Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/IA2UDCgG9KjB44YyTOODbItQBNs.roa
File: IA2UDCgG9KjB44YyTOODbItQBNs.roa (raw, json)
Hash identifier: 4s0lfZcBQIw8bYDKED1APMmuAXukt4A+/yhdOR7uOqs=
Subject key identifier: 20:0D:94:0C:28:06:F4:A8:C1:E3:86:32:4C:E3:83:6C:8B:50:04:DB
Certificate issuer: /CN=a88ad546f1a0ef8cf75c92a748bd5c86362e209b
Certificate serial: 01143384
Authority key identifier: A8:8A:D5:46:F1:A0:EF:8C:F7:5C:92:A7:48:BD:5C:86:36:2E:20:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIrVRvGg74z3XJKnSL1chjYuIJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/IA2UDCgG9KjB44YyTOODbItQBNs.roa
Signing time: Sat 01 Jan 2022 02:00:33 +0000
ROA not before: Sat 01 Jan 2022 02:00:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50794
IP address blocks: 178.21.240.0/21 maxlen: 21
37.0.24.0/21 maxlen: 21
2a04:7e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18101124 (0x1143384)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a88ad546f1a0ef8cf75c92a748bd5c86362e209b
Validity
Not Before: Jan 1 02:00:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=200d940c2806f4a8c1e386324ce3836c8b5004db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f7:da:e6:93:e5:84:49:40:ce:3a:a8:de:7f:
17:f0:4d:be:f2:34:6d:f1:40:18:10:ac:f6:15:31:
76:95:d6:d6:2a:9f:c7:1c:81:1d:46:04:76:29:8a:
ba:59:09:99:88:6b:a6:c2:93:07:18:0a:3b:14:b4:
db:d8:28:0a:64:44:25:70:bd:b2:41:e0:0b:29:dc:
03:c1:c4:d1:56:9b:d0:9c:10:dd:bc:3f:7a:b0:ca:
e3:0b:84:db:8c:27:d3:f5:04:32:46:15:38:36:fa:
24:cd:61:cb:12:d7:6a:46:0c:f1:a7:63:f8:53:7d:
27:a5:1e:5c:ae:35:30:07:c6:b0:b3:a6:0d:e4:3e:
e9:3e:b0:99:f8:bb:54:f0:cf:40:ae:03:41:30:13:
2d:22:51:9f:c7:22:e2:28:ea:cf:aa:de:4a:2b:56:
dd:5b:a0:9d:ef:fd:e1:1f:46:3c:86:bb:88:b5:4e:
21:94:9b:1e:00:1e:f5:29:09:5a:ea:de:c5:f3:f2:
3f:9b:7c:5c:30:d4:18:bd:5b:ac:64:16:98:b7:36:
24:a6:9d:84:0b:51:bd:3f:fc:92:c7:97:f4:5b:1a:
82:e8:8e:cb:f4:d1:0c:12:e1:2e:36:f0:47:61:48:
bf:75:c9:7c:c5:63:71:da:e5:45:2b:a6:10:db:c4:
29:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0D:94:0C:28:06:F4:A8:C1:E3:86:32:4C:E3:83:6C:8B:50:04:DB
X509v3 Authority Key Identifier:
keyid:A8:8A:D5:46:F1:A0:EF:8C:F7:5C:92:A7:48:BD:5C:86:36:2E:20:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIrVRvGg74z3XJKnSL1chjYuIJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/IA2UDCgG9KjB44YyTOODbItQBNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/qIrVRvGg74z3XJKnSL1chjYuIJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.24.0/21
178.21.240.0/21
IPv6:
2a04:7e80::/29
Signature Algorithm: sha256WithRSAEncryption
