Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/I0_LuGcKkIdIt5-A9gS-yJ5QO-k.roa
File: I0_LuGcKkIdIt5-A9gS-yJ5QO-k.roa (raw, json)
Hash identifier: BK2n9wCpp2BV7+RId1rgNF8q/qgTxljQ5i3++LdllHc=
Subject key identifier: 23:4F:CB:B8:67:0A:90:87:48:B7:9F:80:F6:04:BE:C8:9E:50:3B:E9
Certificate issuer: /CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Certificate serial: 188426B2
Authority key identifier: 46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/I0_LuGcKkIdIt5-A9gS-yJ5QO-k.roa
Signing time: Sat 01 Jan 2022 10:04:34 +0000
ROA not before: Sat 01 Jan 2022 10:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49349
IP address blocks: 185.61.139.0/24 maxlen: 24
185.61.137.0/24 maxlen: 24
185.61.136.0/24 maxlen: 24
185.61.138.0/24 maxlen: 24
2a02:7a60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 411313842 (0x188426b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46c98b2e4a3e060def45abc62c0e345faa80b5ec
Validity
Not Before: Jan 1 10:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=234fcbb8670a908748b79f80f604bec89e503be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:64:f5:83:fb:d5:00:fb:2b:52:83:eb:92:53:
61:0a:15:0a:5d:8b:eb:55:37:49:8b:a1:2e:75:13:
dc:58:0d:93:90:d5:79:62:16:ee:26:47:53:f5:a9:
64:4c:cb:47:c1:8c:82:73:08:dc:cc:a1:21:58:2f:
41:05:01:3a:26:e9:e6:2a:06:c7:fa:18:89:e9:a1:
ca:69:84:79:a8:e7:24:59:76:25:79:eb:f7:61:89:
61:34:23:8c:5f:cc:2c:7e:db:f7:fe:20:ed:da:f5:
6d:0e:3a:e5:9e:e1:c1:0b:24:d1:9e:2f:ff:40:92:
cc:f1:b1:15:70:58:6b:99:86:2d:d3:89:d3:a6:6f:
59:24:52:3e:ed:d2:45:44:97:6f:ba:47:c7:a8:b7:
81:ab:d6:a5:8f:2a:43:ce:06:e9:f0:7c:16:5a:29:
6e:ef:e8:56:a2:dc:c5:0e:72:89:df:e7:c1:6a:11:
a0:98:54:72:02:00:d3:7e:3f:a6:55:8d:5e:e3:63:
0d:d6:9d:33:a4:13:01:8d:30:5a:54:a9:a9:a9:6b:
95:bf:b6:8a:65:10:c4:70:56:d3:28:9e:b5:48:94:
db:ca:26:8b:65:5c:97:b7:34:b9:70:cf:b3:86:eb:
4f:50:5b:8f:81:0c:cc:cc:fe:59:e8:15:b4:ca:be:
bb:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4F:CB:B8:67:0A:90:87:48:B7:9F:80:F6:04:BE:C8:9E:50:3B:E9
X509v3 Authority Key Identifier:
keyid:46:C9:8B:2E:4A:3E:06:0D:EF:45:AB:C6:2C:0E:34:5F:AA:80:B5:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsmLLko-Bg3vRavGLA40X6qAtew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/I0_LuGcKkIdIt5-A9gS-yJ5QO-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/2aa8d1-cb71-4904-a591-3449522710e7/1/RsmLLko-Bg3vRavGLA40X6qAtew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.136.0/22
IPv6:
2a02:7a60::/32
Signature Algorithm: sha256WithRSAEncryption
