Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/7ddJXYlO9A_LcJogl6mI3PTESpI.roa
File: 7ddJXYlO9A_LcJogl6mI3PTESpI.roa (raw, json)
Hash identifier: LzL/zl5g4AzR2AIdhNFkRlXXRv1VhzO2v2CjVq2LEU4=
Subject key identifier: ED:D7:49:5D:89:4E:F4:0F:CB:70:9A:20:97:A9:88:DC:F4:C4:4A:92
Certificate issuer: /CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Certificate serial: 0A39CC11
Authority key identifier: C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/7ddJXYlO9A_LcJogl6mI3PTESpI.roa
Signing time: Sat 01 Jan 2022 08:56:46 +0000
ROA not before: Sat 01 Jan 2022 08:56:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200486
IP address blocks: 194.5.100.0/22 maxlen: 24
185.156.204.0/22 maxlen: 24
2a07:a106::/32 maxlen: 32
2a07:a105::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171559953 (0xa39cc11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Validity
Not Before: Jan 1 08:56:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=edd7495d894ef40fcb709a2097a988dcf4c44a92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7a:63:7d:3f:6a:28:e6:bd:f9:d3:83:ae:1e:
65:24:c6:96:38:ea:e1:ed:52:a2:5e:16:ee:37:bf:
15:7b:62:e3:24:23:2d:01:4c:a1:19:45:a4:77:4a:
bd:8e:e6:7d:3b:fe:2e:df:57:be:d7:34:6d:77:92:
ba:0b:fe:1c:30:ce:07:7a:1d:ff:57:05:41:18:16:
79:df:4b:84:b6:b9:c2:62:dd:e5:10:c7:9a:56:ba:
73:12:36:71:4b:9f:59:65:6d:23:a7:05:58:1d:ed:
0e:22:3b:37:55:9c:ca:90:73:d0:5b:dc:4e:3e:70:
46:ab:e9:a9:79:3a:71:cf:94:8a:e6:be:26:59:1c:
22:a1:91:9a:4a:46:12:7d:15:e8:1c:68:4b:02:a8:
0f:a3:62:b7:63:ab:4f:a0:ad:54:5e:6a:c3:3e:ff:
3b:72:56:72:65:2b:37:89:8d:33:2d:fc:ba:7a:b4:
28:f8:94:d0:37:8f:c1:b7:4e:cc:f3:51:1a:c6:91:
7a:df:fc:7b:15:47:ce:a8:ea:03:5b:47:5d:ae:69:
40:97:12:dc:40:f4:57:c3:20:57:80:45:3b:bc:05:
ae:70:cb:92:03:a4:4a:f7:48:12:24:b7:00:f9:2b:
aa:cd:d4:6d:7f:3d:5d:25:ed:95:64:b9:3b:42:81:
36:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:D7:49:5D:89:4E:F4:0F:CB:70:9A:20:97:A9:88:DC:F4:C4:4A:92
X509v3 Authority Key Identifier:
keyid:C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/7ddJXYlO9A_LcJogl6mI3PTESpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/yPJYziA-BKM_TpBlEVOyWc_6Pog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.204.0/22
194.5.100.0/22
IPv6:
2a07:a105::-2a07:a106:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
c0:3d:62:6a:38:a6:c8:64:3a:b0:b7:30:8b:c6:1d:25:07:1c:
e9:8d:0b:fe:fc:82:f9:5e:97:00:44:d9:71:6d:d0:de:91:4e:
