Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/U2mOySwNzThJnz8rbzyvLvBC-wE.roa
File: U2mOySwNzThJnz8rbzyvLvBC-wE.roa (raw, json)
Hash identifier: /kbzOl57YaE0Z1F4rLl53lqIQ80ithbd+QpkCz5C/Kw=
Subject key identifier: 53:69:8E:C9:2C:0D:CD:38:49:9F:3F:2B:6F:3C:AF:2E:F0:42:FB:01
Certificate issuer: /CN=18caeb14a01ee16d836565e14fa53b4ab3c3cd26
Certificate serial: 373A2179
Authority key identifier: 18:CA:EB:14:A0:1E:E1:6D:83:65:65:E1:4F:A5:3B:4A:B3:C3:CD:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/U2mOySwNzThJnz8rbzyvLvBC-wE.roa
Signing time: Sat 01 Jan 2022 08:57:55 +0000
ROA not before: Sat 01 Jan 2022 08:57:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197208
IP address blocks: 46.28.112.0/21 maxlen: 21
194.99.56.0/24 maxlen: 24
194.31.3.0/24 maxlen: 24
194.76.29.0/24 maxlen: 24
2a01:6ac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 926556537 (0x373a2179)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18caeb14a01ee16d836565e14fa53b4ab3c3cd26
Validity
Not Before: Jan 1 08:57:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53698ec92c0dcd38499f3f2b6f3caf2ef042fb01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:b7:8b:b0:c0:9f:f2:fd:3a:df:f6:bf:33:ab:
29:b0:d6:59:e5:57:55:21:91:71:87:7c:6a:08:bb:
34:0c:c4:85:17:87:bc:1e:0b:9a:9b:e6:e4:99:fd:
a7:b5:b5:00:71:57:7f:ff:07:f5:86:5f:e1:a2:82:
9a:9c:de:1a:bd:b3:e8:04:91:09:6c:b8:c6:2f:b8:
3d:bf:14:2d:35:fa:3c:76:41:8c:1b:ae:bc:3e:39:
80:11:9f:4d:76:54:a8:40:0d:3d:dd:fc:b3:dd:0c:
1a:fc:35:ce:17:d9:90:1a:90:2c:88:3e:6a:58:c2:
0f:02:c2:29:5b:ac:56:f2:44:53:36:17:85:a3:5e:
98:4c:e7:8d:b0:57:cd:68:2c:03:41:93:21:e9:72:
b4:00:7a:b3:32:81:4e:34:ed:15:f9:0a:fc:24:9d:
3a:bd:95:d2:72:51:ab:df:da:7b:24:b1:7c:c0:35:
62:a8:d1:d5:6e:ef:9e:77:4d:c2:fd:1c:86:9b:70:
b9:a4:0e:bf:87:ed:c4:97:25:58:e3:7d:8b:1a:a9:
dc:20:1f:bf:12:9b:e9:ea:ae:39:dd:e5:f9:a6:50:
f6:eb:d5:b1:26:af:62:9e:ef:b3:df:7a:b1:4d:59:
cc:58:cb:57:9c:ca:f2:3c:cf:26:ab:72:e3:3e:d1:
57:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:69:8E:C9:2C:0D:CD:38:49:9F:3F:2B:6F:3C:AF:2E:F0:42:FB:01
X509v3 Authority Key Identifier:
keyid:18:CA:EB:14:A0:1E:E1:6D:83:65:65:E1:4F:A5:3B:4A:B3:C3:CD:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GMrrFKAe4W2DZWXhT6U7SrPDzSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/U2mOySwNzThJnz8rbzyvLvBC-wE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/e7b1d7-3d7a-46ab-810f-eddf23c1ba6d/1/GMrrFKAe4W2DZWXhT6U7SrPDzSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.112.0/21
194.31.3.0/24
194.76.29.0/24
194.99.56.0/24
IPv6:
2a01:6ac0::/32
