Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/SLCG1SzbS62pfqXn-9an9e65rK4.roa
File: SLCG1SzbS62pfqXn-9an9e65rK4.roa (raw, json)
Hash identifier: BWs6V4aSaoAPRBaClqj5BYMQ8uwNh78n/6IxQ2KHRK8=
Subject key identifier: 48:B0:86:D5:2C:DB:4B:AD:A9:7E:A5:E7:FB:D6:A7:F5:EE:B9:AC:AE
Certificate issuer: /CN=c70dbf555870b556acfab428c74eacee56f7b222
Certificate serial: 1450FE1B
Authority key identifier: C7:0D:BF:55:58:70:B5:56:AC:FA:B4:28:C7:4E:AC:EE:56:F7:B2:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/SLCG1SzbS62pfqXn-9an9e65rK4.roa
Signing time: Sat 01 Jan 2022 01:56:21 +0000
ROA not before: Sat 01 Jan 2022 01:56:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202096
IP address blocks: 185.53.138.0/23 maxlen: 23
185.53.136.0/23 maxlen: 23
185.53.136.0/22 maxlen: 22
2a02:2d20::/32 maxlen: 32
2a02:2d20::/48 maxlen: 48
2a02:2d20:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 340852251 (0x1450fe1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c70dbf555870b556acfab428c74eacee56f7b222
Validity
Not Before: Jan 1 01:56:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48b086d52cdb4bada97ea5e7fbd6a7f5eeb9acae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f5:ad:a1:00:6d:3b:14:7d:a6:49:c1:62:89:
50:cd:41:ca:aa:3c:52:4c:30:6a:3c:2c:5c:ad:87:
4f:44:de:bb:5b:f5:64:95:e9:2f:66:7a:30:2a:06:
ac:69:60:61:c8:e8:ec:d2:b9:8d:42:fd:98:01:ed:
af:20:b8:80:fc:ba:cb:67:4b:76:fd:0b:77:4c:3b:
8c:ef:19:2e:6e:2c:a8:50:74:89:29:74:4c:de:ab:
9a:e6:11:c2:55:c2:5a:05:32:8b:db:96:ec:fa:56:
b9:8c:6a:03:d2:90:63:a7:dd:41:c5:8e:70:4c:a9:
d1:cd:00:b2:ff:88:68:a8:b5:a4:0f:2d:76:11:88:
fc:43:c4:17:0a:1c:5b:50:3f:d9:0d:84:82:68:17:
54:81:e6:e6:3c:45:7b:fb:b2:e1:94:f4:68:0a:c5:
35:49:29:98:5f:b3:c2:99:8a:c4:1a:43:a4:04:9b:
01:37:b4:6a:66:2f:ab:9e:68:ee:f4:8c:70:9e:b6:
94:b3:a1:89:fe:89:ef:89:f9:50:9e:a2:e6:d7:7f:
ba:dd:16:48:36:76:28:b3:73:0a:25:5e:cd:0e:9e:
e1:9b:85:eb:cd:49:a6:41:d0:5e:e7:50:89:92:1d:
2b:46:16:f8:84:74:7f:a0:55:1c:99:f8:e5:55:f9:
5c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:B0:86:D5:2C:DB:4B:AD:A9:7E:A5:E7:FB:D6:A7:F5:EE:B9:AC:AE
X509v3 Authority Key Identifier:
keyid:C7:0D:BF:55:58:70:B5:56:AC:FA:B4:28:C7:4E:AC:EE:56:F7:B2:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xw2_VVhwtVas-rQox06s7lb3siI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/SLCG1SzbS62pfqXn-9an9e65rK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/582b7f-60c3-411a-9625-32da1db4b203/1/xw2_VVhwtVas-rQox06s7lb3siI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.136.0/22
IPv6:
2a02:2d20::/32
