Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/tKAONWNkal7q0KEzHuI4FvZvkcM.roa
File: tKAONWNkal7q0KEzHuI4FvZvkcM.roa (raw, json)
Hash identifier: F53o2aUxcscENapsz2oZObjGDNBGU49VEQgJ5nlG1ek=
Subject key identifier: B4:A0:0E:35:63:64:6A:5E:EA:D0:A1:33:1E:E2:38:16:F6:6F:91:C3
Certificate issuer: /CN=8c77013e488a09c709b632246d9405da458c5538
Certificate serial: 11F646D3
Authority key identifier: 8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/tKAONWNkal7q0KEzHuI4FvZvkcM.roa
Signing time: Sat 01 Jan 2022 15:04:50 +0000
ROA not before: Sat 01 Jan 2022 15:04:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57738
IP address blocks: 185.17.12.0/22 maxlen: 24
185.129.172.0/22 maxlen: 24
185.128.244.0/22 maxlen: 24
2a06:d180::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 301352659 (0x11f646d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c77013e488a09c709b632246d9405da458c5538
Validity
Not Before: Jan 1 15:04:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4a00e3563646a5eead0a1331ee23816f66f91c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:79:25:f0:0a:a1:de:51:69:cc:21:eb:e5:07:
b2:85:ac:0d:53:fa:4c:47:bd:9d:52:90:4a:59:7f:
7e:4c:0a:75:c6:5e:ae:76:10:be:e8:ca:b9:d8:53:
c0:02:da:7b:d0:1d:2d:c8:68:cf:7b:13:42:69:63:
6d:51:59:b2:eb:bc:b7:35:c5:59:c8:48:d0:5e:1e:
9b:07:c2:88:16:26:8c:ad:af:de:fd:31:e8:5f:f9:
b5:7d:1e:2c:ee:0f:79:9b:2a:37:79:fa:7f:af:c5:
f4:10:8e:b5:4a:3a:3e:d8:3d:89:24:dc:58:1c:b4:
f2:74:32:b3:a0:c8:6f:49:89:32:e1:a3:c4:39:61:
34:e7:d6:37:6b:45:61:d7:d5:4d:5d:b0:a5:91:dd:
ea:c1:81:a8:84:25:b0:74:dd:9d:a7:75:50:51:39:
ef:ad:a8:c8:41:8c:f9:e2:b0:bc:84:cd:4d:f3:c3:
94:e6:aa:b3:09:db:d7:a9:ef:9f:01:43:73:58:a5:
3e:00:f1:8c:e5:6d:70:a4:92:a9:17:50:15:40:e9:
7a:01:7e:00:89:10:36:58:62:6e:42:f5:d1:ab:73:
96:69:72:bf:ca:7a:f8:ec:b1:e1:2f:73:e8:c2:cb:
04:1f:c7:22:96:60:75:01:b1:85:d3:58:e6:c4:5d:
e0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A0:0E:35:63:64:6A:5E:EA:D0:A1:33:1E:E2:38:16:F6:6F:91:C3
X509v3 Authority Key Identifier:
keyid:8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/tKAONWNkal7q0KEzHuI4FvZvkcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.12.0/22
185.128.244.0/22
185.129.172.0/22
IPv6:
2a06:d180::/29
Signature Algorithm: sha256WithRSAEncryption
a0:1e:c7:06:ee:c0:27:1f:ac:06:09:87:65:51:15:62:9d:8b:
10:d5:30:28:87:d2:ca:e5:de:15:46:d3:01:08:bc:73:b0:4f:
80:df:b5:63:8b:ab:73:27:12:c6:ae:b2:a0:da:d2:cd:52:17:
