Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/s72VQLt-FgyEiCXUf0Yi3XeBa0M.roa
File: s72VQLt-FgyEiCXUf0Yi3XeBa0M.roa (raw, json)
Hash identifier: UK2VKryaI0rxcxem5S+ZBBZYPxCXQbVNq+v1h+3CS+c=
Subject key identifier: B3:BD:95:40:BB:7E:16:0C:84:88:25:D4:7F:46:22:DD:77:81:6B:43
Certificate issuer: /CN=5ff7352d47db9785f49118092de8704a67f6520d
Certificate serial: 088CC241
Authority key identifier: 5F:F7:35:2D:47:DB:97:85:F4:91:18:09:2D:E8:70:4A:67:F6:52:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/s72VQLt-FgyEiCXUf0Yi3XeBa0M.roa
Signing time: Sat 01 Jan 2022 13:04:36 +0000
ROA not before: Sat 01 Jan 2022 13:04:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43366
IP address blocks: 185.241.188.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143442497 (0x88cc241)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ff7352d47db9785f49118092de8704a67f6520d
Validity
Not Before: Jan 1 13:04:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3bd9540bb7e160c848825d47f4622dd77816b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3d:ae:e0:79:4d:7f:a0:17:01:17:d6:54:40:
4b:eb:a2:9d:7d:01:d0:8c:14:57:76:44:30:3e:1f:
b5:74:a7:63:3a:60:a7:71:7f:44:f1:34:7f:4d:e0:
09:b4:3f:7a:41:5c:6e:1d:e7:ef:10:36:ef:a4:9e:
ed:a5:5f:91:30:bd:f5:b1:1a:79:75:14:3f:99:4d:
a9:9b:59:66:c7:01:d6:76:b5:bc:96:d4:5c:f8:df:
a1:fb:32:1c:f9:77:bd:ed:61:45:5d:42:7c:c1:a0:
db:4d:44:b7:2f:58:36:84:06:cd:1d:5e:3f:61:ee:
fe:07:16:e4:8e:98:f6:49:9c:bd:c9:90:a2:de:d5:
51:dd:1a:3f:d8:55:37:1e:0d:b0:78:2f:cb:13:a1:
6e:05:db:db:46:8f:6e:6f:30:97:0a:29:39:5d:fd:
22:2b:65:22:a9:3d:ea:50:4b:f4:4c:32:fc:39:b9:
a9:85:e8:ae:1a:e5:94:ca:b7:6c:2d:3c:e4:e1:69:
43:b9:01:77:52:81:a3:11:53:ca:db:09:88:55:28:
89:85:17:2d:6d:ac:89:48:8c:fb:62:78:d8:d7:5a:
35:b5:ec:11:17:1d:c4:c0:9c:5f:29:ad:4a:dc:8f:
0e:cd:ec:47:df:ff:ed:4c:45:34:71:c9:68:d7:b6:
e1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BD:95:40:BB:7E:16:0C:84:88:25:D4:7F:46:22:DD:77:81:6B:43
X509v3 Authority Key Identifier:
keyid:5F:F7:35:2D:47:DB:97:85:F4:91:18:09:2D:E8:70:4A:67:F6:52:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X_c1LUfbl4X0kRgJLehwSmf2Ug0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/s72VQLt-FgyEiCXUf0Yi3XeBa0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5d2b3-7c42-4785-9596-517481d0f850/1/X_c1LUfbl4X0kRgJLehwSmf2Ug0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.188.0/22
Signature Algorithm: sha256WithRSAEncryption
62:29:97:f4:ae:a5:99:1b:0f:36:e6:2a:dc:dd:df:33:f4:c1:
