Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/FuP51lnTcZLfpqxl85vZjjA8NvY.roa
File: FuP51lnTcZLfpqxl85vZjjA8NvY.roa (raw, json)
Hash identifier: hLLP9ShpmSgTKR5ODvWgByDzOtB+VHgPbhyQCyGF9dQ=
Subject key identifier: 16:E3:F9:D6:59:D3:71:92:DF:A6:AC:65:F3:9B:D9:8E:30:3C:36:F6
Certificate issuer: /CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Certificate serial: 0B371207
Authority key identifier: 52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/FuP51lnTcZLfpqxl85vZjjA8NvY.roa
Signing time: Sat 01 Jan 2022 13:02:26 +0000
ROA not before: Sat 01 Jan 2022 13:02:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20902
IP address blocks: 80.88.64.0/20 maxlen: 24
194.0.184.0/24 maxlen: 24
46.229.0.0/20 maxlen: 24
185.76.40.0/22 maxlen: 24
109.239.160.0/20 maxlen: 24
80.73.96.0/19 maxlen: 24
2a00:1230::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 188158471 (0xb371207)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52a5c90ca928313bc70d2683bb0f64d632b273a1
Validity
Not Before: Jan 1 13:02:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=16e3f9d659d37192dfa6ac65f39bd98e303c36f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f8:d3:c1:40:88:7a:db:7b:d1:70:f8:73:0b:
fd:67:01:50:c6:14:fa:33:4f:d3:c3:54:fd:6f:a9:
62:dc:0f:6f:8d:d3:9e:f1:8e:04:1c:57:0a:98:bd:
ed:d9:80:d1:ea:80:b0:a9:0f:f5:94:f7:46:e5:11:
dd:ef:d0:b8:47:32:48:41:09:a3:57:b4:be:48:58:
39:84:1d:73:06:9b:91:d8:41:bf:75:01:3d:fd:96:
af:1a:41:7f:ae:a6:ca:51:83:78:b6:49:98:0a:72:
92:88:04:17:67:6e:5c:28:c2:c5:11:3e:36:9e:89:
a5:b4:b0:e7:52:57:9b:85:5a:8e:b7:ca:bc:30:f5:
7d:ba:30:a9:77:d0:c9:f9:6a:53:af:04:a1:f3:e8:
69:7e:2f:22:3b:97:7a:94:a6:cf:c2:bd:8f:ca:08:
bd:2f:08:bf:c2:97:cc:9f:38:44:c6:0f:60:c9:93:
5f:58:d6:ac:ad:0b:a3:1a:18:c4:12:4d:c3:71:23:
d6:fd:2c:85:82:c8:6a:64:80:de:f4:75:1f:c2:cb:
07:ca:e0:2c:89:c8:d2:72:ef:34:1b:80:b2:40:38:
77:b0:cd:a7:3e:1c:0b:2d:23:8c:69:46:5b:65:1d:
a0:9f:93:d3:8d:35:0d:00:aa:59:ec:28:7e:a1:81:
32:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:E3:F9:D6:59:D3:71:92:DF:A6:AC:65:F3:9B:D9:8E:30:3C:36:F6
X509v3 Authority Key Identifier:
keyid:52:A5:C9:0C:A9:28:31:3B:C7:0D:26:83:BB:0F:64:D6:32:B2:73:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UqXJDKkoMTvHDSaDuw9k1jKyc6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/FuP51lnTcZLfpqxl85vZjjA8NvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/c4b7a0-1e50-403c-b24e-13ed633f922a/1/UqXJDKkoMTvHDSaDuw9k1jKyc6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.0.0/20
80.73.96.0/19
80.88.64.0/20
109.239.160.0/20
185.76.40.0/22
194.0.184.0/24
IPv6:
2a00:1230::/29
