Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/aXtgPooaQQF-hqWvgAVKfO2IXis.roa
File: aXtgPooaQQF-hqWvgAVKfO2IXis.roa (raw, json)
Hash identifier: irbTRRt1CUstjzTNTcByBflsSWixI6yO1bjrbt7CMgI=
Subject key identifier: 69:7B:60:3E:8A:1A:41:01:7E:86:A5:AF:80:05:4A:7C:ED:88:5E:2B
Certificate issuer: /CN=217b491dccb5632216d80b48f8d6286b1effd8d7
Certificate serial: 0360977D
Authority key identifier: 21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/aXtgPooaQQF-hqWvgAVKfO2IXis.roa
Signing time: Tue 19 Apr 2022 05:18:49 +0000
ROA not before: Tue 19 Apr 2022 05:18:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59625
IP address blocks: 185.84.69.0/24 maxlen: 24
185.240.16.0/24 maxlen: 24
185.84.68.0/24 maxlen: 24
185.84.70.0/24 maxlen: 24
185.84.71.0/24 maxlen: 24
185.240.17.0/24 maxlen: 24
185.240.18.0/24 maxlen: 24
185.240.19.0/24 maxlen: 24
185.244.177.0/24 maxlen: 24
185.244.176.0/24 maxlen: 24
2a03:7020:1::/48 maxlen: 48
2a03:7020:800::/40 maxlen: 40
2a03:7020::/48 maxlen: 48
2a03:7020:10::/48 maxlen: 48
2a03:7020:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56661885 (0x360977d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=217b491dccb5632216d80b48f8d6286b1effd8d7
Validity
Not Before: Apr 19 05:18:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=697b603e8a1a41017e86a5af80054a7ced885e2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:99:72:63:f4:a3:ec:41:b2:8c:e2:6a:4b:95:
58:56:97:2a:c6:5c:73:8e:49:5e:ac:45:a4:e2:ef:
49:a5:f9:24:86:f1:2f:b5:92:b5:a2:d5:7e:86:f7:
65:dc:dc:5e:a4:3c:9e:64:b2:6c:08:17:f2:92:9d:
76:2a:4b:c9:7b:1b:a4:56:41:ae:a3:19:29:e2:f0:
c6:26:32:af:fb:83:f5:d8:c7:c0:30:a5:93:10:bf:
7b:88:83:d3:df:b3:e1:6f:17:13:bb:73:de:06:26:
dd:b2:9b:43:a4:a2:4f:f5:8a:46:b1:c6:48:66:e3:
dc:9a:bd:6a:ac:70:37:f6:64:38:9c:47:62:fd:e1:
7b:5f:16:0e:37:be:d1:c6:f1:44:8a:d4:51:32:01:
f3:27:46:98:bf:0d:86:7e:43:c0:16:a7:9e:fd:9b:
33:6d:ad:f6:1b:f0:2a:25:7c:d9:73:a8:d8:ee:c6:
75:39:2f:24:39:65:20:38:34:27:42:53:94:fb:cb:
57:1a:1c:0b:f0:a7:2a:0b:37:e4:1d:11:8e:e8:65:
c9:f2:7a:9a:74:4a:26:b5:49:0b:5e:94:e3:8e:04:
83:fb:ac:ae:bf:44:d1:d0:cb:ea:1d:77:f6:b2:82:
b8:ce:53:f8:7f:0e:38:be:fc:b7:6d:7a:f9:8e:b1:
c2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:7B:60:3E:8A:1A:41:01:7E:86:A5:AF:80:05:4A:7C:ED:88:5E:2B
X509v3 Authority Key Identifier:
keyid:21:7B:49:1D:CC:B5:63:22:16:D8:0B:48:F8:D6:28:6B:1E:FF:D8:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IXtJHcy1YyIW2AtI-NYoax7_2Nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/aXtgPooaQQF-hqWvgAVKfO2IXis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/e9f29c-9231-450d-adb0-6de05a316239/1/IXtJHcy1YyIW2AtI-NYoax7_2Nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.68.0/22
185.240.16.0/22
