Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/eWeUB_pxsegOxBaTwwuHjiNh3l8.roa
File: eWeUB_pxsegOxBaTwwuHjiNh3l8.roa (raw, json)
Hash identifier: S9TY+86O4soUCbMXg/8ZLNCeaVRDjkqvPLMjO42GoHI=
Subject key identifier: 79:67:94:07:FA:71:B1:E8:0E:C4:16:93:C3:0B:87:8E:23:61:DE:5F
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 0184621CC34944E3383CBA4E82D32DFD301F
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/eWeUB_pxsegOxBaTwwuHjiNh3l8.roa
Signing time: Thu 10 Nov 2022 15:16:02 +0000
ROA not before: Thu 10 Nov 2022 15:16:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201925
IP address blocks: 194.126.165.0/24 maxlen: 24
194.126.166.0/24 maxlen: 24
194.126.167.0/24 maxlen: 24
217.117.132.0/22 maxlen: 22
185.165.151.0/24 maxlen: 24
2001:67c:2fd0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:62:1c:c3:49:44:e3:38:3c:ba:4e:82:d3:2d:fd:30:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Nov 10 15:16:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=79679407fa71b1e80ec41693c30b878e2361de5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fe:2a:29:20:1c:1f:21:48:5e:03:0e:11:d5:
b6:e0:6a:17:93:6c:48:8c:35:4f:2e:33:a5:5d:87:
5b:3e:ec:ea:b7:e0:dd:c7:54:52:5b:e8:fa:2b:5c:
7a:5b:0c:a3:da:72:80:9f:ab:62:61:39:8c:e4:53:
a3:01:f5:72:3c:11:05:80:60:bb:be:e8:af:6b:f7:
22:57:d1:e8:a4:86:6b:fd:f1:15:6a:3f:d6:f5:ac:
f6:5b:23:29:1e:f9:11:de:66:2b:fc:cc:53:71:10:
ff:09:60:44:8c:d9:67:9d:b0:73:88:81:93:78:d6:
2c:1c:19:72:6c:96:f0:20:24:2a:88:21:d2:3a:7e:
fd:5a:88:8c:42:34:4e:c5:40:95:e6:3c:0c:fb:5b:
ad:7f:f4:5e:bc:61:3c:f8:b8:bb:72:18:20:32:40:
5b:74:f3:47:75:29:dc:85:02:a4:63:7f:55:1e:7c:
07:ce:f2:af:17:b3:79:54:12:2e:25:24:ac:cb:9b:
19:46:ac:26:be:0c:29:5e:79:7e:02:a0:15:9f:92:
18:98:f8:8a:84:8b:fa:f7:a6:70:73:fa:92:36:14:
37:8e:e0:e6:27:b0:5f:64:a3:be:5e:9c:32:a2:a9:
71:59:68:09:d4:30:29:ce:84:f5:11:52:3c:d1:58:
58:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:67:94:07:FA:71:B1:E8:0E:C4:16:93:C3:0B:87:8E:23:61:DE:5F
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/eWeUB_pxsegOxBaTwwuHjiNh3l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.151.0/24
194.126.165.0-194.126.167.255
217.117.132.0/22
IPv6:
2001:67c:2fd0::/48
Signature Algorithm: sha256WithRSAEncryption
5c:6d:5b:41:2c:f6:73:e9:bd:2d:ec:00:16:b3:0d:93:fc:e0:
ae:69:f5:c7:a0:4d:ef:db:ba:42:02:07:a7:57:c4:40:a9:d3:
53:bb:14:ef:df:ef:dd:2c:7f:39:f5:2f:2e:21:c1:16:75:10:
02:2e:6f:7a:ee:90:1c:8c:4c:47:e4:39:4e:01:0c:08:8d:33:
53:8a:72:ef:e8:ff:95:8e:c1:4c:2d:ef:7d:b5:a7:02:2c:a8:
4e:cb:ac:f5:c5:59:79:0f:34:6b:ff:5a:bf:dc:5a:31:3a:27:
a2:85:c9:2d:b9:89:d0:6f:bc:15:46:dc:1b:ac:33:58:fa:ad:
78:51:5a:c3:cf:d3:8d:a7:e0:bc:4d:99:8d:7e:6c:20:e0:c6:
ff:86:66:55:f1:53:f3:b9:47:63:72:8f:f0:e5:44:86:09:15:
12:aa:46:40:47:b4:f7:65:e3:9e:ff:15:72:e4:bc:ca:5d:e6:
86:8d:86:12:3c:8a:37:9d:8e:f0:99:63:8b:63:b8:45:9d:98:
ba:c6:5e:b9:ce:9b:8d:dc:b5:91:8d:18:86:8d:c7:86:68:0b:
a8:3f:ba:ce:22:e7:76:fe:63:ec:d2:02:64:8a:4d:e7:7d:c2:
e6:ed:1b:99:e6:6d:8f:3a:a0:c8:87:9a:e4:b6:92:eb:bb:18:
ec:71:d4:4e
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYRiHMNJROM4PLpOgtMt/TAfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjIxMTEwMTUxNjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTY3OTQwN2ZhNzFiMWU4MGVjNDE2OTNjMzBiODc4ZTIzNjFkZTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnP4qKSAcHyFIXgMOEdW24GoXk2xI
jDVPLjOlXYdbPuzqt+Ddx1RSW+j6K1x6Wwyj2nKAn6tiYTmM5FOjAfVyPBEFgGC7
vuiva/ciV9HopIZr/fEVaj/W9az2WyMpHvkR3mYr/MxTcRD/CWBEjNlnnbBziIGT
eNYsHBlybJbwICQqiCHSOn79WoiMQjROxUCV5jwM+1utf/RevGE8+Li7chggMkBb
dPNHdSnchQKkY39VHnwHzvKvF7N5VBIuJSSsy5sZRqwmvgwpXnl+AqAVn5IYmPiK
hIv696Zwc/qSNhQ3juDmJ7BfZKO+XpwyoqlxWWgJ1DApzoT1EVI80VhYSQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFHlnlAf6cbHoDsQWk8MLh44jYd5fMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvZVdlVUJfcHhzZWdPeEJhVHd3dUhqaU5oM2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQAuaWXMAwD
BADCfqUDBAPCfqADBALZdYQwDwQCAAIwCQMHACABBnwv0DANBgkqhkiG9w0BAQsF
AAOCAQEAXG1bQSz2c+m9LewAFrMNk/zgrmn1x6BN79u6QgIHp1fEQKnTU7sU79/v
3Sx/OfUvLiHBFnUQAi5veu6QHIxMR+Q5TgEMCI0zU4py7+j/lY7BTC3vfbWnAiyo
Tsus9cVZeQ80a/9av9xaMTonooXJLbmJ0G+8FUbcG6wzWPqteFFaw8/TjafgvE2Z
jX5sIODG/4ZmVfFT87lHY3KP8OVEhgkVEqpGQEe092Xjnv8VcuS8yl3mho2GEjyK
N52O8Jlji2O4RZ2YusZeuc6bjdy1kY0Yho3HhmgLqD+6ziLndv5j7NICZIpN533C
5u0bmeZtjzqgyIea5LaS67sY7HHUTg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:47 2023 by rpki-client on console-ams.rpki-client.org