Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/Z6tHaTCQjniiKwn6Tp8mox1KCsU.roa
File: Z6tHaTCQjniiKwn6Tp8mox1KCsU.roa (raw, json)
Hash identifier: 2ho3bO42r9gHGzidl2TsRirBOcyVHVG8a2zl6t9kyRQ=
Subject key identifier: 67:AB:47:69:30:90:8E:78:A2:2B:09:FA:4E:9F:26:A3:1D:4A:0A:C5
Certificate issuer: /CN=a5a1eabafe2de7038227a8593a7ac5cc392f374e
Certificate serial: 03661C9F
Authority key identifier: A5:A1:EA:BA:FE:2D:E7:03:82:27:A8:59:3A:7A:C5:CC:39:2F:37:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/paHquv4t5wOCJ6hZOnrFzDkvN04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/Z6tHaTCQjniiKwn6Tp8mox1KCsU.roa
Signing time: Sat 01 Jan 2022 01:59:55 +0000
ROA not before: Sat 01 Jan 2022 01:59:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12952
IP address blocks: 185.118.129.0/24 maxlen: 24
185.118.128.0/24 maxlen: 24
185.118.131.0/24 maxlen: 24
185.118.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57023647 (0x3661c9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5a1eabafe2de7038227a8593a7ac5cc392f374e
Validity
Not Before: Jan 1 01:59:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67ab476930908e78a22b09fa4e9f26a31d4a0ac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:d4:35:3d:0b:1a:f2:9f:82:d9:1d:29:6b:c1:
80:35:88:58:20:38:92:15:ee:6e:ce:33:67:5c:07:
0d:e5:f8:d0:4e:c8:fd:7d:a1:41:ae:e0:95:1b:4b:
6c:36:42:3a:4d:84:65:00:54:78:c6:23:82:13:61:
cf:f9:09:0a:6b:57:b1:24:33:b5:77:04:30:28:ce:
60:b1:50:e1:83:cb:bd:65:b6:a4:9e:2b:7c:33:73:
a7:a2:a7:11:cf:c6:ca:43:28:29:1a:4b:3b:78:15:
d9:e1:f8:a8:80:5e:6a:1b:a6:9f:3a:11:0c:45:99:
eb:13:f1:7b:17:a5:1b:04:76:99:71:95:5c:c0:dc:
c8:a6:09:b9:cf:f0:7e:1e:43:4d:01:3c:6c:83:66:
7d:24:40:ee:a2:81:f8:01:9e:3b:e4:48:e4:44:d1:
f6:8f:94:16:6f:8e:f5:9f:00:3c:f5:00:9b:bd:61:
5a:e8:ff:0b:bb:2f:8d:48:5e:03:05:53:b2:71:dd:
4d:3d:08:56:a1:98:0b:13:d4:ac:99:0b:49:76:b5:
d7:3f:bc:54:8f:3e:76:46:7a:89:41:1f:bb:48:91:
b9:09:c3:60:cf:65:78:9a:2c:e5:7b:43:59:30:c6:
ba:d9:4c:ae:f8:a1:4c:5d:54:13:c4:40:3a:39:6e:
81:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:AB:47:69:30:90:8E:78:A2:2B:09:FA:4E:9F:26:A3:1D:4A:0A:C5
X509v3 Authority Key Identifier:
keyid:A5:A1:EA:BA:FE:2D:E7:03:82:27:A8:59:3A:7A:C5:CC:39:2F:37:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/paHquv4t5wOCJ6hZOnrFzDkvN04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/Z6tHaTCQjniiKwn6Tp8mox1KCsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4f4b4e-23cc-4c3a-90af-4ef39514aa43/1/paHquv4t5wOCJ6hZOnrFzDkvN04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.128.0/22
