Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/Sk2LH7m1GzibKV4mguq_QAH8iNU.roa
File: Sk2LH7m1GzibKV4mguq_QAH8iNU.roa (raw, json)
Hash identifier: nlO0J7UJenG5v5hNjFwDCNRFalNs2/PE2XTFx/XQAGE=
Subject key identifier: 4A:4D:8B:1F:B9:B5:1B:38:9B:29:5E:26:82:EA:BF:40:01:FC:88:D5
Certificate issuer: /CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Certificate serial: 0A676989
Authority key identifier: 4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/Sk2LH7m1GzibKV4mguq_QAH8iNU.roa
Signing time: Sat 01 Jan 2022 02:54:11 +0000
ROA not before: Sat 01 Jan 2022 02:54:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20612
IP address blocks: 194.242.34.0/24 maxlen: 24
185.222.12.0/22 maxlen: 24
2a0c:d000::/29 maxlen: 64
2001:67c:20ac::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174549385 (0xa676989)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Validity
Not Before: Jan 1 02:54:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a4d8b1fb9b51b389b295e2682eabf4001fc88d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:14:76:5b:48:bd:af:73:57:9d:52:d9:b7:37:
c7:64:0c:c2:9f:99:bb:51:86:8b:37:4e:17:ad:a2:
f8:d2:ab:86:c9:66:c8:80:d6:78:56:06:d8:a6:36:
58:7e:83:26:24:1c:c9:c8:12:9b:a5:6e:43:e7:2e:
e4:cd:02:3f:7d:62:38:e5:da:5c:75:5d:db:6d:26:
ca:88:95:2e:e5:c6:58:5d:7e:95:64:59:26:2b:c9:
c5:cc:e6:5d:dd:cb:b3:24:e3:ad:c9:f5:3a:ca:77:
26:80:5b:4c:58:05:f4:28:ea:af:80:22:1a:8e:79:
cc:44:40:14:b2:f7:87:67:2f:54:fb:5e:63:68:86:
d3:06:76:80:23:f5:64:63:ed:39:32:fe:b8:ac:c9:
99:fc:ef:1e:f9:33:2c:12:e9:3e:90:8a:6b:9c:e5:
0b:4d:40:d7:c9:76:08:7b:78:a3:7a:f8:89:34:a6:
d1:64:f1:05:f5:ab:bf:7c:b3:18:de:03:ea:83:17:
a3:a0:4f:35:8a:57:09:ec:b2:73:e5:db:7d:67:b3:
b5:78:eb:2e:c4:41:87:10:c1:b7:70:98:32:a2:cc:
82:12:e4:69:eb:3b:a4:a6:f1:c9:01:47:bc:6a:b0:
df:72:3e:0e:81:2e:62:b3:e8:fb:16:ac:3f:8c:8e:
d4:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:4D:8B:1F:B9:B5:1B:38:9B:29:5E:26:82:EA:BF:40:01:FC:88:D5
X509v3 Authority Key Identifier:
keyid:4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/Sk2LH7m1GzibKV4mguq_QAH8iNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/T5CKbYaKuem9sQRy--wxyWbpQnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.12.0/22
194.242.34.0/24
IPv6:
2001:67c:20ac::/48
2a0c:d000::/29
Signature Algorithm: sha256WithRSAEncryption
91:93:d2:54:80:a6:a6:52:57:02:15:18:37:bd:ed:46:54:86:
3e:42:18:35:eb:90:28:45:da:c7:95:e2:5a:3e:8e:09:19:d8:
