Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5c92d1-41e5-443e-a250-01baf78ec73f/1/Sy4uIX7aJFjp6zWguZtnPnFI-1k.roa
File: Sy4uIX7aJFjp6zWguZtnPnFI-1k.roa (raw, json)
Hash identifier: hN1ouxQcnDqC5grlGQ3XpoRfc5hdO+iDEB1nuQQmvOk=
Subject key identifier: 4B:2E:2E:21:7E:DA:24:58:E9:EB:35:A0:B9:9B:67:3E:71:48:FB:59
Certificate issuer: /CN=b6321eebf4f95be9f81f0f233f89f3602d2f0074
Certificate serial: 036997AA
Authority key identifier: B6:32:1E:EB:F4:F9:5B:E9:F8:1F:0F:23:3F:89:F3:60:2D:2F:00:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjIe6_T5W-n4Hw8jP4nzYC0vAHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5c92d1-41e5-443e-a250-01baf78ec73f/1/Sy4uIX7aJFjp6zWguZtnPnFI-1k.roa
Signing time: Sat 01 Jan 2022 15:05:15 +0000
ROA not before: Sat 01 Jan 2022 15:05:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30933
IP address blocks: 194.110.250.0/24 maxlen: 24
193.151.124.0/22 maxlen: 22
193.151.125.0/24 maxlen: 24
193.151.124.0/24 maxlen: 24
193.151.127.0/24 maxlen: 24
193.151.126.0/24 maxlen: 24
85.118.232.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57251754 (0x36997aa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6321eebf4f95be9f81f0f233f89f3602d2f0074
Validity
Not Before: Jan 1 15:05:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b2e2e217eda2458e9eb35a0b99b673e7148fb59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ee:ca:75:e1:04:d4:79:23:9e:d6:4a:cb:90:
f5:95:66:89:ed:39:df:ea:08:46:a8:75:33:bc:c6:
7b:da:29:14:c4:03:1a:0c:20:8e:93:94:f6:be:05:
3a:d0:c3:42:bd:fa:e2:4c:1f:7f:ae:f0:b8:f8:5e:
57:02:38:b6:0d:b2:b1:24:cf:68:fb:5c:30:24:e3:
ea:54:4b:aa:7c:16:79:5e:a7:c1:8b:c4:b5:b2:e8:
f7:dd:61:52:d5:c2:f6:cf:c8:6c:48:87:fc:41:bd:
98:2a:c9:04:7c:26:89:4a:9a:1b:1f:90:e2:3e:f8:
fe:8f:5d:8c:c8:77:20:eb:4b:0c:c4:30:03:5a:56:
c2:13:7e:c5:7d:7c:df:5a:ce:1d:8b:9f:ea:9f:e9:
b0:a5:b4:b6:70:2b:fe:d7:56:a1:f5:98:96:47:cc:
60:14:e5:a7:ca:f3:e6:81:72:5a:b3:a3:5c:1b:34:
50:4d:6b:1c:aa:4e:53:d2:7c:c2:06:4e:85:aa:27:
e8:91:ae:94:ec:a3:56:ff:35:ac:6c:44:b7:e6:26:
6b:be:68:65:50:d8:8a:24:29:86:30:ef:43:8f:42:
59:ef:1f:a0:7c:54:bc:28:ef:66:ba:92:21:3a:8e:
84:04:7f:70:83:c4:ed:e9:db:fc:e6:50:e3:55:91:
2a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2E:2E:21:7E:DA:24:58:E9:EB:35:A0:B9:9B:67:3E:71:48:FB:59
X509v3 Authority Key Identifier:
keyid:B6:32:1E:EB:F4:F9:5B:E9:F8:1F:0F:23:3F:89:F3:60:2D:2F:00:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjIe6_T5W-n4Hw8jP4nzYC0vAHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5c92d1-41e5-443e-a250-01baf78ec73f/1/Sy4uIX7aJFjp6zWguZtnPnFI-1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5c92d1-41e5-443e-a250-01baf78ec73f/1/tjIe6_T5W-n4Hw8jP4nzYC0vAHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.232.0/21
