Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/278b7d-cf43-4ac2-ad6b-7bc12a62a0d3/1/98Iq8bTgSXW4Er9_q_YCHeky0GE.roa
File: 98Iq8bTgSXW4Er9_q_YCHeky0GE.roa (raw, json)
Hash identifier: q1H9UyT1ngwxwk2Fppg+i6UumAuUXszZdsCiZwot1S4=
Subject key identifier: F7:C2:2A:F1:B4:E0:49:75:B8:12:BF:7F:AB:F6:02:1D:E9:32:D0:61
Certificate issuer: /CN=427b5406ecdab8e5b40ddc54bc615ca2a70922f1
Certificate serial: 021222A9
Authority key identifier: 42:7B:54:06:EC:DA:B8:E5:B4:0D:DC:54:BC:61:5C:A2:A7:09:22:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QntUBuzauOW0DdxUvGFcoqcJIvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/278b7d-cf43-4ac2-ad6b-7bc12a62a0d3/1/98Iq8bTgSXW4Er9_q_YCHeky0GE.roa
Signing time: Sat 01 Jan 2022 11:53:54 +0000
ROA not before: Sat 01 Jan 2022 11:53:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47864
IP address blocks: 185.217.60.0/24 maxlen: 24
2a10:bb00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34742953 (0x21222a9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427b5406ecdab8e5b40ddc54bc615ca2a70922f1
Validity
Not Before: Jan 1 11:53:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7c22af1b4e04975b812bf7fabf6021de932d061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:81:65:08:10:85:1c:f0:06:ef:95:52:78:fc:
ce:4a:96:55:f4:89:a4:c9:4b:4c:4a:aa:2c:f0:81:
a7:17:88:e8:24:d3:dc:be:17:da:ff:8e:34:aa:07:
ff:d6:fb:90:9f:51:0b:fc:97:ff:d6:69:17:2c:ee:
10:d6:79:af:29:ff:4a:7b:e0:74:9f:43:c9:51:8b:
94:c7:0d:bf:3f:91:f6:89:34:23:38:f4:79:38:2a:
a2:8c:8a:a0:58:d5:f2:bb:fc:e6:ce:47:cb:89:4d:
c7:0e:90:90:eb:3f:17:e0:74:e5:bf:53:c0:8b:0f:
46:b4:40:ac:07:8e:14:0b:c0:b4:4d:97:aa:78:31:
ce:65:16:8a:ea:87:33:38:33:ec:fa:f2:38:5f:59:
73:34:54:0d:a8:25:1c:4e:6e:b5:d0:ce:6f:1f:43:
c0:5f:f7:84:44:31:a6:dc:67:a7:32:1c:3a:ee:24:
4d:a7:91:e0:0b:df:26:7e:ca:18:f1:9a:5f:cc:f3:
50:4f:98:18:c8:c2:f0:2c:39:d5:39:0c:e6:33:a2:
05:0f:94:dc:fa:88:ec:f1:8f:38:72:ca:17:26:fb:
f1:fc:e1:11:aa:c2:eb:be:57:ad:53:7f:a2:a4:47:
3f:9e:a9:65:9e:cd:02:68:62:cc:c0:ac:07:63:8d:
d0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:C2:2A:F1:B4:E0:49:75:B8:12:BF:7F:AB:F6:02:1D:E9:32:D0:61
X509v3 Authority Key Identifier:
keyid:42:7B:54:06:EC:DA:B8:E5:B4:0D:DC:54:BC:61:5C:A2:A7:09:22:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QntUBuzauOW0DdxUvGFcoqcJIvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/278b7d-cf43-4ac2-ad6b-7bc12a62a0d3/1/98Iq8bTgSXW4Er9_q_YCHeky0GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/278b7d-cf43-4ac2-ad6b-7bc12a62a0d3/1/QntUBuzauOW0DdxUvGFcoqcJIvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.60.0/24
