Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/jaN-bImUslxkGrw-fWMDNz_n3D4.roa
File: jaN-bImUslxkGrw-fWMDNz_n3D4.roa (raw, json)
Hash identifier: VB0Jp71ywMBlKlm5DfzQ32WhEFhGySs1m1QR1ZOxVWA=
Subject key identifier: 8D:A3:7E:6C:89:94:B2:5C:64:1A:BC:3E:7D:63:03:37:3F:E7:DC:3E
Certificate issuer: /CN=f83faec93d403f3713823fa39c7d27c62e921471
Certificate serial: 06BAA61A
Authority key identifier: F8:3F:AE:C9:3D:40:3F:37:13:82:3F:A3:9C:7D:27:C6:2E:92:14:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-D-uyT1APzcTgj-jnH0nxi6SFHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/jaN-bImUslxkGrw-fWMDNz_n3D4.roa
Signing time: Sat 01 Jan 2022 08:04:34 +0000
ROA not before: Sat 01 Jan 2022 08:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206712
IP address blocks: 185.174.168.0/24 maxlen: 24
185.174.170.0/24 maxlen: 24
185.174.169.0/24 maxlen: 24
2a0b:a902::/32 maxlen: 32
2a0b:a901::/32 maxlen: 32
2a0b:a900::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112895514 (0x6baa61a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f83faec93d403f3713823fa39c7d27c62e921471
Validity
Not Before: Jan 1 08:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8da37e6c8994b25c641abc3e7d6303373fe7dc3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ee:68:b6:d0:45:a5:7d:5f:07:b2:39:d2:b3:
a8:92:77:47:ef:f1:e3:22:2a:02:7f:6e:3f:c3:a0:
47:1e:cb:63:a0:2d:4c:b8:4c:e0:2e:b2:75:63:8b:
9d:9c:cc:81:18:a5:d7:ae:8b:6c:5c:d8:a4:ca:4f:
28:43:6a:8d:cb:75:2d:fc:8b:1d:c8:b6:5f:64:0f:
53:e6:43:7a:44:21:77:d5:3b:53:75:43:c5:f7:27:
01:08:cb:d8:80:ec:31:25:f4:af:4e:d8:59:fc:ad:
2d:fa:d2:ea:bf:bb:fc:01:ab:c8:42:25:0c:2b:8b:
5d:76:82:00:b0:fc:de:6c:55:57:5d:78:4e:0a:c4:
42:20:ff:b8:72:ba:6b:45:f6:e2:83:62:b9:07:32:
b0:d3:ec:d4:9c:0f:b7:fc:32:ef:95:ff:6f:32:d9:
b0:d3:8f:15:1f:f8:7e:c1:70:b1:8b:66:b6:72:91:
e2:6e:c8:0a:37:a2:49:e8:a9:98:78:d3:15:67:ee:
ec:13:d6:01:fe:4d:28:85:2c:5c:8d:35:bb:38:66:
12:56:49:e4:b5:e5:ea:d5:74:d0:ee:6c:b8:84:3b:
04:8c:35:cd:e5:c4:c4:f1:5b:94:cc:ab:db:50:25:
ac:93:73:c6:85:6b:13:ce:00:31:39:4b:27:54:70:
1a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:A3:7E:6C:89:94:B2:5C:64:1A:BC:3E:7D:63:03:37:3F:E7:DC:3E
X509v3 Authority Key Identifier:
keyid:F8:3F:AE:C9:3D:40:3F:37:13:82:3F:A3:9C:7D:27:C6:2E:92:14:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-D-uyT1APzcTgj-jnH0nxi6SFHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/jaN-bImUslxkGrw-fWMDNz_n3D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/970cf0-9298-4ff0-baf5-210ae0569a45/1/1-D-uyT1APzcTgj-jnH0nxi6SFHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.168.0-185.174.170.255
IPv6:
