Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/V0FnWbRfAuj3vkN5FknsktZHLXs.roa
File: V0FnWbRfAuj3vkN5FknsktZHLXs.roa (raw, json)
Hash identifier: wx+pFcLHk9yqHoJTcvwBxzpM6dVrLcK94hptCEGXG3Y=
Subject key identifier: 57:41:67:59:B4:5F:02:E8:F7:BE:43:79:16:49:EC:92:D6:47:2D:7B
Certificate issuer: /CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Certificate serial: B8328B
Authority key identifier: 39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/V0FnWbRfAuj3vkN5FknsktZHLXs.roa
Signing time: Sat 01 Jan 2022 13:00:51 +0000
ROA not before: Sat 01 Jan 2022 13:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210111
IP address blocks: 185.88.72.0/22 maxlen: 22
2a0d:b0c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12071563 (0xb8328b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39911375fcc4859612190ebecc7ae371a01a6a6d
Validity
Not Before: Jan 1 13:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=57416759b45f02e8f7be43791649ec92d6472d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:7f:cd:30:8c:4b:14:8a:92:57:7a:f9:59:56:
79:2c:56:39:0e:3c:b3:5b:4a:d9:6a:72:4f:fd:8c:
e9:8a:4f:c7:e7:3c:e6:a0:3d:39:1e:8d:17:84:7b:
9c:53:1c:83:e0:a7:34:94:f9:4d:f1:61:1e:aa:d4:
a9:80:13:a8:31:10:72:c3:80:c5:b7:86:86:8c:f5:
f1:b3:31:a6:d7:12:d7:ad:63:b8:4d:ef:1b:e8:2a:
9b:94:25:37:33:93:0e:20:d5:14:3a:49:f3:bb:d6:
21:f3:a5:56:60:8d:a6:6c:2e:3a:34:c0:6c:75:37:
82:90:74:76:59:53:c3:5c:74:50:58:d6:f5:50:8a:
39:5b:68:48:df:33:9a:90:26:18:3b:21:74:9e:60:
ab:f2:2e:85:73:84:a6:af:62:64:67:bc:9c:8b:c8:
be:d9:6a:ed:47:b7:c2:0f:92:41:8c:04:07:05:96:
d6:ea:6d:6f:27:28:b4:8a:2e:e9:5b:33:f7:3f:00:
84:d6:fd:46:6c:83:cd:13:73:03:9f:90:1d:37:cc:
bf:72:6a:ef:14:bc:78:cf:e8:d9:ba:93:b1:b7:c5:
ce:c7:fd:3f:f1:b5:38:e5:a4:17:84:08:f4:5a:0e:
c2:86:85:2e:d1:a8:68:a2:cc:c2:36:6a:55:35:d3:
91:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:41:67:59:B4:5F:02:E8:F7:BE:43:79:16:49:EC:92:D6:47:2D:7B
X509v3 Authority Key Identifier:
keyid:39:91:13:75:FC:C4:85:96:12:19:0E:BE:CC:7A:E3:71:A0:1A:6A:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OZETdfzEhZYSGQ6-zHrjcaAaam0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/V0FnWbRfAuj3vkN5FknsktZHLXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/61c0c5-5257-453c-8e74-933d92d0000c/1/OZETdfzEhZYSGQ6-zHrjcaAaam0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.72.0/22
IPv6:
2a0d:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:23:ba:6c:1b:1b:c9:d9:e5:64:26:c8:e4:10:e2:8a:7c:05:
