Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/aGz04H8Vfm09eS0hwHOlpvG36DQ.roa
File: aGz04H8Vfm09eS0hwHOlpvG36DQ.roa (raw, json)
Hash identifier: TlTrHcf/QhmU9HbMVmFPKibonFj9XfYXJNEVsXcSPqk=
Subject key identifier: 68:6C:F4:E0:7F:15:7E:6D:3D:79:2D:21:C0:73:A5:A6:F1:B7:E8:34
Certificate issuer: /CN=448ca39537597cfae60ae0421db8e098b4e26130
Certificate serial: 112F9EF0
Authority key identifier: 44:8C:A3:95:37:59:7C:FA:E6:0A:E0:42:1D:B8:E0:98:B4:E2:61:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/aGz04H8Vfm09eS0hwHOlpvG36DQ.roa
Signing time: Sat 01 Jan 2022 02:59:52 +0000
ROA not before: Sat 01 Jan 2022 02:59:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51758
IP address blocks: 95.215.184.0/21 maxlen: 24
185.206.232.0/22 maxlen: 24
2a00:51c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 288333552 (0x112f9ef0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=448ca39537597cfae60ae0421db8e098b4e26130
Validity
Not Before: Jan 1 02:59:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=686cf4e07f157e6d3d792d21c073a5a6f1b7e834
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:f5:82:c0:02:88:fa:13:41:85:50:65:81:cf:
de:ae:35:32:d4:7e:0b:77:85:63:5b:aa:6b:d1:3f:
e2:e8:46:73:18:b0:d1:d6:62:b0:00:1e:85:89:b5:
10:bf:2f:11:c1:40:70:53:07:17:04:90:14:bd:cc:
97:74:7d:f6:32:21:06:26:50:7c:88:7a:ed:fe:60:
d8:11:58:f5:35:84:f2:19:0e:53:9a:fc:dc:be:cd:
50:3d:ab:27:d9:49:7e:30:61:0e:9e:48:ed:33:22:
c1:3e:37:f8:b0:b0:ed:41:5c:4c:9c:d0:a9:3b:26:
2a:c4:5c:ea:bf:b7:4f:46:0f:58:0c:03:73:9b:e4:
64:08:48:b6:f2:a8:f1:2b:2f:e0:b6:bd:9f:06:a9:
38:f1:f0:43:bc:92:bd:10:c4:f8:82:0e:45:87:54:
91:28:f5:b4:27:2b:c9:3a:11:bc:d9:d3:85:e3:ed:
a8:09:b6:ea:13:4a:23:09:ba:c2:2e:ed:d7:6b:85:
be:18:fa:62:ed:fa:f1:2f:40:64:8f:4a:9c:95:bb:
75:ff:cd:09:bd:65:46:95:69:ab:43:ef:51:d9:33:
9a:8c:17:00:64:b2:60:43:c8:54:06:c5:9c:70:8b:
8e:38:8f:6d:0a:db:e4:91:71:a2:fe:7c:77:5f:37:
57:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:6C:F4:E0:7F:15:7E:6D:3D:79:2D:21:C0:73:A5:A6:F1:B7:E8:34
X509v3 Authority Key Identifier:
keyid:44:8C:A3:95:37:59:7C:FA:E6:0A:E0:42:1D:B8:E0:98:B4:E2:61:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/aGz04H8Vfm09eS0hwHOlpvG36DQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/RIyjlTdZfPrmCuBCHbjgmLTiYTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.184.0/21
185.206.232.0/22
IPv6:
2a00:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
a0:de:1f:cf:c2:46:10:4e:47:2f:d5:6a:77:c7:6a:d9:ea:7a:
