Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/UdVaRVzPISzVa3azR0qiSvqroAM.roa
File: UdVaRVzPISzVa3azR0qiSvqroAM.roa (raw, json)
Hash identifier: HywRqO4+daei/oPXOZFparjRB8bPjIIRfZbMTkWAIOU=
Subject key identifier: 51:D5:5A:45:5C:CF:21:2C:D5:6B:76:B3:47:4A:A2:4A:FA:AB:A0:03
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0182C54E8D0CF9AFECA908D8319433032D44
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/UdVaRVzPISzVa3azR0qiSvqroAM.roa
Signing time: Mon 22 Aug 2022 11:27:15 +0000
ROA not before: Mon 22 Aug 2022 11:27:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 164.215.98.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
164.215.96.0/24 maxlen: 24
164.215.99.0/24 maxlen: 24
85.158.149.0/24 maxlen: 24
85.158.148.0/24 maxlen: 24
85.158.151.0/24 maxlen: 24
85.158.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:c5:4e:8d:0c:f9:af:ec:a9:08:d8:31:94:33:03:2d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 22 11:27:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51d55a455ccf212cd56b76b3474aa24afaaba003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4c:4c:85:11:32:f9:47:62:00:f6:b4:7f:b5:
36:0e:85:4b:b6:92:63:a5:39:90:ac:0f:be:36:bb:
58:5d:91:40:96:9a:7e:a8:fa:7a:62:ea:34:03:92:
d6:3f:79:fa:33:43:a0:45:6b:1b:84:af:80:c6:c0:
e6:1f:e8:68:c1:8e:a6:91:7a:64:2b:44:78:ea:f8:
c7:25:ad:e6:42:09:b9:70:3e:d0:4b:b8:ca:e9:7b:
55:41:ab:27:2d:d3:1e:06:44:86:64:c0:3c:24:68:
eb:ce:91:14:f1:47:bf:87:f2:1e:8e:28:01:1b:21:
96:95:13:6f:57:48:61:c5:2a:7b:92:a1:f0:f5:76:
3f:6d:42:25:0a:c7:4c:65:14:a0:52:52:3b:48:8e:
01:e2:de:82:76:aa:a7:f0:9f:c6:ee:e0:5d:72:08:
9f:11:29:08:00:03:7a:9b:fa:09:95:64:b6:a8:73:
29:04:d0:73:c8:8d:57:43:f2:d8:62:bb:a6:e9:36:
7c:1c:bc:c4:a7:39:21:ac:68:8c:66:c0:8b:d9:85:
ff:49:96:f7:08:3c:85:5d:66:10:b6:97:fe:d9:61:
7e:59:1b:b3:2f:e8:09:ff:5c:42:6f:23:40:9a:94:
a7:15:d9:4a:6d:8f:e8:b0:17:1d:9d:fa:49:51:02:
c4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:D5:5A:45:5C:CF:21:2C:D5:6B:76:B3:47:4A:A2:4A:FA:AB:A0:03
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/UdVaRVzPISzVa3azR0qiSvqroAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.148.0/22
164.215.96.0/22
Signature Algorithm: sha256WithRSAEncryption
55:f4:0f:eb:ff:e7:9c:cb:06:5e:79:f1:e4:91:2a:a5:4f:e2:
09:b1:40:2b:de:a5:4a:3d:ab:59:ca:98:f4:2e:68:d3:35:d1:
ab:2c:ef:cc:ee:53:40:31:22:4d:11:37:a1:c8:f0:ff:f8:ca:
c8:e2:f1:a1:0d:b2:e3:4f:dc:4e:6b:34:31:ec:d6:e6:df:0c:
30:b5:ac:a5:eb:e5:22:44:68:49:8e:5a:3c:c1:2f:39:1d:6f:
34:3b:f5:7b:b5:09:c9:ba:88:48:0f:d7:bd:9b:5e:e2:9f:80:
26:cc:75:43:03:3d:1b:30:40:46:41:4f:64:3b:b0:64:29:c5:
3c:07:91:71:24:52:41:7e:70:b3:d6:75:48:05:05:82:10:e5:
d5:e4:30:c6:bb:bb:ae:de:08:61:ef:9f:ed:04:f6:cf:6e:34:
96:41:bf:b9:75:ce:bd:46:4a:c3:46:19:7a:a1:26:ab:15:ae:
0b:3d:6b:a7:5d:0e:3a:d8:31:3f:27:71:0b:20:02:a9:ae:08:
ab:c6:93:b0:4c:92:ce:a2:47:f0:c9:7f:94:1d:37:da:58:1c:
29:d1:bd:74:48:41:ff:d0:0c:36:39:7c:4e:94:9f:99:56:af:
21:87:00:4b:7c:9d:9c:5e:69:ad:d3:f9:86:c5:f4:f5:e4:58:
fa:ea:50:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLFTo0M+a/sqQjYMZQzAy1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwODIyMTEyNzE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWQ1NWE0NTVjY2YyMTJjZDU2Yjc2YjM0NzRhYTI0YWZhYWJhMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0xMhREy+UdiAPa0f7U2DoVLtpJj
pTmQrA++NrtYXZFAlpp+qPp6Yuo0A5LWP3n6M0OgRWsbhK+AxsDmH+howY6mkXpk
K0R46vjHJa3mQgm5cD7QS7jK6XtVQasnLdMeBkSGZMA8JGjrzpEU8Ue/h/IejigB
GyGWlRNvV0hhxSp7kqHw9XY/bUIlCsdMZRSgUlI7SI4B4t6Cdqqn8J/G7uBdcgif
ESkIAAN6m/oJlWS2qHMpBNBzyI1XQ/LYYrum6TZ8HLzEpzkhrGiMZsCL2YX/SZb3
CDyFXWYQtpf+2WF+WRuzL+gJ/1xCbyNAmpSnFdlKbY/osBcdnfpJUQLEmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFHVWkVczyEs1Wt2s0dKokr6q6ADMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvVWRWYVJWelBJU3pWYTNhelIwcWlTdnFyb0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVZ6UAwQC
pNdgMA0GCSqGSIb3DQEBCwUAA4IBAQBV9A/r/+ecywZeefHkkSqlT+IJsUAr3qVK
PatZypj0LmjTNdGrLO/M7lNAMSJNETehyPD/+MrI4vGhDbLjT9xOazQx7Nbm3www
tayl6+UiRGhJjlo8wS85HW80O/V7tQnJuohID9e9m17in4AmzHVDAz0bMEBGQU9k
O7BkKcU8B5FxJFJBfnCz1nVIBQWCEOXV5DDGu7uu3ghh75/tBPbPbjSWQb+5dc69
RkrDRhl6oSarFa4LPWunXQ462DE/J3ELIAKprgirxpOwTJLOokfwyX+UHTfaWBwp
0b10SEH/0Aw2OXxOlJ+ZVq8hhwBLfJ2cXmmt0/mGxfT15Fj66lDu
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:00 2023 by rpki-client on console-fra.rpki-client.org