Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/LtYGRe3jgSAQQrA0djnpa6FIpU8.roa
File: LtYGRe3jgSAQQrA0djnpa6FIpU8.roa (raw, json)
Hash identifier: TQrQskAjE05hpHMMdpOns5Nk075SnbMhOUpmhEvpWoY=
Subject key identifier: 2E:D6:06:45:ED:E3:81:20:10:42:B0:34:76:39:E9:6B:A1:48:A5:4F
Certificate issuer: /CN=c1ee603b78ad72ba7855682ca2b806ac0e7e98fd
Certificate serial: 3632CBE0
Authority key identifier: C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/LtYGRe3jgSAQQrA0djnpa6FIpU8.roa
Signing time: Sat 01 Jan 2022 14:01:41 +0000
ROA not before: Sat 01 Jan 2022 14:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1126
IP address blocks: 185.33.68.0/22 maxlen: 24
37.60.192.0/21 maxlen: 24
85.90.64.0/19 maxlen: 24
2001:4d60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 909298656 (0x3632cbe0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1ee603b78ad72ba7855682ca2b806ac0e7e98fd
Validity
Not Before: Jan 1 14:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ed60645ede381201042b0347639e96ba148a54f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:66:b7:5a:72:76:02:95:14:74:16:d8:41:90:
64:0e:4d:72:69:28:31:1c:7e:b8:25:25:3b:ce:9b:
87:b2:27:13:a9:5b:0d:63:33:99:73:63:fc:dd:b3:
65:bb:d4:57:92:28:85:b5:fd:7a:57:35:fa:9d:b7:
c0:ca:b6:2a:03:d2:6b:fa:99:f2:45:fa:9b:88:d1:
d5:f7:92:6d:48:5b:7d:18:90:68:dc:ee:8a:a7:62:
dd:89:cb:b5:b3:5d:84:96:4b:88:8b:d8:d1:26:06:
55:c8:af:9c:22:d5:fb:41:4c:1b:87:d8:5e:8a:aa:
14:38:40:82:83:3c:c7:92:c6:e1:ec:93:66:b3:f0:
aa:3d:8e:67:8f:9d:cf:bf:5d:99:a0:4e:db:5e:93:
fa:69:9d:5b:07:ec:87:4c:a4:84:8f:3e:4c:0d:99:
51:23:07:e1:d8:16:69:c7:61:33:d3:a9:36:0b:00:
b1:ce:a2:3e:0c:2a:74:c8:f3:36:aa:24:9d:eb:d4:
3d:51:10:de:a0:77:37:1a:d1:7c:d8:a8:fd:f1:57:
d4:b9:e2:e0:c2:56:8a:ed:48:f8:90:94:5f:16:ae:
c2:2e:b3:53:a3:88:b4:8c:79:5b:08:8d:ee:7f:7e:
5e:27:8d:b9:7e:35:d5:e6:75:98:24:e8:1b:eb:32:
db:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D6:06:45:ED:E3:81:20:10:42:B0:34:76:39:E9:6B:A1:48:A5:4F
X509v3 Authority Key Identifier:
keyid:C1:EE:60:3B:78:AD:72:BA:78:55:68:2C:A2:B8:06:AC:0E:7E:98:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/we5gO3itcrp4VWgsorgGrA5-mP0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/LtYGRe3jgSAQQrA0djnpa6FIpU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/9b6d9b-8541-44bc-961a-cee5be87a46b/1/we5gO3itcrp4VWgsorgGrA5-mP0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.192.0/21
85.90.64.0/19
185.33.68.0/22
IPv6:
2001:4d60::/32
Signature Algorithm: sha256WithRSAEncryption
