Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/fV1c7FxJVDFyd2cJyGWy0Hv0zbQ.roa
File: fV1c7FxJVDFyd2cJyGWy0Hv0zbQ.roa (raw, json)
Hash identifier: UFALE6yzUU/7QVsn3QF7FyVuevxJk96LQXF+HyknMCo=
Subject key identifier: 7D:5D:5C:EC:5C:49:54:31:72:77:67:09:C8:65:B2:D0:7B:F4:CD:B4
Certificate issuer: /CN=e465acc90809efb45ccda250a1057618494b86eb
Certificate serial: 09AD0F6C
Authority key identifier: E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/fV1c7FxJVDFyd2cJyGWy0Hv0zbQ.roa
Signing time: Mon 07 Feb 2022 15:13:33 +0000
ROA not before: Mon 07 Feb 2022 15:13:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1104
IP address blocks: 192.16.185.0/24 maxlen: 24
192.16.186.0/24 maxlen: 24
192.16.192.0/24 maxlen: 24
192.16.199.0/24 maxlen: 24
192.16.195.0/24 maxlen: 24
192.16.194.0/24 maxlen: 24
185.153.60.0/22 maxlen: 24
2a07:8500::/29 maxlen: 48
2a07:8504::/32 maxlen: 48
2a07:8500::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162336620 (0x9ad0f6c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e465acc90809efb45ccda250a1057618494b86eb
Validity
Not Before: Feb 7 15:13:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7d5d5cec5c49543172776709c865b2d07bf4cdb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:05:3a:54:d2:1e:5d:72:4b:61:cb:fc:e1:ae:
d6:18:82:50:95:03:ed:13:93:e8:4d:b6:b5:c0:e2:
57:ec:cc:ce:ba:2e:f9:9a:08:71:18:6a:26:fd:78:
15:30:f2:9c:8f:6a:72:be:8d:4d:b6:31:3e:7f:47:
da:7d:48:4e:b3:05:4a:c3:5e:d4:71:8a:f4:78:2c:
25:f6:94:c9:7d:da:e5:bb:f7:ec:d2:64:36:69:58:
eb:9e:a2:07:5a:55:99:ed:71:c3:da:42:13:35:af:
42:51:cc:2b:c8:27:e3:3f:21:b1:d3:d7:16:f3:5e:
70:d7:46:57:ec:59:c3:eb:7d:a9:58:71:9f:c2:29:
fe:2e:6c:68:ed:67:71:eb:cd:c8:89:fc:55:89:73:
56:5f:71:09:f7:c8:79:d0:22:81:4b:d2:c7:d0:08:
65:6d:c7:b7:3e:e1:3c:b9:69:e2:33:0e:30:e1:4d:
8c:63:bf:79:3b:45:03:14:80:6c:80:b2:6c:35:9a:
3b:48:1b:80:21:02:cf:2a:39:1e:c1:ca:a4:af:33:
b5:06:37:d4:3a:c2:ba:62:96:b3:9a:00:78:62:5e:
0a:03:ec:28:7e:17:9e:cd:92:7e:36:8c:46:0d:42:
53:00:21:bc:e8:af:a3:1a:8d:5e:87:52:f7:b5:26:
13:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:5D:5C:EC:5C:49:54:31:72:77:67:09:C8:65:B2:D0:7B:F4:CD:B4
X509v3 Authority Key Identifier:
keyid:E4:65:AC:C9:08:09:EF:B4:5C:CD:A2:50:A1:05:76:18:49:4B:86:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5GWsyQgJ77RczaJQoQV2GElLhus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/fV1c7FxJVDFyd2cJyGWy0Hv0zbQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/9ef60a-73ee-40e1-9006-c0b3b0f54beb/1/5GWsyQgJ77RczaJQoQV2GElLhus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.60.0/22
192.16.185.0-192.16.186.255
192.16.192.0/24
192.16.194.0/23
192.16.199.0/24
