Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/auLXTRsFla7FCumBgD_Q8qMIIRY.roa
File: auLXTRsFla7FCumBgD_Q8qMIIRY.roa (raw, json)
Hash identifier: T1V+UulVjazx7MQm4Ce31tMNcBOvyz0L2ZmGWIa/mRk=
Subject key identifier: 6A:E2:D7:4D:1B:05:95:AE:C5:0A:E9:81:80:3F:D0:F2:A3:08:21:16
Certificate issuer: /CN=f08fba5263519b7c3a2155c69878217776defba0
Certificate serial: 63BA80
Authority key identifier: F0:8F:BA:52:63:51:9B:7C:3A:21:55:C6:98:78:21:77:76:DE:FB:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8I-6UmNRm3w6IVXGmHghd3be-6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/auLXTRsFla7FCumBgD_Q8qMIIRY.roa
Signing time: Sat 01 Jan 2022 02:53:44 +0000
ROA not before: Sat 01 Jan 2022 02:53:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48847
IP address blocks: 185.12.223.0/24 maxlen: 24
185.12.222.0/24 maxlen: 24
185.12.221.0/24 maxlen: 24
185.12.220.0/22 maxlen: 22
109.233.17.0/24 maxlen: 24
109.233.16.0/24 maxlen: 24
109.233.16.0/21 maxlen: 21
109.233.20.0/24 maxlen: 24
109.233.19.0/24 maxlen: 24
109.233.18.0/24 maxlen: 24
109.233.23.0/24 maxlen: 24
109.233.22.0/24 maxlen: 24
109.233.21.0/24 maxlen: 24
2a03:6900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6535808 (0x63ba80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f08fba5263519b7c3a2155c69878217776defba0
Validity
Not Before: Jan 1 02:53:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ae2d74d1b0595aec50ae981803fd0f2a3082116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:47:83:e6:6f:4c:dd:97:70:77:35:a2:5f:ba:
9b:02:8d:90:d2:85:8e:b7:df:df:4e:e8:85:ed:a7:
6a:d7:ca:d4:8d:4c:6b:a6:49:e1:6b:cc:34:3f:c2:
3c:d1:8f:15:8f:25:95:2b:75:4c:8f:6f:e1:77:e9:
44:88:4f:93:ca:a0:9d:09:89:24:a4:50:89:72:a9:
ea:69:a0:36:50:36:88:27:6b:a5:c5:b2:46:06:22:
c1:d1:a5:49:77:b5:2d:84:51:56:f9:97:3d:99:f2:
7f:25:79:dd:ce:3e:5f:41:c6:ca:85:f0:7f:95:9f:
6f:ea:f2:8e:9a:43:79:a1:1b:8e:d2:00:b3:f4:a0:
e1:20:c3:d6:7c:de:2c:63:f5:09:6f:c1:dd:dc:be:
e3:9a:61:17:5f:0d:db:6e:f5:6e:3c:c9:14:e3:9e:
33:fd:b9:7d:24:0d:1d:1d:72:c1:cb:39:4b:0d:08:
58:1b:04:3f:ea:38:cf:d0:24:8d:1e:8d:a0:78:aa:
8d:4d:8e:e6:4d:ff:55:58:4c:39:97:52:38:cc:39:
7f:01:3c:f3:fd:e4:30:0f:df:a6:6e:8a:bd:dd:0f:
98:cd:97:d7:91:0d:ec:0d:92:e3:5b:c0:fb:98:62:
ad:f0:2a:ba:ec:63:b2:d9:b8:ea:c3:14:36:f7:24:
16:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E2:D7:4D:1B:05:95:AE:C5:0A:E9:81:80:3F:D0:F2:A3:08:21:16
X509v3 Authority Key Identifier:
keyid:F0:8F:BA:52:63:51:9B:7C:3A:21:55:C6:98:78:21:77:76:DE:FB:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8I-6UmNRm3w6IVXGmHghd3be-6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/auLXTRsFla7FCumBgD_Q8qMIIRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1bb1a2-6763-4b24-ad88-06413ceefce0/1/8I-6UmNRm3w6IVXGmHghd3be-6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.16.0/21