a4:18:d3:6e:e2:be:09:95:97:db:7b:36:89:72:35:5e:75:33:
48:1b:db:ff:17:2a:39:7e:09:ac:2a:d0:c7:62:52:fb:07:3b:
57:dc:02:5c:86:61:75:b4:dd:48:63:1e:74:aa:02:25:c0:55:
f7:ad:6a:52:ab:9b:ec:be:10:3a:0f:0c:ea:aa:43:65:b3:04:
6e:51:dd:88:88:6f:b0:e6:8f:28:93:9a:54:33:bd:0f:0c:4d:
ed:91:b8:37:4c:c7:08:0d:21:d2:d9:9f:0c:a5:cb:06:8c:3e:
ac:1d:af:b9:4b:6d:cd:25:48:0c:12:39:de:35:b7:d5:ef:98:
40:b1:42:38:41:0d:71:4c:c7:dd:cc:e2:25:f9:e6:79:1a:b8:
22:dc:b2:52:e5:27:29:a4:b3:2d:f2:2f:56:6b:98:48:21:66:
dc:a8:ef:20:f5:67:80:49:e8:8a:36:97:4e:8e:18:bb:08:61:
8f:8f:b6:d4:df:dc:6b:c9:a4:e3:cc:3c:8f:ef:62:52:43:3d:
cf:f7:0d:fb:56:d4:04:1e:cb:46:77:52:ef:67:32:f2:76:03:
99:15:5c:85:90:04:1e:fe:fd:50:f0:7a:c6:75:07:98:e4:b7:
24:6c:a0:9c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECIzCQTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZmY3MzUyZDQ3ZGI5Nzg1ZjQ5MTE4MDkyZGU4NzA0YTY3ZjY1MjBkMB4XDTIyMDEw
MTEzMDQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNiZDk1NDBiYjdl
MTYwYzg0ODgyNWQ0N2Y0NjIyZGQ3NzgxNmI0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN89ruB5TX+gFwEX1lRAS+uinX0B0IwUV3ZEMD4ftXSnYzpg
p3F/RPE0f03gCbQ/ekFcbh3n7xA276Se7aVfkTC99bEaeXUUP5lNqZtZZscB1na1
vJbUXPjfofsyHPl3ve1hRV1CfMGg201Ety9YNoQGzR1eP2Hu/gcW5I6Y9kmcvcmQ
ot7VUd0aP9hVNx4NsHgvyxOhbgXb20aPbm8wlwopOV39IitlIqk96lBL9Ewy/Dm5
qYXorhrllMq3bC085OFpQ7kBd1KBoxFTytsJiFUoiYUXLW2siUiM+2J42NdaNbXs
ERcdxMCcXymtStyPDs3sR9//7UxFNHHJaNe24ZsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSzvZVAu34WDISIJdR/RiLdd4FrQzAfBgNVHSMEGDAWgBRf9zUtR9uXhfSR
GAkt6HBKZ/ZSDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hfYzFMVWZibDRYMGtSZ0pMZWh3U21mMlVnMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvZDVkMmIzLTdjNDItNDc4NS05NTk2LTUxNzQ4MWQwZjg1MC8x
L3M3MlZRTHQtRmd5RWlDWFVmMFlpM1hlQmEwTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
ZDVkMmIzLTdjNDItNDc4NS05NTk2LTUxNzQ4MWQwZjg1MC8xL1hfYzFMVWZibDRY
MGtSZ0pMZWh3U21mMlVnMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnxvDANBgkqhkiG9w0BAQsFAAOC
AQEAYimX9K6lmRsPNuYq3N3fM/TBpBjTbuK+CZWX23s2iXI1XnUzSBvb/xcqOX4J
rCrQx2JS+wc7V9wCXIZhdbTdSGMedKoCJcBV961qUqub7L4QOg8M6qpDZbMEblHd
iIhvsOaPKJOaVDO9DwxN7ZG4N0zHCA0h0tmfDKXLBow+rB2vuUttzSVIDBI53jW3
1e+YQLFCOEENcUzH3cziJfnmeRq4ItyyUuUnKaSzLfIvVmuYSCFm3KjvIPVngEno
ijaXTo4Yuwhhj4+21N/ca8mk48w8j+9iUkM9z/cN+1bUBB7LRndS72cy8nYDmRVc
hZAEHv79UPB6xnUHmOS3JGygnA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:40 2023 by rpki-client on console-fra.rpki-client.org