Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/r0q3S8H3-hsReYkREmGYOlwpNnA.roa
File: r0q3S8H3-hsReYkREmGYOlwpNnA.roa (raw, json)
Hash identifier: O51pj830EIpvh20/KY8pkLeCT2C3kE262GdDLHtsKvI=
Subject key identifier: AF:4A:B7:4B:C1:F7:FA:1B:11:79:89:11:12:61:98:3A:5C:29:36:70
Certificate issuer: /CN=8b0c8d35dd66657bffc90b6ac41600ffa623d5b8
Certificate serial: 0D7A078F
Authority key identifier: 8B:0C:8D:35:DD:66:65:7B:FF:C9:0B:6A:C4:16:00:FF:A6:23:D5:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/r0q3S8H3-hsReYkREmGYOlwpNnA.roa
Signing time: Sat 01 Jan 2022 12:01:15 +0000
ROA not before: Sat 01 Jan 2022 12:01:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8455
IP address blocks: 185.121.95.0/24 maxlen: 24
185.121.94.0/24 maxlen: 24
185.121.93.0/24 maxlen: 24
185.121.92.0/22 maxlen: 24
2a03:8300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226101135 (0xd7a078f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b0c8d35dd66657bffc90b6ac41600ffa623d5b8
Validity
Not Before: Jan 1 12:01:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af4ab74bc1f7fa1b117989111261983a5c293670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:87:3e:d0:7a:c0:44:7a:e9:4b:fd:a7:96:1d:
ca:b7:72:69:05:9a:39:8b:c1:43:93:e5:bf:c2:49:
59:47:4e:d1:f7:59:fe:40:5c:d9:30:8f:6b:d7:36:
f3:ca:a3:a3:dc:23:9d:9b:76:44:90:e4:36:43:a5:
a1:42:6d:6d:9e:87:24:c8:5c:03:26:3c:87:2c:46:
d7:bc:8f:54:8d:6d:5a:3b:f8:ba:38:8d:d4:2b:7f:
84:96:c1:52:0c:e2:d4:64:b1:41:c4:ea:8e:1e:48:
61:6a:82:d9:38:97:cf:e5:8b:ed:de:d3:a2:9a:06:
02:5d:51:80:ce:0d:ff:7a:3b:71:a6:7a:d8:81:d1:
46:86:10:2f:4d:86:a1:de:d8:6b:7c:ce:28:8e:11:
3e:5c:db:6c:83:24:b8:49:29:5d:4d:07:a4:b6:05:
b7:85:ab:87:6d:55:6d:81:28:83:79:98:6e:25:f2:
70:ed:d1:cc:28:96:8c:e2:2b:c6:6d:96:77:7c:fb:
6e:02:01:2c:54:53:6f:ff:81:b4:7a:d9:75:9a:1d:
d9:fb:af:e8:a3:4e:b1:47:79:45:79:54:d7:2b:aa:
cf:f5:ce:7d:b4:c0:dc:8a:13:38:25:fc:73:77:ee:
04:d8:98:a8:9a:86:0e:d4:cd:3e:bd:eb:c4:5b:fa:
f2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:4A:B7:4B:C1:F7:FA:1B:11:79:89:11:12:61:98:3A:5C:29:36:70
X509v3 Authority Key Identifier:
keyid:8B:0C:8D:35:DD:66:65:7B:FF:C9:0B:6A:C4:16:00:FF:A6:23:D5:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/r0q3S8H3-hsReYkREmGYOlwpNnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/d28fd4-c368-46b3-a17d-43187e29b0e3/1/iwyNNd1mZXv_yQtqxBYA_6Yj1bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.92.0/22
IPv6:
2a03:8300::/32
Signature Algorithm: sha256WithRSAEncryption
