Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/0sdj_aitTd5Pv9WDrbAOd_rJ8-w.roa
File: 0sdj_aitTd5Pv9WDrbAOd_rJ8-w.roa (raw, json)
Hash identifier: v2vKJ9f3mxFi+V4UpFEcxSWcU10OfywuJx4uhDvYBSQ=
Subject key identifier: D2:C7:63:FD:A8:AD:4D:DE:4F:BF:D5:83:AD:B0:0E:77:FA:C9:F3:EC
Certificate issuer: /CN=60bf373620146e6f298ae82d2c8a8371cacb7b1b
Certificate serial: 0D535629
Authority key identifier: 60:BF:37:36:20:14:6E:6F:29:8A:E8:2D:2C:8A:83:71:CA:CB:7B:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/0sdj_aitTd5Pv9WDrbAOd_rJ8-w.roa
Signing time: Sat 01 Jan 2022 14:58:41 +0000
ROA not before: Sat 01 Jan 2022 14:58:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48522
IP address blocks: 193.36.229.0/24 maxlen: 24
194.13.238.0/23 maxlen: 23
185.70.232.0/22 maxlen: 24
2a03:3620::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 223565353 (0xd535629)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60bf373620146e6f298ae82d2c8a8371cacb7b1b
Validity
Not Before: Jan 1 14:58:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2c763fda8ad4dde4fbfd583adb00e77fac9f3ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a6:02:6d:fa:85:98:79:cb:95:05:ba:54:f3:
61:d3:bb:ce:ec:0e:82:09:48:f6:42:fe:fe:c2:de:
0b:91:6d:f8:cc:da:a1:37:b2:14:c1:63:37:bd:6e:
6c:06:4c:c8:0e:13:9d:54:76:90:e1:16:a7:11:0a:
e4:3a:54:1d:10:e5:2a:0c:ac:46:e0:96:51:76:f9:
99:49:06:6b:0f:a3:20:94:93:11:f7:aa:64:6d:4b:
a6:46:32:ba:bf:71:25:24:82:87:97:3a:f8:61:40:
c4:e7:9d:39:e1:81:e7:e0:46:e9:12:f0:33:0e:aa:
87:5c:77:fe:a3:a9:80:1c:39:3f:32:59:64:39:fb:
3c:af:1f:9a:1b:80:39:04:a7:cc:a1:db:5f:0e:78:
1f:c3:21:65:c2:56:b1:01:a0:69:85:84:cf:6c:a5:
bd:14:51:3f:e6:5c:b7:cb:d0:de:f8:83:f5:15:74:
35:28:72:68:1e:25:ec:50:c1:fe:24:48:15:92:28:
30:d5:29:f7:c8:a1:ef:11:8d:fa:c9:91:c8:92:61:
bf:52:e4:87:1e:6f:1c:e8:8c:b9:67:c7:23:9e:e8:
bd:04:68:35:18:68:84:9e:a9:ab:2e:05:66:65:e9:
9b:72:93:0c:85:a3:67:7f:69:1f:af:71:37:c6:2c:
ee:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C7:63:FD:A8:AD:4D:DE:4F:BF:D5:83:AD:B0:0E:77:FA:C9:F3:EC
X509v3 Authority Key Identifier:
keyid:60:BF:37:36:20:14:6E:6F:29:8A:E8:2D:2C:8A:83:71:CA:CB:7B:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YL83NiAUbm8piugtLIqDccrLexs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/0sdj_aitTd5Pv9WDrbAOd_rJ8-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/decde3-277a-4956-bf92-f0a8123e70f9/1/YL83NiAUbm8piugtLIqDccrLexs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.232.0/22
193.36.229.0/24
194.13.238.0/23
IPv6:
2a03:3620::/32
Signature Algorithm: sha256WithRSAEncryption
