Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/u4xiwuRHBgIVMxL69urNwKpLfxM.roa
File: u4xiwuRHBgIVMxL69urNwKpLfxM.roa (raw, json)
Hash identifier: hbmXWU01/rHpJx1iVaOpKPPGhh5C7nvBtcLVgZiDQYE=
Subject key identifier: BB:8C:62:C2:E4:47:06:02:15:33:12:FA:F6:EA:CD:C0:AA:4B:7F:13
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 018225E66041B9C47CD8F0449C621F918EE1
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/u4xiwuRHBgIVMxL69urNwKpLfxM.roa
Signing time: Fri 22 Jul 2022 12:33:51 +0000
ROA not before: Fri 22 Jul 2022 12:33:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 37.143.4.0/22 maxlen: 24
37.143.0.0/22 maxlen: 24
46.28.44.0/22 maxlen: 24
46.28.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:e6:60:41:b9:c4:7c:d8:f0:44:9c:62:1f:91:8e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Jul 22 12:33:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb8c62c2e4470602153312faf6eacdc0aa4b7f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:15:b3:10:a3:69:09:0b:74:92:33:b0:ca:0f:
86:37:29:35:d4:07:e4:4d:b2:0e:a3:50:68:de:f6:
72:3f:71:80:e9:9c:25:cc:2d:c6:97:81:05:14:f8:
41:86:a0:db:1e:98:d8:8c:d4:49:27:0a:46:2f:9a:
6c:d0:81:99:8f:ef:17:39:17:6b:20:cf:e2:63:dc:
f1:33:ab:96:c7:48:bb:b7:4f:df:61:e6:c4:9c:ec:
d3:26:53:36:e0:5a:8b:d9:49:e9:4f:36:45:87:79:
4d:d8:f2:3a:0b:91:5d:f4:de:1b:89:46:d0:22:1b:
dd:ee:ef:32:8b:9f:89:86:96:08:3b:da:1e:a1:8d:
07:c1:5a:49:a1:31:0c:f8:ce:7e:f0:a4:ce:d7:ac:
22:bf:7a:67:6f:11:05:54:dc:8c:fd:44:b4:d1:91:
07:2c:49:e3:2b:3d:1c:aa:6b:b9:88:0e:9e:b9:d1:
9d:01:aa:d1:79:54:6c:46:25:91:a3:34:29:72:c0:
55:63:c2:d8:92:a2:67:90:9b:50:9f:8c:1c:1b:75:
94:0a:1a:33:82:34:a3:78:d4:bc:ca:5e:fb:92:ce:
55:70:3e:bb:fd:ec:07:23:42:5c:fb:dd:fa:bf:f8:
be:40:74:d9:38:56:b7:90:8c:0e:f2:72:94:4f:50:
bd:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8C:62:C2:E4:47:06:02:15:33:12:FA:F6:EA:CD:C0:AA:4B:7F:13
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/u4xiwuRHBgIVMxL69urNwKpLfxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/21
46.28.40.0/21
Signature Algorithm: sha256WithRSAEncryption
cf:c1:1e:ef:8f:b6:0a:a7:5e:a9:02:69:77:3f:ef:64:5d:78:
a5:51:7a:11:d1:af:89:82:d3:08:4d:45:68:ab:6a:2d:b9:4f:
5c:81:f0:b8:53:69:a0:09:f8:7b:28:08:7c:d2:a0:ec:e5:99:
6a:41:da:26:8a:55:50:a5:3a:c6:d8:70:4e:5f:42:7e:f1:dc:
86:47:17:47:62:b2:de:ad:a7:a4:7b:b2:a9:34:f6:cf:6a:91:
97:9e:6a:a9:6b:24:14:57:db:79:4b:35:d5:55:72:c6:70:05:
d6:e7:04:ab:0c:5b:fa:15:74:3f:5d:06:a0:63:64:9b:9a:7f:
c7:8a:12:2e:fd:67:b1:83:ef:6c:4f:bb:e0:da:81:ab:86:8b:
4b:e9:02:a3:e4:90:2f:45:76:76:f1:f4:f1:81:0d:9f:ce:fa:
3d:54:92:18:7e:b1:db:e5:51:f9:c2:80:e2:2f:36:5e:c5:32:
c3:16:65:71:94:6b:4d:0a:f7:73:44:40:06:a1:48:17:76:7a:
69:27:96:4d:58:8b:63:a4:0c:0d:7f:e1:3e:30:3b:54:1a:f8:
f5:95:a5:4d:30:50:a4:27:a0:59:bf:ac:14:4d:61:4b:4a:7d:
57:9e:dc:c4:35:b7:02:e1:56:15:d1:f1:91:c6:bb:9e:45:cd:
3f:b7:3b:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYIl5mBBucR82PBEnGIfkY7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjIwNzIyMTIzMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjhjNjJjMmU0NDcwNjAyMTUzMzEyZmFmNmVhY2RjMGFhNGI3ZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhWzEKNpCQt0kjOwyg+GNyk11Afk
TbIOo1Bo3vZyP3GA6ZwlzC3Gl4EFFPhBhqDbHpjYjNRJJwpGL5ps0IGZj+8XORdr
IM/iY9zxM6uWx0i7t0/fYebEnOzTJlM24FqL2UnpTzZFh3lN2PI6C5Fd9N4biUbQ
Ihvd7u8yi5+JhpYIO9oeoY0HwVpJoTEM+M5+8KTO16wiv3pnbxEFVNyM/US00ZEH
LEnjKz0cqmu5iA6eudGdAarReVRsRiWRozQpcsBVY8LYkqJnkJtQn4wcG3WUChoz
gjSjeNS8yl77ks5VcD67/ewHI0Jc+936v/i+QHTZOFa3kIwO8nKUT1C92wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLuMYsLkRwYCFTMS+vbqzcCqS38TMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvdTR4aXd1UkhCZ0lWTXhMNjl1ck53S3BMZnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJY8AAwQD
LhwoMA0GCSqGSIb3DQEBCwUAA4IBAQDPwR7vj7YKp16pAml3P+9kXXilUXoR0a+J
gtMITUVoq2otuU9cgfC4U2mgCfh7KAh80qDs5ZlqQdomilVQpTrG2HBOX0J+8dyG
RxdHYrLeraeke7KpNPbPapGXnmqpayQUV9t5SzXVVXLGcAXW5wSrDFv6FXQ/XQag
Y2Sbmn/HihIu/Wexg+9sT7vg2oGrhotL6QKj5JAvRXZ28fTxgQ2fzvo9VJIYfrHb
5VH5woDiLzZexTLDFmVxlGtNCvdzREAGoUgXdnppJ5ZNWItjpAwNf+E+MDtUGvj1
laVNMFCkJ6BZv6wUTWFLSn1XntzENbcC4VYV0fGRxrueRc0/tztO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:33 2023 by rpki-client on console-ams.rpki-client.org