50:b2:98:0d:df:22:27:79:5d:4e:80:6d:cb:e7:2c:c7:a9:4c:
15:6f:af:53:90:ad:60:06:54:7b:fa:a7:11:e6:41:0d:46:33:
06:5d:b5:63:1b:17:07:f1:ef:24:4d:66:8f:b7:6f:e7:af:4a:
e3:f1:96:29:7c:5c:9a:b8:73:c2:52:8b:6b:b9:c3:90:35:24:
5d:74:de:5d:21:0b:c2:91:4d:89:5e:61:e4:70:1f:6b:32:f4:
23:ca:15:e7:4e:c7:e2:c4:96:3d:9c:21:35:96:95:79:ae:51:
58:f0:9a:15:fb:ff:52:b8:fa:e6:b3:5c:c9:de:5b:60:68:5a:
70:df:13:20:2c:bb:33:85:48:86:11:7d:10:fb:81:5a:22:61:
af:8e:58:5a:32:aa:b4:0d:cb:cc:fe:37:85:04:d1:7f:bc:4b:
9b:27:cb:e9:a0:df:bb:2c:d0:81:ae:fc:a9:02:21:2f:a4:26:
20:48:d5:80:37:3c:06:47:e7:c4:c3:cf:36:3c:05:17:af:cc:
28:d4:00:5c:e6:c6:c0:3d:90:ca:cf:44:d8:93:cc:3c:e3:3a:
ea:e9:18:82:7b:8f:ea:df:95:f6:37:61:33:a4:ee:16:bb:bc:
d2:f8:af:62:7b:23:83:b6:d7:5f:72:ed:29:55:c2:b0:fc:71:
f7:29:4b:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDXoHjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YjBjOGQzNWRkNjY2NTdiZmZjOTBiNmFjNDE2MDBmZmE2MjNkNWI4MB4XDTIyMDEw
MTEyMDExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWY0YWI3NGJjMWY3
ZmExYjExNzk4OTExMTI2MTk4M2E1YzI5MzY3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2HPtB6wER66Uv9p5YdyrdyaQWaOYvBQ5Plv8JJWUdO0fdZ
/kBc2TCPa9c288qjo9wjnZt2RJDkNkOloUJtbZ6HJMhcAyY8hyxG17yPVI1tWjv4
ujiN1Ct/hJbBUgzi1GSxQcTqjh5IYWqC2TiXz+WL7d7TopoGAl1RgM4N/3o7caZ6
2IHRRoYQL02God7Ya3zOKI4RPlzbbIMkuEkpXU0HpLYFt4Wrh21VbYEog3mYbiXy
cO3RzCiWjOIrxm2Wd3z7bgIBLFRTb/+BtHrZdZod2fuv6KNOsUd5RXlU1yuqz/XO
fbTA3IoTOCX8c3fuBNiYqJqGDtTNPr3rxFv68nkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSvSrdLwff6GxF5iRESYZg6XCk2cDAfBgNVHSMEGDAWgBSLDI013WZle//J
C2rEFgD/piPVuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2l3eU5OZDFtWlh2X3lRdHF4QllBXzZZajFiZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvZDI4ZmQ0LWMzNjgtNDZiMy1hMTdkLTQzMTg3ZTI5YjBlMy8x
L3IwcTNTOEgzLWhzUmVZa1JFbUdZT2x3cE5uQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
ZDI4ZmQ0LWMzNjgtNDZiMy1hMTdkLTQzMTg3ZTI5YjBlMy8xL2l3eU5OZDFtWlh2
X3lRdHF4QllBXzZZajFiZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArl5XDANBAIAAjAHAwUAKgODADAN
BgkqhkiG9w0BAQsFAAOCAQEAULKYDd8iJ3ldToBty+csx6lMFW+vU5CtYAZUe/qn
EeZBDUYzBl21YxsXB/HvJE1mj7dv569K4/GWKXxcmrhzwlKLa7nDkDUkXXTeXSEL
wpFNiV5h5HAfazL0I8oV507H4sSWPZwhNZaVea5RWPCaFfv/Urj65rNcyd5bYGha
cN8TICy7M4VIhhF9EPuBWiJhr45YWjKqtA3LzP43hQTRf7xLmyfL6aDfuyzQga78
qQIhL6QmIEjVgDc8BkfnxMPPNjwFF6/MKNQAXObGwD2Qys9E2JPMPOM66ukYgnuP
6t+V9jdhM6TuFru80vivYnsjg7bXX3LtKVXCsPxx9ylLHQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:39 2024 by rpki-client on console-fra.rpki-client.org