Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/3ccaff-71f2-4982-b534-36e39fed7bed/1/cah2rHIaM-PJmt7SrASkxTfCun8.roa
File: cah2rHIaM-PJmt7SrASkxTfCun8.roa (raw, json)
Hash identifier: aYTNJ8vGxeexRWVg7xmFlsGNYNFBc+bxvWYcaif4Cus=
Subject key identifier: 71:A8:76:AC:72:1A:33:E3:C9:9A:DE:D2:AC:04:A4:C5:37:C2:BA:7F
Certificate issuer: /CN=eea475d08b6f8b78ed11b0ca4d136deb38bc991b
Certificate serial: 071C9C9B
Authority key identifier: EE:A4:75:D0:8B:6F:8B:78:ED:11:B0:CA:4D:13:6D:EB:38:BC:99:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qR10Itvi3jtEbDKTRNt6zi8mRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/3ccaff-71f2-4982-b534-36e39fed7bed/1/cah2rHIaM-PJmt7SrASkxTfCun8.roa
Signing time: Sat 01 Jan 2022 16:04:09 +0000
ROA not before: Sat 01 Jan 2022 16:04:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34308
IP address blocks: 84.246.248.0/21 maxlen: 24
185.63.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119315611 (0x71c9c9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea475d08b6f8b78ed11b0ca4d136deb38bc991b
Validity
Not Before: Jan 1 16:04:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71a876ac721a33e3c99aded2ac04a4c537c2ba7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:57:ac:55:a4:8f:60:ff:03:f7:ee:66:e4:8a:
9c:d2:0c:83:f1:dc:ee:93:81:b7:04:17:05:3a:3b:
dc:23:b2:46:47:15:0e:d2:ba:57:25:2e:9d:83:94:
3a:4e:f2:7a:48:ac:60:e8:b1:aa:1a:e7:29:9d:42:
3a:ab:b4:e2:b3:77:5a:1b:a6:0b:46:5c:e6:7c:21:
88:17:e0:8d:45:21:f1:9a:3a:fa:31:3d:13:be:72:
35:9f:26:cb:bd:0a:29:32:5c:1f:45:bf:b8:a0:db:
40:da:63:07:17:ed:0f:2f:9e:50:b5:da:fe:cb:ff:
fe:88:6c:a3:7c:5b:f3:a3:81:b2:2d:10:0f:85:95:
19:9d:63:b7:f3:c3:35:67:eb:b1:5c:5b:16:f1:8d:
4d:c8:69:d0:73:74:7d:0a:46:b8:4d:e6:95:6c:80:
7c:f8:03:04:ac:b8:47:69:57:89:c9:db:43:be:e6:
e7:66:23:d5:80:69:68:9d:6f:e3:42:9d:65:9b:6a:
00:35:1e:8f:4b:73:1d:28:97:25:a6:ae:e7:14:01:
bd:41:aa:dd:d8:c3:b1:cc:c1:ee:53:8e:92:6b:4a:
0f:3b:93:9d:49:0d:b5:da:4b:06:e1:92:a7:84:73:
87:0c:30:08:f1:97:94:81:08:1b:82:dc:6a:a3:84:
fa:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:A8:76:AC:72:1A:33:E3:C9:9A:DE:D2:AC:04:A4:C5:37:C2:BA:7F
X509v3 Authority Key Identifier:
keyid:EE:A4:75:D0:8B:6F:8B:78:ED:11:B0:CA:4D:13:6D:EB:38:BC:99:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qR10Itvi3jtEbDKTRNt6zi8mRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/3ccaff-71f2-4982-b534-36e39fed7bed/1/cah2rHIaM-PJmt7SrASkxTfCun8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/3ccaff-71f2-4982-b534-36e39fed7bed/1/7qR10Itvi3jtEbDKTRNt6zi8mRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.248.0/21