8e:b3:4b:6a:e8:22:0a:16:cb:82:25:0d:2d:35:c0:b2:e5:13:
6d:b0:26:91:f5:fa:8f:36:b9:e4:48:6d:41:e3:16:f9:30:68:
a4:da:a2:95:3e:26:5a:03:e2:3f:cb:3b:9c:05:04:40:ec:c2:
40:18:7d:a3:85:e9:78:66:82:17:91:30:92:a2:77:6f:45:3e:
4d:dc:20:5a:c3:61:51:25:28:83:15:34:82:c3:df:81:8e:d1:
d6:03:22:f1:9b:ae:c0:4b:90:9e:96:5c:0e:e3:6d:dc:46:14:
4b:ba:54:03:93:4f:92:63:fb:a9:64:f2:4d:0d:73:c6:7c:4a:
6d:9b:bc:17:c7:b6:56:56:67:12:55:e3:3a:88:17:75:bf:ca:
bb:35:3d:16:51:4b:e0:fc:df:5d:cb:4b:1a:9f:d7:3d:d5:6e:
98:d1:0b:70:4c:b3:2d:3c:c0:7f:63:a9:64:75:4c:02:ef:03:
c1:bd:d4:c9:2a:50:24:9c:a6:01:29:88:cd:e7:88:07:e3:b8:
78:41:2f:97:a9:62:63:ce:ba:ae:1a:f2:82:a1:9f:a0:a8:01:
bc:46:59:39:37:1f:a6:01:5b:79:e7:96:2b:c2:09:69:31:38:
75:6c:3a:13:31:f9:e6:d1:75:8e:8b:c3:6b:95:45:6c:4b:82:
c6:ae:68:23
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEDVNWKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MGJmMzczNjIwMTQ2ZTZmMjk4YWU4MmQyYzhhODM3MWNhY2I3YjFiMB4XDTIyMDEw
MTE0NTg0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJjNzYzZmRhOGFk
NGRkZTRmYmZkNTgzYWRiMDBlNzdmYWM5ZjNlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOumAm36hZh5y5UFulTzYdO7zuwOgglI9kL+/sLeC5Ft+Mza
oTeyFMFjN71ubAZMyA4TnVR2kOEWpxEK5DpUHRDlKgysRuCWUXb5mUkGaw+jIJST
EfeqZG1LpkYyur9xJSSCh5c6+GFAxOedOeGB5+BG6RLwMw6qh1x3/qOpgBw5PzJZ
ZDn7PK8fmhuAOQSnzKHbXw54H8MhZcJWsQGgaYWEz2ylvRRRP+Zct8vQ3viD9RV0
NShyaB4l7FDB/iRIFZIoMNUp98ih7xGN+smRyJJhv1Lkhx5vHOiMuWfHI57ovQRo
NRhohJ6pqy4FZmXpm3KTDIWjZ39pH69xN8Ys7tkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTSx2P9qK1N3k+/1YOtsA53+snz7DAfBgNVHSMEGDAWgBRgvzc2IBRubymK
6C0sioNxyst7GzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lMODNOaUFVYm04cGl1Z3RMSXFEY2NyTGV4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWIvZGVjZGUzLTI3N2EtNDk1Ni1iZjkyLWYwYTgxMjNlNzBmOS8x
LzBzZGpfYWl0VGQ1UHY5V0RyYkFPZF9ySjgtdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIv
ZGVjZGUzLTI3N2EtNDk1Ni1iZjkyLWYwYTgxMjNlNzBmOS8xL1lMODNOaUFVYm04
cGl1Z3RMSXFEY2NyTGV4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArlG6AMEAMEk5QMEAcIN7jANBAIA
AjAHAwUAKgM2IDANBgkqhkiG9w0BAQsFAAOCAQEAjrNLaugiChbLgiUNLTXAsuUT
bbAmkfX6jza55EhtQeMW+TBopNqilT4mWgPiP8s7nAUEQOzCQBh9o4XpeGaCF5Ew
kqJ3b0U+TdwgWsNhUSUogxU0gsPfgY7R1gMi8ZuuwEuQnpZcDuNt3EYUS7pUA5NP
kmP7qWTyTQ1zxnxKbZu8F8e2VlZnElXjOogXdb/KuzU9FlFL4PzfXctLGp/XPdVu
mNELcEyzLTzAf2OpZHVMAu8Dwb3UySpQJJymASmIzeeIB+O4eEEvl6liY866rhry
gqGfoKgBvEZZOTcfpgFbeeeWK8IJaTE4dWw6EzH55tF1jovDa5VFbEuCxq5oIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:10 2024 by rpki-client on console-fra.rpki-client.org