Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/cED2SdhVIsKYpCC4IIuwnwG2YMs.roa
File: cED2SdhVIsKYpCC4IIuwnwG2YMs.roa (raw, json)
Hash identifier: XHnT47qSJU8VODQgfWivlBnsFdp7Yropbsf0QJE+vt4=
Subject key identifier: 70:40:F6:49:D8:55:22:C2:98:A4:20:B8:20:8B:B0:9F:01:B6:60:CB
Certificate issuer: /CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Certificate serial: 0702E4C7
Authority key identifier: 15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/cED2SdhVIsKYpCC4IIuwnwG2YMs.roa
Signing time: Sat 01 Jan 2022 14:55:17 +0000
ROA not before: Sat 01 Jan 2022 14:55:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209564
IP address blocks: 82.146.23.0/24 maxlen: 24
84.238.223.0/24 maxlen: 24
185.32.151.0/24 maxlen: 24
185.32.149.0/24 maxlen: 24
185.32.150.0/24 maxlen: 24
185.32.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117630151 (0x702e4c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Validity
Not Before: Jan 1 14:55:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7040f649d85522c298a420b8208bb09f01b660cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:72:63:6f:f4:44:68:62:4a:20:4d:78:0a:af:
23:d8:40:1d:b9:8e:c9:ae:5f:b3:ae:d9:a6:0e:c7:
cf:d9:00:98:64:77:bb:c9:c7:bb:ef:c1:24:80:9b:
b5:78:31:ee:05:c9:c5:70:0a:47:60:1a:c6:22:9a:
18:dd:c4:1b:17:f2:79:b4:b3:16:5a:3b:8a:79:e0:
8c:f1:76:ea:28:80:a7:63:ad:78:20:59:44:e1:74:
f4:0f:b4:f2:f9:39:20:d5:b7:97:fc:51:d7:6b:3a:
dc:f9:d6:b3:b5:73:8e:1a:e0:7e:21:67:48:f5:75:
7c:25:e2:fe:20:36:1c:a7:3d:19:8b:d9:99:14:2a:
31:1e:1d:9a:fd:0e:1a:81:71:30:00:e4:b2:58:16:
af:a8:1d:6a:1f:b8:60:a2:68:91:20:79:c5:9c:3d:
fb:94:ee:b8:86:25:f0:db:1d:c1:c8:4b:58:18:14:
37:16:82:13:1e:95:0e:2f:25:b2:c6:2d:70:4a:47:
2e:ff:1c:7f:fc:d0:6e:f7:17:79:08:c2:d8:b1:2f:
3a:c1:2a:de:db:c5:4f:4f:ae:c7:29:8d:56:93:8f:
16:e0:53:cb:3a:2f:15:93:9b:cd:93:ae:f5:4e:3f:
f9:9b:25:bf:41:e7:ef:00:80:a2:aa:f5:16:3d:2c:
d7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:40:F6:49:D8:55:22:C2:98:A4:20:B8:20:8B:B0:9F:01:B6:60:CB
X509v3 Authority Key Identifier:
keyid:15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/cED2SdhVIsKYpCC4IIuwnwG2YMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.23.0/24
84.238.223.0/24
185.32.148.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:03:ad:69:fa:d9:71:9a:59:b4:07:fd:ef:d1:9c:28:52:5d:
35:9b:0e:55:52:a3:7f:fe:4b:85:bf:e9:1e:e9:0b:02:88:b1:
