Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/nA0pZ4GMxwEt5vqz5G674Kx5Y-I.roa
File: nA0pZ4GMxwEt5vqz5G674Kx5Y-I.roa (raw, json)
Hash identifier: P8c31TuZRozoxWFv23OrUXgkjsTquMT23vY1z6WmXJs=
Subject key identifier: 9C:0D:29:67:81:8C:C7:01:2D:E6:FA:B3:E4:6E:BB:E0:AC:79:63:E2
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 05348BEC
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/nA0pZ4GMxwEt5vqz5G674Kx5Y-I.roa
Signing time: Fri 13 May 2022 05:43:02 +0000
ROA not before: Fri 13 May 2022 05:43:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 85.239.148.0/24 maxlen: 24
85.239.149.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 87329772 (0x5348bec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: May 13 05:43:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c0d2967818cc7012de6fab3e46ebbe0ac7963e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b0:35:c6:8e:a4:0a:73:5a:24:f5:a0:ef:9b:
2e:a9:b4:89:51:3d:cb:9b:59:96:8f:b4:69:93:80:
46:60:e8:e9:d8:66:47:f0:e5:b8:60:0b:2f:54:5f:
a0:68:5b:a6:25:a9:ef:d7:3c:8d:8e:99:40:b5:3c:
70:83:a6:6f:7c:70:89:d8:fe:e6:e5:bb:fe:0c:21:
a7:ae:91:03:63:f0:06:32:d9:b6:d8:64:5e:0b:15:
65:10:6f:53:66:f0:0d:8e:e7:1f:e3:21:f5:29:82:
5a:70:0e:b5:cb:c0:42:83:23:67:84:19:50:e4:ce:
37:0a:6e:4e:bb:aa:e3:2c:b3:e1:0c:d0:e7:75:02:
02:47:19:ce:a2:61:a3:7f:ab:5d:c2:81:56:f5:0f:
14:72:57:eb:8c:ce:90:b6:c2:52:93:37:89:ed:7f:
05:1a:66:55:ea:cd:a9:03:dd:06:3f:89:dd:4b:17:
9b:e9:96:22:9c:5f:1b:ca:45:67:2b:22:e1:cc:e2:
94:92:f4:d3:ce:34:68:5e:30:ee:b7:20:b1:a0:eb:
7f:87:c3:54:a1:51:00:b5:b3:1e:a1:e9:8b:04:ac:
56:ae:3d:d1:99:69:97:9e:dd:05:56:6c:05:f5:c0:
ab:7a:5d:b0:68:9d:eb:e0:82:c8:b7:51:e5:fa:e1:
19:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:0D:29:67:81:8C:C7:01:2D:E6:FA:B3:E4:6E:BB:E0:AC:79:63:E2
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/nA0pZ4GMxwEt5vqz5G674Kx5Y-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.148.0/23
185.95.156.0/23
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
45:1a:3a:a5:30:ac:c6:1c:35:31:92:52:fd:a1:0c:e5:8f:76:
72:ae:37:22:e4:8f:a7:ac:0a:66:8e:e5:45:82:51:5a:4b:3b:
37:cb:61:6b:78:f2:fc:29:87:a7:f6:2e:f1:2e:7b:82:26:ba:
7f:a6:35:7a:9c:b9:11:13:aa:4e:95:4a:5f:b5:c1:6c:97:2e:
23:51:a8:f4:49:80:26:d9:14:cb:bb:7d:ce:2a:76:33:29:1d:
79:8a:27:ff:98:fa:cd:1e:29:e3:6c:df:ea:1b:b9:dd:a2:7e:
81:f1:37:d5:51:aa:f1:f2:79:21:b7:15:6c:39:d5:16:d4:73:
8c:84:71:92:65:8b:54:14:03:f0:bc:47:ce:13:17:ca:37:10:
23:e4:65:60:12:ac:1a:f0:79:f1:57:41:f7:b7:39:10:fa:f2:
bc:58:49:78:f6:56:4f:15:85:5e:15:35:5d:56:7b:58:e5:f0:
79:00:59:7e:32:7f:20:8c:d0:41:f4:12:22:c0:11:c7:2e:55:
30:4e:f1:a5:d6:45:e1:55:12:27:d1:c8:a6:dc:69:0f:60:06:
72:77:47:7a:ef:14:71:51:2d:66:50:dd:48:4e:0a:f7:2b:96:
10:09:1f:29:eb:34:7d:5c:7b:94:80:44:01:22:9a:aa:f4:c2:
ed:55:d6:23
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBTSL7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDUx
MzA1NDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWMwZDI5Njc4MThj
YzcwMTJkZTZmYWIzZTQ2ZWJiZTBhYzc5NjNlMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKewNcaOpApzWiT1oO+bLqm0iVE9y5tZlo+0aZOARmDo6dhm
R/DluGALL1RfoGhbpiWp79c8jY6ZQLU8cIOmb3xwidj+5uW7/gwhp66RA2PwBjLZ
tthkXgsVZRBvU2bwDY7nH+Mh9SmCWnAOtcvAQoMjZ4QZUOTONwpuTruq4yyz4QzQ
53UCAkcZzqJho3+rXcKBVvUPFHJX64zOkLbCUpM3ie1/BRpmVerNqQPdBj+J3UsX
m+mWIpxfG8pFZysi4czilJL00840aF4w7rcgsaDrf4fDVKFRALWzHqHpiwSsVq49
0Zlpl57dBVZsBfXAq3pdsGid6+CCyLdR5frhGdECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBScDSlngYzHAS3m+rPkbrvgrHlj4jAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
L25BMHBaNEdNeHdFdDV2cXo1RzY3NEt4NVktSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVXvlAMEAblfnAMEALlfnzANBgkq
hkiG9w0BAQsFAAOCAQEARRo6pTCsxhw1MZJS/aEM5Y92cq43IuSPp6wKZo7lRYJR
Wks7N8tha3jy/CmHp/Yu8S57gia6f6Y1epy5EROqTpVKX7XBbJcuI1Go9EmAJtkU
y7t9zip2MykdeYon/5j6zR4p42zf6hu53aJ+gfE31VGq8fJ5IbcVbDnVFtRzjIRx
kmWLVBQD8LxHzhMXyjcQI+RlYBKsGvB58VdB97c5EPryvFhJePZWTxWFXhU1XVZ7
WOXweQBZfjJ/IIzQQfQSIsARxy5VME7xpdZF4VUSJ9HIptxpD2AGcndHeu8UcVEt
ZlDdSE4K9yuWEAkfKes0fVx7lIBEASKaqvTC7VXWIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org