d3:5a:f1:32:01:70:a9:a1:9a:86:eb:95:f8:f5:a6:1e:0a:e0:
08:d7:b1:89:86:4d:98:c6:dc:da:5b:a5:c5:e4:60:25:55:b1:
2c:5b:b1:08:6a:bd:ea:34:f0:f7:58:2c:12:99:48:d5:74:0c:
51:70:de:cc:da:b7:74:5a:26:46:c8:24:a3:2c:e7:23:f7:92:
3b:ba:c6:78:ec:a0:ca:30:89:97:f9:f3:20:07:6d:7c:79:78:
ce:05:b5:a2:80:cd:76:9c:85:40:cc:5d:44:9b:79:09:5c:1b:
07:85:f5:7f:6f:fc:de:c8:a6:ce:2a:89:04:14:84:5f:7e:f4:
ae:ae:4a:75:b9:a7:e4:8d:74:48:89:43:15:c0:09:36:b0:4e:
e5:d7:a8:1c:35:5c:24:5a:5a:b0:6c:0a:1a:31:82:d2:42:a3:
d5:75:0e:8f:fc:0d:a6:93:2d:fc:b5:59:f5:4f:28:1d:38:6d:
b9:6b:28:2e:40:6e:6d:8b:ee:7d:63:af:0b:88:ca:c0:3f:8e:
2f:ae:23:c5:bd:04:22:65:70:65:f3:66:38:dc:17:0d:e1:45:
bd:32:41:76:76:46:3d:46:89:80:5b:0b:f9:fc:3f:60:85:04:
d2:d4:ec:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEALgyizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTkxMTM3NWZjYzQ4NTk2MTIxOTBlYmVjYzdhZTM3MWEwMWE2YTZkMB4XDTIyMDEw
MTEzMDA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTc0MTY3NTliNDVm
MDJlOGY3YmU0Mzc5MTY0OWVjOTJkNjQ3MmQ3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMd/zTCMSxSKkld6+VlWeSxWOQ48s1tK2WpyT/2M6YpPx+c8
5qA9OR6NF4R7nFMcg+CnNJT5TfFhHqrUqYATqDEQcsOAxbeGhoz18bMxptcS161j
uE3vG+gqm5QlNzOTDiDVFDpJ87vWIfOlVmCNpmwuOjTAbHU3gpB0dllTw1x0UFjW
9VCKOVtoSN8zmpAmGDshdJ5gq/IuhXOEpq9iZGe8nIvIvtlq7Ue3wg+SQYwEBwWW
1uptbycotIou6Vsz9z8AhNb9RmyDzRNzA5+QHTfMv3Jq7xS8eM/o2bqTsbfFzsf9
P/G1OOWkF4QI9FoOwoaFLtGoaKLMwjZqVTXTkdsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRXQWdZtF8C6Pe+Q3kWSeyS1kctezAfBgNVHSMEGDAWgBQ5kRN1/MSFlhIZ
Dr7MeuNxoBpqbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09aRVRkZnpFaFpZU0dRNi16SHJqY2FBYWFtMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvNjFjMGM1LTUyNTctNDUzYy04ZTc0LTkzM2Q5MmQwMDAwYy8x
L1YwRm5XYlJmQXVqM3ZrTjVGa25za3RaSExYcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
NjFjMGM1LTUyNTctNDUzYy04ZTc0LTkzM2Q5MmQwMDAwYy8xL09aRVRkZnpFaFpZ
U0dRNi16SHJqY2FBYWFtMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlYSDANBAIAAjAHAwUDKg2wwDAN
BgkqhkiG9w0BAQsFAAOCAQEAPyO6bBsbydnlZCbI5BDiinwF01rxMgFwqaGahuuV
+PWmHgrgCNexiYZNmMbc2lulxeRgJVWxLFuxCGq96jTw91gsEplI1XQMUXDezNq3
dFomRsgkoyznI/eSO7rGeOygyjCJl/nzIAdtfHl4zgW1ooDNdpyFQMxdRJt5CVwb
B4X1f2/83simziqJBBSEX370rq5Kdbmn5I10SIlDFcAJNrBO5deoHDVcJFpasGwK
GjGC0kKj1XUOj/wNppMt/LVZ9U8oHThtuWsoLkBubYvufWOvC4jKwD+OL64jxb0E
ImVwZfNmONwXDeFFvTJBdnZGPUaJgFsL+fw/YIUE0tTsQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:55 2024 by rpki-client on console-ams.rpki-client.org