Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/Szkfct9ORoumCWJjNgn6t9gF8Cc.roa
File: Szkfct9ORoumCWJjNgn6t9gF8Cc.roa (raw, json)
Hash identifier: 1zPOPhVmnSNDriFpqETDYKfjYpgGTdA3GV74Q58OedU=
Subject key identifier: 4B:39:1F:72:DF:4E:46:8B:A6:09:62:63:36:09:FA:B7:D8:05:F0:27
Certificate issuer: /CN=e41a8c42ece89b5fbfc210dc7b554c72ea4f3544
Certificate serial: 3FF9F181
Authority key identifier: E4:1A:8C:42:EC:E8:9B:5F:BF:C2:10:DC:7B:55:4C:72:EA:4F:35:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5BqMQuzom1-_whDce1VMcupPNUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/Szkfct9ORoumCWJjNgn6t9gF8Cc.roa
Signing time: Sat 01 Jan 2022 07:52:46 +0000
ROA not before: Sat 01 Jan 2022 07:52:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57119
IP address blocks: 149.62.152.0/21 maxlen: 21
149.62.154.0/24 maxlen: 24
185.64.148.0/22 maxlen: 22
185.64.148.0/23 maxlen: 23
185.64.151.0/24 maxlen: 24
185.64.150.0/24 maxlen: 24
2a02:7680::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1073344897 (0x3ff9f181)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e41a8c42ece89b5fbfc210dc7b554c72ea4f3544
Validity
Not Before: Jan 1 07:52:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b391f72df4e468ba60962633609fab7d805f027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:91:66:65:13:ba:66:aa:fb:6c:45:8c:cd:3a:
38:93:96:e3:3b:ba:cb:f6:3b:69:6d:1f:85:db:7b:
41:0f:cb:1d:39:5b:89:70:16:0f:7c:4e:5f:04:9b:
bf:96:92:82:8b:b3:51:a4:95:71:3a:f4:f1:43:92:
b9:aa:31:e9:3a:09:0b:83:96:b5:57:de:4b:2c:35:
2a:d5:91:df:ba:e7:bf:36:a6:bf:a0:13:cb:33:8b:
ae:61:d6:84:fa:5b:54:a9:ed:db:06:e4:f9:36:f3:
0e:67:4f:ba:86:d4:ae:02:92:f7:07:d6:55:74:eb:
0d:3f:16:29:64:17:ac:5c:2c:53:8d:19:a4:73:0e:
83:0e:9e:d6:7c:b6:f5:e5:99:76:a1:91:27:2b:61:
58:a3:35:30:db:09:a4:3f:a1:e1:4a:b4:4a:98:83:
e4:d5:f6:10:24:22:e2:4a:6a:28:c3:18:06:83:43:
3e:66:4a:82:e3:0b:46:ca:ad:b4:46:27:eb:a0:ce:
cb:21:f0:54:9b:ce:99:bc:87:6e:97:ce:27:2f:7b:
29:b3:10:1b:f0:ff:48:d7:eb:b7:b5:f2:3a:34:a9:
fa:9c:ce:bf:39:a2:ee:ea:e4:c9:ff:c9:e9:f9:83:
3f:2e:a4:87:93:03:ad:9d:84:a5:7e:09:a6:5d:a2:
eb:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:39:1F:72:DF:4E:46:8B:A6:09:62:63:36:09:FA:B7:D8:05:F0:27
X509v3 Authority Key Identifier:
keyid:E4:1A:8C:42:EC:E8:9B:5F:BF:C2:10:DC:7B:55:4C:72:EA:4F:35:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5BqMQuzom1-_whDce1VMcupPNUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/Szkfct9ORoumCWJjNgn6t9gF8Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d19c2d-38c3-4526-a7cf-1d666c422c6a/1/5BqMQuzom1-_whDce1VMcupPNUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.62.152.0/21
