Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/PAedJ1J4mSr8FMIJHF10piHoRS0.roa
File: PAedJ1J4mSr8FMIJHF10piHoRS0.roa (raw, json)
Hash identifier: nnKIngAAODnlngyeXymjZKoSummxAizdlJhSTWrWfMc=
Subject key identifier: 3C:07:9D:27:52:78:99:2A:FC:14:C2:09:1C:5D:74:A6:21:E8:45:2D
Certificate issuer: /CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Certificate serial: 0A4D9BCD
Authority key identifier: 4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/PAedJ1J4mSr8FMIJHF10piHoRS0.roa
Signing time: Sat 01 Jan 2022 11:55:12 +0000
ROA not before: Sat 01 Jan 2022 11:55:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197588
IP address blocks: 185.101.188.0/22 maxlen: 22
185.101.188.0/24 maxlen: 24
185.101.190.0/24 maxlen: 24
185.101.190.0/23 maxlen: 23
178.219.129.0/24 maxlen: 24
178.219.130.0/24 maxlen: 24
2a00:c020::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172858317 (0xa4d9bcd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d5f0cb06a5a47b4ddac7f4d6dfd44aba4d31f2e
Validity
Not Before: Jan 1 11:55:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c079d275278992afc14c2091c5d74a621e8452d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:cd:86:1d:27:cf:77:b9:a9:8e:f6:59:cb:ae:
82:da:7d:4b:18:48:5e:df:59:42:af:c2:07:21:b6:
61:60:fc:7e:c0:d1:6f:3a:1f:92:7a:a2:5c:25:4b:
5a:b6:c6:40:16:69:56:91:f6:b4:82:1d:92:f9:f2:
3f:e2:6f:95:9a:be:d9:2b:e2:7c:35:3d:e3:ad:83:
8f:e4:50:33:e9:0d:b6:2f:a7:6b:f0:b2:be:9b:fd:
58:59:c6:92:72:44:71:85:59:10:7f:74:d0:84:5a:
fb:73:e3:b6:3f:2c:00:6e:f5:f9:7b:26:dc:56:ea:
4d:9b:2d:23:68:6a:2b:2e:96:42:89:0d:3e:07:e1:
97:60:a5:3b:65:5c:a9:c0:e9:bc:f5:84:b4:9e:c0:
76:18:3f:ea:db:d8:1e:f8:6a:e6:ab:3d:02:e9:57:
f8:ae:57:fd:f0:0f:40:d8:a7:50:b0:e4:57:a8:37:
19:fe:01:35:5c:60:f2:29:2e:c6:26:6e:fb:3b:7e:
e3:5c:83:6d:0a:05:cc:40:fb:2e:61:c9:0d:2e:f1:
62:db:aa:f0:3b:9c:a0:d0:8e:00:97:f4:52:5e:e7:
a4:dd:1b:a3:20:7d:e3:d8:96:aa:3a:92:46:46:56:
2a:f5:46:89:ce:6e:dc:1c:71:7e:bb:23:8d:92:0b:
c4:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:07:9D:27:52:78:99:2A:FC:14:C2:09:1C:5D:74:A6:21:E8:45:2D
X509v3 Authority Key Identifier:
keyid:4D:5F:0C:B0:6A:5A:47:B4:DD:AC:7F:4D:6D:FD:44:AB:A4:D3:1F:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/PAedJ1J4mSr8FMIJHF10piHoRS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/cb8339-cee3-4037-bacc-dc8b52e3ea0a/1/TV8MsGpaR7TdrH9Nbf1Eq6TTHy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.219.129.0-178.219.130.255
185.101.188.0/22
IPv6:
2a00:c020::/36
Signature Algorithm: sha256WithRSAEncryption
