Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/_RuPXzROddeVS55PUsXilZXq6qI.roa
File: _RuPXzROddeVS55PUsXilZXq6qI.roa (raw, json)
Hash identifier: KlMjsBSOP0+f0IbuJy0y/CzvGki205ZSzRHK/lGRD6k=
Subject key identifier: FD:1B:8F:5F:34:4E:75:D7:95:4B:9E:4F:52:C5:E2:95:95:EA:EA:A2
Certificate issuer: /CN=f215a277949711b2c01cdc669e40e171395855bb
Certificate serial: 37BA7915
Authority key identifier: F2:15:A2:77:94:97:11:B2:C0:1C:DC:66:9E:40:E1:71:39:58:55:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/_RuPXzROddeVS55PUsXilZXq6qI.roa
Signing time: Sat 01 Jan 2022 15:06:07 +0000
ROA not before: Sat 01 Jan 2022 15:06:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39116
IP address blocks: 212.31.128.0/19 maxlen: 21
85.90.32.0/19 maxlen: 19
85.90.32.0/21 maxlen: 21
85.90.44.0/23 maxlen: 23
85.90.40.0/22 maxlen: 22
85.90.48.0/22 maxlen: 22
85.90.52.0/22 maxlen: 22
85.90.56.0/22 maxlen: 22
85.90.60.0/22 maxlen: 22
46.254.192.0/21 maxlen: 21
46.254.192.0/23 maxlen: 23
46.254.196.0/23 maxlen: 23
46.254.194.0/23 maxlen: 23
46.254.198.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 934967573 (0x37ba7915)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f215a277949711b2c01cdc669e40e171395855bb
Validity
Not Before: Jan 1 15:06:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd1b8f5f344e75d7954b9e4f52c5e29595eaeaa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:d3:3b:c3:f4:29:f9:d5:b7:73:0a:fb:21:c4:
8d:80:b4:27:5c:d8:2a:05:1b:67:4c:2b:86:31:bc:
81:5c:0c:80:b1:e4:3c:2f:e3:27:0f:a4:79:ad:5b:
6f:10:7c:10:9e:8f:92:a9:00:a3:f4:d0:a2:70:07:
e1:fb:6e:4e:97:3c:f5:d9:d9:4e:47:a2:6b:95:e1:
8c:4a:44:af:ff:07:64:47:a2:e1:f0:1e:bb:53:2a:
1c:f2:16:69:85:cf:cc:5f:be:b9:fc:d8:23:33:75:
02:22:d3:fb:ac:38:b4:57:83:37:5b:a1:02:a7:fd:
24:f3:b1:bc:b1:f2:cd:12:e8:2e:fb:cd:26:2d:5b:
65:bb:df:c7:00:c8:14:23:69:ff:dc:54:95:95:b2:
70:03:09:f2:3c:07:4a:58:70:b5:cc:99:1c:12:af:
3e:0d:4f:dc:12:fc:49:5e:6a:12:9e:ca:56:95:ba:
e9:f6:08:ae:f6:fb:3c:2d:74:f3:da:af:e6:7d:99:
02:13:e1:ba:88:a4:28:ba:d2:2f:2f:33:38:0d:94:
d4:88:e4:97:1f:68:f2:1f:8f:d2:dd:7c:c7:da:70:
b4:f9:c3:cc:8c:73:2d:da:09:e5:2d:99:4e:0a:4a:
3c:cb:5d:36:a8:86:e6:25:a0:76:44:33:6c:ce:a7:
2e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:1B:8F:5F:34:4E:75:D7:95:4B:9E:4F:52:C5:E2:95:95:EA:EA:A2
X509v3 Authority Key Identifier:
keyid:F2:15:A2:77:94:97:11:B2:C0:1C:DC:66:9E:40:E1:71:39:58:55:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8hWid5SXEbLAHNxmnkDhcTlYVbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/_RuPXzROddeVS55PUsXilZXq6qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/f08d45-543c-49f7-9e78-903c198590fa/1/8hWid5SXEbLAHNxmnkDhcTlYVbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.192.0/21