2d:bf:05:a2:b0:2e:e1:e5:17:41:12:75:68:fa:26:b1:a9:ef:
27:21:96:ce:d3:5a:80:02:a7:a7:94:ce:b6:85:14:22:93:cb:
a6:c7:fd:ff:13:bd:3f:0d:af:b7:19:17:57:60:5e:12:cf:f7:
b4:58:91:73:eb:18:9b:15:66:84:2b:0c:fc:26:14:ab:60:7f:
d3:60:c3:61:6b:9c:2a:ab:1a:c2:ab:c8:a6:9f:dc:51:66:35:
67:e1:17:7b:6d:cb:36:d9:8e:eb:fc:41:55:df:c6:d5:b8:17:
4a:59:00:f8:ac:c9:a3:31:d3:08:a5:ca:0c:37:aa:2e:1b:1e:
b4:81:b8:ab:87:e4:b4:e8:a7:11:97:73:36:e8:57:c6:df:01:
bd:14:1e:d9:c6:01:75:6b:76:b8:67:d6:d8:f0:34:e7:24:b9:
e2:ff:da:ca:02:37:1e:53:ab:77:21:81:f4:a7:f1:f0:e9:25:
e1:f5:bb:c3:db:59:a3:35:f3:3b:71:75:92:29:b8:f3:23:dd:
af:ce:9f:4c:6b:49:bf:dd:e4:43:62:80:71:8c:4d:96:56:5d:
eb:c6:d5:c1:59:f1:01:32:b0:5a:18:79:21:c2:cd:96:12:aa:
ca:43:8b:5b:ca:12:d7:9b:f8:de:a6:69:fb:7b:1c:3d:68:4f:
d9:97:c9:bc
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIENjLL4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWVlNjAzYjc4YWQ3MmJhNzg1NTY4MmNhMmI4MDZhYzBlN2U5OGZkMB4XDTIyMDEw
MTE0MDE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVkNjA2NDVlZGUz
ODEyMDEwNDJiMDM0NzYzOWU5NmJhMTQ4YTU0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK9mt1pydgKVFHQW2EGQZA5NcmkoMRx+uCUlO86bh7InE6lb
DWMzmXNj/N2zZbvUV5IohbX9elc1+p23wMq2KgPSa/qZ8kX6m4jR1feSbUhbfRiQ
aNzuiqdi3YnLtbNdhJZLiIvY0SYGVcivnCLV+0FMG4fYXoqqFDhAgoM8x5LG4eyT
ZrPwqj2OZ4+dz79dmaBO216T+mmdWwfsh0ykhI8+TA2ZUSMH4dgWacdhM9OpNgsA
sc6iPgwqdMjzNqoknevUPVEQ3qB3NxrRfNio/fFX1Lni4MJWiu1I+JCUXxauwi6z
U6OItIx5WwiN7n9+XieNuX411eZ1mCToG+sy2/UCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQu1gZF7eOBIBBCsDR2OelroUilTzAfBgNVHSMEGDAWgBTB7mA7eK1yunhV
aCyiuAasDn6Y/TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dlNWdPM2l0Y3JwNFZXZ3NvcmdHckE1LW1QMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvOWI2ZDliLTg1NDEtNDRiYy05NjFhLWNlZTViZTg3YTQ2Yi8x
L0x0WUdSZTNqZ1NBUVFyQTBkam5wYTZGSXBVOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
OWI2ZDliLTg1NDEtNDRiYy05NjFhLWNlZTViZTg3YTQ2Yi8xL3dlNWdPM2l0Y3Jw
NFZXZ3NvcmdHckE1LW1QMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAyU8wAMEBVVaQAMEArkhRDANBAIA
AjAHAwUAIAFNYDANBgkqhkiG9w0BAQsFAAOCAQEALb8ForAu4eUXQRJ1aPomsanv
JyGWztNagAKnp5TOtoUUIpPLpsf9/xO9Pw2vtxkXV2BeEs/3tFiRc+sYmxVmhCsM
/CYUq2B/02DDYWucKqsawqvIpp/cUWY1Z+EXe23LNtmO6/xBVd/G1bgXSlkA+KzJ
ozHTCKXKDDeqLhsetIG4q4fktOinEZdzNuhXxt8BvRQe2cYBdWt2uGfW2PA05yS5
4v/aygI3HlOrdyGB9Kfx8Okl4fW7w9tZozXzO3F1kim48yPdr86fTGtJv93kQ2KA
cYxNllZd68bVwVnxATKwWhh5IcLNlhKqykOLW8oS15v43qZp+3scPWhP2ZfJvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:02 2024 by rpki-client on console-ams.rpki-client.org