Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-BU6SE8Y1-GELkuIgnA4qOd3JM0.roa
File: 1-BU6SE8Y1-GELkuIgnA4qOd3JM0.roa (raw, json)
Hash identifier: VHhTED1AIjfgx7Csi4Xe6Aen0pViqn1fFvdzB70RU6A=
Subject key identifier: F8:15:3A:48:4F:18:D7:E1:84:2E:4B:88:82:70:38:A8:E7:77:24:CD
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0184C725E6DF9573B1E750D0A6EB038505A2
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-BU6SE8Y1-GELkuIgnA4qOd3JM0.roa
Signing time: Wed 30 Nov 2022 06:07:40 +0000
ROA not before: Wed 30 Nov 2022 06:07:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 212.60.13.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
5.182.185.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:25:e6:df:95:73:b1:e7:50:d0:a6:eb:03:85:05:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Nov 30 06:07:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8153a484f18d7e1842e4b88827038a8e77724cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e1:03:25:c9:6a:a0:b7:c0:57:60:dc:23:bd:
a4:f4:5e:fd:38:3c:d5:cb:4b:51:5a:85:3e:68:e4:
49:7a:e5:b4:04:77:8c:0c:f4:f7:a1:79:03:b1:4a:
fb:09:fd:e5:e9:3f:0c:6c:d4:90:61:4e:6b:a3:4f:
bd:d9:cd:fd:27:b5:70:44:42:7a:1c:8d:21:f8:d6:
3b:0a:12:20:f9:56:db:96:42:f2:7e:78:93:ee:2a:
07:02:7c:01:01:ee:e9:ea:db:00:74:2e:54:95:a4:
65:76:21:07:01:35:d2:dd:e7:0c:4a:02:0a:0b:02:
42:4d:61:be:68:4f:fa:1a:ad:06:ca:5e:51:43:d2:
48:05:08:12:b1:78:e2:69:3f:99:c1:15:b1:39:5f:
f7:9f:72:e8:4d:cf:e5:b2:59:9c:b4:9c:e2:4b:23:
bf:02:f7:4b:d0:f0:59:58:d7:45:22:9f:b0:d1:90:
3a:fa:72:c3:b3:d3:2e:2b:f9:fa:3c:70:ed:ed:68:
7a:96:6c:56:d0:7d:bd:ac:6d:bd:8d:83:bc:c1:fb:
42:ba:30:88:d3:11:fe:1d:3d:c7:70:d3:df:d6:89:
30:02:d8:75:8e:28:2b:1a:b0:43:ea:40:d4:30:fc:
06:d5:80:92:61:0a:f2:e3:11:6d:43:3d:b8:3a:a6:
c3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:15:3A:48:4F:18:D7:E1:84:2E:4B:88:82:70:38:A8:E7:77:24:CD
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/1-BU6SE8Y1-GELkuIgnA4qOd3JM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
147.78.207.0/24
162.218.93.0/24
185.161.190.0/24
185.201.42.0/24
185.205.204.0/24
185.208.152.0/23
185.253.120.0/23
212.60.13.0/24
217.197.170.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:34:89:5b:b7:24:43:6c:9b:8f:0c:43:05:8e:9d:78:17:00:
59:07:b2:57:21:ac:a7:82:b9:50:16:fe:8e:57:a1:ab:dd:d5:
76:15:32:07:14:1f:d2:c2:ec:43:35:83:63:b0:d2:0e:c0:1f:
88:2c:8b:c9:c6:20:7f:28:1f:d3:bf:59:fc:9a:d2:ca:60:d3:
1c:b4:e7:d7:6b:21:70:73:7f:a4:c1:41:8b:c6:3b:b8:cb:c3:
5a:6b:9d:e5:ae:90:e2:64:e7:1a:42:25:8e:0a:17:d3:bb:11:
bf:d1:86:c4:b6:7d:c6:ac:23:fc:41:25:c9:4a:54:7b:99:a1:
49:ae:6a:3d:35:e2:1a:f9:d8:16:84:4f:7c:3c:cc:b4:7e:1a:
ad:58:1e:fd:fb:c5:1b:fd:76:d0:d2:32:3f:58:74:c5:1c:13:
3a:3a:1e:a2:25:e3:d8:cb:cf:d8:ab:6d:97:4f:70:dd:79:85:
db:a9:12:ef:5b:3b:7a:56:7b:03:5d:98:b4:39:d4:22:84:80:
9f:c5:87:a2:7c:02:62:fc:09:b4:78:36:80:15:c7:4f:6b:a3:
eb:51:d5:9a:0d:23:61:3b:51:f9:e2:e5:0c:3b:91:9b:ec:c5:
98:01:e2:98:27:95:e0:70:74:22:23:cc:92:23:ca:12:ed:ae:
f5:26:78:e6
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYTHJebflXOx51DQpusDhQWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjIxMTMwMDYwNzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODE1M2E0ODRmMThkN2UxODQyZTRiODg4MjcwMzhhOGU3NzcyNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+EDJclqoLfAV2DcI72k9F79ODzV
y0tRWoU+aORJeuW0BHeMDPT3oXkDsUr7Cf3l6T8MbNSQYU5ro0+92c39J7VwREJ6
HI0h+NY7ChIg+VbblkLyfniT7ioHAnwBAe7p6tsAdC5UlaRldiEHATXS3ecMSgIK
CwJCTWG+aE/6Gq0Gyl5RQ9JIBQgSsXjiaT+ZwRWxOV/3n3LoTc/lslmctJziSyO/
AvdL0PBZWNdFIp+w0ZA6+nLDs9MuK/n6PHDt7Wh6lmxW0H29rG29jYO8wftCujCI
0xH+HT3HcNPf1okwAth1jigrGrBD6kDUMPwG1YCSYQry4xFtQz24OqbDiwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFPgVOkhPGNfhhC5LiIJwOKjndyTNMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvMS1CVTZTRThZMS1HRUxrdUlnbkE0cU9kM0pNMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEw
MS8xL2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRqMGgwZgQCAAEwYAMEAAW2uQME
AQW2xAMEAE4fzQMEAE9itwMEAFz5HQMEAF6aqwMEAF6asgMEAJNOzwMEAKLaXQME
ALmhvgMEALnJKgMEALnNzAMEAbnQmAMEAbn9eAMEANQ8DQMEANnFqjANBgkqhkiG
9w0BAQsFAAOCAQEADTSJW7ckQ2ybjwxDBY6deBcAWQeyVyGsp4K5UBb+jlehq93V
dhUyBxQf0sLsQzWDY7DSDsAfiCyLycYgfygf079Z/JrSymDTHLTn12shcHN/pMFB
i8Y7uMvDWmud5a6Q4mTnGkIljgoX07sRv9GGxLZ9xqwj/EElyUpUe5mhSa5qPTXi
GvnYFoRPfDzMtH4arVge/fvFG/120NIyP1h0xRwTOjoeoiXj2MvP2Kttl09w3XmF
26kS71s7elZ7A12YtDnUIoSAn8WHonwCYvwJtHg2gBXHT2uj61HVmg0jYTtR+eLl
DDuRm+zFmAHimCeV4HB0IiPMkiPKEu2u9SZ45g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:49 2023 by rpki-client on console-ams.rpki-client.org