185.63.212.0/22
Signature Algorithm: sha256WithRSAEncryption
26:c9:d6:ab:21:53:33:3c:bc:9f:c7:3d:32:64:46:bf:4c:76:
e0:19:71:ed:84:bc:78:db:45:c5:34:90:06:27:d0:22:ef:2f:
f3:6e:40:69:57:af:e0:a0:77:bf:03:57:a6:0f:6f:20:b8:82:
9a:14:3f:de:7b:78:48:93:e0:c8:b8:ca:57:d8:86:63:60:6e:
a6:37:a9:13:73:e7:d5:59:4e:a7:cb:84:d1:51:6f:27:20:4e:
2b:df:45:fb:83:ad:83:1b:d4:2b:68:0b:60:43:f8:e7:f0:ae:
de:d9:32:8f:35:93:76:49:66:99:ba:8c:d3:af:ab:4a:4f:7f:
8d:43:a8:3b:e6:a9:76:fd:6b:8a:5b:e6:02:5a:7d:fd:2b:35:
3b:2a:c2:7d:e6:b7:4a:2c:8c:18:ce:f5:e4:74:5e:72:18:db:
a0:11:9f:e5:b3:59:02:12:54:fe:80:0d:04:9a:c6:96:06:0d:
6c:e8:19:11:a8:0b:be:b8:d8:e2:cd:30:c5:77:06:b9:04:f4:
09:7d:a6:a9:82:75:09:99:70:7b:e5:b8:d5:dc:de:25:80:73:
f9:41:ff:7e:9f:c0:bb:1b:07:e0:25:6e:e2:fc:12:95:53:1e:
2a:c7:2d:c1:00:da:40:c2:1f:5e:75:e7:47:f6:b3:d2:2c:d4:
17:dc:c6:4f
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBxycmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWE0NzVkMDhiNmY4Yjc4ZWQxMWIwY2E0ZDEzNmRlYjM4YmM5OTFiMB4XDTIyMDEw
MTE2MDQwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFhODc2YWM3MjFh
MzNlM2M5OWFkZWQyYWMwNGE0YzUzN2MyYmE3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1XrFWkj2D/A/fuZuSKnNIMg/Hc7pOBtwQXBTo73COyRkcV
DtK6VyUunYOUOk7yekisYOixqhrnKZ1COqu04rN3WhumC0Zc5nwhiBfgjUUh8Zo6
+jE9E75yNZ8my70KKTJcH0W/uKDbQNpjBxftDy+eULXa/sv//ohso3xb86OBsi0Q
D4WVGZ1jt/PDNWfrsVxbFvGNTchp0HN0fQpGuE3mlWyAfPgDBKy4R2lXicnbQ77m
52Yj1YBpaJ1v40KdZZtqADUej0tzHSiXJaau5xQBvUGq3djDsczB7lOOkmtKDzuT
nUkNtdpLBuGSp4RzhwwwCPGXlIEIG4LcaqOE+g8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRxqHaschoz48ma3tKsBKTFN8K6fzAfBgNVHSMEGDAWgBTupHXQi2+LeO0R
sMpNE23rOLyZGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdxUjEwSXR2aTNqdEViREtUUk50NnppOG1Scy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDgvM2NjYWZmLTcxZjItNDk4Mi1iNTM0LTM2ZTM5ZmVkN2JlZC8x
L2NhaDJySElhTS1QSm10N1NyQVNreFRmQ3VuOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDgv
M2NjYWZmLTcxZjItNDk4Mi1iNTM0LTM2ZTM5ZmVkN2JlZC8xLzdxUjEwSXR2aTNq
dEViREtUUk50NnppOG1Scy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA1T2+AMEArk/1DANBgkqhkiG9w0B
AQsFAAOCAQEAJsnWqyFTMzy8n8c9MmRGv0x24Blx7YS8eNtFxTSQBifQIu8v825A
aVev4KB3vwNXpg9vILiCmhQ/3nt4SJPgyLjKV9iGY2BupjepE3Pn1VlOp8uE0VFv
JyBOK99F+4OtgxvUK2gLYEP45/Cu3tkyjzWTdklmmbqM06+rSk9/jUOoO+apdv1r
ilvmAlp9/Ss1OyrCfea3SiyMGM715HRechjboBGf5bNZAhJU/oANBJrGlgYNbOgZ
EagLvrjY4s0wxXcGuQT0CX2mqYJ1CZlwe+W41dzeJYBz+UH/fp/AuxsH4CVu4vwS
lVMeKsctwQDaQMIfXnXnR/az0izUF9zGTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:38 2024 by rpki-client on console-ams.rpki-client.org