Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3de8cc-db79-4a9b-b79a-4ef488dc6dc4/1/4l5XXNyYvjgk7dVEGRtbSi3OgRQ.roa
File: 4l5XXNyYvjgk7dVEGRtbSi3OgRQ.roa (raw, json)
Hash identifier: 9rxjP+JV1E8j8W6MRDfAYuBJz0Um3ncqYRGV6nk+QPk=
Subject key identifier: E2:5E:57:5C:DC:98:BE:38:24:ED:D5:44:19:1B:5B:4A:2D:CE:81:14
Certificate issuer: /CN=234d9395a2ba239cb9d278eb589b72ed5c9672d1
Certificate serial: 018B359A
Authority key identifier: 23:4D:93:95:A2:BA:23:9C:B9:D2:78:EB:58:9B:72:ED:5C:96:72:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I02TlaK6I5y50njrWJty7VyWctE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3de8cc-db79-4a9b-b79a-4ef488dc6dc4/1/4l5XXNyYvjgk7dVEGRtbSi3OgRQ.roa
Signing time: Sat 01 Jan 2022 06:01:22 +0000
ROA not before: Sat 01 Jan 2022 06:01:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203427
IP address blocks: 185.135.54.0/24 maxlen: 24
185.135.52.0/24 maxlen: 24
185.135.53.0/24 maxlen: 24
2a02:faa0:1::/48 maxlen: 48
2a02:faa0:2::/48 maxlen: 48
2a02:faa0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25900442 (0x18b359a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234d9395a2ba239cb9d278eb589b72ed5c9672d1
Validity
Not Before: Jan 1 06:01:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e25e575cdc98be3824edd544191b5b4a2dce8114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:32:14:64:79:db:1a:f2:43:24:78:64:60:49:
e9:2d:1e:97:7f:5f:55:6c:9d:e3:9e:35:89:b0:d6:
bc:d7:7c:25:8f:07:f0:f5:21:88:dc:a8:e6:2e:51:
df:b2:54:bc:69:05:4f:66:b1:07:4b:5f:84:d9:59:
d6:d3:64:54:d9:84:7a:da:bf:22:f2:b7:51:c3:a9:
0c:e3:b3:88:ba:62:bc:8f:2c:47:a8:77:f6:d3:e2:
45:1b:26:41:91:88:f2:92:f1:4f:41:2f:68:2d:c6:
cc:bf:0e:33:63:b1:c7:a4:b4:df:e0:2e:66:95:b0:
5e:a6:19:a2:d8:73:43:c1:e9:29:1a:a8:ad:f0:92:
dc:4d:b3:64:7e:52:b2:60:4e:03:2b:37:9b:f3:4a:
5f:28:c7:12:9a:44:81:ab:91:be:f4:6e:b2:b1:d2:
25:85:11:14:84:8f:de:0f:c9:de:26:fc:32:8e:c1:
29:c5:4a:c5:bb:65:3b:1c:8c:b9:3b:db:f3:1e:ea:
22:7f:40:e5:6a:ca:74:87:66:60:20:78:12:05:51:
68:04:a4:42:bf:62:22:0f:f2:6e:d5:cc:af:3a:b3:
42:d0:b1:de:9e:52:75:d9:9f:b5:f7:21:ce:2e:71:
2a:9f:0a:aa:f8:5c:58:3b:99:88:08:55:c8:3f:77:
ce:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5E:57:5C:DC:98:BE:38:24:ED:D5:44:19:1B:5B:4A:2D:CE:81:14
X509v3 Authority Key Identifier:
keyid:23:4D:93:95:A2:BA:23:9C:B9:D2:78:EB:58:9B:72:ED:5C:96:72:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I02TlaK6I5y50njrWJty7VyWctE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3de8cc-db79-4a9b-b79a-4ef488dc6dc4/1/4l5XXNyYvjgk7dVEGRtbSi3OgRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3de8cc-db79-4a9b-b79a-4ef488dc6dc4/1/I02TlaK6I5y50njrWJty7VyWctE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.52.0-185.135.54.255
