Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/t2b4iWhjBoAE7n5i_x4HTYjdbzE.roa
File: t2b4iWhjBoAE7n5i_x4HTYjdbzE.roa (raw, json)
Hash identifier: 5OOiLg0ssv+0BGGV9ysOtoY4Si0x7tomiPfGUsqCjYQ=
Subject key identifier: B7:66:F8:89:68:63:06:80:04:EE:7E:62:FF:1E:07:4D:88:DD:6F:31
Certificate issuer: /CN=f779f5f0288985abde09827e03d787a52149e7ec
Certificate serial: 18076300
Authority key identifier: F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/t2b4iWhjBoAE7n5i_x4HTYjdbzE.roa
Signing time: Sat 01 Jan 2022 06:55:04 +0000
ROA not before: Sat 01 Jan 2022 06:55:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29467
IP address blocks: 178.251.160.0/21 maxlen: 24
185.97.244.0/22 maxlen: 22
185.4.124.0/22 maxlen: 22
5.149.112.0/21 maxlen: 24
2a03:2f00::/32 maxlen: 32
2a02:70c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 403137280 (0x18076300)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f779f5f0288985abde09827e03d787a52149e7ec
Validity
Not Before: Jan 1 06:55:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b766f8896863068004ee7e62ff1e074d88dd6f31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5b:68:2a:0e:38:47:58:a6:a7:21:bc:a0:72:
f9:c3:2f:c9:34:32:77:72:fd:7b:32:ca:65:11:1a:
35:0d:ac:91:44:f9:d6:58:17:e8:57:32:d5:a3:08:
38:e5:4a:a6:ee:b0:1f:2d:84:b4:5b:74:b0:4c:77:
23:6e:c7:e0:6b:5f:55:95:53:31:4f:77:83:b1:5f:
45:7e:d1:af:19:40:c1:54:23:fd:eb:50:22:7f:3a:
b0:65:73:ef:cb:89:a6:75:0a:b2:19:e0:eb:ea:2a:
0d:0b:0c:7f:b3:ae:a5:0d:7f:91:d8:e2:62:65:07:
eb:7f:25:2c:11:7d:b9:25:0c:f1:93:16:f3:99:10:
3b:d3:8f:e3:97:56:c5:a8:be:47:b4:df:97:66:07:
a6:62:82:0c:31:dc:7b:45:ff:35:16:8d:8e:46:6c:
3c:fd:91:14:8f:c1:f0:8f:a4:2d:0d:02:53:e2:d3:
31:6a:3e:0d:7f:c8:cb:fd:ae:21:3f:05:a0:49:71:
64:ec:be:10:26:0f:d1:9a:d0:12:8e:8d:ac:68:e7:
b4:20:2d:19:4c:0c:8b:a3:11:ec:03:3e:f3:3d:d5:
e7:39:50:cb:e4:f5:0b:02:ed:cd:44:04:c1:97:6a:
af:ba:9f:c6:8c:25:39:7e:fb:93:c7:19:58:5a:92:
e2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:66:F8:89:68:63:06:80:04:EE:7E:62:FF:1E:07:4D:88:DD:6F:31
X509v3 Authority Key Identifier:
keyid:F7:79:F5:F0:28:89:85:AB:DE:09:82:7E:03:D7:87:A5:21:49:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93n18CiJhaveCYJ-A9eHpSFJ5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/t2b4iWhjBoAE7n5i_x4HTYjdbzE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/aed381-45cc-44bc-a5c3-fe7963bec7d3/1/93n18CiJhaveCYJ-A9eHpSFJ5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.112.0/21
178.251.160.0/21
185.4.124.0/22
185.97.244.0/22
IPv6:
2a02:70c0::/32
2a03:2f00::/32
Signature Algorithm: sha256WithRSAEncryption
