Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/JkOmBml3OoAJlVEA9jOxMjh5s38.roa
File: JkOmBml3OoAJlVEA9jOxMjh5s38.roa (raw, json)
Hash identifier: rwnitQ6d9/uFjItn+io8W1ibk+QfNnvQPrSHFF8iTxs=
Subject key identifier: 26:43:A6:06:69:77:3A:80:09:95:51:00:F6:33:B1:32:38:79:B3:7F
Certificate issuer: /CN=a1b4dd83fc5ecd210f4f684fb6bf40fb3160db21
Certificate serial: 04967BA0
Authority key identifier: A1:B4:DD:83:FC:5E:CD:21:0F:4F:68:4F:B6:BF:40:FB:31:60:DB:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/obTdg_xezSEPT2hPtr9A-zFg2yE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/JkOmBml3OoAJlVEA9jOxMjh5s38.roa
Signing time: Sat 01 Jan 2022 14:02:31 +0000
ROA not before: Sat 01 Jan 2022 14:02:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198545
IP address blocks: 185.57.220.0/22 maxlen: 22
2a02:5fa0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76970912 (0x4967ba0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a1b4dd83fc5ecd210f4f684fb6bf40fb3160db21
Validity
Not Before: Jan 1 14:02:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2643a60669773a8009955100f633b1323879b37f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b2:8f:40:ed:6e:c1:7c:09:31:2c:68:a1:ac:
86:28:2d:e6:30:60:db:c0:0a:e3:11:ad:68:00:1b:
77:ba:45:ea:08:19:17:40:6d:a4:3f:3b:fd:6c:4a:
f0:69:ce:22:e2:f2:0a:93:73:b3:89:c5:e4:2c:a0:
d5:05:d9:43:19:18:20:8a:bc:09:c1:1a:4d:50:d7:
31:c1:c0:e1:2e:21:ba:f2:f3:06:5e:cc:2b:89:88:
f3:e0:ab:17:ac:72:98:15:9b:02:d9:e8:29:6d:b5:
e8:91:42:b0:09:a5:c5:63:86:b2:4e:5a:43:18:1a:
ad:41:f7:e7:bc:17:3a:d5:fb:a1:9a:22:9f:61:00:
6f:29:8c:55:3a:9b:6d:b8:57:7b:10:e5:f3:d8:f2:
10:e8:ce:9c:d1:ba:e6:4a:81:fc:cf:59:c3:43:f6:
56:6e:ac:6f:ce:95:f2:c2:0b:a9:54:44:3b:1a:ec:
44:4a:51:81:1d:aa:a1:12:ad:ce:93:37:49:81:97:
05:ea:44:d5:04:5a:40:cb:4a:27:1e:87:51:5b:d3:
a0:53:15:35:06:d0:39:6b:e7:e7:95:3f:18:16:53:
0d:bc:55:a4:bb:89:d1:08:67:6c:8a:3e:b3:57:46:
4c:17:86:b5:e0:f5:60:4d:0f:7f:cd:06:67:36:7d:
96:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:43:A6:06:69:77:3A:80:09:95:51:00:F6:33:B1:32:38:79:B3:7F
X509v3 Authority Key Identifier:
keyid:A1:B4:DD:83:FC:5E:CD:21:0F:4F:68:4F:B6:BF:40:FB:31:60:DB:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/obTdg_xezSEPT2hPtr9A-zFg2yE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/JkOmBml3OoAJlVEA9jOxMjh5s38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/146f8a-e068-48ca-a388-fb186b94334f/1/obTdg_xezSEPT2hPtr9A-zFg2yE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.220.0/22
IPv6:
2a02:5fa0::/32
Signature Algorithm: sha256WithRSAEncryption
