Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/S3mJBuJu0DWpuaS_X7tOZhUg2yU.roa
File: S3mJBuJu0DWpuaS_X7tOZhUg2yU.roa (raw, json)
Hash identifier: 4XOHn3MQTlWxCL0JBBm00eSze5JUzhqaIjZWwO/ntto=
Subject key identifier: 4B:79:89:06:E2:6E:D0:35:A9:B9:A4:BF:5F:BB:4E:66:15:20:DB:25
Certificate issuer: /CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
Certificate serial: 12CAA6DD
Authority key identifier: 22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/S3mJBuJu0DWpuaS_X7tOZhUg2yU.roa
Signing time: Sat 01 Jan 2022 14:04:28 +0000
ROA not before: Sat 01 Jan 2022 14:04:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47957
IP address blocks: 185.8.52.0/22 maxlen: 24
185.139.244.0/22 maxlen: 24
2a02:d940::/29 maxlen: 48
2a07:18c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 315270877 (0x12caa6dd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2283711bd7ab13da3d11f25bb57a4f483c1f99ac
Validity
Not Before: Jan 1 14:04:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b798906e26ed035a9b9a4bf5fbb4e661520db25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:b9:d3:77:e2:05:0a:56:ee:05:cd:f0:d5:08:
75:aa:24:4f:87:94:b6:0e:44:46:42:42:2c:f2:06:
fd:2a:dc:80:f0:bd:08:ba:49:b1:c6:cc:83:df:13:
9c:2a:33:cf:e5:64:24:60:7c:a5:db:39:5e:4c:40:
d0:95:bc:f2:b5:e4:9d:b8:00:b8:37:8f:5c:e3:98:
9f:3f:8c:d9:ac:e0:03:f0:91:d2:88:67:38:0b:1c:
e4:97:07:fb:23:90:62:2e:08:f9:69:04:3b:a5:f3:
b9:a1:c5:2a:9b:11:7f:be:22:a8:e2:b2:2c:37:4c:
1e:0b:b5:da:4a:72:00:cc:84:95:35:4d:3d:28:f8:
98:28:3d:8d:06:7f:65:5f:d0:9d:73:09:c5:d1:a9:
98:01:a6:18:50:17:27:07:af:25:a1:81:af:d6:8b:
3c:82:7e:6f:83:a4:a6:93:df:5f:26:9e:4a:4f:3f:
bb:a9:83:59:05:0f:dd:da:2b:cd:d9:56:f1:2d:d9:
63:90:3b:29:22:c0:d1:2e:b8:34:fe:36:95:b3:09:
41:a8:6a:d8:97:c9:77:82:f8:8d:23:ab:ee:de:1b:
9e:71:2b:07:d5:f9:3f:03:8f:c0:3f:cb:42:88:5e:
89:af:46:bd:36:20:c7:6f:af:a4:46:5b:68:3e:a1:
d7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:79:89:06:E2:6E:D0:35:A9:B9:A4:BF:5F:BB:4E:66:15:20:DB:25
X509v3 Authority Key Identifier:
keyid:22:83:71:1B:D7:AB:13:DA:3D:11:F2:5B:B5:7A:4F:48:3C:1F:99:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IoNxG9erE9o9EfJbtXpPSDwfmaw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/S3mJBuJu0DWpuaS_X7tOZhUg2yU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/9cbe88-3e75-42ef-b871-5ee76f0f64e2/1/IoNxG9erE9o9EfJbtXpPSDwfmaw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.52.0/22
185.139.244.0/22
IPv6:
2a02:d940::/29
2a07:18c0::/48
Signature Algorithm: sha256WithRSAEncryption
