Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/N8bi7oBFXMVlaAWDSlAqj7zw5M0.roa
File: N8bi7oBFXMVlaAWDSlAqj7zw5M0.roa (raw, json)
Hash identifier: Qqk9wABY6bsfO4447dybXjFHbDxBQelh5BPLiBsToMs=
Subject key identifier: 37:C6:E2:EE:80:45:5C:C5:65:68:05:83:4A:50:2A:8F:BC:F0:E4:CD
Certificate issuer: /CN=f85d004446182d51fd38f7f75fe2a5c8608bc86d
Certificate serial: 1893A6A5
Authority key identifier: F8:5D:00:44:46:18:2D:51:FD:38:F7:F7:5F:E2:A5:C8:60:8B:C8:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-F0AREYYLVH9OPf3X-KlyGCLyG0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/N8bi7oBFXMVlaAWDSlAqj7zw5M0.roa
Signing time: Fri 10 Jun 2022 15:20:04 +0000
ROA not before: Fri 10 Jun 2022 15:20:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59779
IP address blocks: 185.57.50.0/24 maxlen: 24
185.57.48.0/23 maxlen: 23
185.12.182.0/24 maxlen: 24
185.12.180.0/23 maxlen: 23
2a02:57e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 412329637 (0x1893a6a5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f85d004446182d51fd38f7f75fe2a5c8608bc86d
Validity
Not Before: Jun 10 15:20:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37c6e2ee80455cc5656805834a502a8fbcf0e4cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ab:86:53:14:17:b1:8c:41:b0:ee:b5:f0:66:
1e:11:33:12:7a:1f:c0:97:c9:53:9b:1a:ec:24:78:
37:40:e3:9c:25:82:cc:d8:a4:48:b9:c3:b6:de:bc:
aa:7e:f7:18:6b:5c:33:22:9d:d7:07:ae:b6:1d:16:
91:2d:a9:01:3b:ac:e3:d4:84:0f:20:45:ec:8d:88:
75:1d:42:7d:18:0e:7a:14:d1:39:b3:60:8b:8c:a9:
02:eb:3a:74:8b:59:d0:41:c2:a4:e8:47:da:df:a2:
f2:c3:36:d7:53:5c:80:f0:9f:c3:a3:8f:17:33:71:
9c:4a:23:8a:19:d3:7f:36:6b:fd:d3:6e:13:35:ff:
ad:b9:da:1b:a1:7b:e3:8a:18:d7:3a:d1:a7:b4:bf:
a6:6f:53:de:44:7b:fc:c8:2e:1e:0a:93:a8:ba:52:
c3:3b:39:c1:42:96:04:ef:40:69:5b:9e:c1:93:67:
f3:80:cb:80:47:13:19:ff:90:2f:80:9b:b6:3c:8a:
4a:82:71:3a:90:04:97:30:15:9d:5c:d3:2e:c6:f9:
f9:5b:b5:b2:21:28:55:dc:ab:12:36:f4:29:e6:2d:
a9:86:2e:c8:f6:f4:2e:f6:e9:01:2a:a0:04:70:c3:
cf:ea:63:3d:b0:86:8b:52:a9:c6:8c:fd:2a:c1:43:
64:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:C6:E2:EE:80:45:5C:C5:65:68:05:83:4A:50:2A:8F:BC:F0:E4:CD
X509v3 Authority Key Identifier:
keyid:F8:5D:00:44:46:18:2D:51:FD:38:F7:F7:5F:E2:A5:C8:60:8B:C8:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-F0AREYYLVH9OPf3X-KlyGCLyG0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/N8bi7oBFXMVlaAWDSlAqj7zw5M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c9db52-ac91-406a-9f95-080ee0a97f6a/1/1-F0AREYYLVH9OPf3X-KlyGCLyG0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.12.180.0-185.12.182.255
185.57.48.0-185.57.50.255
IPv6:
