Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/U_JxOU2nm43OQf9ewlQSykUH-BQ.roa
File: U_JxOU2nm43OQf9ewlQSykUH-BQ.roa (raw, json)
Hash identifier: R4xL6YAMJaCnyn9cnCWsc1+okWFSXkMMwyzR81Cvv+Y=
Subject key identifier: 53:F2:71:39:4D:A7:9B:8D:CE:41:FF:5E:C2:54:12:CA:45:07:F8:14
Certificate issuer: /CN=aca77c708af0ba1f81549c9f87089559390167a5
Certificate serial: 36A7D0F8
Authority key identifier: AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/U_JxOU2nm43OQf9ewlQSykUH-BQ.roa
Signing time: Sat 01 Jan 2022 04:03:41 +0000
ROA not before: Sat 01 Jan 2022 04:03:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15830
IP address blocks: 217.79.208.0/20 maxlen: 24
88.84.128.0/21 maxlen: 24
89.202.0.0/17 maxlen: 24
88.84.136.0/21 maxlen: 24
217.68.144.0/20 maxlen: 24
88.84.144.0/21 maxlen: 24
88.84.152.0/21 maxlen: 24
193.110.116.0/22 maxlen: 24
2a02:20a8::/32 maxlen: 48
2001:4c68::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 916967672 (0x36a7d0f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca77c708af0ba1f81549c9f87089559390167a5
Validity
Not Before: Jan 1 04:03:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53f271394da79b8dce41ff5ec25412ca4507f814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:53:88:de:83:f3:83:fc:3f:70:ea:37:36:69:
26:88:4d:f3:f5:cc:de:ed:af:07:f2:66:c6:c7:d6:
d1:db:e4:11:1c:c3:d9:de:48:27:05:fd:54:5e:f9:
19:b0:e7:26:d2:b7:1f:2c:07:02:9e:1b:8a:fb:11:
89:2e:71:31:2b:ae:fc:66:af:45:ca:70:0b:27:2e:
0b:45:bb:cb:0f:ba:cb:9f:11:bd:9d:05:37:0b:72:
90:d5:64:ba:4a:f0:58:e8:14:7d:f8:0e:ef:b4:71:
a2:04:d1:25:a5:5f:89:a6:0d:8a:ba:4d:10:ed:1b:
c2:21:e2:10:5f:3b:15:09:37:d0:a6:10:a2:f9:14:
7d:f5:1e:71:ee:87:6b:6b:15:e0:aa:cd:6d:bc:d2:
20:89:ce:cb:7d:e7:d4:4d:17:f8:ff:8f:0f:7c:57:
24:f3:3f:13:b9:8a:a2:bd:42:d9:22:22:8d:88:b2:
1a:6b:11:79:b4:42:a9:75:38:1c:f7:4d:66:ac:fa:
7c:04:c1:1a:d7:9d:ff:e6:79:d1:f9:e0:64:4a:ce:
2f:ec:f4:30:c2:e1:1e:57:dd:40:d1:18:80:2c:e9:
19:2b:e3:86:c8:20:b1:77:8e:cb:1c:e3:c2:e6:30:
d1:8c:a7:37:f9:d9:bb:d1:34:bc:fd:62:3a:02:94:
71:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F2:71:39:4D:A7:9B:8D:CE:41:FF:5E:C2:54:12:CA:45:07:F8:14
X509v3 Authority Key Identifier:
keyid:AC:A7:7C:70:8A:F0:BA:1F:81:54:9C:9F:87:08:95:59:39:01:67:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/U_JxOU2nm43OQf9ewlQSykUH-BQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/8fe7d8-017b-41aa-a91f-28b19e3fd4a6/1/rKd8cIrwuh-BVJyfhwiVWTkBZ6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.84.128.0/19
89.202.0.0/17
193.110.116.0/22
217.68.144.0/20
217.79.208.0/20
IPv6:
2001:4c68::/32
2a02:20a8::/32
