Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/cP10W8aiX5s6dF0lEYzlAEndzB0.roa
File: cP10W8aiX5s6dF0lEYzlAEndzB0.roa (raw, json)
Hash identifier: sMNZMjJf7DnH0cgZGU0g/AHvVrb1jxLxmG8Z1CKfK/Q=
Subject key identifier: 70:FD:74:5B:C6:A2:5F:9B:3A:74:5D:25:11:8C:E5:00:49:DD:CC:1D
Certificate issuer: /CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Certificate serial: 322E44E1
Authority key identifier: C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/cP10W8aiX5s6dF0lEYzlAEndzB0.roa
Signing time: Sat 01 Jan 2022 05:05:58 +0000
ROA not before: Sat 01 Jan 2022 05:05:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29283
IP address blocks: 85.184.64.0/19 maxlen: 19
89.33.144.0/21 maxlen: 21
94.199.120.0/21 maxlen: 21
185.6.62.0/24 maxlen: 24
185.6.60.0/22 maxlen: 22
185.6.60.0/24 maxlen: 24
185.6.61.0/24 maxlen: 24
213.174.96.0/19 maxlen: 19
213.174.127.0/24 maxlen: 24
2a02:6c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 841893089 (0x322e44e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9ed64c93ddfdf2f49b7ea1c23eaad0870249a33
Validity
Not Before: Jan 1 05:05:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70fd745bc6a25f9b3a745d25118ce50049ddcc1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:62:71:7a:de:66:36:f6:67:8b:c6:f5:b7:d7:
78:16:de:03:59:3e:f4:85:d8:de:bc:6c:40:44:d9:
6d:d7:51:be:56:fb:2f:e6:b8:83:e9:a3:d2:1f:79:
d8:04:4d:e0:82:da:3f:c8:a6:fe:9e:67:42:50:04:
76:89:5c:eb:fc:a3:d4:57:23:ed:8c:08:ed:e4:af:
51:14:80:3b:75:b9:fa:d8:d3:42:5a:e7:b2:96:76:
a8:0d:09:00:74:21:1a:3c:27:dc:eb:a0:0e:8d:de:
3a:41:b3:ac:0a:e3:e7:9d:8f:69:84:81:98:eb:53:
e5:24:c1:f0:85:1b:29:df:0b:4e:6b:69:c3:a2:84:
e3:e4:1b:1f:7b:1e:a8:1b:c2:24:99:b9:c3:e2:0d:
c9:05:58:8b:6e:a6:86:e6:55:7f:83:68:dd:81:b1:
09:1b:b8:b1:ae:3c:ec:02:2e:b8:93:03:a7:ff:c4:
fb:10:79:6a:b6:d8:8c:0a:33:db:a2:4b:c3:47:73:
0f:b3:15:94:20:ba:14:ce:8f:20:9c:e6:dc:dc:67:
da:9a:89:de:8b:56:32:84:6a:2f:ca:cd:28:bb:9e:
ff:3e:43:82:41:95:aa:07:ee:ec:3a:1a:50:6e:83:
e6:48:d3:de:55:13:e2:c5:1e:d6:1f:f3:1c:6c:50:
a2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:FD:74:5B:C6:A2:5F:9B:3A:74:5D:25:11:8C:E5:00:49:DD:CC:1D
X509v3 Authority Key Identifier:
keyid:C9:ED:64:C9:3D:DF:DF:2F:49:B7:EA:1C:23:EA:AD:08:70:24:9A:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/cP10W8aiX5s6dF0lEYzlAEndzB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/2a2ab2-3098-4a0f-809c-35ed5b53da05/1/ye1kyT3f3y9Jt-ocI-qtCHAkmjM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.184.64.0/19
89.33.144.0/21
94.199.120.0/21
185.6.60.0/22
213.174.96.0/19
IPv6:
2a02:6c40::/32