83:11:bc:83:9e:5c:ee:70:c0:69:33:50:b8:4a:cb:a9:22:da:
01:0f:d7:b8:fa:a0:ea:fc:67:95:ac:f7:76:8c:00:74:d3:c9:
07:6d:04:37:51:8d:9d:28:3e:4c:08:40:cf:05:b3:21:4a:74:
81:8b:7d:0e:b0:db:71:a7:6b:e4:81:57:44:66:ed:9e:ae:d5:
a5:c3:c8:2d:ea:08:05:50:06:29:6a:f0:fc:da:65:d2:ef:6a:
07:7c:f1:5c:3d:31:e7:cf:26:ad:76:b5:17:65:bd:ff:52:a5:
da:a1:0d:ff:4f:a7:75:82:17:91:09:64:2e:30:33:85:c4:8e:
c3:68:1d:4d:98:43:71:34:ec:36:b7:62:15:cc:07:18:6e:30:
68:4d:7e:e5:e1:30:2a:57:2f:37:aa:88:71:ca:bc:65:c7:30:
9a:0a:0d:15:3f:76:b4:aa:f4:10:94:f7:37:3b:b3:5f:57:ef:
6d:29:49:02:6c:b2:0d:49:74:e6:8d:9b:9a:13:bc:53:62:d8:
8f:da:a6:17:75:5f:ba:ca:be:67:50:43:be:cb:b4:74:7f:de:
89:04:e4:08
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECmdpiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjkwOGE2ZDg2OGFiOWU5YmRiMTA0NzJmYmVjMzFjOTY2ZTk0Mjc0MB4XDTIyMDEw
MTAyNTQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE0ZDhiMWZiOWI1
MWIzODliMjk1ZTI2ODJlYWJmNDAwMWZjODhkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOkUdltIva9zV51S2bc3x2QMwp+Zu1GGizdOF62i+NKrhslm
yIDWeFYG2KY2WH6DJiQcycgSm6VuQ+cu5M0CP31iOOXaXHVd220myoiVLuXGWF1+
lWRZJivJxczmXd3LsyTjrcn1Osp3JoBbTFgF9Cjqr4AiGo55zERAFLL3h2cvVPte
Y2iG0wZ2gCP1ZGPtOTL+uKzJmfzvHvkzLBLpPpCKa5zlC01A18l2CHt4o3r4iTSm
0WTxBfWrv3yzGN4D6oMXo6BPNYpXCeyyc+XbfWeztXjrLsRBhxDBt3CYMqLMghLk
aes7pKbxyQFHvGqw33I+DoEuYrPo+xasP4yO1C0CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRKTYsfubUbOJspXiaC6r9AAfyI1TAfBgNVHSMEGDAWgBRPkIpthoq56b2x
BHL77DHJZulCdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q1Q0tiWWFLdWVtOXNRUnktLXd4eVdicFFuUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNGQ3N2Q5LWIwYTMtNDhhZC1hYTJhLTFjNmVlNWJiZWI2Ni8x
L1NrMkxIN20xR3ppYktWNG1ndXFfUUFIOGlOVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NGQ3N2Q5LWIwYTMtNDhhZC1hYTJhLTFjNmVlNWJiZWI2Ni8xL1Q1Q0tiWWFLdWVt
OXNRUnktLXd4eVdicFFuUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEArneDAMEAMLyIjAWBAIAAjAQAwcA
IAEGfCCsAwUDKgzQADANBgkqhkiG9w0BAQsFAAOCAQEAkZPSVICmplJXAhUYN73t
RlSGPkIYNeuQKEXax5XiWj6OCRnYgxG8g55c7nDAaTNQuErLqSLaAQ/XuPqg6vxn
laz3dowAdNPJB20EN1GNnSg+TAhAzwWzIUp0gYt9DrDbcadr5IFXRGbtnq7VpcPI
LeoIBVAGKWrw/Npl0u9qB3zxXD0x588mrXa1F2W9/1Kl2qEN/0+ndYIXkQlkLjAz
hcSOw2gdTZhDcTTsNrdiFcwHGG4waE1+5eEwKlcvN6qIccq8ZccwmgoNFT92tKr0
EJT3NzuzX1fvbSlJAmyyDUl05o2bmhO8U2LYj9qmF3Vfusq+Z1BDvsu0dH/eiQTk
CA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:24 2024 by rpki-client on console-ams.rpki-client.org