Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/sPkNTWUlO8CIL3L6ngK_q6hUJOM.roa
File: sPkNTWUlO8CIL3L6ngK_q6hUJOM.roa (raw, json)
Hash identifier: qM2v5WDChci3Yq05ntO6ghT5INhvzwKPJQySz/Y6EfM=
Subject key identifier: B0:F9:0D:4D:65:25:3B:C0:88:2F:72:FA:9E:02:BF:AB:A8:54:24:E3
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 018480CDD63201A6A4AF3693F4D06DE0EA83
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/sPkNTWUlO8CIL3L6ngK_q6hUJOM.roa
Signing time: Wed 16 Nov 2022 14:18:04 +0000
ROA not before: Wed 16 Nov 2022 14:18:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201387
IP address blocks: 185.89.240.0/22 maxlen: 22
84.47.146.0/24 maxlen: 24
84.47.167.0/24 maxlen: 24
84.47.166.0/23 maxlen: 24
85.91.124.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:cd:d6:32:01:a6:a4:af:36:93:f4:d0:6d:e0:ea:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Nov 16 14:18:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0f90d4d65253bc0882f72fa9e02bfaba85424e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:9f:fc:c4:b9:24:1d:2e:aa:83:16:ee:61:63:
08:8b:45:92:47:cc:f0:9d:94:dc:78:cc:0d:fe:66:
94:66:b7:8b:a5:dc:5e:5f:60:fc:bf:e2:0e:e4:8b:
d9:90:a3:df:3b:38:e4:5e:b2:3d:70:d5:e9:49:8f:
ad:ab:a9:24:4f:6b:c3:4a:0e:5e:49:50:2e:47:0f:
1d:9d:b2:af:19:5a:f7:e2:b9:ba:a0:25:06:06:2a:
4f:e2:6c:05:bf:5b:7f:17:a0:82:9f:89:94:5d:3c:
cf:f2:42:eb:48:56:04:0b:98:6c:70:d0:0d:2f:aa:
a7:f5:ff:a3:90:e1:3a:f9:e7:76:2c:e9:30:bf:c7:
e0:03:10:f7:fa:78:cf:d6:27:d5:e3:36:6f:30:37:
40:34:31:0f:82:65:30:d5:37:4d:a1:4c:4e:d2:b2:
0c:1f:2b:0d:f2:fb:f9:82:31:55:69:cd:02:bf:db:
87:3c:ad:92:30:bd:1f:b3:16:10:3f:89:41:14:a2:
84:38:4f:4e:0f:65:b3:1f:eb:a3:56:d6:87:37:c7:
f6:36:5a:76:02:c7:02:2f:4c:4d:51:dc:9a:a1:ac:
5a:e7:e3:69:c3:07:b5:6e:27:42:dc:84:9e:95:29:
41:0d:7f:29:c5:29:e3:4c:20:54:db:ec:fe:b9:c6:
00:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:F9:0D:4D:65:25:3B:C0:88:2F:72:FA:9E:02:BF:AB:A8:54:24:E3
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/sPkNTWUlO8CIL3L6ngK_q6hUJOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.146.0/24
84.47.166.0/23
85.91.124.0/22
185.89.240.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:5c:99:1d:08:e7:bb:e2:b1:f5:d1:7e:56:05:8f:d8:d8:6b:
79:33:53:9e:bb:64:d7:c8:e5:51:b7:e1:90:64:a9:29:d1:61:
1b:36:e8:93:f1:9f:22:f3:26:b1:1d:72:2d:ef:34:e6:11:54:
54:f2:5f:43:89:91:e2:df:49:55:79:fc:a8:b2:f8:50:6f:f8:
5c:e9:49:0b:be:de:e0:b9:8f:5c:0d:41:ca:63:02:c7:d7:e6:
24:cf:81:ea:e5:78:75:f1:e7:b8:38:e5:ea:88:28:bc:48:e6:
8d:d5:9d:eb:2d:b7:38:c5:a5:09:67:5b:57:34:a6:06:48:f8:
cd:ba:25:52:c5:c0:b8:8d:ea:98:ae:98:41:d7:8e:b3:84:5b:
54:00:8d:95:ef:55:7e:64:4e:d6:2a:e2:a2:de:7c:3e:af:6b:
f7:32:0e:0f:b0:85:04:a4:69:09:59:93:be:bc:b6:5c:7e:c7:
27:3a:f8:5d:e0:a3:4e:2e:a5:c7:9c:97:83:9b:8e:f0:1a:ac:
93:01:57:8a:9b:c9:be:30:2a:f6:91:96:65:6c:8c:3d:2f:02:
fb:68:ee:0d:1d:c9:17:a6:e9:3e:61:a4:6e:2e:56:a5:a0:13:
df:cb:87:ea:69:38:ec:cf:69:ac:3f:ed:00:48:4d:69:8a:6f:
a0:e8:cf:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYSAzdYyAaakrzaT9NBt4OqDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjIxMTE2MTQxODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGY5MGQ0ZDY1MjUzYmMwODgyZjcyZmE5ZTAyYmZhYmE4NTQyNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlp/8xLkkHS6qgxbuYWMIi0WSR8zw
nZTceMwN/maUZreLpdxeX2D8v+IO5IvZkKPfOzjkXrI9cNXpSY+tq6kkT2vDSg5e
SVAuRw8dnbKvGVr34rm6oCUGBipP4mwFv1t/F6CCn4mUXTzP8kLrSFYEC5hscNAN
L6qn9f+jkOE6+ed2LOkwv8fgAxD3+njP1ifV4zZvMDdANDEPgmUw1TdNoUxO0rIM
HysN8vv5gjFVac0Cv9uHPK2SML0fsxYQP4lBFKKEOE9OD2WzH+ujVtaHN8f2Nlp2
AscCL0xNUdyaoaxa5+Npwwe1bidC3ISelSlBDX8pxSnjTCBU2+z+ucYA4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLD5DU1lJTvAiC9y+p4Cv6uoVCTjMB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvc1BrTlRXVWxPOENJTDNMNm5nS19xNmhVSk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVC+SAwQB
VC+mAwQCVVt8AwQCuVnwMA0GCSqGSIb3DQEBCwUAA4IBAQCuXJkdCOe74rH10X5W
BY/Y2Gt5M1Oeu2TXyOVRt+GQZKkp0WEbNuiT8Z8i8yaxHXIt7zTmEVRU8l9DiZHi
30lVefyosvhQb/hc6UkLvt7guY9cDUHKYwLH1+Ykz4Hq5Xh18ee4OOXqiCi8SOaN
1Z3rLbc4xaUJZ1tXNKYGSPjNuiVSxcC4jeqYrphB146zhFtUAI2V71V+ZE7WKuKi
3nw+r2v3Mg4PsIUEpGkJWZO+vLZcfscnOvhd4KNOLqXHnJeDm47wGqyTAVeKm8m+
MCr2kZZlbIw9LwL7aO4NHckXpuk+YaRuLlaloBPfy4fqaTjsz2msP+0ASE1pim+g
6M8V
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:21 2024 by rpki-client on console-ams.rpki-client.org