185.64.148.0/22
IPv6:
2a02:7680::/32
Signature Algorithm: sha256WithRSAEncryption
0e:b2:92:7c:59:72:b5:7a:40:f2:2a:ff:27:f0:f3:63:f6:01:
e8:8c:1f:7e:3a:63:a2:d4:29:21:ed:88:83:77:4d:88:db:a4:
40:da:0a:7c:5b:e1:68:f6:d0:1d:a8:bb:b4:ea:01:9c:27:45:
ad:6b:98:b8:4e:03:8e:87:09:44:54:e9:c1:2c:0d:39:1f:cb:
a3:2a:b9:ee:d0:fe:b9:ad:84:dd:b1:5b:ce:ba:1c:b9:6b:c0:
01:1d:30:dd:89:bb:96:60:74:68:6e:65:60:10:9c:f3:c3:ce:
08:ce:4f:d5:a0:e0:46:de:a6:3c:cf:3b:47:8f:a0:35:87:51:
af:56:09:77:a7:9d:f9:a6:4a:2f:43:c0:3f:ed:e4:c4:a6:83:
95:f2:fa:d5:b7:d3:2f:ce:1c:17:e5:2c:cf:d5:16:ba:3a:55:
ae:38:51:97:4c:1c:78:92:09:bc:68:aa:bb:22:d4:d3:7a:cf:
a2:28:ca:59:38:52:b1:1e:63:1d:a2:af:ac:1d:71:78:a3:9c:
0d:6d:73:50:fd:48:f4:f3:e1:0f:cd:ed:b0:75:c9:d2:21:f3:
14:1f:cc:c9:34:5c:23:30:1a:7d:36:e3:02:02:4b:8b:b4:5f:
ee:8f:b4:0f:15:74:bd:59:fb:be:a9:c6:fd:b1:04:2f:32:fd:
38:ee:26:fc
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEP/nxgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDFhOGM0MmVjZTg5YjVmYmZjMjEwZGM3YjU1NGM3MmVhNGYzNTQ0MB4XDTIyMDEw
MTA3NTI0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGIzOTFmNzJkZjRl
NDY4YmE2MDk2MjYzMzYwOWZhYjdkODA1ZjAyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCRZmUTumaq+2xFjM06OJOW4zu6y/Y7aW0fhdt7QQ/LHTlb
iXAWD3xOXwSbv5aSgouzUaSVcTr08UOSuaox6ToJC4OWtVfeSyw1KtWR37rnvzam
v6ATyzOLrmHWhPpbVKnt2wbk+TbzDmdPuobUrgKS9wfWVXTrDT8WKWQXrFwsU40Z
pHMOgw6e1ny29eWZdqGRJythWKM1MNsJpD+h4Uq0SpiD5NX2ECQi4kpqKMMYBoND
PmZKguMLRsqttEYn66DOyyHwVJvOmbyHbpfOJy97KbMQG/D/SNfrt7XyOjSp+pzO
vzmi7urkyf/J6fmDPy6kh5MDrZ2EpX4Jpl2i6wsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRLOR9y305Gi6YJYmM2Cfq32AXwJzAfBgNVHSMEGDAWgBTkGoxC7OibX7/C
ENx7VUxy6k81RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVCcU1RdXpvbTEtX3doRGNlMVZNY3VwUE5VUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvZDE5YzJkLTM4YzMtNDUyNi1hN2NmLTFkNjY2YzQyMmM2YS8x
L1N6a2ZjdDlPUm91bUNXSmpOZ242dDlnRjhDYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
ZDE5YzJkLTM4YzMtNDUyNi1hN2NmLTFkNjY2YzQyMmM2YS8xLzVCcU1RdXpvbTEt
X3doRGNlMVZNY3VwUE5VUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA5U+mAMEArlAlDANBAIAAjAHAwUA
KgJ2gDANBgkqhkiG9w0BAQsFAAOCAQEADrKSfFlytXpA8ir/J/DzY/YB6Iwffjpj
otQpIe2Ig3dNiNukQNoKfFvhaPbQHai7tOoBnCdFrWuYuE4DjocJRFTpwSwNOR/L
oyq57tD+ua2E3bFbzrocuWvAAR0w3Ym7lmB0aG5lYBCc88POCM5P1aDgRt6mPM87
R4+gNYdRr1YJd6ed+aZKL0PAP+3kxKaDlfL61bfTL84cF+Usz9UWujpVrjhRl0wc
eJIJvGiquyLU03rPoijKWThSsR5jHaKvrB1xeKOcDW1zUP1I9PPhD83tsHXJ0iHz
FB/MyTRcIzAafTbjAgJLi7Rf7o+0DxV0vVn7vqnG/bEELzL9OO4m/A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:34 2024 by rpki-client on console-ams.rpki-client.org