Signature Algorithm: sha256WithRSAEncryption
ba:ca:08:a5:ff:4d:4f:80:1d:68:06:53:6b:7d:e2:9e:7a:2c:
d7:6b:75:ee:28:e0:2e:77:fb:7e:c8:b5:2f:8b:e0:eb:a6:b8:
42:c4:e5:93:25:bd:91:d6:68:44:07:92:62:b6:1f:9a:7c:cd:
c1:d3:4d:dc:a6:86:c5:c1:6e:65:a5:a5:db:5c:0b:5f:de:7b:
eb:b2:b7:f1:31:ac:24:95:ef:f6:1a:22:20:76:e4:ab:68:2a:
5e:11:2c:56:57:91:81:8a:a8:e5:81:5f:52:58:ca:3e:5f:94:
e2:70:b2:9b:02:22:b1:d9:39:5d:01:3c:54:dc:21:a5:1e:b0:
cd:77:0b:04:52:1b:e9:36:3a:42:31:fb:26:74:10:f7:8a:62:
df:eb:98:44:a5:0d:41:52:62:fc:f6:dd:c3:18:af:d0:46:89:
0d:ee:e1:a5:73:5b:e6:16:d0:86:e9:e5:91:e4:74:14:b0:ce:
db:4e:eb:2f:3c:c7:18:03:bd:43:29:c9:38:3f:a4:46:a3:bb:
3e:c6:a3:5a:e1:3e:fc:45:08:4d:a2:f6:b5:90:de:ad:80:f4:
86:01:40:34:53:f5:d8:72:ab:13:7d:18:0d:61:fd:65:46:b9:
b2:40:f4:12:a2:4f:ad:54:f2:a1:54:65:9f:b1:1b:ef:d3:55:
56:8c:cd:3b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEFFD+GzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzBkYmY1NTU4NzBiNTU2YWNmYWI0MjhjNzRlYWNlZTU2ZjdiMjIyMB4XDTIyMDEw
MTAxNTYyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDhiMDg2ZDUyY2Ri
NGJhZGE5N2VhNWU3ZmJkNmE3ZjVlZWI5YWNhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ71raEAbTsUfaZJwWKJUM1Byqo8UkwwajwsXK2HT0Teu1v1
ZJXpL2Z6MCoGrGlgYcjo7NK5jUL9mAHtryC4gPy6y2dLdv0Ld0w7jO8ZLm4sqFB0
iSl0TN6rmuYRwlXCWgUyi9uW7PpWuYxqA9KQY6fdQcWOcEyp0c0Asv+IaKi1pA8t
dhGI/EPEFwocW1A/2Q2EgmgXVIHm5jxFe/uy4ZT0aArFNUkpmF+zwpmKxBpDpASb
ATe0amYvq55o7vSMcJ62lLOhif6J74n5UJ6i5td/ut0WSDZ2KLNzCiVezQ6e4ZuF
681JpkHQXudQiZIdK0YW+IR0f6BVHJn45VX5XB8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRIsIbVLNtLral+pef71qf17rmsrjAfBgNVHSMEGDAWgBTHDb9VWHC1Vqz6
tCjHTqzuVveyIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3h3Ml9WVmh3dFZhcy1yUW94MDZzN2xiM3NpSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvNTgyYjdmLTYwYzMtNDExYS05NjI1LTMyZGExZGI0YjIwMy8x
L1NMQ0cxU3piUzYycGZxWG4tOWFuOWU2NXJLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
NTgyYjdmLTYwYzMtNDExYS05NjI1LTMyZGExZGI0YjIwMy8xL3h3Ml9WVmh3dFZh
cy1yUW94MDZzN2xiM3NpSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk1iDANBAIAAjAHAwUAKgItIDAN
BgkqhkiG9w0BAQsFAAOCAQEAusoIpf9NT4AdaAZTa33innos12t17ijgLnf7fsi1
L4vg66a4QsTlkyW9kdZoRAeSYrYfmnzNwdNN3KaGxcFuZaWl21wLX95767K38TGs
JJXv9hoiIHbkq2gqXhEsVleRgYqo5YFfUljKPl+U4nCymwIisdk5XQE8VNwhpR6w
zXcLBFIb6TY6QjH7JnQQ94pi3+uYRKUNQVJi/Pbdwxiv0EaJDe7hpXNb5hbQhunl
keR0FLDO207rLzzHGAO9QynJOD+kRqO7PsajWuE+/EUITaL2tZDerYD0hgFANFP1
2HKrE30YDWH9ZUa5skD0EqJPrVTyoVRln7Eb79NVVozNOw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:10 2024 by rpki-client on console-fra.rpki-client.org