185.244.176.0/23
IPv6:
2a03:7020::/47
2a03:7020:8::/48
2a03:7020:10::/48
2a03:7020:800::/40
Signature Algorithm: sha256WithRSAEncryption
cf:1a:a7:8e:68:7a:87:a4:c3:5a:8b:56:eb:55:0e:2d:6c:12:
4e:67:aa:14:d2:64:37:7e:d3:90:31:48:6f:01:97:4d:24:5e:
72:65:fd:bd:b1:96:55:fc:c3:83:c0:cc:8d:2d:43:5f:bd:b8:
b7:08:2e:2b:0e:94:09:17:62:37:60:3d:cd:0d:fa:f8:78:7d:
7b:bf:06:8a:54:af:9b:96:bd:c8:d8:46:f4:69:46:8a:28:03:
34:7c:f8:a6:18:78:ea:fd:ae:bc:e7:a0:cd:75:85:bf:b7:58:
25:01:dc:7b:7e:5c:d0:43:3c:54:d2:fd:23:53:10:27:9c:ca:
bc:c6:b8:2f:2a:c5:bf:a7:43:b6:8e:9b:3e:c2:f6:be:22:fe:
ba:69:d9:f4:73:5e:b4:b7:3f:36:d0:57:19:a1:71:b6:55:69:
fc:e1:de:7f:b2:10:cb:a6:8c:00:c2:ac:6f:5d:20:21:f8:71:
c6:c0:1c:f7:89:f9:dd:b0:80:1e:69:0d:d8:24:6c:24:b0:f2:
7c:97:50:0a:9e:85:b1:05:0b:14:17:1d:b9:94:e7:c2:a6:8a:
44:7d:35:0b:97:43:2a:73:ab:a0:3b:10:a4:a5:46:a9:d6:a2:
8a:77:cf:88:63:22:99:63:b1:16:83:3e:eb:e6:11:e1:27:71:
18:df:01:64
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIEA2CXfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTdiNDkxZGNjYjU2MzIyMTZkODBiNDhmOGQ2Mjg2YjFlZmZkOGQ3MB4XDTIyMDQx
OTA1MTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjk3YjYwM2U4YTFh
NDEwMTdlODZhNWFmODAwNTRhN2NlZDg4NWUyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKuZcmP0o+xBsoziakuVWFaXKsZcc45JXqxFpOLvSaX5JIbx
L7WStaLVfob3ZdzcXqQ8nmSybAgX8pKddipLyXsbpFZBrqMZKeLwxiYyr/uD9djH
wDClkxC/e4iD09+z4W8XE7tz3gYm3bKbQ6SiT/WKRrHGSGbj3Jq9aqxwN/ZkOJxH
Yv3he18WDje+0cbxRIrUUTIB8ydGmL8Nhn5DwBannv2bM22t9hvwKiV82XOo2O7G
dTkvJDllIDg0J0JTlPvLVxocC/CnKgs35B0RjuhlyfJ6mnRKJrVJC16U444Eg/us
rr9E0dDL6h139rKCuM5T+H8OOL78t216+Y6xwj0CAwEAAaOCAkAwggI8MB0GA1Ud
DgQWBBRpe2A+ihpBAX6Gpa+ABUp87YheKzAfBgNVHSMEGDAWgBQhe0kdzLVjIhbY
C0j41ihrHv/Y1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lYdEpIY3kxWXlJVzJBdEktTllvYXg3XzJOYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvZTlmMjljLTkyMzEtNDUwZC1hZGIwLTZkZTA1YTMxNjIzOS8x
L2FYdGdQb29hUVFGLWhxV3ZnQVZLZk8ySVhpcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
ZTlmMjljLTkyMzEtNDUwZC1hZGIwLTZkZTA1YTMxNjIzOS8xL0lYdEpIY3kxWXlJ
VzJBdEktTllvYXg3XzJOYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBW
BggrBgEFBQcBBwEB/wRHMEUwGAQCAAEwEgMEArlURAMEArnwEAMEAbn0sDApBAIA
AjAjAwcBKgNwIAAAAwcAKgNwIAAIAwcAKgNwIAAQAwYAKgNwIAgwDQYJKoZIhvcN
AQELBQADggEBAM8ap45oeoekw1qLVutVDi1sEk5nqhTSZDd+05AxSG8Bl00kXnJl
/b2xllX8w4PAzI0tQ1+9uLcILisOlAkXYjdgPc0N+vh4fXu/BopUr5uWvcjYRvRp
RoooAzR8+KYYeOr9rrznoM11hb+3WCUB3Ht+XNBDPFTS/SNTECecyrzGuC8qxb+n
Q7aOmz7C9r4i/rpp2fRzXrS3PzbQVxmhcbZVafzh3n+yEMumjADCrG9dICH4ccbA
HPeJ+d2wgB5pDdgkbCSw8nyXUAqehbEFCxQXHbmU58KmikR9NQuXQypzq6A7EKSl
RqnWoop3z4hjIpljsRaDPuvmEeEncRjfAWQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:48 2024 by rpki-client on console-fra.rpki-client.org