IPv6:
2a07:8500::/29
Signature Algorithm: sha256WithRSAEncryption
6f:27:34:63:a3:6f:94:c1:8b:ba:59:0a:0c:62:84:5d:58:c6:
6b:d7:70:c3:39:65:2a:ed:ab:11:8d:57:23:c5:3b:9b:05:9f:
c6:bd:07:84:3b:f0:41:bd:37:ec:ec:0c:f1:e3:41:c6:8d:2f:
a3:50:29:13:4b:3b:bb:1d:2b:68:21:4f:e5:50:83:c5:77:dc:
40:c7:73:25:55:d3:4e:25:85:2f:b6:0f:36:97:2c:f2:cb:3d:
26:a1:4d:d6:67:7a:e9:85:20:1f:71:89:9c:ea:d9:08:36:4c:
bd:25:01:37:6b:03:69:14:e0:81:a7:a5:f3:fa:c2:41:3b:c0:
17:ef:d3:1d:fb:67:ea:d1:47:e0:e2:12:ef:5e:10:a7:ce:b4:
85:8d:40:6d:e3:1c:81:0c:57:c5:e8:cf:5f:b2:7c:2c:92:78:
ee:ec:a3:59:5b:94:e8:cc:ae:03:02:9c:2d:f0:c0:cf:f0:35:
7e:87:39:72:7b:33:fb:8c:e6:02:eb:c4:20:8f:55:91:7e:ed:
ae:64:ab:e1:f1:fd:10:fa:65:33:d7:65:02:fd:90:5b:48:4d:
80:18:ec:2c:5c:6e:54:56:b4:e7:91:8b:43:f5:3a:cc:14:94:
52:80:61:6c:22:16:ca:94:11:38:93:13:8a:1e:ad:04:de:12:
7d:48:57:f5
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIECa0PbDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDY1YWNjOTA4MDllZmI0NWNjZGEyNTBhMTA1NzYxODQ5NGI4NmViMB4XDTIyMDIw
NzE1MTMzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2Q1ZDVjZWM1YzQ5
NTQzMTcyNzc2NzA5Yzg2NWIyZDA3YmY0Y2RiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIFOlTSHl1yS2HL/OGu1hiCUJUD7ROT6E22tcDiV+zMzrou
+ZoIcRhqJv14FTDynI9qcr6NTbYxPn9H2n1ITrMFSsNe1HGK9HgsJfaUyX3a5bv3
7NJkNmlY656iB1pVme1xw9pCEzWvQlHMK8gn4z8hsdPXFvNecNdGV+xZw+t9qVhx
n8Ip/i5saO1ncevNyIn8VYlzVl9xCffIedAigUvSx9AIZW3Htz7hPLlp4jMOMOFN
jGO/eTtFAxSAbICybDWaO0gbgCECzyo5HsHKpK8ztQY31DrCumKWs5oAeGJeCgPs
KH4Xns2SfjaMRg1CUwAhvOivoxqNXodS97UmE/8CAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBR9XVzsXElUMXJ3ZwnIZbLQe/TNtDAfBgNVHSMEGDAWgBTkZazJCAnvtFzN
olChBXYYSUuG6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVHV3N5UWdKNzdSY3phSlFvUVYyR0VsTGh1cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvOWVmNjBhLTczZWUtNDBlMS05MDA2LWMwYjNiMGY1NGJlYi8x
L2ZWMWM3RnhKVkRGeWQyY0p5R1d5MEh2MHpiUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
OWVmNjBhLTczZWUtNDBlMS05MDA2LWMwYjNiMGY1NGJlYi8xLzVHV3N5UWdKNzdS
Y3phSlFvUVYyR0VsTGh1cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wLAQCAAEwJgMEArmZPDAMAwQAwBC5AwQAwBC6AwQA
wBDAAwQBwBDCAwQAwBDHMA0EAgACMAcDBQMqB4UAMA0GCSqGSIb3DQEBCwUAA4IB
AQBvJzRjo2+UwYu6WQoMYoRdWMZr13DDOWUq7asRjVcjxTubBZ/GvQeEO/BBvTfs
7Azx40HGjS+jUCkTSzu7HStoIU/lUIPFd9xAx3MlVdNOJYUvtg82lyzyyz0moU3W
Z3rphSAfcYmc6tkINky9JQE3awNpFOCBp6Xz+sJBO8AX79Md+2fq0Ufg4hLvXhCn
zrSFjUBt4xyBDFfF6M9fsnwsknju7KNZW5TozK4DApwt8MDP8DV+hzlyezP7jOYC
68Qgj1WRfu2uZKvh8f0Q+mUz12UC/ZBbSE2AGOwsXG5UVrTnkYtD9TrMFJRSgGFs
IhbKlBE4kxOKHq0E3hJ9SFf1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:10 2023 by rpki-client on console-fra.rpki-client.org