Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/SStZnVw9HTBBhQ_0aK3gTi7JUM0.roa
File: SStZnVw9HTBBhQ_0aK3gTi7JUM0.roa (raw, json)
Hash identifier: vFKmIPxINKs6izhhh4/XbFGFX+klckIkYMd3GJOM8nY=
Subject key identifier: 49:2B:59:9D:5C:3D:1D:30:41:85:0F:F4:68:AD:E0:4E:2E:C9:50:CD
Certificate issuer: /CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Certificate serial: 07F8367D
Authority key identifier: D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/SStZnVw9HTBBhQ_0aK3gTi7JUM0.roa
Signing time: Sat 01 Jan 2022 04:58:20 +0000
ROA not before: Sat 01 Jan 2022 04:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.1.86.0/24 maxlen: 32
2001:7f8:af::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133707389 (0x7f8367d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d10d5b30b46c7b97b2dbc4589cea3622ad756156
Validity
Not Before: Jan 1 04:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=492b599d5c3d1d3041850ff468ade04e2ec950cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:c7:ad:41:7b:c6:28:4a:e0:80:79:ed:e1:8a:
e3:a6:2b:f8:da:23:76:87:f8:6b:41:df:d2:a8:31:
68:63:a6:ef:06:bb:c0:0d:80:78:b9:f0:11:78:01:
ae:f4:b0:e5:ed:07:a3:63:9d:fb:ce:d7:95:f7:3f:
6a:34:e3:d0:c3:6c:89:6f:7b:6d:b8:5a:4f:d6:cf:
11:34:e7:a5:37:7d:db:12:33:72:cb:ce:e4:e1:e1:
1e:65:31:e0:64:df:1d:e8:17:ee:dd:11:f2:49:81:
32:32:a5:f5:82:e9:e0:b2:d8:7c:c1:80:70:43:68:
c2:84:1c:5f:48:ff:1d:81:89:56:79:16:4f:02:a3:
a9:c2:57:ea:e5:a1:58:b0:59:59:67:ba:05:40:7f:
df:36:80:3d:58:0b:84:c4:00:42:73:ff:32:15:2f:
f2:ce:e1:07:16:17:53:a6:81:22:5b:9b:e7:f3:30:
67:23:c2:bf:fc:d1:f7:44:39:b7:25:14:e2:5d:92:
08:8f:11:a5:c6:24:cf:46:99:09:37:cd:2e:66:56:
a7:7b:ea:ef:48:ae:5b:6e:b3:c3:e3:69:86:9a:1f:
10:b1:3c:d0:49:d4:6a:cb:6d:e2:d4:76:a4:93:84:
b5:c3:7f:75:04:b0:4f:07:bd:fd:99:17:53:b4:39:
dc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:2B:59:9D:5C:3D:1D:30:41:85:0F:F4:68:AD:E0:4E:2E:C9:50:CD
X509v3 Authority Key Identifier:
keyid:D1:0D:5B:30:B4:6C:7B:97:B2:DB:C4:58:9C:EA:36:22:AD:75:61:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Q1bMLRse5ey28RYnOo2Iq11YVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/SStZnVw9HTBBhQ_0aK3gTi7JUM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/7256ec-c346-4b29-b7f5-3e40d01740b2/1/0Q1bMLRse5ey28RYnOo2Iq11YVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.86.0/24
IPv6:
2001:7f8:af::/48
Signature Algorithm: sha256WithRSAEncryption
01:98:08:f0:1c:b6:03:c7:b0:ea:f7:57:07:6d:03:be:40:7f:
f3:0b:66:d5:54:79:75:13:c7:6d:3a:b3:86:2c:67:38:b3:8f:
1f:65:56:31:68:a8:60:46:c0:9d:ee:fc:5f:d3:c8:db:82:e3:
62:b1:44:33:76:2f:87:55:3b:9e:53:cd:5c:6d:2b:ea:f8:c7:
30:31:12:6a:50:f2:f7:e1:1f:be:bc:20:31:f6:29:06:6a:55:
7c:c4:65:5f:69:c7:5d:3d:c2:9d:8a:3c:75:56:70:aa:6b:b1:
1d:42:c0:a4:5c:32:0f:2b:c2:42:a0:96:b5:c0:4a:37:d1:b1:
43:4b:41:fd:dd:41:2a:6d:f1:32:d1:9d:3c:9c:cc:2c:38:02:
ab:4a:4b:7f:e1:5f:8d:7b:24:22:94:27:b0:9e:24:4e:7d:97:
a9:2d:46:a7:d3:33:7c:b7:37:d6:51:2f:f7:fd:e1:44:a8:08:
fb:b9:a4:94:52:8e:62:89:86:dd:32:55:0f:29:fa:8e:6d:ca:
ab:43:dc:46:cb:78:39:1f:28:ab:f1:48:a4:37:f3:b9:42:cc:
64:f9:b7:58:65:3b:0e:ac:e8:58:2b:62:45:74:f7:c4:3e:81:
03:84:b3:fe:12:c5:e6:21:df:68:46:e2:38:6e:93:0a:a9:ca:
8e:92:ee:eb
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEB/g2fTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTBkNWIzMGI0NmM3Yjk3YjJkYmM0NTg5Y2VhMzYyMmFkNzU2MTU2MB4XDTIyMDEw
MTA0NTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDkyYjU5OWQ1YzNk
MWQzMDQxODUwZmY0NjhhZGUwNGUyZWM5NTBjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbHrUF7xihK4IB57eGK46Yr+Nojdof4a0Hf0qgxaGOm7wa7
wA2AeLnwEXgBrvSw5e0Ho2Od+87Xlfc/ajTj0MNsiW97bbhaT9bPETTnpTd92xIz
csvO5OHhHmUx4GTfHegX7t0R8kmBMjKl9YLp4LLYfMGAcENowoQcX0j/HYGJVnkW
TwKjqcJX6uWhWLBZWWe6BUB/3zaAPVgLhMQAQnP/MhUv8s7hBxYXU6aBIlub5/Mw
ZyPCv/zR90Q5tyUU4l2SCI8RpcYkz0aZCTfNLmZWp3vq70iuW26zw+NphpofELE8
0EnUastt4tR2pJOEtcN/dQSwTwe9/ZkXU7Q53DkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRJK1mdXD0dMEGFD/RoreBOLslQzTAfBgNVHSMEGDAWgBTRDVswtGx7l7Lb
xFic6jYirXVhVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBRMWJNTFJzZTVleTI4UlluT28ySXExMVlWWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvNzI1NmVjLWMzNDYtNGIyOS1iN2Y1LTNlNDBkMDE3NDBiMi8x
L1NTdFpuVnc5SFRCQmhRXzBhSzNnVGk3SlVNMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
NzI1NmVjLWMzNDYtNGIyOS1iN2Y1LTNlNDBkMDE3NDBiMi8xLzBRMWJNTFJzZTVl
eTI4UlluT28ySXExMVlWWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALkBVjAPBAIAAjAJAwcAIAEH+ACv
MA0GCSqGSIb3DQEBCwUAA4IBAQABmAjwHLYDx7Dq91cHbQO+QH/zC2bVVHl1E8dt
OrOGLGc4s48fZVYxaKhgRsCd7vxf08jbguNisUQzdi+HVTueU81cbSvq+McwMRJq
UPL34R++vCAx9ikGalV8xGVfacddPcKdijx1VnCqa7EdQsCkXDIPK8JCoJa1wEo3
0bFDS0H93UEqbfEy0Z08nMwsOAKrSkt/4V+NeyQilCewniROfZepLUan0zN8tzfW
US/3/eFEqAj7uaSUUo5iiYbdMlUPKfqObcqrQ9xGy3g5Hyir8UikN/O5Qsxk+bdY
ZTsOrOhYK2JFdPfEPoEDhLP+EsXmId9oRuI4bpMKqcqOku7r
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:33 2024 by rpki-client on console-fra.rpki-client.org