193.151.124.0/22
194.110.250.0/24
Signature Algorithm: sha256WithRSAEncryption
17:04:30:78:40:e7:dd:5a:95:dd:b8:23:f2:eb:36:27:66:fc:
6e:6c:39:ca:67:d0:d8:f6:05:f3:6c:30:e3:02:cb:e7:4c:93:
74:c3:13:7e:58:99:97:cc:85:b6:9f:6f:7a:f2:7d:c4:a2:3b:
8a:be:e4:32:7b:af:4a:8c:03:4d:83:7c:80:b3:6b:05:7a:93:
2a:ba:f3:63:b6:1f:f2:73:de:f7:75:19:5b:46:ae:18:54:75:
a5:ae:c7:0f:82:d5:30:73:c0:c7:1a:f5:e0:30:e3:a2:08:1a:
78:fd:c7:cf:df:6e:7c:6b:bd:d2:7e:48:07:e6:4b:17:b1:03:
d9:0c:c8:b0:4b:8d:be:62:92:62:a7:5e:12:c1:d8:9a:11:d2:
41:86:46:bc:23:86:51:08:e1:cc:d3:6c:58:b8:c2:54:3d:2b:
1c:e3:65:47:dc:e6:ab:0e:41:ad:d1:f7:7e:47:e8:19:ec:03:
91:6e:a0:00:97:ff:6e:84:2b:19:d0:6b:43:31:4b:34:28:bc:
2c:c9:2e:30:06:c7:09:4a:e8:e3:8c:ca:0a:80:cd:05:a3:65:
5d:6a:b1:df:d5:3e:13:7f:5a:b9:0d:5e:e1:56:a8:ef:31:0e:
0b:16:b9:23:53:c2:4a:fa:af:1b:63:e3:40:cf:fd:6a:dd:66:
69:a0:02:fb
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA2mXqjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjMyMWVlYmY0Zjk1YmU5ZjgxZjBmMjMzZjg5ZjM2MDJkMmYwMDc0MB4XDTIyMDEw
MTE1MDUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIyZTJlMjE3ZWRh
MjQ1OGU5ZWIzNWEwYjk5YjY3M2U3MTQ4ZmI1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOHuynXhBNR5I57WSsuQ9ZVmie053+oIRqh1M7zGe9opFMQD
GgwgjpOU9r4FOtDDQr364kwff67wuPheVwI4tg2ysSTPaPtcMCTj6lRLqnwWeV6n
wYvEtbLo991hUtXC9s/IbEiH/EG9mCrJBHwmiUqaGx+Q4j74/o9djMh3IOtLDMQw
A1pWwhN+xX1831rOHYuf6p/psKW0tnAr/tdWofWYlkfMYBTlp8rz5oFyWrOjXBs0
UE1rHKpOU9J8wgZOhaon6JGulOyjVv81rGxEt+Yma75oZVDYiiQphjDvQ49CWe8f
oHxUvCjvZrqSITqOhAR/cIPE7enb/OZQ41WRKvECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBRLLi4hftokWOnrNaC5m2c+cUj7WTAfBgNVHSMEGDAWgBS2Mh7r9Plb6fgf
DyM/ifNgLS8AdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RqSWU2X1Q1Vy1uNEh3OGpQNG56WUMwdkFIUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvNWM5MmQxLTQxZTUtNDQzZS1hMjUwLTAxYmFmNzhlYzczZi8x
L1N5NHVJWDdhSkZqcDZ6V2d1WnRuUG5GSS0xay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
NWM5MmQxLTQxZTUtNDQzZS1hMjUwLTAxYmFmNzhlYzczZi8xL3RqSWU2X1Q1Vy1u
NEh3OGpQNG56WUMwdkFIUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1V26AMEAsGXfAMEAMJu+jANBgkq
hkiG9w0BAQsFAAOCAQEAFwQweEDn3VqV3bgj8us2J2b8bmw5ymfQ2PYF82ww4wLL
50yTdMMTfliZl8yFtp9vevJ9xKI7ir7kMnuvSowDTYN8gLNrBXqTKrrzY7Yf8nPe
93UZW0auGFR1pa7HD4LVMHPAxxr14DDjoggaeP3Hz99ufGu90n5IB+ZLF7ED2QzI
sEuNvmKSYqdeEsHYmhHSQYZGvCOGUQjhzNNsWLjCVD0rHONlR9zmqw5BrdH3fkfo
GewDkW6gAJf/boQrGdBrQzFLNCi8LMkuMAbHCUro44zKCoDNBaNlXWqx39U+E39a
uQ1e4Vao7zEOCxa5I1PCSvqvG2PjQM/9at1maaAC+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org