Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/1b6xxI2SJnIalyKosXD7kKq1_1Q.roa
File: 1b6xxI2SJnIalyKosXD7kKq1_1Q.roa (raw, json)
Hash identifier: Qk+1WbHcz7Xrmw8kpQNH4udBckji4eGpI9w+wzIaOAY=
Subject key identifier: D5:BE:B1:C4:8D:92:26:72:1A:97:22:A8:B1:70:FB:90:AA:B5:FF:54
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 0A7607CC
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/1b6xxI2SJnIalyKosXD7kKq1_1Q.roa
Signing time: Wed 29 Jun 2022 10:46:02 +0000
ROA not before: Wed 29 Jun 2022 10:46:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57152
IP address blocks: 185.73.128.0/22 maxlen: 24
104.247.171.0/24 maxlen: 24
104.247.170.0/24 maxlen: 24
185.137.215.0/24 maxlen: 24
2a03:a5a0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175507404 (0xa7607cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Jun 29 10:46:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5beb1c48d9226721a9722a8b170fb90aab5ff54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:fe:cc:b8:67:0f:14:e1:81:16:71:aa:b5:56:
92:23:86:1c:93:b8:0b:54:70:03:a9:4c:e8:1b:c7:
db:4b:f9:11:2c:a2:f3:f5:dd:bf:bd:69:fd:a2:81:
0d:7e:a4:8a:27:22:76:b4:ff:ae:e7:ab:0a:c1:0b:
9d:7d:87:68:3c:57:0a:35:95:ce:74:78:20:d4:f5:
8a:24:4b:0d:50:6d:21:8e:d3:c9:b8:2a:49:bc:6c:
50:04:e5:51:a2:9d:c3:e6:80:4b:86:e9:91:c9:b1:
0b:dd:4d:83:07:be:2d:2b:68:4f:cd:5d:82:6b:69:
e1:d3:e0:7f:9d:07:52:9a:12:db:a0:7d:d3:80:c8:
76:35:5a:cc:70:26:a4:49:2a:f3:ee:df:0f:57:07:
bb:56:f8:3f:73:c3:cd:0e:72:5d:f5:55:cc:09:16:
f5:36:69:c8:49:2d:54:d7:2b:7b:c2:18:f0:28:e2:
39:2e:b0:f9:5a:41:74:f2:3e:ff:3f:35:1e:13:f2:
40:48:78:ff:3e:9e:14:0f:ab:c8:64:9f:25:d8:35:
55:4b:ee:89:f6:06:de:94:6f:27:76:44:20:cd:f3:
6a:86:3d:7e:9d:b8:92:1c:a4:da:b5:41:8e:0c:44:
91:d7:52:1e:46:2e:4f:4b:b2:9e:b8:1c:74:a2:9c:
8b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:BE:B1:C4:8D:92:26:72:1A:97:22:A8:B1:70:FB:90:AA:B5:FF:54
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/1b6xxI2SJnIalyKosXD7kKq1_1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.170.0/23
185.73.128.0/22
185.137.215.0/24
IPv6:
2a03:a5a0:1::/48
Signature Algorithm: sha256WithRSAEncryption
88:89:d4:6e:de:64:78:d6:b6:7d:3e:c4:31:bd:79:d7:3e:7c:
4f:79:8b:4d:ef:6a:5b:e5:99:69:13:aa:d1:62:e0:21:b9:b4:
78:aa:aa:87:d4:a4:11:58:16:bc:75:b7:8a:51:00:ba:a1:69:
3d:e5:3c:c3:bc:4c:fe:90:ed:d5:6b:ae:50:b4:fc:18:9a:47:
cd:ba:cd:27:c4:6b:1a:02:e6:5c:f1:d1:0b:15:f0:ce:38:d4:
ee:63:ea:38:5f:71:45:51:03:e4:94:9a:de:ef:e7:dd:3e:92:
36:17:05:a4:f3:2f:a1:36:b5:2c:91:ce:96:57:07:5c:af:99:
b4:c7:97:9d:c1:ae:fa:04:c4:2b:0b:7d:72:06:be:21:00:6d:
31:ab:59:e0:59:5d:48:a0:4e:4b:41:22:d1:85:1e:4e:1e:ec:
74:59:d3:1e:33:51:b3:1e:98:89:67:26:de:1b:26:74:27:ce:
be:1d:78:8a:62:b6:92:06:e1:d5:28:b6:c5:c7:74:79:b2:a0:
03:0d:16:41:9f:90:8d:85:ce:33:94:0a:d0:2d:4a:9c:64:c7:
b4:9c:6d:52:70:f5:d2:1a:fd:5a:97:1f:da:c9:1f:c3:00:2c:
f1:80:fa:15:c1:2b:0b:dd:bf:bb:20:4b:a7:1d:3f:61:b5:0b:
68:6a:32:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECnYHzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWEwMmIxOTdkYmFmN2RlYjc0ZTBhMjdkOWQ0ZWNkM2ZhZTFlOGVkMB4XDTIyMDYy
OTEwNDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDViZWIxYzQ4ZDky
MjY3MjFhOTcyMmE4YjE3MGZiOTBhYWI1ZmY1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOb+zLhnDxThgRZxqrVWkiOGHJO4C1RwA6lM6BvH20v5ESyi
8/Xdv71p/aKBDX6kiicidrT/ruerCsELnX2HaDxXCjWVznR4INT1iiRLDVBtIY7T
ybgqSbxsUATlUaKdw+aAS4bpkcmxC91Ngwe+LStoT81dgmtp4dPgf50HUpoS26B9
04DIdjVazHAmpEkq8+7fD1cHu1b4P3PDzQ5yXfVVzAkW9TZpyEktVNcre8IY8Cji
OS6w+VpBdPI+/z81HhPyQEh4/z6eFA+ryGSfJdg1VUvuifYG3pRvJ3ZEIM3zaoY9
fp24khyk2rVBjgxEkddSHkYuT0uynrgcdKKci2cCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBTVvrHEjZImchqXIqixcPuQqrX/VDAfBgNVHSMEGDAWgBTuoCsZfbr33rdO
CifZ1OzT+uHo7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdxQXJHWDI2OTk2M1Rnb24yZFRzMF9yaDZPMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvOTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8x
LzFiNnh4STJTSm5JYWx5S29zWEQ3a0txMV8xUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
OTcxYjExLTI4MGUtNGNlZC1iOTljLWJiY2NhYjkxM2I1ZC8xLzdxQXJHWDI2OTk2
M1Rnb24yZFRzMF9yaDZPMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAWj3qgMEArlJgAMEALmJ1zAPBAIA
AjAJAwcAKgOloAABMA0GCSqGSIb3DQEBCwUAA4IBAQCIidRu3mR41rZ9PsQxvXnX
PnxPeYtN72pb5ZlpE6rRYuAhubR4qqqH1KQRWBa8dbeKUQC6oWk95TzDvEz+kO3V
a65QtPwYmkfNus0nxGsaAuZc8dELFfDOONTuY+o4X3FFUQPklJre7+fdPpI2FwWk
8y+hNrUskc6WVwdcr5m0x5edwa76BMQrC31yBr4hAG0xq1ngWV1IoE5LQSLRhR5O
Hux0WdMeM1GzHpiJZybeGyZ0J86+HXiKYraSBuHVKLbFx3R5sqADDRZBn5CNhc4z
lArQLUqcZMe0nG1ScPXSGv1alx/ayR/DACzxgPoVwSsL3b+7IEunHT9htQtoajJJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:08 2024 by rpki-client on console-fra.rpki-client.org