8e:ce:b3:4e:84:aa:2b:20:64:64:ba:2b:18:f0:bf:62:1c:40:
a8:61:0c:45:f2:4f:06:1f:06:2f:7f:e1:60:08:54:c1:a1:34:
d3:9c:ae:45:da:fa:ae:ee:18:13:cf:78:34:78:0a:d6:8b:58:
52:91:ec:91:4a:6f:a3:b3:28:b8:e5:0a:7c:ee:aa:d5:ab:ad:
05:d8:04:70:22:2b:27:51:63:b9:ae:da:ed:17:85:2e:47:92:
b6:e4:64:7b:b3:e3:d0:82:6f:44:85:9b:e6:41:25:64:d6:b8:
b8:34:1f:6f:5d:57:dd:f2:94:f7:a3:15:9b:7f:63:fc:cb:5e:
ee:8b:05:2e:33:1f:2e:9e:81:4e:0e:51:fa:67:61:0c:9e:f6:
72:21:cf:5f:ff:1d:a6:9c:10:57:f5:11:4f:0d:6a:3a:b2:d9:
ea:e2:09:84:80:bd:c9:c8:de:da:d4:a1:8b:00:de:bd:2e:a1:
73:17:b7:ff:1f:82:ee:ad:0a:e4:df:f6:bf:41:8c:bf:1d:a0:
4c:3b:ca:4b:f0:9c:9f:d5:d8:80:2c:76:f0:4f:f7:53:1b:f7:
97:79:44:d7:d4:93:2c:fe:45:70:3f:30:fc:04:43:9a:5d:e2:
9d:b5:a7:3e:d0:c6:8f:ce:30:b2:b4:63:17:0a:fe:80:c7:7b:
37:8a:43:2a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEEsqm3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MjgzNzExYmQ3YWIxM2RhM2QxMWYyNWJiNTdhNGY0ODNjMWY5OWFjMB4XDTIyMDEw
MTE0MDQyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI3OTg5MDZlMjZl
ZDAzNWE5YjlhNGJmNWZiYjRlNjYxNTIwZGIyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANW503fiBQpW7gXN8NUIdaokT4eUtg5ERkJCLPIG/SrcgPC9
CLpJscbMg98TnCozz+VkJGB8pds5XkxA0JW88rXknbgAuDePXOOYnz+M2azgA/CR
0ohnOAsc5JcH+yOQYi4I+WkEO6XzuaHFKpsRf74iqOKyLDdMHgu12kpyAMyElTVN
PSj4mCg9jQZ/ZV/QnXMJxdGpmAGmGFAXJwevJaGBr9aLPIJ+b4OkppPfXyaeSk8/
u6mDWQUP3dorzdlW8S3ZY5A7KSLA0S64NP42lbMJQahq2JfJd4L4jSOr7t4bnnEr
B9X5PwOPwD/LQoheia9GvTYgx2+vpEZbaD6h12sCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRLeYkG4m7QNam5pL9fu05mFSDbJTAfBgNVHSMEGDAWgBQig3Eb16sT2j0R
8lu1ek9IPB+ZrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lvTnhHOWVyRTlvOUVmSmJ0WHBQU0R3Zm1hdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvOWNiZTg4LTNlNzUtNDJlZi1iODcxLTVlZTc2ZjBmNjRlMi8x
L1MzbUpCdUp1MERXcHVhU19YN3RPWmhVZzJ5VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
OWNiZTg4LTNlNzUtNDJlZi1iODcxLTVlZTc2ZjBmNjRlMi8xL0lvTnhHOWVyRTlv
OUVmSmJ0WHBQU0R3Zm1hdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEArkINAMEArmL9DAWBAIAAjAQAwUD
KgLZQAMHACoHGMAAADANBgkqhkiG9w0BAQsFAAOCAQEAjs6zToSqKyBkZLorGPC/
YhxAqGEMRfJPBh8GL3/hYAhUwaE005yuRdr6ru4YE894NHgK1otYUpHskUpvo7Mo
uOUKfO6q1autBdgEcCIrJ1Fjua7a7ReFLkeStuRke7Pj0IJvRIWb5kElZNa4uDQf
b11X3fKU96MVm39j/Mte7osFLjMfLp6BTg5R+mdhDJ72ciHPX/8dppwQV/URTw1q
OrLZ6uIJhIC9ycje2tShiwDevS6hcxe3/x+C7q0K5N/2v0GMvx2gTDvKS/Ccn9XY
gCx28E/3Uxv3l3lE19STLP5FcD8w/ARDml3inbWnPtDGj84wsrRjFwr+gMd7N4pD
Kg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:13 2023 by rpki-client on console-ams.rpki-client.org