Signature Algorithm: sha256WithRSAEncryption
33:21:4d:0c:a0:54:3e:0e:03:e1:17:64:05:8a:58:82:9a:39:
a7:1e:70:3c:25:04:16:27:74:7f:37:4f:46:a0:c9:f9:38:f7:
03:e4:c9:12:d9:6a:4b:29:b8:ae:ef:ee:77:6c:ab:ab:fd:b0:
34:9a:4c:87:c5:37:ba:72:92:26:fa:2d:dc:66:f8:9d:f5:35:
37:7e:d9:2c:a7:57:4b:b3:ba:09:8f:0e:42:d8:8c:c5:17:e3:
51:bf:4c:9f:8a:9c:fb:1a:fd:02:98:d9:97:77:b8:39:ba:1d:
19:73:08:f7:7a:38:dc:9f:47:68:6f:9b:fd:a2:d4:77:9c:b5:
ec:99:a9:41:cd:1c:6f:3b:ee:9c:0d:6e:ca:f5:52:bf:02:a1:
e9:a5:57:89:4d:24:c4:86:1c:0c:ff:9b:b6:ca:1a:98:b8:e5:
cf:50:e3:25:c5:01:c0:02:4a:09:d5:3e:2a:b0:cb:9c:91:77:
91:9e:43:94:80:e3:28:04:0a:52:16:a8:e7:32:f7:e2:91:5d:
56:34:19:c7:1b:e6:63:e3:83:a2:a0:03:d2:60:1d:61:21:f1:
4f:36:e4:1b:8e:ff:1b:9d:06:09:0f:0a:4c:66:63:51:b3:2e:
23:4a:3b:51:f9:dd:b5:70:6a:95:d9:2d:11:80:ae:5b:46:bd:
b5:42:b3:6b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA2YcnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NWExZWFiYWZlMmRlNzAzODIyN2E4NTkzYTdhYzVjYzM5MmYzNzRlMB4XDTIyMDEw
MTAxNTk1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdhYjQ3NjkzMDkw
OGU3OGEyMmIwOWZhNGU5ZjI2YTMxZDRhMGFjNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzUNT0LGvKfgtkdKWvBgDWIWCA4khXubs4zZ1wHDeX40E7I
/X2hQa7glRtLbDZCOk2EZQBUeMYjghNhz/kJCmtXsSQztXcEMCjOYLFQ4YPLvWW2
pJ4rfDNzp6KnEc/GykMoKRpLO3gV2eH4qIBeahumnzoRDEWZ6xPxexelGwR2mXGV
XMDcyKYJuc/wfh5DTQE8bINmfSRA7qKB+AGeO+RI5ETR9o+UFm+O9Z8APPUAm71h
Wuj/C7svjUheAwVTsnHdTT0IVqGYCxPUrJkLSXa11z+8VI8+dkZ6iUEfu0iRuQnD
YM9leJos5XtDWTDGutlMrvihTF1UE8RAOjlugZ0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRnq0dpMJCOeKIrCfpOnyajHUoKxTAfBgNVHSMEGDAWgBSloeq6/i3nA4In
qFk6esXMOS83TjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BhSHF1djR0NXdPQ0o2aFpPbnJGekRrdk4wNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvNGY0YjRlLTIzY2MtNGMzYS05MGFmLTRlZjM5NTE0YWE0My8x
L1o2dEhhVENRam5paUt3bjZUcDhtb3gxS0NzVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
NGY0YjRlLTIzY2MtNGMzYS05MGFmLTRlZjM5NTE0YWE0My8xL3BhSHF1djR0NXdP
Q0o2aFpPbnJGekRrdk4wNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl2gDANBgkqhkiG9w0BAQsFAAOC
AQEAMyFNDKBUPg4D4RdkBYpYgpo5px5wPCUEFid0fzdPRqDJ+Tj3A+TJEtlqSym4
ru/ud2yrq/2wNJpMh8U3unKSJvot3Gb4nfU1N37ZLKdXS7O6CY8OQtiMxRfjUb9M
n4qc+xr9ApjZl3e4ObodGXMI93o43J9HaG+b/aLUd5y17JmpQc0cbzvunA1uyvVS
vwKh6aVXiU0kxIYcDP+btsoamLjlz1DjJcUBwAJKCdU+KrDLnJF3kZ5DlIDjKAQK
Uhao5zL34pFdVjQZxxvmY+ODoqAD0mAdYSHxTzbkG47/G50GCQ8KTGZjUbMuI0o7
UfndtXBqldktEYCuW0a9tUKzaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:54 2024 by rpki-client on console-ams.rpki-client.org