h89Si+dK3lGHKkWxaQmtsAdu2NGAtBI2
9BVrCnUVSpmwGOUPXqsqGQ7pv3XzhsI39GCckZMotJ1yzgvYx2NeRmQp1zn3k5wD
rcPZ9A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:22 2023 by rpki-client on console-ams.rpki-client.org