bb:2d:36:35:5c:70:a1:d9:ce:78:80:98:65:f7:bc:a9:de:bf:
cc:96:62:49:b0:b0:f3:62:97:c9:ec:63:a3:28:4b:e3:08:9c:
11:e4:fa:9f:1b:66:5b:b1:8d:99:d8:91:03:6d:5b:e7:2d:51:
1b:00:05:b3:04:62:d5:5f:3b:46:ff:0b:a2:89:34:e4:09:9c:
95:aa:36:1b:34:07:ca:e2:2f:a1:3d:b0:f0:b6:49:48:12:ba:
ce:b4:8e:cc:3a:be:a7:a2:16:a0:cd:2d:93:b7:fd:ba:0a:29:
90:81:57:61:a3:65:2a:4e:63:09:64:6b:fd:2e:8d:a5:9d:73:
9e:cb:8a:22:1a:6e:93:d2:e7:08:6e:40:f2:82:0d:33:46:fd:
04:f3:3d:a8:e1:c0:f5:fc:2e:21:ba:2f:4b:7e:a1:5b:41:0f:
06:04:27:a9:11:ca:b7:00:5d:4c:2d:6f:c7:28:19:27:c9:82:
86:f9:37:d8:0c:25:ac:96:f4:ee:9b:69:ae:3b:ef:db:e8:d4:
ef:87:87:00:87:5b:7e:9a:33:7b:03:ac:5f:e5:58:f9:2f:c9:
7c:33:de:43:8b:dc:28:bd:6d:c6:f3:d8:75:0b:eb:e7:64:1e:
e8:8d:f3:d8:26:44:94:2d:25:e5:99:62:5a:be:1e:cf:3b:07:
5c:02:33:3f
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGIQmsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NmM5OGIyZTRhM2UwNjBkZWY0NWFiYzYyYzBlMzQ1ZmFhODBiNWVjMB4XDTIyMDEw
MTEwMDQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM0ZmNiYjg2NzBh
OTA4NzQ4Yjc5ZjgwZjYwNGJlYzg5ZTUwM2JlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOpk9YP71QD7K1KD65JTYQoVCl2L61U3SYuhLnUT3FgNk5DV
eWIW7iZHU/WpZEzLR8GMgnMI3MyhIVgvQQUBOibp5ioGx/oYiemhymmEeajnJFl2
JXnr92GJYTQjjF/MLH7b9/4g7dr1bQ465Z7hwQsk0Z4v/0CSzPGxFXBYa5mGLdOJ
06ZvWSRSPu3SRUSXb7pHx6i3gavWpY8qQ84G6fB8Flopbu/oVqLcxQ5yid/nwWoR
oJhUcgIA034/plWNXuNjDdadM6QTAY0wWlSpqalrlb+2imUQxHBW0yietUiU28om
i2Vcl7c0uXDPs4brT1Bbj4EMzMz+WegVtMq+u8ECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQjT8u4ZwqQh0i3n4D2BL7InlA76TAfBgNVHSMEGDAWgBRGyYsuSj4GDe9F
q8YsDjRfqoC17DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JzbUxMa28tQmczdlJhdkdMQTQwWDZxQXRldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMmFhOGQxLWNiNzEtNDkwNC1hNTkxLTM0NDk1MjI3MTBlNy8x
L0kwX0x1R2NLa0lkSXQ1LUE5Z1MteUo1UU8tay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MmFhOGQxLWNiNzEtNDkwNC1hNTkxLTM0NDk1MjI3MTBlNy8xL1JzbUxMa28tQmcz
dlJhdkdMQTQwWDZxQXRldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk9iDANBAIAAjAHAwUAKgJ6YDAN
BgkqhkiG9w0BAQsFAAOCAQEAuy02NVxwodnOeICYZfe8qd6/zJZiSbCw82KXyexj
oyhL4wicEeT6nxtmW7GNmdiRA21b5y1RGwAFswRi1V87Rv8Look05Amclao2GzQH
yuIvoT2w8LZJSBK6zrSOzDq+p6IWoM0tk7f9ugopkIFXYaNlKk5jCWRr/S6NpZ1z
nsuKIhpuk9LnCG5A8oINM0b9BPM9qOHA9fwuIbovS36hW0EPBgQnqRHKtwBdTC1v
xygZJ8mChvk32AwlrJb07ptprjvv2+jU74eHAIdbfpozewOsX+VY+S/JfDPeQ4vc
KL1txvPYdQvr52Qe6I3z2CZElC0l5ZliWr4ezzsHXAIzPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:32 2024 by rpki-client on console-fra.rpki-client.org