Signature Algorithm: sha256WithRSAEncryption
24:f4:cd:88:8e:7b:96:3d:00:86:ee:fc:04:4b:98:ef:8b:ec:
c4:6d:d9:68:ad:6f:5a:9e:6b:79:a6:1a:3b:4e:18:9e:8e:21:
88:8b:92:8c:7d:a2:3a:7d:5c:58:85:76:1d:b6:ba:6f:c7:d2:
ac:d6:2f:01:8a:0a:0b:17:13:ac:f8:76:1a:ef:b2:16:d5:f1:
99:e7:2f:ee:24:ef:33:7b:1a:ba:fd:cb:4b:39:b0:79:a4:c8:
4c:70:d9:d0:74:89:30:0e:90:71:4c:27:3b:46:2a:1f:f1:47:
6f:d4:6c:04:f5:fc:8c:18:51:8e:58:a0:9e:02:05:d5:3a:00:
98:40:63:15:99:d1:fa:44:dc:3c:5b:cd:3f:21:89:d6:d6:da:
7b:31:79:e5:dd:66:52:34:01:90:c7:c2:f9:6c:57:e3:a9:30:
5b:74:fc:5d:e9:6d:12:e7:93:3d:13:66:dd:8c:88:4b:71:84:
9c:ea:49:f7:e5:b8:fc:62:b4:16:72:65:df:03:37:11:b5:d7:
b9:24:f9:1f:8e:bd:4d:70:a7:99:6c:8b:8e:7c:0e:4e:52:60:
74:c1:da:9f:d0:b6:2f:98:1c:5f:55:14:2b:8a:a9:71:dd:b1:
e8:10:d3:2a:11:e6:89:f2:e9:53:b0:6c:f3:e6:9e:01:37:99:
08:35:74:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEMi5E4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWVkNjRjOTNkZGZkZjJmNDliN2VhMWMyM2VhYWQwODcwMjQ5YTMzMB4XDTIyMDEw
MTA1MDU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBmZDc0NWJjNmEy
NWY5YjNhNzQ1ZDI1MTE4Y2U1MDA0OWRkY2MxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIFicXreZjb2Z4vG9bfXeBbeA1k+9IXY3rxsQETZbddRvlb7
L+a4g+mj0h952ARN4ILaP8im/p5nQlAEdolc6/yj1Fcj7YwI7eSvURSAO3W5+tjT
QlrnspZ2qA0JAHQhGjwn3OugDo3eOkGzrArj552PaYSBmOtT5STB8IUbKd8LTmtp
w6KE4+QbH3seqBvCJJm5w+INyQVYi26mhuZVf4No3YGxCRu4sa487AIuuJMDp//E
+xB5arbYjAoz26JLw0dzD7MVlCC6FM6PIJzm3Nxn2pqJ3otWMoRqL8rNKLue/z5D
gkGVqgfu7DoaUG6D5kjT3lUT4sUe1h/zHGxQom8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRw/XRbxqJfmzp0XSURjOUASd3MHTAfBgNVHSMEGDAWgBTJ7WTJPd/fL0m3
6hwj6q0IcCSaMzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3llMWt5VDNmM3k5SnQtb2NJLXF0Q0hBa21qTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvMmEyYWIyLTMwOTgtNGEwZi04MDljLTM1ZWQ1YjUzZGEwNS8x
L2NQMTBXOGFpWDVzNmRGMGxFWXpsQUVuZHpCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
MmEyYWIyLTMwOTgtNGEwZi04MDljLTM1ZWQ1YjUzZGEwNS8xL3llMWt5VDNmM3k5
SnQtb2NJLXF0Q0hBa21qTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBVW4QAMEA1khkAMEA17HeAMEArkG
PAMEBdWuYDANBAIAAjAHAwUAKgJsQDANBgkqhkiG9w0BAQsFAAOCAQEAJPTNiI57
lj0Ahu78BEuY74vsxG3ZaK1vWp5reaYaO04Yno4hiIuSjH2iOn1cWIV2Hba6b8fS
rNYvAYoKCxcTrPh2Gu+yFtXxmecv7iTvM3sauv3LSzmweaTITHDZ0HSJMA6QcUwn
O0YqH/FHb9RsBPX8jBhRjligngIF1ToAmEBjFZnR+kTcPFvNPyGJ1tbaezF55d1m
UjQBkMfC+WxX46kwW3T8XeltEueTPRNm3YyIS3GEnOpJ9+W4/GK0FnJl3wM3EbXX
uST5H469TXCnmWyLjnwOTlJgdMHan9C2L5gcX1UUK4qpcd2x6BDTKhHmifLpU7Bs
8+aeATeZCDV02w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:12 2024 by rpki-client on console-ams.rpki-client.org