Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/1-pJFSK35Bu2OYj29-LN59SKRXZg.roa
File: 1-pJFSK35Bu2OYj29-LN59SKRXZg.roa (raw, json)
Hash identifier: gfsjkqCC0h2EovhgwIOnH0KQCzFCvjYBbeJGg0XgVlw=
Subject key identifier: FA:92:45:48:AD:F9:06:ED:8E:62:3D:BD:F8:B3:79:F5:22:91:5D:98
Certificate issuer: /CN=b930da21518184145f6d7621b5a13bd54035ac83
Certificate serial: 11CB7D31
Authority key identifier: B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/1-pJFSK35Bu2OYj29-LN59SKRXZg.roa
Signing time: Sat 01 Jan 2022 05:54:52 +0000
ROA not before: Sat 01 Jan 2022 05:54:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202876
IP address blocks: 185.152.28.0/22 maxlen: 22
2a07:7d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298548529 (0x11cb7d31)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b930da21518184145f6d7621b5a13bd54035ac83
Validity
Not Before: Jan 1 05:54:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa924548adf906ed8e623dbdf8b379f522915d98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:31:76:a7:d7:71:75:54:4c:56:73:42:c4:a8:
e6:63:be:7e:82:ef:e4:59:4e:7c:9f:d1:f7:06:32:
e1:cd:f4:e0:fe:64:3b:f4:5b:fb:11:f8:af:91:c9:
42:e7:2a:70:6b:0a:88:b7:c7:d7:79:7d:d5:f4:b6:
41:30:e4:f3:d4:b3:1a:6a:fe:b1:96:72:aa:8f:68:
91:c7:b1:b3:a5:42:c9:5c:57:dd:80:9c:89:de:5e:
9e:1a:49:8b:d6:5c:b3:1a:a1:10:43:5b:ee:bc:a3:
40:14:ad:bd:7c:0b:f7:9f:77:59:1a:42:38:3f:18:
ca:27:96:e9:9d:9f:90:57:a5:a1:d6:9e:98:5f:64:
7d:4d:ae:e6:d1:16:22:32:dd:91:96:91:47:d8:c6:
18:e1:36:b8:17:f0:86:9f:1c:cf:62:ad:df:21:3b:
64:e3:6c:32:54:24:76:d8:43:fc:52:5e:9c:7f:ac:
de:e7:6a:26:ee:dc:79:d8:6b:27:f1:83:61:62:27:
3d:bb:ff:ba:31:91:74:a2:84:7f:c3:ff:32:22:05:
49:2f:3a:16:30:72:97:8b:17:54:5a:06:2d:76:0c:
8d:5e:c3:39:4a:48:e0:f7:69:ad:2b:21:c9:a9:b8:
2b:60:99:7f:2b:18:35:d5:0b:28:e7:93:50:37:96:
b4:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:92:45:48:AD:F9:06:ED:8E:62:3D:BD:F8:B3:79:F5:22:91:5D:98
X509v3 Authority Key Identifier:
keyid:B9:30:DA:21:51:81:84:14:5F:6D:76:21:B5:A1:3B:D5:40:35:AC:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uTDaIVGBhBRfbXYhtaE71UA1rIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/1-pJFSK35Bu2OYj29-LN59SKRXZg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/470cda-d0ec-4323-ae9b-994af5c34402/1/uTDaIVGBhBRfbXYhtaE71UA1rIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.28.0/22
IPv6:
2a07:7d40::/29
Signature Algorithm: sha256WithRSAEncryption
4d:cb:4b:89:21:d8:e8:68:4b:cf:d6:00:99:76:7e:aa:22:fb:
