Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/Ps2DN7B8Ux5HQTG0sZFURFz8-QI.roa
File: Ps2DN7B8Ux5HQTG0sZFURFz8-QI.roa (raw, json)
Hash identifier: gcgm+XIRRasLHFjK9rh4XfM1xNxVg7H19RMads157Is=
Subject key identifier: 3E:CD:83:37:B0:7C:53:1E:47:41:31:B4:B1:91:54:44:5C:FC:F9:02
Certificate issuer: /CN=a84471a66f7907107e4534716bfa4208d406969f
Certificate serial: 32EDB18C
Authority key identifier: A8:44:71:A6:6F:79:07:10:7E:45:34:71:6B:FA:42:08:D4:06:96:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qERxpm95BxB-RTRxa_pCCNQGlp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/Ps2DN7B8Ux5HQTG0sZFURFz8-QI.roa
Signing time: Sat 01 Jan 2022 02:57:24 +0000
ROA not before: Sat 01 Jan 2022 02:57:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198153
IP address blocks: 185.197.0.0/22 maxlen: 22
79.98.64.0/21 maxlen: 30
2a03:ad80::/32 maxlen: 126
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 854438284 (0x32edb18c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a84471a66f7907107e4534716bfa4208d406969f
Validity
Not Before: Jan 1 02:57:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3ecd8337b07c531e474131b4b19154445cfcf902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4c:7a:ff:92:b5:a6:83:13:bd:0d:c6:98:5b:
5d:f7:da:80:3f:91:12:91:2e:5a:fa:43:87:72:32:
c8:9f:01:df:f1:8b:91:76:39:6b:ee:2e:86:4d:1f:
d4:b5:4c:5e:6a:82:bd:50:33:2d:c5:32:02:99:fd:
aa:a5:72:f9:75:da:1c:9e:cc:fe:a7:e5:8b:c1:68:
4e:39:d1:c4:22:ad:2b:55:04:28:e3:9b:65:03:49:
27:bc:79:3a:72:42:ae:1f:d3:4b:43:02:1f:bd:59:
1d:56:d7:6e:f9:c2:78:85:88:5c:e9:9c:33:7d:0c:
7c:61:1e:03:10:67:c8:6d:f5:93:d8:65:3c:1e:4c:
85:f5:7d:35:c4:69:cf:d8:5d:af:23:79:79:bd:a9:
42:1a:c8:bb:39:7d:74:91:c2:1b:82:90:fb:c1:0f:
d0:ca:b7:4f:24:b6:29:9d:b4:ff:c0:2d:78:69:f8:
16:ab:1e:9d:05:9a:d7:99:15:e1:de:f4:f0:5a:c1:
cb:a8:67:74:af:18:09:60:90:9d:e1:e0:85:40:da:
30:32:8d:3d:ad:f5:1c:ad:bb:d4:7d:4b:86:37:24:
e7:84:ec:97:4d:33:91:97:90:89:38:4b:d3:13:d6:
ee:41:c5:fa:1d:bf:05:73:13:79:09:19:e5:94:66:
48:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:CD:83:37:B0:7C:53:1E:47:41:31:B4:B1:91:54:44:5C:FC:F9:02
X509v3 Authority Key Identifier:
keyid:A8:44:71:A6:6F:79:07:10:7E:45:34:71:6B:FA:42:08:D4:06:96:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qERxpm95BxB-RTRxa_pCCNQGlp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/Ps2DN7B8Ux5HQTG0sZFURFz8-QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/85d097-0153-4902-af7a-b8c331a848aa/1/qERxpm95BxB-RTRxa_pCCNQGlp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.64.0/21
185.197.0.0/22
IPv6:
2a03:ad80::/32
