Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/68c296-69b2-4070-9ff9-4243decad360/1/usql5KDo6PqfM24FTNwWx8tMW3M.roa
File: usql5KDo6PqfM24FTNwWx8tMW3M.roa (raw, json)
Hash identifier: 396f6mPlYP0CYEQJzaL6O1VqH1TWXW1/LiGShDB5xYA=
Subject key identifier: BA:CA:A5:E4:A0:E8:E8:FA:9F:33:6E:05:4C:DC:16:C7:CB:4C:5B:73
Certificate issuer: /CN=b5faec4b8d992dd6b9cd89a8489d3c3a652aecd2
Certificate serial: 3482F8FD
Authority key identifier: B5:FA:EC:4B:8D:99:2D:D6:B9:CD:89:A8:48:9D:3C:3A:65:2A:EC:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tfrsS42ZLda5zYmoSJ08OmUq7NI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/68c296-69b2-4070-9ff9-4243decad360/1/usql5KDo6PqfM24FTNwWx8tMW3M.roa
Signing time: Sat 01 Jan 2022 14:55:19 +0000
ROA not before: Sat 01 Jan 2022 14:55:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16047
IP address blocks: 185.220.40.0/22 maxlen: 22
37.60.176.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 880998653 (0x3482f8fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5faec4b8d992dd6b9cd89a8489d3c3a652aecd2
Validity
Not Before: Jan 1 14:55:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bacaa5e4a0e8e8fa9f336e054cdc16c7cb4c5b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:13:ae:69:54:49:a9:63:70:50:b3:99:60:b5:
5c:12:94:7b:a8:f2:08:86:38:e2:21:fa:43:15:a4:
7e:2d:af:86:94:bf:ac:eb:46:b1:79:31:f7:9c:f3:
a5:92:5c:4c:de:0b:d6:bd:3c:23:20:ae:d7:b6:95:
b0:8d:ec:8d:63:e3:f6:76:12:89:45:dd:af:ac:99:
86:fe:76:8f:26:82:a2:24:9e:55:81:99:c1:0c:38:
a3:88:66:0e:50:1e:18:46:e9:bc:95:28:3f:53:b0:
9c:10:78:58:a3:bd:9e:48:fe:e6:79:4c:8f:6e:4d:
f0:61:4e:70:2b:70:92:c5:a0:4e:82:63:42:77:f8:
73:12:8a:cd:2a:56:02:29:7c:40:bf:6d:77:cc:9f:
04:46:db:ac:c5:f0:fd:e8:a2:3d:1d:f2:5e:fa:13:
5c:f7:aa:1a:d6:38:c7:4e:da:a7:7e:22:e3:17:90:
5b:15:f5:b2:15:ad:71:79:5f:c3:7a:fa:5b:65:7e:
af:71:a2:db:b3:71:d0:83:2a:db:c5:50:04:ab:1d:
6c:4f:de:41:86:5f:f8:88:da:08:a1:0f:b0:3c:78:
83:1c:3b:6e:0c:64:5f:fb:6c:e9:24:6e:91:c7:17:
58:88:31:48:06:53:26:10:20:c7:7b:3b:44:16:ef:
c9:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CA:A5:E4:A0:E8:E8:FA:9F:33:6E:05:4C:DC:16:C7:CB:4C:5B:73
X509v3 Authority Key Identifier:
keyid:B5:FA:EC:4B:8D:99:2D:D6:B9:CD:89:A8:48:9D:3C:3A:65:2A:EC:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tfrsS42ZLda5zYmoSJ08OmUq7NI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/68c296-69b2-4070-9ff9-4243decad360/1/usql5KDo6PqfM24FTNwWx8tMW3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/68c296-69b2-4070-9ff9-4243decad360/1/tfrsS42ZLda5zYmoSJ08OmUq7NI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.176.0/21