5c:3d:fe:04:ff:7b:ea:1b:77:30:fa:aa:98:31:84:34:bb:40:
17:ff:1e:9b:54:60:d3:b5:16:48:70:1b:ff:9a:0d:48:61:d3:
20:00:98:43:1f:76:8d:ac:5b:4f:ee:a6:f1:96:59:ca:b7:e5:
d0:c4:af:ec:ac:b1:33:7d:75:75:7d:b4:1d:00:32:29:74:a7:
11:a6:f8:71:28:ea:ec:ba:40:8d:f4:2c:0b:9c:7f:56:5a:48:
1a:73:d2:fd:5c:eb:2b:1a:80:36:4a:8d:4f:08:7b:38:4a:4b:
ba:d7:a1:5c:0a:89:bd:11:90:62:b1:1f:d6:09:fd:72:ba:b5:
81:d0:b0:23:fd:3f:bb:f3:53:eb:2f:b5:0c:a7:6b:13:5f:16:
18:da:51:80:7d:fa:a8:05:61:f2:07:49:2c:d4:64:65:fb:76:
cc:67:4b:4a:0a:a8:31:ce:1e:58:ce:70:9c:5e:ae:68:2d:b6:
fd:4c:a1:c9:36:0e:a7:91:75:b9:1d:f3:03:72:17:ba:40:cd:
95:ac:28:08:9a:a2:73:01:26:cc:60:5f:20:1d:89:ad:50:b6:
40:57:d4:4d:a2:ac:df:6f:8e:92:f6:1d:18:fa:15:e6:af:84:
1d:63:40:d8:07:46:10:83:a2:f8:37:93:c8:fe:62:9d:f1:dd:
0f:a9:58:2d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEARQzhDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODhhZDU0NmYxYTBlZjhjZjc1YzkyYTc0OGJkNWM4NjM2MmUyMDliMB4XDTIyMDEw
MTAyMDAzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjAwZDk0MGMyODA2
ZjRhOGMxZTM4NjMyNGNlMzgzNmM4YjUwMDRkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMv32uaT5YRJQM46qN5/F/BNvvI0bfFAGBCs9hUxdpXW1iqf
xxyBHUYEdimKulkJmYhrpsKTBxgKOxS029goCmREJXC9skHgCyncA8HE0Vab0JwQ
3bw/erDK4wuE24wn0/UEMkYVODb6JM1hyxLXakYM8adj+FN9J6UeXK41MAfGsLOm
DeQ+6T6wmfi7VPDPQK4DQTATLSJRn8ci4ijqz6reSitW3Vugne/94R9GPIa7iLVO
IZSbHgAe9SkJWurexfPyP5t8XDDUGL1brGQWmLc2JKadhAtRvT/8kseX9FsaguiO
y/TRDBLhLjbwR2FIv3XJfMVjcdrlRSumENvEKZkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQgDZQMKAb0qMHjhjJM44Nsi1AE2zAfBgNVHSMEGDAWgBSoitVG8aDvjPdc
kqdIvVyGNi4gmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FJclZSdkdnNzR6M1hKS25TTDFjaGpZdUlKcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvNTAwYThjLTZhMmQtNDM0Yi05NmYxLTE4ZWI3NzlhNjQ5Ny8x
L0lBMlVEQ2dHOUtqQjQ0WXlUT09EYkl0UUJOcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
NTAwYThjLTZhMmQtNDM0Yi05NmYxLTE4ZWI3NzlhNjQ5Ny8xL3FJclZSdkdnNzR6
M1hKS25TTDFjaGpZdUlKcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAyUAGAMEA7IV8DANBAIAAjAHAwUD
KgR+gDANBgkqhkiG9w0BAQsFAAOCAQEAXD3+BP976ht3MPqqmDGENLtAF/8em1Rg
07UWSHAb/5oNSGHTIACYQx92jaxbT+6m8ZZZyrfl0MSv7KyxM311dX20HQAyKXSn
Eab4cSjq7LpAjfQsC5x/VlpIGnPS/VzrKxqANkqNTwh7OEpLutehXAqJvRGQYrEf
1gn9crq1gdCwI/0/u/NT6y+1DKdrE18WGNpRgH36qAVh8gdJLNRkZft2zGdLSgqo
Mc4eWM5wnF6uaC22/UyhyTYOp5F1uR3zA3IXukDNlawoCJqicwEmzGBfIB2JrVC2
QFfUTaKs32+OkvYdGPoV5q+EHWNA2AdGEIOi+DeTyP5infHdD6lYLQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:20 2024 by rpki-client on console-ams.rpki-client.org