7f:fd:20:96:f9:60:df:8c:cf:f4:3e:1e:0b:63:03:99:88:76:
33:6b:e8:be:f1:a4:0c:3c:b7:f8:a7:a6:87:b1:fa:6b:8b:7c:
66:27:16:ad:92:de:83:5a:d5:88:13:f0:96:76:1f:29:6e:27:
a5:73:93:e4:5d:28:fe:c2:62:b3:23:86:50:ab:22:e7:d7:ec:
e6:40:9b:df:38:2b:68:d6:4f:81:ca:f6:f3:4a:df:14:77:37:
8a:57:29:41:b3:9a:5e:b4:b3:57:06:13:5e:5d:2b:c6:a4:6e:
31:ef:e5:91:d4:f9:61:4b:6d:d3:f4:fc:83:81:69:e7:9c:6b:
f6:4e:5d:c9:e2:4e:d1:b2:98:51:e4:1e:a0:30:c4:a1:01:a8:
40:7e:36:ee:04:8a:a3:05:a5:cc:57:53:0e:a6:04:5d:f1:a5:
14:00:67:73:18:ab:d5:28:80:e3:55:4a:a1:fb:e3:af:a6:63:
f5:8b:ea:bd:fa:2f:2e:7b:2c:b6:c4:13:a4:c7:b3:76:7b:86:
a9:68:de:5f:d3:52:68:64:21:ef:b8:74:2b:15:f4:3b:c5:88:
f0:ca:29:b2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECjnMETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGYyNThjZTIwM2UwNGEzM2Y0ZTkwNjUxMTUzYjI1OWNmZmEzZTg4MB4XDTIyMDEw
MTA4NTY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWRkNzQ5NWQ4OTRl
ZjQwZmNiNzA5YTIwOTdhOTg4ZGNmNGM0NGE5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKp6Y30/aijmvfnTg64eZSTGljjq4e1Sol4W7je/FXti4yQj
LQFMoRlFpHdKvY7mfTv+Lt9Xvtc0bXeSugv+HDDOB3od/1cFQRgWed9LhLa5wmLd
5RDHmla6cxI2cUufWWVtI6cFWB3tDiI7N1WcypBz0FvcTj5wRqvpqXk6cc+Uiua+
JlkcIqGRmkpGEn0V6BxoSwKoD6Nit2OrT6CtVF5qwz7/O3JWcmUrN4mNMy38unq0
KPiU0DePwbdOzPNRGsaRet/8exVHzqjqA1tHXa5pQJcS3ED0V8MgV4BFO7wFrnDL
kgOkSvdIEiS3APkrqs3UbX89XSXtlWS5O0KBNrkCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBTt10ldiU70D8twmiCXqYjc9MRKkjAfBgNVHSMEGDAWgBTI8ljOID4Eoz9O
kGURU7JZz/o+iDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lQSll6aUEtQktNX1RwQmxFVk95V2NfNlBvZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMWYzYzRkLTU5ZTQtNDkzNy1iYzE0LTZjODhiZmE3YjU1Yy8x
LzdkZEpYWWxPOUFfTGNKb2dsNm1JM1BURVNwSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MWYzYzRkLTU5ZTQtNDkzNy1iYzE0LTZjODhiZmE3YjU1Yy8xL3lQSll6aUEtQktN
X1RwQmxFVk95V2NfNlBvZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEArmczAMEAsIFZDAWBAIAAjAQMA4D
BQAqB6EFAwUAKgehBjANBgkqhkiG9w0BAQsFAAOCAQEAwD1iajimyGQ6sLcwi8Yd
JQcc6Y0L/vyC+V6XAETZcW3Q3pFOf/0glvlg34zP9D4eC2MDmYh2M2vovvGkDDy3
+Kemh7H6a4t8ZicWrZLeg1rViBPwlnYfKW4npXOT5F0o/sJisyOGUKsi59fs5kCb
3zgraNZPgcr280rfFHc3ilcpQbOaXrSzVwYTXl0rxqRuMe/lkdT5YUtt0/T8g4Fp
55xr9k5dyeJO0bKYUeQeoDDEoQGoQH427gSKowWlzFdTDqYEXfGlFABncxir1SiA
41VKofvjr6Zj9YvqvfovLnsstsQTpMezdnuGqWjeX9NSaGQh77h0KxX0O8WI8Mop
sg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:14 2024 by rpki-client on console-fra.rpki-client.org