185.220.40.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:37:b3:f7:bb:49:0f:60:07:8c:aa:3a:7f:1f:9a:2c:08:ac:
f4:ab:1b:c8:08:35:f3:13:ac:0e:23:a7:da:3b:f8:1e:30:88:
11:7e:80:66:7a:7c:b8:82:e0:ce:f9:0d:19:c4:09:b5:46:f0:
d3:3f:18:ff:46:b7:f5:2f:8b:90:34:93:87:1b:63:d0:d2:38:
c3:a7:6c:be:d4:26:87:91:1e:41:03:1f:a5:03:51:51:92:30:
1a:10:d0:6d:2e:99:ae:14:05:f2:f5:ae:d8:19:32:7e:27:96:
a1:dc:eb:f1:c0:8c:1d:65:54:c8:d1:18:a0:4c:ac:f9:cb:19:
17:5e:e5:22:87:7c:61:0e:1f:93:3e:72:65:53:f4:16:6a:03:
14:8c:d9:31:96:30:2c:c1:d0:37:42:2f:ed:17:1f:99:ec:81:
28:32:f9:cd:1c:e5:f3:c5:72:f4:50:3b:1c:3c:87:d3:f1:87:
e2:5b:17:e3:bb:67:e2:35:00:8a:98:60:a5:e3:e2:e8:24:1b:
f2:63:be:a6:68:2e:24:51:e6:1b:20:e9:f5:9f:9d:dd:19:47:
10:ed:d1:3e:83:da:3a:34:3b:d4:34:15:a1:51:3d:ed:32:07:
89:72:fb:5b:b6:31:6f:45:48:4a:6f:2f:b1:d6:7b:54:f7:9c:
d0:e0:ae:b2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENIL4/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NWZhZWM0YjhkOTkyZGQ2YjljZDg5YTg0ODlkM2MzYTY1MmFlY2QyMB4XDTIyMDEw
MTE0NTUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmFjYWE1ZTRhMGU4
ZThmYTlmMzM2ZTA1NGNkYzE2YzdjYjRjNWI3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKETrmlUSaljcFCzmWC1XBKUe6jyCIY44iH6QxWkfi2vhpS/
rOtGsXkx95zzpZJcTN4L1r08IyCu17aVsI3sjWPj9nYSiUXdr6yZhv52jyaCoiSe
VYGZwQw4o4hmDlAeGEbpvJUoP1OwnBB4WKO9nkj+5nlMj25N8GFOcCtwksWgToJj
Qnf4cxKKzSpWAil8QL9td8yfBEbbrMXw/eiiPR3yXvoTXPeqGtY4x07ap34i4xeQ
WxX1shWtcXlfw3r6W2V+r3Gi27Nx0IMq28VQBKsdbE/eQYZf+IjaCKEPsDx4gxw7
bgxkX/ts6SRukccXWIgxSAZTJhAgx3s7RBbvyRUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBS6yqXkoOjo+p8zbgVM3BbHy0xbczAfBgNVHSMEGDAWgBS1+uxLjZkt1rnN
iahInTw6ZSrs0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RmcnNTNDJaTGRhNXpZbW9TSjA4T21VcTdOSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvNjhjMjk2LTY5YjItNDA3MC05ZmY5LTQyNDNkZWNhZDM2MC8x
L3VzcWw1S0RvNlBxZk0yNEZUTndXeDh0TVczTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
NjhjMjk2LTY5YjItNDA3MC05ZmY5LTQyNDNkZWNhZDM2MC8xL3RmcnNTNDJaTGRh
NXpZbW9TSjA4T21VcTdOSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyU8sAMEArncKDANBgkqhkiG9w0B
AQsFAAOCAQEAazez97tJD2AHjKo6fx+aLAis9KsbyAg18xOsDiOn2jv4HjCIEX6A
Znp8uILgzvkNGcQJtUbw0z8Y/0a39S+LkDSThxtj0NI4w6dsvtQmh5EeQQMfpQNR
UZIwGhDQbS6ZrhQF8vWu2BkyfieWodzr8cCMHWVUyNEYoEys+csZF17lIod8YQ4f
kz5yZVP0FmoDFIzZMZYwLMHQN0Iv7RcfmeyBKDL5zRzl88Vy9FA7HDyH0/GH4lsX
47tn4jUAiphgpePi6CQb8mO+pmguJFHmGyDp9Z+d3RlHEO3RPoPaOjQ71DQVoVE9
7TIHiXL7W7Yxb0VISm8vsdZ7VPec0OCusg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:42 2024 by rpki-client on console-fra.rpki-client.org