185.12.220.0/22
IPv6:
2a03:6900::/32
Signature Algorithm: sha256WithRSAEncryption
5b:75:8d:1c:5a:42:4b:41:23:1e:fc:ad:85:51:dd:f8:5b:9d:
8b:ff:36:13:27:6b:11:fe:70:e1:ce:2d:1e:3c:cd:89:5a:8f:
64:fc:b8:0d:24:f8:a0:3b:e2:7b:5a:58:07:66:57:06:b9:a4:
f6:c3:cb:3e:84:e8:2b:1f:c8:4e:c5:6f:e7:9d:50:e2:77:08:
45:8b:e6:71:aa:16:c9:c2:35:8a:77:5d:e7:69:dc:cb:e7:ec:
7f:5e:95:a3:42:40:13:b2:0c:70:ca:aa:ff:1a:24:91:10:80:
c7:c3:ee:f5:85:e3:5e:dd:e1:db:67:8f:cf:01:f6:23:c6:fc:
04:5b:93:b7:7e:86:1c:76:ec:27:db:5a:3a:73:77:34:5c:c5:
9a:73:0b:2c:27:ea:6b:1c:ae:b6:8b:5f:b4:19:66:35:2a:4f:
6f:1f:a8:da:ae:6f:8e:40:01:90:da:bd:1a:fc:c0:e2:12:1d:
e3:8a:16:18:f7:93:98:ed:d0:07:23:31:d9:c7:fa:fc:06:9f:
f7:9e:f8:82:b8:24:ba:6f:15:d1:20:bd:dd:5b:44:ef:0c:9b:
db:00:41:c1:5d:45:29:17:76:3d:d2:5f:02:9d:dc:59:60:32:
22:b6:90:12:3d:b9:9d:c2:cb:cb:b3:45:46:eb:c4:47:33:1a:
a3:8f:90:8e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDY7qAMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGYw
OGZiYTUyNjM1MTliN2MzYTIxNTVjNjk4NzgyMTc3NzZkZWZiYTAwHhcNMjIwMTAx
MDI1MzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2YWUyZDc0ZDFiMDU5
NWFlYzUwYWU5ODE4MDNmZDBmMmEzMDgyMTE2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoEeD5m9M3ZdwdzWiX7qbAo2Q0oWOt9/fTuiF7adq18rUjUxr
pknha8w0P8I80Y8VjyWVK3VMj2/hd+lEiE+TyqCdCYkkpFCJcqnqaaA2UDaIJ2ul
xbJGBiLB0aVJd7UthFFW+Zc9mfJ/JXndzj5fQcbKhfB/lZ9v6vKOmkN5oRuO0gCz
9KDhIMPWfN4sY/UJb8Hd3L7jmmEXXw3bbvVuPMkU454z/bl9JA0dHXLByzlLDQhY
GwQ/6jjP0CSNHo2geKqNTY7mTf9VWEw5l1I4zDl/ATzz/eQwD9+mboq93Q+YzZfX
kQ3sDZLjW8D7mGKt8Cq67GOy2bjqwxQ29yQW+QIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFGri100bBZWuxQrpgYA/0PKjCCEWMB8GA1UdIwQYMBaAFPCPulJjUZt8OiFV
xph4IXd23vugMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
OEktNlVtTlJtM3c2SVZYR21IZ2hkM2JlLTZBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lNC8xYmIxYTItNjc2My00YjI0LWFkODgtMDY0MTNjZWVmY2UwLzEv
YXVMWFRSc0ZsYTdGQ3VtQmdEX1E4cU1JSVJZLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8x
YmIxYTItNjc2My00YjI0LWFkODgtMDY0MTNjZWVmY2UwLzEvOEktNlVtTlJtM3c2
SVZYR21IZ2hkM2JlLTZBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbekQAwQCuQzcMA0EAgACMAcDBQAq
A2kAMA0GCSqGSIb3DQEBCwUAA4IBAQBbdY0cWkJLQSMe/K2FUd34W52L/zYTJ2sR
/nDhzi0ePM2JWo9k/LgNJPigO+J7WlgHZlcGuaT2w8s+hOgrH8hOxW/nnVDidwhF
i+ZxqhbJwjWKd13nadzL5+x/XpWjQkATsgxwyqr/GiSREIDHw+71heNe3eHbZ4/P
AfYjxvwEW5O3foYcduwn21o6c3c0XMWacwssJ+prHK62i1+0GWY1Kk9vH6jarm+O
QAGQ2r0a/MDiEh3jihYY95OY7dAHIzHZx/r8Bp/3nviCuCS6bxXRIL3dW0TvDJvb
AEHBXUUpF3Y90l8CndxZYDIitpASPbmdwsvLs0VG68RHMxqjj5CO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:22 2023 by rpki-client on console-ams.rpki-client.org