Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/yUNkcaqzp6KduEJasMJsrWKPbVU.roa
File: yUNkcaqzp6KduEJasMJsrWKPbVU.roa (raw, json)
Hash identifier: zdo/nNQHm5x0lPOKJSQeIZHXvLtNLYI/W+o8lmyKpE0=
Subject key identifier: C9:43:64:71:AA:B3:A7:A2:9D:B8:42:5A:B0:C2:6C:AD:62:8F:6D:55
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 1792CAF1
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/yUNkcaqzp6KduEJasMJsrWKPbVU.roa
Signing time: Sat 01 Jan 2022 13:03:21 +0000
ROA not before: Sat 01 Jan 2022 13:03:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200462
IP address blocks: 31.47.238.0/24 maxlen: 32
94.247.43.0/24 maxlen: 32
5.180.192.0/22 maxlen: 24
2.58.52.0/22 maxlen: 32
45.86.124.0/23 maxlen: 24
45.86.125.0/24 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 44
2a0e:de80::/29 maxlen: 29
2a0c:8900::/29 maxlen: 128
2a00:f826:8::/48 maxlen: 48
2a09:e1c1:efc0::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395496177 (0x1792caf1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c9436471aab3a7a29db8425ab0c26cad628f6d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0d:a6:86:2c:a1:9e:ab:0b:31:b5:6b:a7:32:
f1:cd:71:c2:63:91:20:7a:38:26:af:15:f3:7a:a5:
27:6b:26:d8:0b:26:93:e7:64:dc:5c:d7:40:52:f2:
fc:ce:42:e5:78:98:d3:81:d8:7a:10:0a:fe:7b:79:
8e:3b:9a:2a:d1:14:ee:a4:b0:8c:1d:a1:05:64:34:
db:2c:5e:9b:91:c4:84:76:0d:70:0b:8e:1a:a6:49:
d2:14:1e:23:5b:10:af:44:c6:10:9c:db:e5:e9:61:
17:74:1a:1b:ad:a5:75:ce:06:54:71:d0:a3:9f:ff:
9e:e6:dd:59:65:1b:a7:9d:70:0e:3d:fa:a0:c7:83:
db:f8:4a:14:5f:67:b4:e2:24:44:13:6c:93:71:bc:
8c:cb:f4:ce:59:2d:f9:72:81:43:d4:00:6c:78:46:
6e:52:e9:9b:2b:99:3c:fd:7f:41:bc:dc:95:b5:f2:
e4:03:72:aa:9b:07:b7:07:e8:2e:00:f9:11:08:0b:
c2:c1:23:6e:40:b4:d6:11:de:46:d2:4b:d9:41:07:
ab:13:8f:91:31:71:be:36:16:2f:24:b6:e6:00:66:
75:46:1a:fe:eb:63:f2:65:de:0b:5f:5e:f3:4b:3b:
a3:c7:39:18:88:6d:0d:96:7c:bb:52:6e:16:8b:e0:
23:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:43:64:71:AA:B3:A7:A2:9D:B8:42:5A:B0:C2:6C:AD:62:8F:6D:55
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/yUNkcaqzp6KduEJasMJsrWKPbVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/22
5.180.192.0/22
31.47.238.0/24
45.86.124.0/23
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a09:e1c1:efc0::/44
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
25:86:f1:d2:1f:ec:9b:e1:3c:44:da:77:5f:a2:16:9e:19:a0:
a4:db:a3:e1:09:a8:21:94:14:28:12:57:5e:d2:16:2e:01:71:
c0:36:c4:e7:4b:e1:7c:65:2a:ae:64:2d:65:35:32:c6:2a:95:
a6:3e:e1:d9:42:25:7c:ff:83:d1:04:92:67:33:79:a5:f8:8b:
17:e6:79:99:f4:d4:12:98:52:38:ef:b7:55:f3:d5:38:d2:be:
c8:d3:d7:90:fd:db:4e:82:8c:57:e4:d1:bc:da:d5:94:88:2c:
dd:80:dd:a8:41:4d:83:d5:c7:c5:d5:a3:85:78:ab:9f:90:40:
7a:97:7a:32:16:20:ef:8d:a5:a5:58:f5:9f:f8:a4:43:72:1c:
80:2a:88:e0:08:e8:72:eb:6c:17:71:20:3d:f0:26:77:1e:90:
72:51:2e:6d:ff:84:6d:19:5b:f5:a2:9e:7c:5d:20:62:78:fa:
1a:9c:83:0d:21:5c:5e:ef:e7:16:1b:bf:b4:9a:e5:1b:06:89:
76:26:42:3d:32:81:43:3d:85:c0:d2:93:5d:d1:9e:89:67:b7:
b8:1b:15:aa:19:07:83:2e:e1:36:be:c9:a0:7a:b9:24:03:43:
b4:9e:3d:af:23:29:ab:0e:71:6b:5d:db:ae:6c:4a:d2:cf:b6:
58:bd:77:cc
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIEF5LK8TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzk0MzY0NzFhYWIz
YTdhMjlkYjg0MjVhYjBjMjZjYWQ2MjhmNmQ1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIQNpoYsoZ6rCzG1a6cy8c1xwmORIHo4Jq8V83qlJ2sm2Asm
k+dk3FzXQFLy/M5C5XiY04HYehAK/nt5jjuaKtEU7qSwjB2hBWQ02yxem5HEhHYN
cAuOGqZJ0hQeI1sQr0TGEJzb5elhF3QaG62ldc4GVHHQo5//nubdWWUbp51wDj36
oMeD2/hKFF9ntOIkRBNsk3G8jMv0zlkt+XKBQ9QAbHhGblLpmyuZPP1/QbzclbXy
5ANyqpsHtwfoLgD5EQgLwsEjbkC01hHeRtJL2UEHqxOPkTFxvjYWLyS25gBmdUYa
/utj8mXeC19e80s7o8c5GIhtDZZ8u1JuFovgI7kCAwEAAaOCAlkwggJVMB0GA1Ud
DgQWBBTJQ2RxqrOnop24QlqwwmytYo9tVTAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L3lVTmtjYXF6cDZLZHVFSmFzTUpzcldLUGJWVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBv
BggrBgEFBQcBBwEB/wRgMF4wJAQCAAEwHgMEAgI6NAMEAgW0wAMEAB8v7gMEAS1W
fAMEAF73KzA2BAIAAjAwAwcAKgD4JgAIAwcEKgdvwAAQAwUAKgnhwAMHBCoJ4cHv
wAMFAyoMiQADBQMqDt6AMA0GCSqGSIb3DQEBCwUAA4IBAQAlhvHSH+yb4TxE2ndf
ohaeGaCk26PhCaghlBQoElde0hYuAXHANsTnS+F8ZSquZC1lNTLGKpWmPuHZQiV8
/4PRBJJnM3ml+IsX5nmZ9NQSmFI477dV89U40r7I09eQ/dtOgoxX5NG82tWUiCzd
gN2oQU2D1cfF1aOFeKufkEB6l3oyFiDvjaWlWPWf+KRDchyAKojgCOhy62wXcSA9
8CZ3HpByUS5t/4RtGVv1op58XSBiePoanIMNIVxe7+cWG7+0muUbBol2JkI9MoFD
PYXA0pNd0Z6JZ7e4GxWqGQeDLuE2vsmgerkkA0O0nj2vIymrDnFrXduubErSz7ZY
vXfM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org