Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/CcpA92NEZa70kEnMOsMcEQCkxq4.roa
File: CcpA92NEZa70kEnMOsMcEQCkxq4.roa (raw, json)
Hash identifier: q12MWZE2jDr4Wv/UCoREbDbEkxiceMVEh1Z/WV9pUwY=
Subject key identifier: 09:CA:40:F7:63:44:65:AE:F4:90:49:CC:3A:C3:1C:11:00:A4:C6:AE
Certificate issuer: /CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Certificate serial: 03F5CCBC
Authority key identifier: 34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/CcpA92NEZa70kEnMOsMcEQCkxq4.roa
Signing time: Sat 01 Jan 2022 00:57:41 +0000
ROA not before: Sat 01 Jan 2022 00:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8897
IP address blocks: 185.156.17.0/24 maxlen: 24
185.156.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66440380 (0x3f5ccbc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Validity
Not Before: Jan 1 00:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09ca40f7634465aef49049cc3ac31c1100a4c6ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:1d:6d:d3:aa:1b:73:2b:d4:29:83:97:90:e5:
60:9e:b7:d7:f5:ef:52:b1:0d:4b:e4:8e:6a:91:51:
2f:b3:7b:2c:57:59:e3:e3:39:08:ad:1d:de:7f:16:
cd:5c:72:f5:ec:f4:d8:27:de:60:97:f0:86:a5:5e:
df:82:75:d8:92:e2:59:d5:6d:2b:71:7c:4f:9c:60:
07:d9:cf:0c:21:c7:fd:85:ee:b9:6c:b2:d3:9e:56:
62:8d:91:15:92:d0:f4:43:0f:3b:d6:fc:0d:f0:7c:
1c:c1:6a:e0:b9:4f:a1:c0:4c:82:f1:2b:dc:03:e1:
37:e3:ba:44:28:53:af:35:5a:6d:75:79:8d:d3:14:
36:1a:5b:67:a4:ac:86:d2:68:4f:a1:0d:40:c4:53:
f2:ea:9b:e4:72:a1:1f:be:e2:15:8b:5f:59:4b:7b:
61:3d:da:01:7a:6d:22:b3:d4:80:d4:f1:36:aa:96:
fc:a6:08:04:d1:a4:ea:59:f9:e8:f6:8b:b3:bb:72:
ec:05:72:e4:0f:28:72:78:b0:a2:1f:cc:1a:e1:a9:
24:6b:80:3b:cf:e9:ca:8e:9a:31:ba:99:68:56:16:
63:9f:ee:7e:cf:52:67:f3:70:e3:5f:d4:0f:e7:b2:
9b:04:67:08:af:66:6e:6d:f9:4a:be:42:8e:d8:ca:
3f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CA:40:F7:63:44:65:AE:F4:90:49:CC:3A:C3:1C:11:00:A4:C6:AE
X509v3 Authority Key Identifier:
keyid:34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/CcpA92NEZa70kEnMOsMcEQCkxq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NP5rnQzB5_bhaypGtCyl4BxwA0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.16.0/22
Signature Algorithm: sha256WithRSAEncryption
14:f0:ea:43:ec:78:63:c7:1d:d7:f6:dd:3a:8c:40:2c:31:72:
c2:3a:ec:f5:09:39:08:78:b0:4b:01:32:33:2d:fa:6a:5d:12:
d3:a6:9a:eb:c9:cb:23:ea:9f:2f:5c:ff:f6:6d:5a:14:84:11:
4c:4f:9c:91:91:91:ea:4d:8e:42:d5:3a:34:63:2a:a1:f4:c9:
a5:43:c2:9f:91:73:ec:f8:fd:f5:c1:95:2d:7e:39:d1:17:d5:
3a:75:dd:24:e5:d2:9e:4a:bc:bd:f8:4f:7a:8a:29:19:df:ce:
50:3a:c5:74:e4:e3:dd:fc:5d:52:47:54:34:be:5a:58:11:ca:
9a:82:b4:3f:e0:db:be:70:41:ea:ad:32:c9:7e:8b:38:71:0c:
49:ae:46:fa:f2:57:10:5d:51:3f:f5:7c:a7:56:02:c1:7b:c3:
df:bf:61:fa:79:9c:46:d3:b1:3d:99:43:08:5d:7e:7f:f8:c3:
10:c0:65:3b:35:4b:81:ef:1d:41:7d:3f:1c:96:78:25:c3:2e:
db:64:13:60:f3:d4:e9:1a:0d:e4:3b:ec:54:68:89:bc:f3:d8:
12:78:e6:9d:42:89:3a:95:2f:49:5b:d9:99:6a:81:04:eb:e7:
8a:27:b7:12:a6:1a:05:7f:29:4f:71:bb:c9:89:67:b5:e2:36:
24:50:ce:79
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/XMvDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGZlNmI5ZDBjYzFlN2Y2ZTE2YjJhNDZiNDJjYTVlMDFjNzAwMzQ2MB4XDTIyMDEw
MTAwNTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDljYTQwZjc2MzQ0
NjVhZWY0OTA0OWNjM2FjMzFjMTEwMGE0YzZhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIsdbdOqG3Mr1CmDl5DlYJ631/XvUrENS+SOapFRL7N7LFdZ
4+M5CK0d3n8WzVxy9ez02CfeYJfwhqVe34J12JLiWdVtK3F8T5xgB9nPDCHH/YXu
uWyy055WYo2RFZLQ9EMPO9b8DfB8HMFq4LlPocBMgvEr3APhN+O6RChTrzVabXV5
jdMUNhpbZ6SshtJoT6ENQMRT8uqb5HKhH77iFYtfWUt7YT3aAXptIrPUgNTxNqqW
/KYIBNGk6ln56PaLs7ty7AVy5A8ocniwoh/MGuGpJGuAO8/pyo6aMbqZaFYWY5/u
fs9SZ/Nw41/UD+eymwRnCK9mbm35Sr5CjtjKPxECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQJykD3Y0RlrvSQScw6wxwRAKTGrjAfBgNVHSMEGDAWgBQ0/mudDMHn9uFr
Kka0LKXgHHADRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05QNXJuUXpCNV9iaGF5cEd0Q3lsNEJ4d0EwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNjJkZjM2LWZkMzYtNGJhZi05ZDJlLTExOGFmZWQ3YTVhZS8x
L0NjcEE5Mk5FWmE3MGtFbk1Pc01jRVFDa3hxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NjJkZjM2LWZkMzYtNGJhZi05ZDJlLTExOGFmZWQ3YTVhZS8xL05QNXJuUXpCNV9i
aGF5cEd0Q3lsNEJ4d0EwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmcEDANBgkqhkiG9w0BAQsFAAOC
AQEAFPDqQ+x4Y8cd1/bdOoxALDFywjrs9Qk5CHiwSwEyMy36al0S06aa68nLI+qf
L1z/9m1aFIQRTE+ckZGR6k2OQtU6NGMqofTJpUPCn5Fz7Pj99cGVLX450RfVOnXd
JOXSnkq8vfhPeoopGd/OUDrFdOTj3fxdUkdUNL5aWBHKmoK0P+DbvnBB6q0yyX6L
OHEMSa5G+vJXEF1RP/V8p1YCwXvD379h+nmcRtOxPZlDCF1+f/jDEMBlOzVLge8d
QX0/HJZ4JcMu22QTYPPU6RoN5DvsVGiJvPPYEnjmnUKJOpUvSVvZmWqBBOvniie3
EqYaBX8pT3G7yYlnteI2JFDOeQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:09 2024 by rpki-client on console-fra.rpki-client.org