Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/dktLgQkpCncKKwJP-lAuV0eGSss.roa
File: dktLgQkpCncKKwJP-lAuV0eGSss.roa (raw, json)
Hash identifier: wwXDW/OfJoghfb2UYrXKtfVnLsJ+RyvdoAFYPsjnK/Q=
Subject key identifier: 76:4B:4B:81:09:29:0A:77:0A:2B:02:4F:FA:50:2E:57:47:86:4A:CB
Certificate issuer: /CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Certificate serial: 1A775202
Authority key identifier: 83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/dktLgQkpCncKKwJP-lAuV0eGSss.roa
Signing time: Sat 01 Jan 2022 05:57:28 +0000
ROA not before: Sat 01 Jan 2022 05:57:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47602
IP address blocks: 185.72.240.0/24 maxlen: 24
185.72.241.0/24 maxlen: 24
185.72.242.0/24 maxlen: 24
185.72.243.0/24 maxlen: 24
2a09:4200::/29 maxlen: 29
2a04:2b87::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 444027394 (0x1a775202)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83991afcd455eb1b174fcf89f8e10eaf7f70b355
Validity
Not Before: Jan 1 05:57:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=764b4b8109290a770a2b024ffa502e5747864acb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cf:51:86:13:c1:7c:cd:a4:7d:f4:94:f5:8f:
7e:f3:4c:b1:f1:8d:7c:95:ca:52:77:fb:0f:0e:ce:
5c:aa:ee:61:20:55:89:a8:ba:fc:d4:1d:9f:ad:8b:
93:72:0d:3c:af:d1:0c:fa:80:3f:e0:c1:ab:cb:c5:
33:cc:01:db:32:3f:86:1d:b6:c9:34:b8:04:1d:65:
59:ab:89:8f:f4:c9:3d:65:15:f6:d0:f3:ae:96:80:
f6:a1:97:c8:ca:13:5c:ae:7f:8c:d6:3e:75:d1:a4:
fe:26:4c:a4:6f:49:13:57:40:54:fc:2b:73:1c:8b:
21:d7:23:72:0d:2d:f7:14:ba:22:d9:d5:78:d5:64:
7b:80:bc:1a:c1:48:ba:70:12:1d:fe:51:55:7c:b0:
b0:37:0e:10:6a:71:30:9f:26:00:c8:c8:3a:4a:15:
d4:10:c1:53:fa:a7:9c:4e:33:25:b1:9c:5d:a5:34:
8e:90:57:31:45:2b:a7:05:1c:44:11:bb:8b:31:28:
cb:c4:5f:4d:b4:5c:66:6d:3e:ff:46:98:95:f3:a7:
1e:8b:98:81:d6:90:10:22:c2:4c:c4:7e:1d:f6:e4:
c5:ed:49:70:dc:dd:a9:95:59:10:f8:43:30:2d:33:
5c:db:98:87:c8:97:e9:8c:f8:5b:d2:36:83:55:75:
1e:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:4B:4B:81:09:29:0A:77:0A:2B:02:4F:FA:50:2E:57:47:86:4A:CB
X509v3 Authority Key Identifier:
keyid:83:99:1A:FC:D4:55:EB:1B:17:4F:CF:89:F8:E1:0E:AF:7F:70:B3:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g5ka_NRV6xsXT8-J-OEOr39ws1U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/dktLgQkpCncKKwJP-lAuV0eGSss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/69ed29-af4e-4524-adfb-e15437380099/1/g5ka_NRV6xsXT8-J-OEOr39ws1U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.240.0/22
IPv6:
2a04:2b87::/32
2a09:4200::/29
Signature Algorithm: sha256WithRSAEncryption