22:51:cc:8e:ce:ac:b8:a0:95:e0:6f:0f:a6:85:44:0a:e5:15:
50:0e:37:70:0f:1c:92:c7:20:bc:3b:d5:75:21:23:9f:b6:f6:
bd:58:98:eb:b0:40:9f:8d:f9:f6:e0:6e:cb:70:0e:6d:a0:25:
c1:30:a0:ee:49:99:1c:c9:ce:71:dd:bb:c4:11:21:c1:67:31:
6d:96:87:05:5a:be:63:55:02:68:16:7e:67:2f:65:6d:b2:c2:
fd:8d:51:c0:45:65:ec:50:03:a2:a5:4d:e8:06:7a:b5:1e:1e:
61:d5:b3:65:5a:bc:09:5c:34:3d:b5:f1:4f:22:16:c0:f6:9d:
90:93:1d:06:ce:a7:d1:22:22:50:43:e0:71:d1:f2:a4:a0:72:
97:70:79:b5:f1:9d:4a:cd:b5:19:67:bb:38:ca:78:7a:84:cd:
d6:e2:83:90:a6:5f:9c:48:39:a4:c7:a8:7f:5d:79:9b:ba:f8:
a4:d0:4c:0e:95:dd:22:d6:1b:71:3f:e6:e2:9e:79:75:f9:9c:
d6:a7:65:6a:b0:2c:de:dd:d3:eb:c5:d4:a1:a6:f5:31:4c:13:
fe:d2:85:02:74:f5:bd:fb:d9:f5:bc:12:7b:ab:c1:bf:81:f9:
2b:d0:76:da
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEEct9MTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OTMwZGEyMTUxODE4NDE0NWY2ZDc2MjFiNWExM2JkNTQwMzVhYzgzMB4XDTIyMDEw
MTA1NTQ1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmE5MjQ1NDhhZGY5
MDZlZDhlNjIzZGJkZjhiMzc5ZjUyMjkxNWQ5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkxdqfXcXVUTFZzQsSo5mO+foLv5FlOfJ/R9wYy4c304P5k
O/Rb+xH4r5HJQucqcGsKiLfH13l91fS2QTDk89SzGmr+sZZyqo9okcexs6VCyVxX
3YCcid5enhpJi9ZcsxqhEENb7ryjQBStvXwL9593WRpCOD8YyieW6Z2fkFelodae
mF9kfU2u5tEWIjLdkZaRR9jGGOE2uBfwhp8cz2Kt3yE7ZONsMlQkdthD/FJenH+s
3udqJu7cedhrJ/GDYWInPbv/ujGRdKKEf8P/MiIFSS86FjByl4sXVFoGLXYMjV7D
OUpI4PdprSshyam4K2CZfysYNdULKOeTUDeWtAMCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBT6kkVIrfkG7Y5iPb34s3n1IpFdmDAfBgNVHSMEGDAWgBS5MNohUYGEFF9t
diG1oTvVQDWsgzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VURGFJVkdCaEJSZmJYWWh0YUU3MVVBMXJJTS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvNDcwY2RhLWQwZWMtNDMyMy1hZTliLTk5NGFmNWMzNDQwMi8x
LzEtcEpGU0szNUJ1Mk9ZajI5LUxONTlTS1JYWmcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzM0
LzQ3MGNkYS1kMGVjLTQzMjMtYWU5Yi05OTRhZjVjMzQ0MDIvMS91VERhSVZHQmhC
UmZiWFlodGFFNzFVQTFySU0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
LgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5mBwwDQQCAAIwBwMFAyoHfUAw
DQYJKoZIhvcNAQELBQADggEBAE3LS4kh2OhoS8/WAJl2fqoi+yJRzI7OrLigleBv
D6aFRArlFVAON3APHJLHILw71XUhI5+29r1YmOuwQJ+N+fbgbstwDm2gJcEwoO5J
mRzJznHdu8QRIcFnMW2WhwVavmNVAmgWfmcvZW2ywv2NUcBFZexQA6KlTegGerUe
HmHVs2VavAlcND218U8iFsD2nZCTHQbOp9EiIlBD4HHR8qSgcpdwebXxnUrNtRln
uzjKeHqEzdbig5CmX5xIOaTHqH9deZu6+KTQTA6V3SLWG3E/5uKeeXX5nNanZWqw
LN7d0+vF1KGm9TFME/7ShQJ09b372fW8Enurwb+B+SvQdto=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:57 2024 by rpki-client on console-fra.rpki-client.org