36:05:98:32:20:9e:0c:a4:d7:b3:78:b4:02:2f:bc:98:6c:5e:
93:d3:fe:be:05:9b:b8:3a:23:4a:44:16:88:02:15:b9:9b:5a:
75:0e:b3:5f:28:98:db:17:f8:ed:91:c5:cb:4e:3e:6f:78:72:
d1:9b:36:6e:01:c5:39:bc:06:97:cd:7c:34:07:53:63:45:18:
d3:b7:ec:02:94:19:bd:8f:de:ad:fa:4d:d4:bb:3f:dd:68:9b:
68:58:49:f2:e5:22:ab:2f:ca:50:59:28:2f:cb:e0:dc:41:cf:
1c:bd:25:5e:a1:10:71:10:64:6f:1e:d7:0c:9b:ea:94:fa:af:
3f:14:78:5c:f9:22:0d:06:c1:8f:e1:ee:7e:0c:11:11:34:6e:
17:62:16:79:b4:e6:39:ce:0e:8b:a9:ef:ed:20:04:d3:82:e1:
58:ec:77:31:c5:e9:12:77:d2:a2:51:70:ef:12:ae:85:0a:04:
0d:cc:fd:2c:d2:6f:94:1a:01:2d:96:a0:26:9e:85:53:37:c9:
2e:7d:fa:17:e7:c8:d8:ea:1a:0c:46:46:ea:7a:73:18:d8:88:
f6:95:0b:6c:0e:fb:34:d0:fb:28:77:f5:d4:65:0b:c1:80:45:
30:fb:b0:b9:d7:97:c6:e6:10:4b:ad:89:18:77:b6:a5:9b:62:
8e:89:c4:95
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEGAdjADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Nzc5ZjVmMDI4ODk4NWFiZGUwOTgyN2UwM2Q3ODdhNTIxNDllN2VjMB4XDTIyMDEw
MTA2NTUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc2NmY4ODk2ODYz
MDY4MDA0ZWU3ZTYyZmYxZTA3NGQ4OGRkNmYzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJdbaCoOOEdYpqchvKBy+cMvyTQyd3L9ezLKZREaNQ2skUT5
1lgX6Fcy1aMIOOVKpu6wHy2EtFt0sEx3I27H4GtfVZVTMU93g7FfRX7RrxlAwVQj
/etQIn86sGVz78uJpnUKshng6+oqDQsMf7OupQ1/kdjiYmUH638lLBF9uSUM8ZMW
85kQO9OP45dWxai+R7Tfl2YHpmKCDDHce0X/NRaNjkZsPP2RFI/B8I+kLQ0CU+LT
MWo+DX/Iy/2uIT8FoElxZOy+ECYP0ZrQEo6NrGjntCAtGUwMi6MR7AM+8z3V5zlQ
y+T1CwLtzUQEwZdqr7qfxowlOX77k8cZWFqS4qUCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBS3ZviJaGMGgATufmL/HgdNiN1vMTAfBgNVHSMEGDAWgBT3efXwKImFq94J
gn4D14elIUnn7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkzbjE4Q2lKaGF2ZUNZSi1BOWVIcFNGSjUtdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvYWVkMzgxLTQ1Y2MtNDRiYy1hNWMzLWZlNzk2M2JlYzdkMy8x
L3QyYjRpV2hqQm9BRTduNWlfeDRIVFlqZGJ6RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
YWVkMzgxLTQ1Y2MtNDRiYy1hNWMzLWZlNzk2M2JlYzdkMy8xLzkzbjE4Q2lKaGF2
ZUNZSi1BOWVIcFNGSjUtdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEAwWVcAMEA7L7oAMEArkEfAMEArlh
9DAUBAIAAjAOAwUAKgJwwAMFACoDLwAwDQYJKoZIhvcNAQELBQADggEBADYFmDIg
ngyk17N4tAIvvJhsXpPT/r4Fm7g6I0pEFogCFbmbWnUOs18omNsX+O2RxctOPm94
ctGbNm4BxTm8BpfNfDQHU2NFGNO37AKUGb2P3q36TdS7P91om2hYSfLlIqsvylBZ
KC/L4NxBzxy9JV6hEHEQZG8e1wyb6pT6rz8UeFz5Ig0GwY/h7n4MERE0bhdiFnm0
5jnODoup7+0gBNOC4VjsdzHF6RJ30qJRcO8SroUKBA3M/SzSb5QaAS2WoCaehVM3
yS59+hfnyNjqGgxGRup6cxjYiPaVC2wO+zTQ+yh39dRlC8GARTD7sLnXl8bmEEut
iRh3tqWbYo6JxJU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:51 2023 by rpki-client on console-fra.rpki-client.org