Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/D2ptg9QaIl8zbMpU8iZ2_-8WXsE.roa
File: D2ptg9QaIl8zbMpU8iZ2_-8WXsE.roa (raw, json)
Hash identifier: ojeoKI6TOuVEORMLvIeW+D2awlfmBywHa9/5P7uYVF8=
Subject key identifier: 0F:6A:6D:83:D4:1A:22:5F:33:6C:CA:54:F2:26:76:FF:EF:16:5E:C1
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 018242FF98795B66F53330B22B565B4B2478
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/D2ptg9QaIl8zbMpU8iZ2_-8WXsE.roa
Signing time: Thu 28 Jul 2022 04:10:23 +0000
ROA not before: Thu 28 Jul 2022 04:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57152
IP address blocks: 185.73.128.0/22 maxlen: 24
104.247.172.0/24 maxlen: 24
104.247.171.0/24 maxlen: 24
104.247.170.0/24 maxlen: 24
185.137.215.0/24 maxlen: 24
2a03:a5a0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:42:ff:98:79:5b:66:f5:33:30:b2:2b:56:5b:4b:24:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: Jul 28 04:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f6a6d83d41a225f336cca54f22676ffef165ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e5:08:15:46:7f:00:1a:3a:16:f4:95:19:8d:
da:1e:3e:5c:0b:06:9e:06:f6:ae:ff:5e:9d:80:46:
ae:e3:bc:db:81:1a:72:d4:88:bd:fe:ad:76:c1:c0:
85:bb:71:c7:15:d8:43:6b:96:1f:4c:27:84:44:69:
6f:90:52:0c:75:d4:33:e3:a0:d6:e5:5a:ed:6f:dc:
de:20:ef:5e:26:ac:77:89:6b:f1:96:cf:1b:5a:ee:
de:49:f6:83:85:25:1c:da:56:7e:ea:ea:d3:39:9f:
c2:46:0d:7e:ab:87:3f:99:55:a9:20:d7:55:37:ce:
84:66:7c:f2:99:45:07:0c:8b:af:09:65:e1:6c:10:
32:72:24:04:f8:b1:78:b8:8a:99:84:37:0f:b1:ca:
2d:d1:44:3b:22:ab:e2:a1:76:bb:be:a2:70:c1:36:
ca:f6:d9:9b:54:c7:5b:2e:e4:5c:b1:bb:70:18:e1:
12:fa:57:ab:a2:0a:1c:df:df:a1:6a:b7:0c:8d:f2:
c0:b2:9e:fa:aa:37:c9:0f:4a:f3:e2:f5:ae:21:04:
93:d5:52:93:1e:97:85:9a:0c:71:0b:9f:72:c3:63:
c4:07:27:f0:9e:9f:c7:92:26:db:ed:33:8d:55:6d:
74:4d:4e:86:fe:46:a4:8b:80:ab:94:0b:fc:e3:1f:
5d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:6A:6D:83:D4:1A:22:5F:33:6C:CA:54:F2:26:76:FF:EF:16:5E:C1
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/D2ptg9QaIl8zbMpU8iZ2_-8WXsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.170.0-104.247.172.255
185.73.128.0/22
185.137.215.0/24
IPv6:
2a03:a5a0:1::/48
Signature Algorithm: sha256WithRSAEncryption
a3:b0:b3:7c:d0:24:d9:5c:71:43:43:26:d0:21:73:e4:44:7e:
d5:2c:dc:2e:34:53:48:2e:59:3a:fb:5c:c4:1b:3a:55:6f:ba:
00:92:97:43:0d:8e:d9:69:71:cc:6a:42:27:30:2e:29:8d:a0:
b3:e4:05:14:52:af:6e:6d:07:6a:84:b3:b6:f3:5e:2b:59:23:
9f:9e:6a:21:f7:d2:e4:5e:86:77:b7:40:04:45:6c:2c:bc:dc:
61:54:8a:01:43:e3:7e:78:4b:a9:be:8f:4f:a8:39:25:80:b7:
9f:09:e6:0c:05:fe:d4:21:a1:db:6f:c8:5c:ec:4c:81:eb:b2:
d4:44:aa:b4:66:32:db:7e:73:af:c3:54:c2:83:9b:e6:ea:62:
46:b8:62:7f:d3:12:5d:13:6d:57:6a:f0:b3:46:e8:74:38:5b:
75:e3:a1:91:a6:33:9d:41:3a:de:7b:ab:ea:4e:df:af:8d:e2:
80:8e:35:35:94:21:eb:87:24:14:c4:41:0b:84:90:75:a8:35:
5e:3e:52:ff:b0:2d:1b:2e:48:07:46:86:2e:7d:32:0b:82:d7:
d0:20:46:da:1c:b8:0f:69:68:82:3b:c6:75:78:f5:51:15:e5:
4c:df:0d:d1:72:a0:c4:b6:78:66:e2:5f:45:80:a3:ed:1f:54:
87:ea:1e:96
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYJC/5h5W2b1MzCyK1ZbSyR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjIwNzI4MDQxMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjZhNmQ4M2Q0MWEyMjVmMzM2Y2NhNTRmMjI2NzZmZmVmMTY1ZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+UIFUZ/ABo6FvSVGY3aHj5cCwae
Bvau/16dgEau47zbgRpy1Ii9/q12wcCFu3HHFdhDa5YfTCeERGlvkFIMddQz46DW
5Vrtb9zeIO9eJqx3iWvxls8bWu7eSfaDhSUc2lZ+6urTOZ/CRg1+q4c/mVWpINdV
N86EZnzymUUHDIuvCWXhbBAyciQE+LF4uIqZhDcPscot0UQ7IqvioXa7vqJwwTbK
9tmbVMdbLuRcsbtwGOES+lerogoc39+harcMjfLAsp76qjfJD0rz4vWuIQST1VKT
HpeFmgxxC59yw2PEByfwnp/Hkibb7TONVW10TU6G/kaki4CrlAv84x9dhQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFA9qbYPUGiJfM2zKVPImdv/vFl7BMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvRDJwdGc5UWFJbDh6Yk1wVThpWjJfLThXWHNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaMAwDBAFo96oD
BABo96wDBAK5SYADBAC5idcwDwQCAAIwCQMHACoDpaAAATANBgkqhkiG9w0BAQsF
AAOCAQEAo7CzfNAk2VxxQ0Mm0CFz5ER+1SzcLjRTSC5ZOvtcxBs6VW+6AJKXQw2O
2WlxzGpCJzAuKY2gs+QFFFKvbm0HaoSztvNeK1kjn55qIffS5F6Gd7dABEVsLLzc
YVSKAUPjfnhLqb6PT6g5JYC3nwnmDAX+1CGh22/IXOxMgeuy1ESqtGYy235zr8NU
woOb5upiRrhif9MSXRNtV2rws0bodDhbdeOhkaYznUE63nur6k7fr43igI41NZQh
64ckFMRBC4SQdag1Xj5S/7AtGy5IB0aGLn0yC4LX0CBG2hy4D2logjvGdXj1URXl
TN8N0XKgxLZ4ZuJfRYCj7R9Uh+oelg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:55 2024 by rpki-client on console-ams.rpki-client.org