60:65:2d:fe:7d:a1:e1:4e:89:db:e0:42:f1:bf:28:7d:b8:13:
d7:a2:30:5e:19:e7:eb:a6:4a:bf:5f:50:ad:97:08:4b:8b:cb:
43:18:b3:17:63:c2:ab:b8:b2:18:84:ec:68:5b:92:63:95:f1:
55:9e:71:98:ce:cd:71:13:60:2c:42:e0:19:fd:19:48:89:0a:
fc:2c:82:bd:60:27:10:01:1a:6e:28:54:54:f0:19:68:05:b5:
da:b3:93:03:c6:4d:05:0d:33:75:dc:61:d3:6b:19:57:41:4d:
b5:b6:56:7c:53:34:5f:6b:bc:9c:f2:f2:bf:76:3c:87:72:67:
40:e0:2a:67:12:48:3e:37:92:1d:bf:10:8d:dd:55:8d:dd:82:
72:e5:ee:24:85:a0:07:a3:39:6e:27:c8:06:d5:ef:26:b2:f5:
62:3b:c1:d8:e7:ba:56:df:7c:61:a4:4b:06:24:34:e3:fc:b9:
0d:09:41:f3:0b:94:a7:cc:da:de:9e:0b:b7:64:97:c8:76:0e:
ea:39:a8:7f:da:3d:79:65:2b:4b:82:64:f0:06:60:84:7f:a9:
40:61:b7:54:6e:28:9a:60:c6:fc:1e:a8:21:58:5f:98:59:6b:
85:42:a5:23
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEES+e8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDhjYTM5NTM3NTk3Y2ZhZTYwYWUwNDIxZGI4ZTA5OGI0ZTI2MTMwMB4XDTIyMDEw
MTAyNTk1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjg2Y2Y0ZTA3ZjE1
N2U2ZDNkNzkyZDIxYzA3M2E1YTZmMWI3ZTgzNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMf1gsACiPoTQYVQZYHP3q41MtR+C3eFY1uqa9E/4uhGcxiw
0dZisAAehYm1EL8vEcFAcFMHFwSQFL3Ml3R99jIhBiZQfIh67f5g2BFY9TWE8hkO
U5r83L7NUD2rJ9lJfjBhDp5I7TMiwT43+LCw7UFcTJzQqTsmKsRc6r+3T0YPWAwD
c5vkZAhItvKo8Ssv4La9nwapOPHwQ7ySvRDE+IIORYdUkSj1tCcryToRvNnThePt
qAm26hNKIwm6wi7t12uFvhj6Yu368S9AZI9KnJW7df/NCb1lRpVpq0PvUdkzmowX
AGSyYEPIVAbFnHCLjjiPbQrb5JFxov58d183V4MCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRobPTgfxV+bT15LSHAc6Wm8bfoNDAfBgNVHSMEGDAWgBREjKOVN1l8+uYK
4EIduOCYtOJhMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JJeWpsVGRaZlBybUN1QkNIYmpnbUxUaVlUQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZGIwNTE5LTRlNWEtNGI3NS04OGZkLWJiYzIzOWU4OTdlYi8x
L2FHejA0SDhWZm0wOWVTMGh3SE9scHZHMzZEUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZGIwNTE5LTRlNWEtNGI3NS04OGZkLWJiYzIzOWU4OTdlYi8xL1JJeWpsVGRaZlBy
bUN1QkNIYmpnbUxUaVlUQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA1/XuAMEArnO6DANBAIAAjAHAwUA
KgBRwDANBgkqhkiG9w0BAQsFAAOCAQEAoN4fz8JGEE5HL9Vqd8dq2ep6YGUt/n2h
4U6J2+BC8b8ofbgT16IwXhnn66ZKv19QrZcIS4vLQxizF2PCq7iyGITsaFuSY5Xx
VZ5xmM7NcRNgLELgGf0ZSIkK/CyCvWAnEAEabihUVPAZaAW12rOTA8ZNBQ0zddxh
02sZV0FNtbZWfFM0X2u8nPLyv3Y8h3JnQOAqZxJIPjeSHb8Qjd1Vjd2CcuXuJIWg
B6M5bifIBtXvJrL1YjvB2Oe6Vt98YaRLBiQ04/y5DQlB8wuUp8za3p4Lt2SXyHYO
6jmof9o9eWUrS4Jk8AZghH+pQGG3VG4ommDG/B6oIVhfmFlrhUKlIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org