Signature Algorithm: sha256WithRSAEncryption
65:5e:7c:0a:cb:b9:43:06:c4:e1:32:4d:2c:10:4d:61:a2:09:
c5:9d:de:d7:54:2c:8f:4d:ba:01:67:76:a3:bb:6a:86:c8:3f:
86:10:9a:11:f7:ce:82:16:ce:af:7b:6e:ca:2c:75:fa:ca:c1:
7a:0c:7b:d3:c7:3d:8f:e4:1b:31:07:23:a7:f7:60:53:30:c7:
a2:cd:79:05:97:94:c1:35:1e:ea:dd:55:82:a4:37:8c:66:80:
cc:1f:94:93:4b:15:1e:52:d0:34:0a:db:00:90:30:91:50:ce:
76:90:2e:90:73:41:ce:af:43:98:36:ec:73:fb:2c:7d:5d:e3:
19:31:fa:88:c6:27:60:81:13:7b:5b:89:46:87:5a:cc:47:35:
40:46:73:9e:6d:96:15:fb:0a:2f:c9:76:4b:0d:a8:55:41:76:
a6:64:aa:e6:43:41:51:93:ad:ba:e7:5b:5b:3e:69:48:89:55:
d3:e8:52:5a:29:f6:4b:65:f4:a7:71:44:dd:da:f2:c7:56:5f:
25:c7:5f:9b:3d:3b:46:8c:01:b3:d9:f8:8a:53:f9:40:7a:b1:
8b:e6:7d:d0:66:d2:f8:bd:15:2d:5f:07:5b:8f:bd:56:f8:05:
60:d1:64:27:6a:a6:a0:c8:ac:bf:f6:6d:08:38:b8:16:8f:4d:
1d:e3:61:a5
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENzoheTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
OGNhZWIxNGEwMWVlMTZkODM2NTY1ZTE0ZmE1M2I0YWIzYzNjZDI2MB4XDTIyMDEw
MTA4NTc1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTM2OThlYzkyYzBk
Y2QzODQ5OWYzZjJiNmYzY2FmMmVmMDQyZmIwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALi3i7DAn/L9Ot/2vzOrKbDWWeVXVSGRcYd8agi7NAzEhReH
vB4Lmpvm5Jn9p7W1AHFXf/8H9YZf4aKCmpzeGr2z6ASRCWy4xi+4Pb8ULTX6PHZB
jBuuvD45gBGfTXZUqEANPd38s90MGvw1zhfZkBqQLIg+aljCDwLCKVusVvJEUzYX
haNemEznjbBXzWgsA0GTIelytAB6szKBTjTtFfkK/CSdOr2V0nJRq9/aeySxfMA1
YqjR1W7vnndNwv0chptwuaQOv4ftxJclWON9ixqp3CAfvxKb6equOd3l+aZQ9uvV
sSavYp7vs996sU1ZzFjLV5zK8jzPJqty4z7RV+0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRTaY7JLA3NOEmfPytvPK8u8EL7ATAfBgNVHSMEGDAWgBQYyusUoB7hbYNl
ZeFPpTtKs8PNJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dNcnJGS0FlNFcyRFpXWGhUNlU3U3JQRHpTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvZTdiMWQ3LTNkN2EtNDZhYi04MTBmLWVkZGYyM2MxYmE2ZC8x
L1UybU95U3dOelRoSm56OHJienl2THZCQy13RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ZTdiMWQ3LTNkN2EtNDZhYi04MTBmLWVkZGYyM2MxYmE2ZC8xL0dNcnJGS0FlNFcy
RFpXWGhUNlU3U3JQRHpTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAy4ccAMEAMIfAwMEAMJMHQMEAMJj
ODANBAIAAjAHAwUAKgFqwDANBgkqhkiG9w0BAQsFAAOCAQEAZV58Csu5QwbE4TJN
LBBNYaIJxZ3e11Qsj026AWd2o7tqhsg/hhCaEffOghbOr3tuyix1+srBegx708c9
j+QbMQcjp/dgUzDHos15BZeUwTUe6t1VgqQ3jGaAzB+Uk0sVHlLQNArbAJAwkVDO
dpAukHNBzq9DmDbsc/ssfV3jGTH6iMYnYIETe1uJRodazEc1QEZznm2WFfsKL8l2
Sw2oVUF2pmSq5kNBUZOtuudbWz5pSIlV0+hSWin2S2X0p3FE3dryx1ZfJcdfmz07
RowBs9n4ilP5QHqxi+Z90GbS+L0VLV8HW4+9VvgFYNFkJ2qmoMisv/ZtCDi4Fo9N
HeNhpQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:29 2023 by rpki-client on console-ams.rpki-client.org