Signature Algorithm: sha256WithRSAEncryption
6a:3d:09:88:df:d6:d9:64:7f:ca:fd:75:ff:47:e1:13:21:d7:
4c:c5:f7:db:2a:bf:0c:48:e8:69:0c:f6:4a:6f:c8:21:75:64:
3f:11:bf:c6:75:c2:79:6f:ed:69:f9:88:db:aa:c7:ae:12:ff:
e7:1c:80:5f:a6:64:aa:45:d4:cd:eb:db:fd:4b:8d:be:9a:8b:
d0:28:6c:c3:69:62:dd:da:47:27:1b:17:c5:df:7c:f8:03:7c:
53:33:e9:2d:1f:c1:83:ee:23:e3:c6:65:d4:51:dd:8c:3a:91:
36:37:6f:b9:e1:f3:a9:03:b2:9e:58:76:18:a0:33:2b:4a:3b:
91:45:db:f7:20:af:b1:07:07:ec:50:fb:95:c5:da:33:5c:c1:
4d:16:a0:09:0b:5f:57:5a:11:02:8f:9d:ff:e2:6a:40:30:be:
49:64:0a:50:e6:41:20:f4:9e:71:2b:18:2f:8d:5b:f7:bb:82:
7b:27:16:6e:1a:7d:ec:94:0e:71:89:28:a3:f3:3a:14:0d:07:
27:d1:85:f9:bc:98:fb:62:a4:63:94:22:18:d0:4a:5c:79:a2:
5b:8c:b0:0e:8f:ac:b8:4c:08:f8:d8:5a:b4:34:a3:51:4c:6d:
98:84:c8:b6:91:b1:f8:4a:76:ee:94:e7:1e:f0:88:54:9a:e1:
11:9e:09:15
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIECzcSBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MmE1YzkwY2E5MjgzMTNiYzcwZDI2ODNiYjBmNjRkNjMyYjI3M2ExMB4XDTIyMDEw
MTEzMDIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTZlM2Y5ZDY1OWQz
NzE5MmRmYTZhYzY1ZjM5YmQ5OGUzMDNjMzZmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAML408FAiHrbe9Fw+HML/WcBUMYU+jNP08NU/W+pYtwPb43T
nvGOBBxXCpi97dmA0eqAsKkP9ZT3RuUR3e/QuEcySEEJo1e0vkhYOYQdcwabkdhB
v3UBPf2WrxpBf66mylGDeLZJmApykogEF2duXCjCxRE+Np6JpbSw51JXm4VajrfK
vDD1fbowqXfQyflqU68EofPoaX4vIjuXepSmz8K9j8oIvS8Iv8KXzJ84RMYPYMmT
X1jWrK0LoxoYxBJNw3Ej1v0shYLIamSA3vR1H8LLB8rgLInI0nLvNBuAskA4d7DN
pz4cCy0jjGlGW2UdoJ+T0401DQCqWewofqGBMkcCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQW4/nWWdNxkt+mrGXzm9mOMDw29jAfBgNVHSMEGDAWgBRSpckMqSgxO8cN
JoO7D2TWMrJzoTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VxWEpES2tvTVR2SERTYUR1dzlrMWpLeWM2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvYzRiN2EwLTFlNTAtNDAzYy1iMjRlLTEzZWQ2MzNmOTIyYS8x
L0Z1UDUxbG5UY1pMZnBxeGw4NXZaampBOE52WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
YzRiN2EwLTFlNTAtNDAzYy1iMjRlLTEzZWQ2MzNmOTIyYS8xL1VxWEpES2tvTVR2
SERTYUR1dzlrMWpLeWM2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEBC7lAAMEBVBJYAMEBFBYQAMEBG3v
oAMEArlMKAMEAMIAuDANBAIAAjAHAwUDKgASMDANBgkqhkiG9w0BAQsFAAOCAQEA
aj0JiN/W2WR/yv11/0fhEyHXTMX32yq/DEjoaQz2Sm/IIXVkPxG/xnXCeW/tafmI
26rHrhL/5xyAX6ZkqkXUzevb/UuNvpqL0Chsw2li3dpHJxsXxd98+AN8UzPpLR/B
g+4j48Zl1FHdjDqRNjdvueHzqQOynlh2GKAzK0o7kUXb9yCvsQcH7FD7lcXaM1zB
TRagCQtfV1oRAo+d/+JqQDC+SWQKUOZBIPSecSsYL41b97uCeycWbhp97JQOcYko
o/M6FA0HJ9GF+byY+2KkY5QiGNBKXHmiW4ywDo+suEwI+NhatDSjUUxtmITItpGx
+Ep27pTnHvCIVJrhEZ4JFQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:25 2023 by rpki-client on console-ams.rpki-client.org