Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lO2IgKIqb7HaGhNw4ievXozDo40.roa
File: lO2IgKIqb7HaGhNw4ievXozDo40.roa (raw, json)
Hash identifier: reUaN82hPRcP7lZaRljo3O1Rj9/ErTaVug/2TdRq4YU=
Subject key identifier: 94:ED:88:80:A2:2A:6F:B1:DA:1A:13:70:E2:27:AF:5E:8C:C3:A3:8D
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1C37D9B1
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lO2IgKIqb7HaGhNw4ievXozDo40.roa
Signing time: Fri 25 Feb 2022 14:33:46 +0000
ROA not before: Fri 25 Feb 2022 14:33:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 176.118.200.0/22 maxlen: 22
64.43.124.0/22 maxlen: 24
193.36.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473422257 (0x1c37d9b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Feb 25 14:33:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94ed8880a22a6fb1da1a1370e227af5e8cc3a38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a0:99:94:7b:8d:38:60:b1:64:07:fa:0e:2b:
f2:7f:7b:9b:8d:9c:c7:bc:f7:90:76:af:e4:48:9a:
31:ab:14:0b:dd:27:e6:d2:ff:b9:fb:2f:f6:21:0c:
81:51:ea:d3:a7:03:eb:8f:17:4a:dd:4a:03:14:7f:
45:6c:22:a6:f9:47:99:8f:79:9a:a9:6f:a3:76:c0:
13:86:ee:65:ad:9f:fc:03:9f:1b:ee:b9:5e:5a:5e:
cc:37:4f:66:5c:e7:6c:81:a9:98:88:d0:92:68:9e:
4f:ea:bf:43:c3:96:aa:13:1b:c1:2c:80:d4:fa:7e:
6c:d3:24:2b:60:e6:30:16:cc:b1:64:9a:ef:5c:ec:
b3:8a:33:30:b7:65:49:3f:c9:9c:73:54:f3:4e:01:
ea:47:43:19:b8:a1:cb:cd:aa:6b:e3:68:75:3e:d8:
a9:08:99:e3:89:e4:6e:28:cf:10:7a:fb:4c:f9:f5:
5a:7a:72:28:a6:47:af:28:10:94:d4:69:7f:e8:48:
17:e1:ef:e0:c1:22:5f:f2:0b:95:4a:ff:1f:fa:0a:
0c:f9:df:88:b3:4f:88:ed:e5:de:27:e1:af:6b:82:
f7:fb:46:ad:50:26:68:63:67:92:d9:e0:f4:1a:ff:
4e:77:a3:a8:52:5f:1d:b7:70:18:67:5b:18:d7:de:
70:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:ED:88:80:A2:2A:6F:B1:DA:1A:13:70:E2:27:AF:5E:8C:C3:A3:8D
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lO2IgKIqb7HaGhNw4ievXozDo40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.43.124.0/22
176.118.200.0/22
193.36.204.0/22
Signature Algorithm: sha256WithRSAEncryption
72:e2:67:13:15:20:c6:62:e0:a3:60:a1:ef:6d:d9:c8:af:5d:
32:cb:77:fd:b2:b3:24:9d:8c:68:39:10:83:53:af:f9:2b:49:
27:c7:cf:fb:dc:e3:be:f8:2c:88:43:80:9c:47:69:c5:6c:6f:
4f:85:33:72:b0:37:1c:7b:67:b9:22:d6:c4:a1:a9:82:43:5f:
c2:0b:08:7a:e0:c8:68:29:e5:50:d3:ab:79:39:06:65:79:a9:
f3:d8:04:14:e0:6d:69:53:9a:b5:6b:1c:96:2e:da:69:6c:24:
cc:c6:79:a5:68:e1:0f:d9:56:5d:67:a8:ba:89:8d:48:85:38:
a1:c0:be:77:f0:f8:d4:b3:2e:7e:ad:64:04:e1:f3:66:3b:c8:
26:83:1a:5a:e9:29:41:4e:25:cc:f3:2b:73:05:b6:d8:ba:59:
1a:48:28:d8:5a:da:d1:11:32:89:27:fc:86:91:61:76:4d:00:
bd:eb:3b:a6:d3:c9:c3:44:f7:57:27:2c:06:9c:27:c6:2a:49:
d8:72:1f:b0:14:67:5c:9d:28:9d:01:71:c5:5f:2d:9e:4a:bf:
3a:a4:31:c7:0f:49:2e:8e:83:3b:aa:72:79:48:8e:4a:60:71:
e9:53:02:95:db:86:4d:e1:94:84:a4:3d:77:e3:30:6e:03:a1:
df:2a:20:ad
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEHDfZsTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDIy
NTE0MzM0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRlZDg4ODBhMjJh
NmZiMWRhMWExMzcwZTIyN2FmNWU4Y2MzYTM4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKgmZR7jThgsWQH+g4r8n97m42cx7z3kHav5EiaMasUC90n
5tL/ufsv9iEMgVHq06cD648XSt1KAxR/RWwipvlHmY95mqlvo3bAE4buZa2f/AOf
G+65XlpezDdPZlznbIGpmIjQkmieT+q/Q8OWqhMbwSyA1Pp+bNMkK2DmMBbMsWSa
71zss4ozMLdlST/JnHNU804B6kdDGbihy82qa+NodT7YqQiZ44nkbijPEHr7TPn1
WnpyKKZHrygQlNRpf+hIF+Hv4MEiX/ILlUr/H/oKDPnfiLNPiO3l3ifhr2uC9/tG
rVAmaGNnktng9Br/TnejqFJfHbdwGGdbGNfecPMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSU7YiAoipvsdoaE3DiJ69ejMOjjTAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L2xPMklnS0lxYjdIYUdoTnc0aWV2WG96RG80MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAkArfAMEArB2yAMEAsEkzDANBgkq
hkiG9w0BAQsFAAOCAQEAcuJnExUgxmLgo2Ch723ZyK9dMst3/bKzJJ2MaDkQg1Ov
+StJJ8fP+9zjvvgsiEOAnEdpxWxvT4UzcrA3HHtnuSLWxKGpgkNfwgsIeuDIaCnl
UNOreTkGZXmp89gEFOBtaVOatWscli7aaWwkzMZ5pWjhD9lWXWeouomNSIU4ocC+
d/D41LMufq1kBOHzZjvIJoMaWukpQU4lzPMrcwW22LpZGkgo2Fra0REyiSf8hpFh
dk0Aves7ptPJw0T3VycsBpwnxipJ2HIfsBRnXJ0onQFxxV8tnkq/OqQxxw9JLo6D
O6pyeUiOSmBx6VMClduGTeGUhKQ9d+MwbgOh3yogrQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:48 2024 by rpki-client on console-ams.rpki-client.org