Signature Algorithm: sha256WithRSAEncryption
80:99:7c:94:39:f0:c1:e2:26:cb:6d:a2:29:31:18:65:64:6a:
7e:40:68:e3:29:75:46:b3:f6:35:c4:ae:9b:48:61:a4:7e:9a:
1b:d0:27:78:41:da:63:5d:cb:90:23:98:4d:c5:9e:f4:56:76:
d8:c0:77:64:c0:ca:a7:60:ea:22:07:2e:06:9e:53:78:93:84:
19:eb:d9:ca:0f:4a:66:fb:bc:71:3f:a6:9c:31:aa:58:c9:e8:
bf:4e:12:1b:5a:0f:45:a6:58:cf:78:60:c3:f1:e4:71:35:b1:
08:ad:b4:63:52:60:0c:df:76:a9:41:d7:2c:33:f2:4b:4d:49:
c4:c5:af:19:ca:c8:40:ee:e5:5c:46:d1:7b:3d:c1:43:82:4d:
84:f3:69:79:f5:94:69:43:0f:1a:b8:02:09:8e:ab:b6:92:b4:
08:d4:25:09:59:79:48:b6:49:4c:70:e7:90:27:68:bb:f3:0e:
5d:95:7c:34:d8:0c:4e:fe:cf:df:64:d7:a2:b9:df:8c:38:f5:
5c:83:67:3e:a6:b6:8b:b6:91:38:15:de:57:b3:1d:e8:89:f8:
cd:7c:ff:9e:cb:32:79:25:65:41:ed:36:1a:5f:86:4c:fa:a8:
cd:4b:d2:ee:72:a4:d4:68:d5:69:bb:ea:c7:29:bf:d6:66:65:
28:29:d4:50
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEMu2xjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODQ0NzFhNjZmNzkwNzEwN2U0NTM0NzE2YmZhNDIwOGQ0MDY5NjlmMB4XDTIyMDEw
MTAyNTcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2VjZDgzMzdiMDdj
NTMxZTQ3NDEzMWI0YjE5MTU0NDQ1Y2ZjZjkwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpMev+StaaDE70NxphbXffagD+REpEuWvpDh3IyyJ8B3/GL
kXY5a+4uhk0f1LVMXmqCvVAzLcUyApn9qqVy+XXaHJ7M/qfli8FoTjnRxCKtK1UE
KOObZQNJJ7x5OnJCrh/TS0MCH71ZHVbXbvnCeIWIXOmcM30MfGEeAxBnyG31k9hl
PB5MhfV9NcRpz9hdryN5eb2pQhrIuzl9dJHCG4KQ+8EP0Mq3TyS2KZ20/8AteGn4
FqsenQWa15kV4d708FrBy6hndK8YCWCQneHghUDaMDKNPa31HK271H1Lhjck54Ts
l00zkZeQiThL0xPW7kHF+h2/BXMTeQkZ5ZRmSJkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQ+zYM3sHxTHkdBMbSxkVREXPz5AjAfBgNVHSMEGDAWgBSoRHGmb3kHEH5F
NHFr+kII1AaWnzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FFUnhwbTk1QnhCLVJUUnhhX3BDQ05RR2xwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvODVkMDk3LTAxNTMtNDkwMi1hZjdhLWI4YzMzMWE4NDhhYS8x
L1BzMkRON0I4VXg1SFFURzBzWkZVUkZ6OC1RSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
ODVkMDk3LTAxNTMtNDkwMi1hZjdhLWI4YzMzMWE4NDhhYS8xL3FFUnhwbTk1QnhC
LVJUUnhhX3BDQ05RR2xwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA09iQAMEArnFADANBAIAAjAHAwUA
KgOtgDANBgkqhkiG9w0BAQsFAAOCAQEAgJl8lDnwweImy22iKTEYZWRqfkBo4yl1
RrP2NcSum0hhpH6aG9AneEHaY13LkCOYTcWe9FZ22MB3ZMDKp2DqIgcuBp5TeJOE
GevZyg9KZvu8cT+mnDGqWMnov04SG1oPRaZYz3hgw/HkcTWxCK20Y1JgDN92qUHX
LDPyS01JxMWvGcrIQO7lXEbRez3BQ4JNhPNpefWUaUMPGrgCCY6rtpK0CNQlCVl5
SLZJTHDnkCdou/MOXZV8NNgMTv7P32TXornfjDj1XINnPqa2i7aROBXeV7Md6In4
zXz/nssyeSVlQe02Gl+GTPqozUvS7nKk1GjVabvqxym/1mZlKCnUUA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:11 2024 by rpki-client on console-fra.rpki-client.org