85.90.32.0/19
212.31.128.0/19
Signature Algorithm: sha256WithRSAEncryption
b2:c4:d6:d0:c8:ae:d7:13:3e:79:42:21:11:8c:c6:82:2c:12:
ee:fb:e5:94:85:6d:c2:db:28:e8:2d:44:80:d3:b7:77:0f:8a:
7e:70:7d:c3:52:3f:68:a3:3d:11:1b:35:a1:63:ea:57:90:72:
0f:7e:33:c7:bc:1d:32:59:41:2c:b2:86:20:b4:25:51:44:ce:
0a:d7:4e:4a:41:a1:6d:9e:03:33:96:72:9d:f9:7a:98:8f:d8:
69:5b:c9:0a:7d:8c:9f:9e:e3:9e:ff:2f:1f:74:7a:03:7d:f4:
5a:03:7f:69:f4:11:ff:71:3c:b8:a1:b2:8d:2e:e3:b6:5c:eb:
82:63:d3:f7:60:63:bf:8c:6e:71:3a:6c:16:17:f4:5e:2d:da:
0b:fd:f0:13:5f:30:95:9c:40:67:b7:da:42:33:ff:eb:43:03:
48:3a:38:22:1f:4b:a5:58:38:0a:09:e4:bc:fb:85:1c:c2:89:
80:ed:0a:27:00:41:e4:8e:4b:5b:c8:ce:16:00:87:b4:1d:19:
c9:ac:a8:64:6b:79:d4:5a:c2:02:0a:37:f9:33:36:8e:9c:a0:
e5:31:bd:ab:6e:8d:23:0f:dc:9c:52:14:06:bd:91:2d:ef:6f:
be:3a:f7:7b:6f:22:90:ab:1a:fd:c0:44:23:51:3c:43:d2:2b:
1a:c0:d0:51
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEN7p5FTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjE1YTI3Nzk0OTcxMWIyYzAxY2RjNjY5ZTQwZTE3MTM5NTg1NWJiMB4XDTIyMDEw
MTE1MDYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQxYjhmNWYzNDRl
NzVkNzk1NGI5ZTRmNTJjNWUyOTU5NWVhZWFhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANnTO8P0KfnVt3MK+yHEjYC0J1zYKgUbZ0wrhjG8gVwMgLHk
PC/jJw+kea1bbxB8EJ6PkqkAo/TQonAH4ftuTpc89dnZTkeia5XhjEpEr/8HZEei
4fAeu1MqHPIWaYXPzF++ufzYIzN1AiLT+6w4tFeDN1uhAqf9JPOxvLHyzRLoLvvN
Ji1bZbvfxwDIFCNp/9xUlZWycAMJ8jwHSlhwtcyZHBKvPg1P3BL8SV5qEp7KVpW6
6fYIrvb7PC1089qv5n2ZAhPhuoikKLrSLy8zOA2U1Ijklx9o8h+P0t18x9pwtPnD
zIxzLdoJ5S2ZTgpKPMtdNqiG5iWgdkQzbM6nLtkCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBT9G49fNE5115VLnk9SxeKVlerqojAfBgNVHSMEGDAWgBTyFaJ3lJcRssAc
3GaeQOFxOVhVuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhoV2lkNVNYRWJMQUhOeG1ua0RoY1RsWVZicy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvZjA4ZDQ1LTU0M2MtNDlmNy05ZTc4LTkwM2MxOTg1OTBmYS8x
L19SdVBYelJPZGRlVlM1NVBVc1hpbFpYcTZxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
ZjA4ZDQ1LTU0M2MtNDlmNy05ZTc4LTkwM2MxOTg1OTBmYS8xLzhoV2lkNVNYRWJM
QUhOeG1ua0RoY1RsWVZicy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAy7+wAMEBVVaIAMEBdQfgDANBgkq
hkiG9w0BAQsFAAOCAQEAssTW0Miu1xM+eUIhEYzGgiwS7vvllIVtwtso6C1EgNO3
dw+KfnB9w1I/aKM9ERs1oWPqV5ByD34zx7wdMllBLLKGILQlUUTOCtdOSkGhbZ4D
M5Zynfl6mI/YaVvJCn2Mn57jnv8vH3R6A330WgN/afQR/3E8uKGyjS7jtlzrgmPT
92Bjv4xucTpsFhf0Xi3aC/3wE18wlZxAZ7faQjP/60MDSDo4Ih9LpVg4CgnkvPuF
HMKJgO0KJwBB5I5LW8jOFgCHtB0ZyayoZGt51FrCAgo3+TM2jpyg5TG9q26NIw/c
nFIUBr2RLe9vvjr3e28ikKsa/cBEI1E8Q9IrGsDQUQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:29 2023 by rpki-client on console-ams.rpki-client.org