Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/s1SUD4RVfG3Bx36y5k9xHUalSpg.roa
File: s1SUD4RVfG3Bx36y5k9xHUalSpg.roa (raw, json)
Hash identifier: TQx2fbJnQRpb6G5Xvcq375CSxaO/9fW1iXMyzgaMTWU=
Subject key identifier: B3:54:94:0F:84:55:7C:6D:C1:C7:7E:B2:E6:4F:71:1D:46:A5:4A:98
Certificate issuer: /CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Certificate serial: 06AB761F
Authority key identifier: 75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/s1SUD4RVfG3Bx36y5k9xHUalSpg.roa
Signing time: Sat 01 Jan 2022 11:56:03 +0000
ROA not before: Sat 01 Jan 2022 11:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47927
IP address blocks: 46.28.120.0/21 maxlen: 21
159.255.140.0/22 maxlen: 22
159.255.152.0/22 maxlen: 22
185.63.40.0/22 maxlen: 22
188.95.72.0/21 maxlen: 21
94.126.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111900191 (0x6ab761f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75facb07f2ccb92eeba87854c94240e4f5ac8f52
Validity
Not Before: Jan 1 11:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b354940f84557c6dc1c77eb2e64f711d46a54a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8c:36:5f:c6:3f:5c:df:d0:9a:dd:cd:b2:5a:
e1:98:c4:d9:ae:0c:65:08:bb:17:b1:a9:89:d1:95:
3c:d8:49:79:7d:33:02:0b:63:cc:df:c6:12:aa:fc:
2e:5e:cd:80:24:02:10:46:bd:4f:c3:7e:df:7e:b3:
69:2f:f9:68:3d:53:49:b5:85:63:4f:ad:d7:74:97:
2a:a4:12:ed:e4:93:90:c4:3a:bc:cf:8a:16:89:ab:
e3:0c:d7:10:6e:6f:8d:a7:96:12:b7:76:09:0c:e8:
33:36:ca:cf:5a:a3:c1:4c:1c:cd:c3:9f:4b:24:a9:
34:bc:ba:0e:fe:d2:d9:a3:10:07:fa:d5:35:e8:38:
28:1a:19:3d:fc:93:0a:5c:c6:cf:80:d1:03:46:39:
ce:ae:b9:2c:4f:07:cb:24:fb:f8:cb:9c:82:2d:2a:
66:27:1a:10:1b:4a:2a:60:d2:70:76:f8:c1:3b:68:
3f:96:5d:dc:22:0e:1d:ed:3e:de:7b:ef:e9:99:4e:
97:e5:54:f8:20:b1:14:cc:91:0f:73:95:56:db:18:
20:69:cd:12:a0:64:a6:b3:b0:a1:b7:17:1e:ae:b9:
4b:a5:43:a8:a9:c8:93:5d:4a:d4:f1:5c:6b:e1:6f:
3b:16:16:ca:ff:17:5c:62:1f:69:bb:c8:df:a6:ce:
de:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:54:94:0F:84:55:7C:6D:C1:C7:7E:B2:E6:4F:71:1D:46:A5:4A:98
X509v3 Authority Key Identifier:
keyid:75:FA:CB:07:F2:CC:B9:2E:EB:A8:78:54:C9:42:40:E4:F5:AC:8F:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dfrLB_LMuS7rqHhUyUJA5PWsj1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/s1SUD4RVfG3Bx36y5k9xHUalSpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/900cbf-477b-46be-8f5d-c911483da78c/1/dfrLB_LMuS7rqHhUyUJA5PWsj1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.120.0/21
94.126.8.0/21
159.255.140.0/22
159.255.152.0/22
185.63.40.0/22