IPv6:
2a02:faa0::-2a02:faa0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3e:65:0c:43:ec:2d:3d:a7:02:24:e1:f9:b9:7f:74:73:79:7e:
4c:25:76:7b:44:74:17:a3:b7:f5:30:3f:b1:86:65:3c:d4:28:
47:d0:23:c3:c9:d1:e9:eb:0b:b4:d3:4e:d6:d1:2c:01:27:70:
53:c3:98:de:17:cf:4a:02:c1:b4:5d:6b:67:ba:a8:0a:bf:2a:
0a:95:38:d3:b0:3c:45:07:bf:1d:59:e4:ca:00:12:f7:68:60:
9a:9d:f8:86:c9:50:dd:04:3c:1a:7a:b2:39:e4:ed:5c:6f:fa:
15:97:7c:20:0b:bb:de:d3:a6:da:7f:af:7f:36:96:45:90:b9:
13:1c:59:0f:e5:93:0e:6a:10:1a:c9:d0:e6:94:9c:a7:c2:63:
0a:ee:50:f9:ad:ba:43:01:4c:1f:21:13:9c:27:52:99:f2:81:
56:e2:d8:3b:15:28:69:d2:00:f8:17:02:bd:79:9c:4b:2f:1b:
62:0d:5d:69:43:95:9f:d8:22:17:69:df:dd:d5:54:c2:47:c6:
6b:25:d7:ae:3d:75:94:71:36:74:0e:1a:20:4b:fe:ba:eb:ca:
20:ff:13:04:92:1e:d0:90:47:a5:a4:26:58:3a:9f:e8:f9:db:
a1:73:21:37:7c:8b:bc:db:ec:95:b8:f4:93:02:a5:f3:e6:ac:
65:d3:66:bf
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEAYs1mjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzRkOTM5NWEyYmEyMzljYjlkMjc4ZWI1ODliNzJlZDVjOTY3MmQxMB4XDTIyMDEw
MTA2MDEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI1ZTU3NWNkYzk4
YmUzODI0ZWRkNTQ0MTkxYjViNGEyZGNlODExNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwyFGR52xryQyR4ZGBJ6S0el39fVWyd4541ibDWvNd8JY8H
8PUhiNyo5i5R37JUvGkFT2axB0tfhNlZ1tNkVNmEetq/IvK3UcOpDOOziLpivI8s
R6h39tPiRRsmQZGI8pLxT0EvaC3GzL8OM2Oxx6S03+AuZpWwXqYZothzQ8HpKRqo
rfCS3E2zZH5SsmBOAys3m/NKXyjHEppEgauRvvRusrHSJYURFISP3g/J3ib8Mo7B
KcVKxbtlOxyMuTvb8x7qIn9A5WrKdIdmYCB4EgVRaASkQr9iIg/ybtXMrzqzQtCx
3p5Sddmftfchzi5xKp8KqvhcWDuZiAhVyD93zpkCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBTiXldc3Ji+OCTt1UQZG1tKLc6BFDAfBgNVHSMEGDAWgBQjTZOVorojnLnS
eOtYm3LtXJZy0TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kwMlRsYUs2STV5NTBuanJXSnR5N1Z5V2N0RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvM2RlOGNjLWRiNzktNGE5Yi1iNzlhLTRlZjQ4OGRjNmRjNC8x
LzRsNVhYTnlZdmpnazdkVkVHUnRiU2kzT2dSUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
M2RlOGNjLWRiNzktNGE5Yi1iNzlhLTRlZjQ4OGRjNmRjNC8xL0kwMlRsYUs2STV5
NTBuanJXSnR5N1Z5V2N0RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwFAQCAAEwDjAMAwQCuYc0AwQAuYc2MBgEAgACMBIw
EAMFBSoC+qADBwAqAvqgAAIwDQYJKoZIhvcNAQELBQADggEBAD5lDEPsLT2nAiTh
+bl/dHN5fkwldntEdBejt/UwP7GGZTzUKEfQI8PJ0enrC7TTTtbRLAEncFPDmN4X
z0oCwbRda2e6qAq/KgqVONOwPEUHvx1Z5MoAEvdoYJqd+IbJUN0EPBp6sjnk7Vxv
+hWXfCALu97Tptp/r382lkWQuRMcWQ/lkw5qEBrJ0OaUnKfCYwruUPmtukMBTB8h
E5wnUpnygVbi2DsVKGnSAPgXAr15nEsvG2INXWlDlZ/YIhdp393VVMJHxmsl1649
dZRxNnQOGiBL/rrryiD/EwSSHtCQR6WkJlg6n+j526FzITd8i7zb7JW49JMCpfPm
rGXTZr8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:48 2024 by rpki-client on console-fra.rpki-client.org