a7:4b:66:50:56:72:2b:25:38:a1:70:d7:68:c5:d8:56:94:c5:
c3:ee:27:cb:7b:b7:8e:be:78:11:29:ee:a0:50:41:24:5b:3a:
f9:fb:a7:98:c6:ee:fe:3c:0e:be:e9:9b:67:8c:44:27:5e:71:
8c:94:d5:c7:87:75:ff:2c:36:1e:d5:b5:41:c9:ea:81:a1:5e:
fb:be:b8:4b:4c:f0:79:43:08:24:f2:f4:6d:2b:7a:2f:59:e0:
34:a0:b2:69:65:dc:6a:58:31:73:f6:bd:01:47:60:c2:81:56:
be:bb:d0:ae:c1:22:4d:70:3e:a9:22:e3:3c:32:7c:79:14:f9:
06:ee:03:8f:b6:cc:2e:cd:d0:19:56:28:ee:87:41:09:1b:83:
45:82:ff:27:db:55:ac:2b:74:62:2a:f7:27:57:6e:82:6f:fb:
7b:b0:aa:21:5d:44:68:b7:8c:69:7a:2d:07:f0:4c:67:15:45:
f4:58:2f:a3:27:9c:44:ce:6a:ed:b2:8a:e3:5a:89:e3:f5:5a:
cf:31:57:b1:56:00:3f:7e:2d:a3:cf:15:62:fc:8e:30:ba:b4:
4d:60:7d:fc:6f:21:58:cf:be:37:ae:95:ba:d3:06:74:25:04:
7f:ff:2f:94:a1:55:e9:5c:ec:1b:21:2b:9d:3a:7f:6b:12:d3:
02:61:9c:4d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEGndSAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mzk5MWFmY2Q0NTVlYjFiMTc0ZmNmODlmOGUxMGVhZjdmNzBiMzU1MB4XDTIyMDEw
MTA1NTcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzY0YjRiODEwOTI5
MGE3NzBhMmIwMjRmZmE1MDJlNTc0Nzg2NGFjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANTPUYYTwXzNpH30lPWPfvNMsfGNfJXKUnf7Dw7OXKruYSBV
iai6/NQdn62Lk3INPK/RDPqAP+DBq8vFM8wB2zI/hh22yTS4BB1lWauJj/TJPWUV
9tDzrpaA9qGXyMoTXK5/jNY+ddGk/iZMpG9JE1dAVPwrcxyLIdcjcg0t9xS6ItnV
eNVke4C8GsFIunASHf5RVXywsDcOEGpxMJ8mAMjIOkoV1BDBU/qnnE4zJbGcXaU0
jpBXMUUrpwUcRBG7izEoy8RfTbRcZm0+/0aYlfOnHouYgdaQECLCTMR+Hfbkxe1J
cNzdqZVZEPhDMC0zXNuYh8iX6Yz4W9I2g1V1Hn0CAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBR2S0uBCSkKdworAk/6UC5XR4ZKyzAfBgNVHSMEGDAWgBSDmRr81FXrGxdP
z4n44Q6vf3CzVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2c1a2FfTlJWNnhzWFQ4LUotT0VPcjM5d3MxVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNjllZDI5LWFmNGUtNDUyNC1hZGZiLWUxNTQzNzM4MDA5OS8x
L2RrdExnUWtwQ25jS0t3SlAtbEF1VjBlR1Nzcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NjllZDI5LWFmNGUtNDUyNC1hZGZiLWUxNTQzNzM4MDA5OS8xL2c1a2FfTlJWNnhz
WFQ4LUotT0VPcjM5d3MxVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgMEArlI8DAUBAIAAjAOAwUAKgQrhwMF
AyoJQgAwDQYJKoZIhvcNAQELBQADggEBAKdLZlBWcislOKFw12jF2FaUxcPuJ8t7
t46+eBEp7qBQQSRbOvn7p5jG7v48Dr7pm2eMRCdecYyU1ceHdf8sNh7VtUHJ6oGh
Xvu+uEtM8HlDCCTy9G0rei9Z4DSgsmll3GpYMXP2vQFHYMKBVr670K7BIk1wPqki
4zwyfHkU+QbuA4+2zC7N0BlWKO6HQQkbg0WC/yfbVawrdGIq9ydXboJv+3uwqiFd
RGi3jGl6LQfwTGcVRfRYL6MnnETOau2yiuNaieP1Ws8xV7FWAD9+LaPPFWL8jjC6
tE1gffxvIVjPvjeulbrTBnQlBH//L5ShVelc7BshK506f2sS0wJhnE0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:07 2024 by rpki-client on console-fra.rpki-client.org