IPv6:
2a10:bb00::/29
Signature Algorithm: sha256WithRSAEncryption
c5:21:a2:03:5c:65:54:a1:92:4c:32:9a:9c:cf:9c:cc:d1:0d:
da:7b:a1:fa:68:fd:2f:f6:39:34:1c:1f:8f:a5:19:2e:60:a4:
5b:62:95:d7:23:81:2c:25:c9:19:73:29:c5:a5:d4:00:12:a6:
fe:b2:e6:da:cb:68:4e:dd:b5:d1:dd:ca:11:39:fe:fa:cf:e3:
6c:e5:82:56:4f:cf:86:37:9b:05:90:c4:b6:9d:a1:d8:2e:55:
fc:60:80:aa:a3:3e:21:dd:0a:55:3f:ec:75:22:d4:38:0f:ca:
5b:a6:f6:72:d5:d2:ab:bd:6a:96:e6:a0:fc:d5:9d:e1:55:f9:
a8:b9:95:37:75:97:58:89:32:4e:03:ff:78:fa:50:6f:43:86:
62:4b:a2:17:d7:db:2e:f4:01:4d:99:ab:0c:99:b1:fa:ff:07:
84:84:97:3d:e6:ce:7a:6b:fb:bf:21:79:69:ca:5a:9b:2d:8a:
d1:0d:08:4f:ac:c6:4c:bc:4f:9c:2e:4e:1d:d1:54:63:f6:42:
e4:b4:e8:f3:67:b0:ee:7c:60:f8:bc:8c:85:a2:77:56:33:c4:
a7:a9:dd:75:89:45:b1:a0:df:a5:e2:76:f6:9a:4f:fc:0e:b8:
75:95:bb:79:e5:9f:cc:36:34:7b:9e:b8:9f:be:8f:75:ad:b9:
4d:bf:95:1b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAhIiqTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjdiNTQwNmVjZGFiOGU1YjQwZGRjNTRiYzYxNWNhMmE3MDkyMmYxMB4XDTIyMDEw
MTExNTM1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdjMjJhZjFiNGUw
NDk3NWI4MTJiZjdmYWJmNjAyMWRlOTMyZDA2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJWBZQgQhRzwBu+VUnj8zkqWVfSJpMlLTEqqLPCBpxeI6CTT
3L4X2v+ONKoH/9b7kJ9RC/yX/9ZpFyzuENZ5ryn/SnvgdJ9DyVGLlMcNvz+R9ok0
Izj0eTgqooyKoFjV8rv85s5Hy4lNxw6QkOs/F+B05b9TwIsPRrRArAeOFAvAtE2X
qngxzmUWiuqHMzgz7PryOF9ZczRUDaglHE5utdDObx9DwF/3hEQxptxnpzIcOu4k
TaeR4AvfJn7KGPGaX8zzUE+YGMjC8Cw51TkM5jOiBQ+U3PqI7PGPOHLKFyb78fzh
EarC675XrVN/oqRHP56pZZ7NAmhizMCsB2ON0D8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT3wirxtOBJdbgSv3+r9gId6TLQYTAfBgNVHSMEGDAWgBRCe1QG7Nq45bQN
3FS8YVyipwki8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FudFVCdXphdU9XMERkeFV2R0Zjb3FjSkl2RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvMjc4YjdkLWNmNDMtNGFjMi1hZDZiLTdiYzEyYTYyYTBkMy8x
Lzk4SXE4YlRnU1hXNEVyOV9xX1lDSGVreTBHRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
Mjc4YjdkLWNmNDMtNGFjMi1hZDZiLTdiYzEyYTYyYTBkMy8xL1FudFVCdXphdU9X
MERkeFV2R0Zjb3FjSkl2RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnZPDANBAIAAjAHAwUDKhC7ADAN
BgkqhkiG9w0BAQsFAAOCAQEAxSGiA1xlVKGSTDKanM+czNEN2nuh+mj9L/Y5NBwf
j6UZLmCkW2KV1yOBLCXJGXMpxaXUABKm/rLm2stoTt210d3KETn++s/jbOWCVk/P
hjebBZDEtp2h2C5V/GCAqqM+Id0KVT/sdSLUOA/KW6b2ctXSq71qluag/NWd4VX5
qLmVN3WXWIkyTgP/ePpQb0OGYkuiF9fbLvQBTZmrDJmx+v8HhISXPebOemv7vyF5
acpamy2K0Q0IT6zGTLxPnC5OHdFUY/ZC5LTo82ew7nxg+LyMhaJ3VjPEp6nddYlF
saDfpeJ29ppP/A64dZW7eeWfzDY0e564n76Pda25Tb+VGw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:48 2024 by rpki-client on console-fra.rpki-client.org