8e:19:e3:4a:bd:0a:d1:61:46:bf:2c:ce:1a:b8:ee:6b:30:6a:
eb:c4:a8:09:85:12:1d:23:b9:99:6a:ee:b9:bd:d9:63:be:a9:
c8:dd:0a:45:64:10:3c:11:29:de:69:6c:41:41:a9:80:28:ba:
07:75:06:ec:a0:73:31:a5:1b:e4:a7:c4:00:bf:71:1e:48:a5:
57:e6:f4:33:91:8f:03:cb:af:9d:22:4c:ae:99:df:f7:69:a1:
db:7d:22:3e:d7:65:97:5c:30:60:e9:73:06:1f:0b:a2:b9:06:
87:e6:98:d6:1c:eb:24:6a:1f:50:ca:4e:d9:fc:14:d9:c5:c9:
27:b2:27:d3:48:a2:6f:ac:80:f9:f9:ca:fd:91:81:0a:d2:80:
fb:d2:78:55:94:ef:89:d5:cc:4f:12:1d:8e:a4:39:14:43:65:
d3:af:ee:5d:1d:a8:0d:e3:a6:93:8e:87:bf:a7:58:61:e4:81:
2f:ec:ce:20:53:f5:d6:46:a0:75:41:64:73:05:8e:7f:98:fe:
49:9e:2f:09:be:e5:a1:55:93:86:60:ab:ad:90:92:5a:cd:90:
fe:4f:44:90:22:22:46:f1:6f:ff:c8:a6:06:46:ef:7d:f5:d5:
48:50:8e:51:41:a6:c8:f6:20:42:0b:00:d7:c4:22:5f:04:fb:
cc:93:3c:b6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBJZ7oDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MWI0ZGQ4M2ZjNWVjZDIxMGY0ZjY4NGZiNmJmNDBmYjMxNjBkYjIxMB4XDTIyMDEw
MTE0MDIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjY0M2E2MDY2OTc3
M2E4MDA5OTU1MTAwZjYzM2IxMzIzODc5YjM3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWyj0DtbsF8CTEsaKGshigt5jBg28AK4xGtaAAbd7pF6ggZ
F0BtpD87/WxK8GnOIuLyCpNzs4nF5Cyg1QXZQxkYIIq8CcEaTVDXMcHA4S4huvLz
Bl7MK4mI8+CrF6xymBWbAtnoKW216JFCsAmlxWOGsk5aQxgarUH357wXOtX7oZoi
n2EAbymMVTqbbbhXexDl89jyEOjOnNG65kqB/M9Zw0P2Vm6sb86V8sILqVREOxrs
REpRgR2qoRKtzpM3SYGXBepE1QRaQMtKJx6HUVvToFMVNQbQOWvn55U/GBZTDbxV
pLuJ0QhnbIo+s1dGTBeGteD1YE0Pf80GZzZ9losCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQmQ6YGaXc6gAmVUQD2M7EyOHmzfzAfBgNVHSMEGDAWgBShtN2D/F7NIQ9P
aE+2v0D7MWDbITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29iVGRnX3hlelNFUFQyaFB0cjlBLXpGZzJ5RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvMTQ2ZjhhLWUwNjgtNDhjYS1hMzg4LWZiMTg2Yjk0MzM0Zi8x
L0prT21CbWwzT29BSmxWRUE5ak94TWpoNXMzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
MTQ2ZjhhLWUwNjgtNDhjYS1hMzg4LWZiMTg2Yjk0MzM0Zi8xL29iVGRnX3hlelNF
UFQyaFB0cjlBLXpGZzJ5RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk53DANBAIAAjAHAwUAKgJfoDAN
BgkqhkiG9w0BAQsFAAOCAQEAjhnjSr0K0WFGvyzOGrjuazBq68SoCYUSHSO5mWru
ub3ZY76pyN0KRWQQPBEp3mlsQUGpgCi6B3UG7KBzMaUb5KfEAL9xHkilV+b0M5GP
A8uvnSJMrpnf92mh230iPtdll1wwYOlzBh8LorkGh+aY1hzrJGofUMpO2fwU2cXJ
J7In00iib6yA+fnK/ZGBCtKA+9J4VZTvidXMTxIdjqQ5FENl06/uXR2oDeOmk46H
v6dYYeSBL+zOIFP11kagdUFkcwWOf5j+SZ4vCb7loVWThmCrrZCSWs2Q/k9EkCIi
RvFv/8imBkbvffXVSFCOUUGmyPYgQgsA18QiXwT7zJM8tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:54 2024 by rpki-client on console-fra.rpki-client.org