2a02:57e0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:43:72:4f:17:3a:6d:81:5f:0a:e7:a9:f9:66:60:df:13:a5:
81:9c:9a:93:f5:3c:0b:17:dc:0c:23:1e:67:b4:f3:64:48:f8:
01:6f:29:e0:03:a9:61:fe:3b:51:65:06:7b:6a:52:04:ab:7c:
25:36:91:fa:1f:b6:8a:70:b9:9e:6b:d7:ab:23:82:cb:b7:7c:
91:96:70:81:39:b2:85:bd:29:05:cf:48:56:f2:d2:ed:a7:67:
5c:e1:61:e9:da:2c:c0:d4:d7:25:ed:23:ff:18:f9:ef:83:6b:
d1:33:8c:b6:16:ed:ad:e4:86:c2:94:5f:22:49:be:0d:42:90:
4f:d6:41:2d:fe:85:71:90:97:06:ae:ff:49:98:ee:94:2f:87:
ac:c7:2c:0e:c7:4a:42:d2:02:70:d0:34:ef:d4:ec:da:f3:c1:
ae:c9:8c:33:22:a0:0e:68:84:2c:83:ea:c7:8a:0c:a3:f3:9a:
13:76:31:d2:20:23:98:4f:15:d2:9f:f8:09:99:d5:7b:49:83:
25:fc:95:1b:30:f1:13:7c:bb:c1:95:50:c1:97:fa:72:d9:20:
b8:54:47:59:d9:d6:22:d0:bc:7b:84:2e:39:83:36:07:02:f7:
53:2d:76:12:52:21:0c:f2:e9:cb:77:f9:89:3c:48:d9:7f:c8:
47:15:a2:ff
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGJOmpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ODVkMDA0NDQ2MTgyZDUxZmQzOGY3Zjc1ZmUyYTVjODYwOGJjODZkMB4XDTIyMDYx
MDE1MjAwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdjNmUyZWU4MDQ1
NWNjNTY1NjgwNTgzNGE1MDJhOGZiY2YwZTRjZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJOrhlMUF7GMQbDutfBmHhEzEnofwJfJU5sa7CR4N0DjnCWC
zNikSLnDtt68qn73GGtcMyKd1weuth0WkS2pATus49SEDyBF7I2IdR1CfRgOehTR
ObNgi4ypAus6dItZ0EHCpOhH2t+i8sM211NcgPCfw6OPFzNxnEojihnTfzZr/dNu
EzX/rbnaG6F744oY1zrRp7S/pm9T3kR7/MguHgqTqLpSwzs5wUKWBO9AaVuewZNn
84DLgEcTGf+QL4CbtjyKSoJxOpAElzAVnVzTLsb5+Vu1siEoVdyrEjb0KeYtqYYu
yPb0LvbpASqgBHDDz+pjPbCGi1Kpxoz9KsFDZIMCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBQ3xuLugEVcxWVoBYNKUCqPvPDkzTAfBgNVHSMEGDAWgBT4XQBERhgtUf04
9/df4qXIYIvIbTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtRjBBUkVZWUxWSDlPUGYzWC1LbHlHQ0x5RzAuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzJhL2M5ZGI1Mi1hYzkxLTQwNmEtOWY5NS0wODBlZTBhOTdmNmEv
MS9OOGJpN29CRlhNVmxhQVdEU2xBcWo3enc1TTAucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzJh
L2M5ZGI1Mi1hYzkxLTQwNmEtOWY5NS0wODBlZTBhOTdmNmEvMS8xLUYwQVJFWVlM
Vkg5T1BmM1gtS2x5R0NMeUcwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEQGCCsGAQUFBwEHAQH/BDUwMzAiBAIAATAcMAwDBAK5DLQDBAC5DLYwDAMEBLk5
MAMEALk5MjANBAIAAjAHAwUAKgJX4DANBgkqhkiG9w0BAQsFAAOCAQEAKkNyTxc6
bYFfCuep+WZg3xOlgZyak/U8CxfcDCMeZ7TzZEj4AW8p4AOpYf47UWUGe2pSBKt8
JTaR+h+2inC5nmvXqyOCy7d8kZZwgTmyhb0pBc9IVvLS7adnXOFh6doswNTXJe0j
/xj574Nr0TOMthbtreSGwpRfIkm+DUKQT9ZBLf6FcZCXBq7/SZjulC+HrMcsDsdK
QtICcNA079Ts2vPBrsmMMyKgDmiELIPqx4oMo/OaE3Yx0iAjmE8V0p/4CZnVe0mD
JfyVGzDxE3y7wZVQwZf6ctkguFRHWdnWItC8e4QuOYM2BwL3Uy12ElIhDPLpy3f5
iTxI2X/IRxWi/w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:18 2024 by rpki-client on console-ams.rpki-client.org