Signature Algorithm: sha256WithRSAEncryption
2e:9d:b4:e5:16:9d:45:75:0f:0f:4b:f6:ed:99:84:a9:4d:8d:
fe:30:21:59:df:cf:ab:a8:dd:b5:61:54:48:58:29:b7:24:78:
ef:88:74:30:57:28:15:d9:86:0d:26:84:a9:ce:1c:28:09:1e:
b5:8c:d0:0c:1d:49:e2:2d:35:ed:59:e9:74:a7:d4:c6:3e:20:
66:a8:b6:d6:4c:62:cd:bf:7c:fa:73:6e:0c:c6:23:d5:cf:56:
c0:5b:29:85:1e:50:04:cb:7a:e1:d1:7c:5b:7a:b5:69:f0:3b:
26:ab:5b:86:e3:c9:41:7c:b8:b8:a3:4d:ca:3a:40:bc:dd:25:
cb:f5:3b:90:61:e9:09:c7:2d:05:3f:49:48:d0:c8:8e:43:73:
02:f8:eb:cf:48:b9:ce:93:aa:d4:bd:05:38:db:e2:cd:e3:a5:
d4:a7:e4:50:0f:6b:52:b6:86:50:62:d4:a0:0a:29:e6:89:24:
cb:a9:0c:66:32:5e:e1:b7:32:7b:13:3f:0b:bf:31:ae:f1:28:
04:b5:9e:58:fb:5c:a6:f9:c0:c8:b5:81:72:48:80:5a:b2:5e:
ed:22:3f:b5:ef:e9:54:8f:17:25:96:ea:f9:41:ac:47:c1:74:
f8:8f:39:94:3a:90:23:41:7d:01:cd:76:81:e7:4a:e1:5f:87:
20:73:34:07
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIENqfQ+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2E3N2M3MDhhZjBiYTFmODE1NDljOWY4NzA4OTU1OTM5MDE2N2E1MB4XDTIyMDEw
MTA0MDM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNmMjcxMzk0ZGE3
OWI4ZGNlNDFmZjVlYzI1NDEyY2E0NTA3ZjgxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVTiN6D84P8P3DqNzZpJohN8/XM3u2vB/JmxsfW0dvkERzD
2d5IJwX9VF75GbDnJtK3HywHAp4bivsRiS5xMSuu/GavRcpwCycuC0W7yw+6y58R
vZ0FNwtykNVkukrwWOgUffgO77RxogTRJaVfiaYNirpNEO0bwiHiEF87FQk30KYQ
ovkUffUece6Ha2sV4KrNbbzSIInOy33n1E0X+P+PD3xXJPM/E7mKor1C2SIijYiy
GmsRebRCqXU4HPdNZqz6fATBGted/+Z50fngZErOL+z0MMLhHlfdQNEYgCzpGSvj
hsggsXeOyxzjwuYw0YynN/nZu9E0vP1iOgKUcRsCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRT8nE5Taebjc5B/17CVBLKRQf4FDAfBgNVHSMEGDAWgBSsp3xwivC6H4FU
nJ+HCJVZOQFnpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JLZDhjSXJ3dWgtQlZKeWZod2lWV1RrQlo2VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvOGZlN2Q4LTAxN2ItNDFhYS1hOTFmLTI4YjE5ZTNmZDRhNi8x
L1VfSnhPVTJubTQzT1FmOWV3bFFTeWtVSC1CUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
OGZlN2Q4LTAxN2ItNDFhYS1hOTFmLTI4YjE5ZTNmZDRhNi8xL3JLZDhjSXJ3dWgt
QlZKeWZod2lWV1RrQlo2VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEBVhUgAMEB1nKAAMEAsFudAMEBNlE
kAMEBNlP0DAUBAIAAjAOAwUAIAFMaAMFACoCIKgwDQYJKoZIhvcNAQELBQADggEB
AC6dtOUWnUV1Dw9L9u2ZhKlNjf4wIVnfz6uo3bVhVEhYKbckeO+IdDBXKBXZhg0m
hKnOHCgJHrWM0AwdSeItNe1Z6XSn1MY+IGaottZMYs2/fPpzbgzGI9XPVsBbKYUe
UATLeuHRfFt6tWnwOyarW4bjyUF8uLijTco6QLzdJcv1O5Bh6QnHLQU/SUjQyI5D
cwL4689Iuc6TqtS9BTjb4s3jpdSn5FAPa1K2hlBi1KAKKeaJJMupDGYyXuG3MnsT
Pwu/Ma7xKAS1nlj7XKb5wMi1gXJIgFqyXu0iP7Xv6VSPFyWW6vlBrEfBdPiPOZQ6
kCNBfQHNdoHnSuFfhyBzNAc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:34 2023 by rpki-client on console-fra.rpki-client.org