2a0b:a900::-2a0b:a902:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1a:52:5d:6c:2f:66:b5:14:db:94:5f:d8:90:63:fc:29:2d:12:
ac:36:39:8e:8c:a0:58:85:c8:81:fd:83:5f:64:07:cc:49:f0:
1d:e0:f6:8a:65:5b:34:1d:5c:97:ba:e8:d2:7b:a8:a6:37:9a:
23:03:cd:da:56:9a:d3:8a:b2:04:a9:79:c7:35:45:62:36:10:
f4:56:f0:fc:12:6f:31:55:35:65:44:03:cb:f1:33:09:07:00:
74:72:c8:93:9c:94:63:c0:87:32:a4:f7:cf:95:2c:d4:d7:45:
65:bc:ac:8b:ef:aa:a6:64:98:0a:e7:6c:45:40:99:4c:aa:2c:
e1:13:b7:17:fb:f4:6b:d6:db:b3:6c:b0:e0:83:7d:bb:ba:35:
3f:9c:b8:2e:26:6b:ea:42:16:08:b6:ec:46:07:35:af:69:c7:
b1:bc:b5:50:bf:e4:02:70:34:4c:9f:9e:69:88:94:ac:5c:d1:
39:ec:97:ad:6c:e4:df:ae:a1:91:55:ce:ee:08:e3:30:c0:63:
f2:d2:38:ff:f5:f9:1e:e4:5d:01:9e:03:5a:db:1b:8f:6c:01:
72:de:55:df:99:39:23:d7:cf:b0:f9:67:c5:6c:45:fb:86:8f:
d5:1d:c6:2c:ce:65:92:b0:5f:ad:c4:f9:47:6c:58:27:ce:02:
0b:ff:9f:16
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBrqmGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODNmYWVjOTNkNDAzZjM3MTM4MjNmYTM5YzdkMjdjNjJlOTIxNDcxMB4XDTIyMDEw
MTA4MDQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGRhMzdlNmM4OTk0
YjI1YzY0MWFiYzNlN2Q2MzAzMzczZmU3ZGMzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHuaLbQRaV9XweyOdKzqJJ3R+/x4yIqAn9uP8OgRx7LY6At
TLhM4C6ydWOLnZzMgRil166LbFzYpMpPKENqjct1LfyLHci2X2QPU+ZDekQhd9U7
U3VDxfcnAQjL2IDsMSX0r07YWfytLfrS6r+7/AGryEIlDCuLXXaCALD83mxVV114
TgrEQiD/uHK6a0X24oNiuQcysNPs1JwPt/wy75X/bzLZsNOPFR/4fsFwsYtmtnKR
4m7ICjeiSeipmHjTFWfu7BPWAf5NKIUsXI01uzhmElZJ5LXl6tV00O5suIQ7BIw1
zeXExPFblMyr21AlrJNzxoVrE84AMTlLJ1RwGnkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSNo35siZSyXGQavD59YwM3P+fcPjAfBgNVHSMEGDAWgBT4P67JPUA/NxOC
P6OcfSfGLpIUcTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtRC11eVQxQVB6Y1Rnai1qbkgwbnhpNlNGSEUuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2I5Lzk3MGNmMC05Mjk4LTRmZjAtYmFmNS0yMTBhZTA1NjlhNDUv
MS9qYU4tYkltVXNseGtHcnctZldNRE56X24zRDQucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2I5
Lzk3MGNmMC05Mjk4LTRmZjAtYmFmNS0yMTBhZTA1NjlhNDUvMS8xLUQtdXlUMUFQ
emNUZ2otam5IMG54aTZTRkhFLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MD4GCCsGAQUFBwEHAQH/BC8wLTAUBAIAATAOMAwDBAO5rqgDBAC5rqowFQQCAAIw
DzANAwQAKgupAwUAKgupAjANBgkqhkiG9w0BAQsFAAOCAQEAGlJdbC9mtRTblF/Y
kGP8KS0SrDY5joygWIXIgf2DX2QHzEnwHeD2imVbNB1cl7ro0nuopjeaIwPN2laa
04qyBKl5xzVFYjYQ9Fbw/BJvMVU1ZUQDy/EzCQcAdHLIk5yUY8CHMqT3z5Us1NdF
Zbysi++qpmSYCudsRUCZTKos4RO3F/v0a9bbs2yw4IN9u7o1P5y4LiZr6kIWCLbs
Rgc1r2nHsby1UL/kAnA0TJ+eaYiUrFzROeyXrWzk366hkVXO7gjjMMBj8tI4//X5
HuRdAZ4DWtsbj2wBct5V35k5I9fPsPlnxWxF+4aP1R3GLM5lkrBfrcT5R2xYJ84C
C/+fFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:19 2024 by rpki-client on console-fra.rpki-client.org