188.95.72.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:fb:49:1b:d7:b5:93:e7:22:4c:42:62:75:95:1e:b3:f2:f2:
82:17:c7:17:18:97:33:f9:b3:64:67:63:9c:d7:ec:75:45:85:
64:d3:f7:57:e4:ff:17:24:8f:63:c8:d9:44:92:10:12:b9:4a:
31:60:53:4c:1f:a0:36:d6:16:03:eb:0a:bd:35:04:93:e0:59:
39:4a:0e:54:fe:28:19:16:fe:f0:d4:25:e7:1b:b2:c4:e2:70:
4d:59:3b:b3:61:fb:a7:62:7e:7b:54:27:8f:b4:e4:a4:24:5d:
93:2b:23:08:28:1b:85:cd:46:df:a3:9f:19:e7:98:62:5b:8a:
43:7a:85:ed:d7:ef:8e:fe:f6:a9:8e:45:12:cc:2e:83:8e:ea:
1a:dc:7c:c3:5b:ad:35:9a:0d:d3:c6:f9:25:51:03:87:1a:15:
a0:6f:a0:c5:49:02:d4:ff:bb:cd:fc:55:26:f2:fa:34:69:58:
ae:27:3a:ab:74:2e:94:27:80:b1:27:b9:fc:7e:f7:b8:22:08:
79:2c:11:35:e5:8d:cf:f1:75:d4:16:a0:df:62:85:68:8f:f5:
c9:04:22:f5:26:c4:df:41:f8:65:d6:ac:5f:69:d1:43:59:da:
59:50:89:8a:8f:c2:be:6c:9d:39:23:0d:52:09:4e:c3:ea:4d:
4e:52:54:47
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEBqt2HzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NWZhY2IwN2YyY2NiOTJlZWJhODc4NTRjOTQyNDBlNGY1YWM4ZjUyMB4XDTIyMDEw
MTExNTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM1NDk0MGY4NDU1
N2M2ZGMxYzc3ZWIyZTY0ZjcxMWQ0NmE1NGE5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWMNl/GP1zf0JrdzbJa4ZjE2a4MZQi7F7GpidGVPNhJeX0z
AgtjzN/GEqr8Ll7NgCQCEEa9T8N+336zaS/5aD1TSbWFY0+t13SXKqQS7eSTkMQ6
vM+KFomr4wzXEG5vjaeWErd2CQzoMzbKz1qjwUwczcOfSySpNLy6Dv7S2aMQB/rV
Neg4KBoZPfyTClzGz4DRA0Y5zq65LE8HyyT7+Mucgi0qZicaEBtKKmDScHb4wTto
P5Zd3CIOHe0+3nvv6ZlOl+VU+CCxFMyRD3OVVtsYIGnNEqBkprOwobcXHq65S6VD
qKnIk11K1PFca+FvOxYWyv8XXGIfabvI36bO3tMCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSzVJQPhFV8bcHHfrLmT3EdRqVKmDAfBgNVHSMEGDAWgBR1+ssH8sy5Luuo
eFTJQkDk9ayPUjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RmckxCX0xNdVM3cnFIaFV5VUpBNVBXc2oxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvOTAwY2JmLTQ3N2ItNDZiZS04ZjVkLWM5MTE0ODNkYTc4Yy8x
L3MxU1VENFJWZkczQngzNnk1azl4SFVhbFNwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
OTAwY2JmLTQ3N2ItNDZiZS04ZjVkLWM5MTE0ODNkYTc4Yy8xL2RmckxCX0xNdVM3
cnFIaFV5VUpBNVBXc2oxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAy4ceAMEA15+CAMEAp//jAMEAp//
mAMEArk/KAMEA7xfSDANBgkqhkiG9w0BAQsFAAOCAQEAbvtJG9e1k+ciTEJidZUe
s/LyghfHFxiXM/mzZGdjnNfsdUWFZNP3V+T/FySPY8jZRJIQErlKMWBTTB+gNtYW
A+sKvTUEk+BZOUoOVP4oGRb+8NQl5xuyxOJwTVk7s2H7p2J+e1Qnj7TkpCRdkysj
CCgbhc1G36OfGeeYYluKQ3qF7dfvjv72qY5FEswug47qGtx8w1utNZoN08b5JVED
hxoVoG+gxUkC1P+7zfxVJvL6NGlYric6q3QulCeAsSe5/H73uCIIeSwRNeWNz/F1
1Bag32KFaI/1yQQi9SbE30H4ZdasX2nRQ1naWVCJio/CvmydOSMNUglOw+pNTlJU
Rw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:18 2024 by rpki-client on console-fra.rpki-client.org