ee:6e:b9:c5:24:a0:2f:06:6c:1a:bb:14:98:cc:67:da:9e:ec:
c3:2f:4a:99:41:63:3e:bb:b4:77:40:e4:28:82:96:9e:08:bf:
a9:da:45:44:81:9a:67:45:5d:45:bd:a3:be:1f:bc:9a:21:52:
d2:99:00:34:b0:00:7e:a0:8c:5d:3f:d1:16:8b:3a:c7:a7:ad:
e3:5c:04:ca:f6:56:e5:20:ba:3b:22:7c:f7:b4:05:7f:74:e0:
a5:16:30:12:d7:6b:a7:50:16:66:0c:2b:7f:f9:cd:dd:3f:96:
32:54:59:a9:14:af:2f:e8:91:db:29:76:4a:b5:cb:ea:b1:f1:
bb:33:89:84:37:0d:4c:25:0a:eb:ef:0a:3f:67:4e:52:97:bf:
0c:16:31:74:1c:10:64:ce:98:12:26:ab:5d:3a:b8:a4:9d:1a:
01:0e:74:76:6d:ae:56:d6:93:82:f4:ef:40:49:13:0a:b4:e8:
9c:de:c3:11:37:f0:5d:4d:9e:c1:3a:05:58:ac:3f:44:fe:ae:
5f:de:d4:d4
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEEfZG0zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Yzc3MDEzZTQ4OGEwOWM3MDliNjMyMjQ2ZDk0MDVkYTQ1OGM1NTM4MB4XDTIyMDEw
MTE1MDQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRhMDBlMzU2MzY0
NmE1ZWVhZDBhMTMzMWVlMjM4MTZmNjZmOTFjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMl5JfAKod5Racwh6+UHsoWsDVP6TEe9nVKQSll/fkwKdcZe
rnYQvujKudhTwALae9AdLchoz3sTQmljbVFZsuu8tzXFWchI0F4emwfCiBYmjK2v
3v0x6F/5tX0eLO4PeZsqN3n6f6/F9BCOtUo6Ptg9iSTcWBy08nQys6DIb0mJMuGj
xDlhNOfWN2tFYdfVTV2wpZHd6sGBqIQlsHTdnad1UFE5762oyEGM+eKwvITNTfPD
lOaqswnb16nvnwFDc1ilPgDxjOVtcKSSqRdQFUDpegF+AIkQNlhibkL10atzlmly
v8p6+Oyx4S9z6MLLBB/HIpZgdQGxhdNY5sRd4IcCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBS0oA41Y2RqXurQoTMe4jgW9m+RwzAfBgNVHSMEGDAWgBSMdwE+SIoJxwm2
MiRtlAXaRYxVODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pIY0JQa2lLQ2NjSnRqSWtiWlFGMmtXTVZUZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvMTY4NTA5LTJjZjMtNDgzZC1iY2Q4LTAyMTI5NTMzYTMzZC8x
L3RLQU9OV05rYWw3cTBLRXpIdUk0RnZadmtjTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
MTY4NTA5LTJjZjMtNDgzZC1iY2Q4LTAyMTI5NTMzYTMzZC8xL2pIY0JQa2lLQ2Nj
SnRqSWtiWlFGMmtXTVZUZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArkRDAMEArmA9AMEArmBrDANBAIA
AjAHAwUDKgbRgDANBgkqhkiG9w0BAQsFAAOCAQEAoB7HBu7AJx+sBgmHZVEVYp2L
ENUwKIfSyuXeFUbTAQi8c7BPgN+1Y4urcycSxq6yoNrSzVIX7m65xSSgLwZsGrsU
mMxn2p7swy9KmUFjPru0d0DkKIKWngi/qdpFRIGaZ0VdRb2jvh+8miFS0pkANLAA
fqCMXT/RFos6x6et41wEyvZW5SC6OyJ897QFf3TgpRYwEtdrp1AWZgwrf/nN3T+W
MlRZqRSvL+iR2yl2SrXL6rHxuzOJhDcNTCUK6+8KP2dOUpe/DBYxdBwQZM6YEiar
XTq4pJ0aAQ50dm2uVtaTgvTvQEkTCrTonN7DETfwXU2ewToFWKw/RP6uX97U1A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:59 2024 by rpki-client on console-ams.rpki-client.org