6f:8a:7a:65:97:62:8a:15:ae:f8:fd:27:51:be:1e:8c:86:a3:
ea:b9:f0:05:3b:1a:bd:4a:d8:98:0d:61:8c:79:72:a6:fd:8f:
6c:e2:01:3d:15:99:94:4e:f7:2d:bf:13:76:10:f4:72:d3:f8:
80:25:8b:ce:c7:fb:c2:43:04:f3:d5:81:49:94:41:fd:4d:8c:
00:1c:e9:de:ab:55:f2:4f:08:0f:19:e7:47:18:f4:0b:1e:9b:
88:34:e1:8b:37:b0:68:a3:0b:be:e7:32:33:7a:d1:eb:82:63:
fe:39:15:28:48:7a:bc:4b:8f:b4:65:97:7c:f6:46:08:2d:fa:
e4:3c:a4:69:c7:01:c1:5b:1f:bd:26:ef:9f:1c:8c:04:bc:fc:
90:3c:ca:51:d6:de:2c:79:5e:a1:fb:61:e3:10:6b:1b:36:16:
1b:58:51:cc:32:51:45:c1:e2:2d:b5:c8:b8:6d:d8:1d:ec:69:
34:66:ca:e3:0c:c1:9d:b1:02:50:1f:73:58:5d:84:ad:5d:08:
1b:57:0d:51:04:fc:df:88:27:79:c0:4b:28:f1:a1:1e:65:5a:
e0:05:c6:f6
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBwLkxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NWRjM2NiMWUwN2Q3MTRiNzI1ZjUxYTY2ZDFkY2ZkODdhZTFjNTFhMB4XDTIyMDEw
MTE0NTUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA0MGY2NDlkODU1
MjJjMjk4YTQyMGI4MjA4YmIwOWYwMWI2NjBjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5yY2/0RGhiSiBNeAqvI9hAHbmOya5fs67Zpg7Hz9kAmGR3
u8nHu+/BJICbtXgx7gXJxXAKR2AaxiKaGN3EGxfyebSzFlo7inngjPF26iiAp2Ot
eCBZROF09A+08vk5INW3l/xR12s63PnWs7VzjhrgfiFnSPV1fCXi/iA2HKc9GYvZ
mRQqMR4dmv0OGoFxMADkslgWr6gdah+4YKJokSB5xZw9+5TuuIYl8NsdwchLWBgU
NxaCEx6VDi8lssYtcEpHLv8cf/zQbvcXeQjC2LEvOsEq3tvFT0+uxymNVpOPFuBT
yzovFZObzZOu9U4/+Zslv0Hn7wCAoqr1Fj0s16ECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRwQPZJ2FUiwpikILggi7CfAbZgyzAfBgNVHSMEGDAWgBQV3Dyx4H1xS3Jf
UaZtHc/YeuHFGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZkdzhzZUI5Y1V0eVgxR21iUjNQMkhyaHhSby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvYTljYzVkLTY5ZTAtNDU5Ny1hZDY0LWZlMmNiNDMxY2YyZi8x
L2NFRDJTZGhWSXNLWXBDQzRJSXV3bndHMllNcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
YTljYzVkLTY5ZTAtNDU5Ny1hZDY0LWZlMmNiNDMxY2YyZi8xL0ZkdzhzZUI5Y1V0
eVgxR21iUjNQMkhyaHhSby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFKSFwMEAFTu3wMEArkglDANBgkq
hkiG9w0BAQsFAAOCAQEAuAOtafrZcZpZtAf979GcKFJdNZsOVVKjf/5Lhb/pHukL
Aoixb4p6ZZdiihWu+P0nUb4ejIaj6rnwBTsavUrYmA1hjHlypv2PbOIBPRWZlE73
Lb8TdhD0ctP4gCWLzsf7wkME89WBSZRB/U2MABzp3qtV8k8IDxnnRxj0Cx6biDTh
izewaKMLvucyM3rR64Jj/jkVKEh6vEuPtGWXfPZGCC365DykaccBwVsfvSbvnxyM
BLz8kDzKUdbeLHleofth4xBrGzYWG1hRzDJRRcHiLbXIuG3YHexpNGbK4wzBnbEC
UB9zWF2ErV0IG1cNUQT834gnecBLKPGhHmVa4AXG9g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:02 2023 by rpki-client on console-fra.rpki-client.org