Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/usEulZIX-Elnkhh4C0bqjt1EB5A.roa
File: usEulZIX-Elnkhh4C0bqjt1EB5A.roa (raw, json)
Hash identifier: e/Gd5nw7BM2v0FQMdt+uVcexSe/C+y33yIiSRkulHAE=
Subject key identifier: BA:C1:2E:95:92:17:F8:49:67:92:18:78:0B:46:EA:8E:DD:44:07:90
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 0357328E
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/usEulZIX-Elnkhh4C0bqjt1EB5A.roa
Signing time: Sat 01 Jan 2022 07:57:33 +0000
ROA not before: Sat 01 Jan 2022 07:57:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197328
IP address blocks: 185.4.226.0/24 maxlen: 32
195.3.136.0/22 maxlen: 32
194.187.36.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56046222 (0x357328e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Jan 1 07:57:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bac12e959217f849679218780b46ea8edd440790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d5:c3:65:c2:a5:6a:88:b5:29:87:fd:2b:d2:
dc:ae:b6:10:eb:ba:8c:54:0f:f8:fd:7f:9a:f4:8a:
e6:d9:e4:94:02:46:43:76:3c:31:8e:a1:d7:92:da:
ff:12:42:e2:79:71:dc:36:81:c0:50:93:8a:89:89:
ff:51:9b:e8:9f:0a:75:5e:08:3a:ea:d3:69:15:2f:
3d:e5:76:cb:5f:21:c3:ba:0d:48:af:c8:33:6c:f4:
86:15:f7:24:c2:c0:3d:6b:aa:e6:3f:bf:1c:b8:6b:
1a:43:e7:67:d5:c1:61:72:98:2c:27:78:02:49:8a:
55:1b:5e:2d:91:2f:6e:84:39:b1:bb:33:25:2f:0c:
12:df:a7:d9:eb:f4:1b:93:7f:83:f4:4a:71:4b:a8:
32:81:2b:ec:8a:8a:da:27:06:36:d3:90:cd:61:74:
b8:8f:da:30:38:e1:2c:ea:6c:4e:6f:d4:f7:4f:5c:
0b:9a:33:a0:f4:7a:c4:83:46:9b:5b:75:72:00:4b:
0b:19:6a:5b:cd:dc:8e:a6:87:1e:5d:67:58:b5:e1:
dd:b9:73:fb:33:65:46:25:09:d7:20:28:35:bf:76:
3f:02:98:71:cc:88:48:5e:a5:29:cd:8d:3c:0a:e8:
40:4e:d4:e7:11:a5:65:31:c9:11:92:57:21:ae:89:
c3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C1:2E:95:92:17:F8:49:67:92:18:78:0B:46:EA:8E:DD:44:07:90
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/usEulZIX-Elnkhh4C0bqjt1EB5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.226.0/24
194.187.36.0/22
195.3.136.0/22
Signature Algorithm: sha256WithRSAEncryption
29:41:63:66:45:38:a2:85:86:5b:87:6e:3f:fa:4d:a0:a7:25:
b6:05:df:60:d8:09:90:cb:5f:e7:6c:5b:6a:ab:f9:e1:79:8d:
ce:6c:09:32:e7:70:a5:d4:c7:f4:1c:c4:44:c2:12:a0:76:45:
f4:8d:e8:1b:4d:e7:da:91:30:4f:0e:84:d9:e3:2a:a4:10:a0:
c1:fe:34:ac:b6:be:9b:e2:a0:d2:b1:66:29:85:df:bc:7e:f9:
da:a2:2f:9a:24:2d:7e:5a:ff:cf:d3:12:0b:51:1d:47:d6:48:
34:ee:13:86:25:29:27:58:46:ae:14:7a:63:d9:bb:33:64:27:
27:28:af:39:02:45:59:d9:82:45:fb:36:6e:10:d7:d1:66:d6:
a6:42:35:5b:ed:05:6d:62:5e:fc:ec:45:ab:0a:4f:74:c9:78:
c3:b7:dd:be:40:c7:58:4c:4c:52:d8:0d:6a:5f:86:d2:d5:83:
44:c4:10:8c:fd:3f:4e:28:dc:c2:10:99:a5:12:92:f4:0d:27:
5a:5f:2d:be:6e:79:3e:51:5f:6c:eb:e5:60:1f:71:8b:78:80:
92:48:c8:c1:0c:24:8a:9b:dd:31:c1:e7:78:d4:b8:2c:e8:92:
78:7d:de:ba:fe:4e:6c:0d:ff:01:57:00:e0:c9:81:3f:5c:e5:
6c:79:33:be
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA1cyjjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWQ2MzE1NmMxODM2ZjE2YzNiNDMwZWZmYmI3MmFjNjk5MzJlYTliMB4XDTIyMDEw
MTA3NTczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFjMTJlOTU5MjE3
Zjg0OTY3OTIxODc4MGI0NmVhOGVkZDQ0MDc5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXVw2XCpWqItSmH/SvS3K62EOu6jFQP+P1/mvSK5tnklAJG
Q3Y8MY6h15La/xJC4nlx3DaBwFCTiomJ/1Gb6J8KdV4IOurTaRUvPeV2y18hw7oN
SK/IM2z0hhX3JMLAPWuq5j+/HLhrGkPnZ9XBYXKYLCd4AkmKVRteLZEvboQ5sbsz
JS8MEt+n2ev0G5N/g/RKcUuoMoEr7IqK2icGNtOQzWF0uI/aMDjhLOpsTm/U909c
C5ozoPR6xINGm1t1cgBLCxlqW83cjqaHHl1nWLXh3blz+zNlRiUJ1yAoNb92PwKY
ccyISF6lKc2NPAroQE7U5xGlZTHJEZJXIa6JwzMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBS6wS6Vkhf4SWeSGHgLRuqO3UQHkDAfBgNVHSMEGDAWgBTZ1jFWwYNvFsO0
MO/7tyrGmTLqmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJkWXhWc0dEYnhiRHRERHYtN2NxeHBreTZwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvOGY0NmJlLTAyOGItNGQwMy1hOTczLWZkYTAxMWU1Yzk3Mi8x
L3VzRXVsWklYLUVsbmtoaDRDMGJxanQxRUI1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
OGY0NmJlLTAyOGItNGQwMy1hOTczLWZkYTAxMWU1Yzk3Mi8xLzJkWXhWc0dEYnhi
RHRERHYtN2NxeHBreTZwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEALkE4gMEAsK7JAMEAsMDiDANBgkq
hkiG9w0BAQsFAAOCAQEAKUFjZkU4ooWGW4duP/pNoKcltgXfYNgJkMtf52xbaqv5
4XmNzmwJMudwpdTH9BzERMISoHZF9I3oG03n2pEwTw6E2eMqpBCgwf40rLa+m+Kg
0rFmKYXfvH752qIvmiQtflr/z9MSC1EdR9ZINO4ThiUpJ1hGrhR6Y9m7M2QnJyiv
OQJFWdmCRfs2bhDX0WbWpkI1W+0FbWJe/OxFqwpPdMl4w7fdvkDHWExMUtgNal+G
0tWDRMQQjP0/TijcwhCZpRKS9A0nWl8tvm55PlFfbOvlYB9xi3iAkkjIwQwkipvd
McHneNS4LOiSeH3euv5ObA3/AVcA4MmBP1zlbHkzvg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:33 2023 by rpki-client on console-ams.rpki-client.org