5f:c1:8c:31:93:1a:77:66:6e:53:54:29:e4:a5:45:4f:07:fc:
96:ee:55:57:5a:2e:e0:5f:3b:2a:9c:c9:04:08:30:ab:91:71:
ed:21:44:3d:67:e3:e0:42:87:9f:72:cf:ae:74:5c:ca:9c:b3:
8b:df:59:06:2d:0a:8d:ab:bb:49:85:a0:a8:6e:6d:22:c1:bf:
f2:8a:b9:16:0c:f8:a0:5e:7e:dd:57:c6:b9:13:af:bf:0e:59:
f6:70:78:0e:7e:2f:52:a7:99:df:3a:d3:ce:1e:f0:7f:8f:8e:
8b:49:f4:64:dd:37:3a:20:53:73:68:78:b0:8f:47:c6:61:78:
49:ac:44:33:f2:f1:75:11:28:c9:8f:58:50:64:ed:4d:d8:08:
20:1b:17:43:f5:e1:2d:c1:1c:d1:01:4f:ba:5f:31:3a:62:88:
01:82:40:42:cb:47:73:1a:23:3e:ed:ed:b0:64:98:81:db:94:
37:0f:cb:89:41:83:7d:b1:fe:c4:fd:79:81:0d:a7:fe:2b:76:
d6:ec:20:5e:a5:8d:bc:07:fb:05:aa:d2:d1:61:9b:37:f0:ec:
61:a4:a1:15:f4:5d:48:ba:8b:1d:df:44:1e:60:0a:7f:9c:db:
0c:13:7a:2f:70:9a:dd:33:31:e4:e6:39:6e:7f:bc:8e:a4:f6:
ba:61:cd:5d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECk2bzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZDVmMGNiMDZhNWE0N2I0ZGRhYzdmNGQ2ZGZkNDRhYmE0ZDMxZjJlMB4XDTIyMDEw
MTExNTUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2MwNzlkMjc1Mjc4
OTkyYWZjMTRjMjA5MWM1ZDc0YTYyMWU4NDUyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO/Nhh0nz3e5qY72Wcuugtp9SxhIXt9ZQq/CByG2YWD8fsDR
bzofknqiXCVLWrbGQBZpVpH2tIIdkvnyP+JvlZq+2SvifDU9462Dj+RQM+kNti+n
a/Cyvpv9WFnGknJEcYVZEH900IRa+3Pjtj8sAG71+Xsm3FbqTZstI2hqKy6WQokN
Pgfhl2ClO2VcqcDpvPWEtJ7Adhg/6tvYHvhq5qs9AulX+K5X/fAPQNinULDkV6g3
Gf4BNVxg8ikuxiZu+zt+41yDbQoFzED7LmHJDS7xYtuq8DucoNCOAJf0Ul7npN0b
oyB949iWqjqSRkZWKvVGic5u3BxxfrsjjZILxJcCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQ8B50nUniZKvwUwgkcXXSmIehFLTAfBgNVHSMEGDAWgBRNXwywalpHtN2s
f01t/USrpNMfLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RWOE1zR3BhUjdUZHJIOU5iZjFFcTZUVEh5NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvY2I4MzM5LWNlZTMtNDAzNy1iYWNjLWRjOGI1MmUzZWEwYS8x
L1BBZWRKMUo0bVNyOEZNSUpIRjEwcGlIb1JTMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
Y2I4MzM5LWNlZTMtNDAzNy1iYWNjLWRjOGI1MmUzZWEwYS8xL1RWOE1zR3BhUjdU
ZHJIOU5iZjFFcTZUVEh5NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwGgQCAAEwFDAMAwQAstuBAwQAstuCAwQCuWW8MA4E
AgACMAgDBgQqAMAgADANBgkqhkiG9w0BAQsFAAOCAQEAX8GMMZMad2ZuU1Qp5KVF
Twf8lu5VV1ou4F87KpzJBAgwq5Fx7SFEPWfj4EKHn3LPrnRcypyzi99ZBi0Kjau7
SYWgqG5tIsG/8oq5Fgz4oF5+3VfGuROvvw5Z9nB4Dn4vUqeZ3zrTzh7wf4+Oi0n0
ZN03OiBTc2h4sI9HxmF4SaxEM/LxdREoyY9YUGTtTdgIIBsXQ/XhLcEc0QFPul8x
OmKIAYJAQstHcxojPu3tsGSYgduUNw/LiUGDfbH+xP15gQ2n/it21uwgXqWNvAf7
BarS0WGbN/DsYaShFfRdSLqLHd9EHmAKf5zbDBN6L3Ca3TMx5OY5bn+8jqT2umHN
XQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:59 2024 by rpki-client on console-ams.rpki-client.org