Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/B4T9I26qaJC4mIwGZNjYlm4G1d0.roa
File: B4T9I26qaJC4mIwGZNjYlm4G1d0.roa (raw, json)
Hash identifier: CljFL7X3aO1ZZan8ToEZzj5EM4+nnFQ+pbG0B1p6M2M=
Subject key identifier: 07:84:FD:23:6E:AA:68:90:B8:98:8C:06:64:D8:D8:96:6E:06:D5:DD
Certificate issuer: /CN=38b78c8eef9ad257d690d77dc9ae3fe9a624b28d
Certificate serial: 0A7C2761
Authority key identifier: 38:B7:8C:8E:EF:9A:D2:57:D6:90:D7:7D:C9:AE:3F:E9:A6:24:B2:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLeMju-a0lfWkNd9ya4_6aYkso0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/B4T9I26qaJC4mIwGZNjYlm4G1d0.roa
Signing time: Sat 01 Jan 2022 12:05:52 +0000
ROA not before: Sat 01 Jan 2022 12:05:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44133
IP address blocks: 185.119.116.0/22 maxlen: 22
93.189.24.0/21 maxlen: 21
37.252.184.0/21 maxlen: 21
2a00:63c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175908705 (0xa7c2761)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b78c8eef9ad257d690d77dc9ae3fe9a624b28d
Validity
Not Before: Jan 1 12:05:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0784fd236eaa6890b8988c0664d8d8966e06d5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bb:46:39:2f:1e:6b:12:78:16:63:4a:8a:8d:
1c:8d:d1:1d:1e:f3:2f:be:61:54:51:b8:36:0f:76:
52:a2:94:ae:dc:78:a3:64:ea:be:3d:75:75:6d:fb:
93:dc:bf:b0:d5:9d:d3:85:8c:09:30:bd:62:5c:e6:
72:2a:41:74:bf:d8:9e:0d:57:10:2f:f3:d2:45:bf:
74:50:72:6b:40:a5:08:b0:b2:33:53:ec:59:ff:cf:
e7:a6:6b:4b:34:25:68:a9:ee:79:00:ec:52:17:32:
c4:09:f3:62:54:a9:02:69:e2:99:98:19:e2:d5:f7:
9b:ad:1a:6f:9d:1a:f9:5c:56:5b:c4:1c:7e:fc:f4:
4d:2c:d8:6e:1e:06:19:c6:82:7b:35:a5:29:e6:0b:
70:fa:fe:38:5e:31:3b:ea:9d:a0:b1:d4:be:33:68:
86:89:ea:99:77:b1:6f:a6:22:7b:00:5a:1b:02:71:
2f:40:cf:56:1d:b4:13:cb:16:b8:18:6e:12:eb:a9:
99:f6:41:82:33:f2:45:8f:bf:26:7b:78:67:dc:45:
6d:67:17:fc:cb:04:d2:fe:a9:e4:2b:d1:9f:e9:f8:
4d:d2:2c:1d:e4:78:59:1f:d9:fb:9a:60:5d:09:7b:
df:e0:32:c9:de:bd:da:d9:7a:11:86:08:ab:23:1f:
0b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:84:FD:23:6E:AA:68:90:B8:98:8C:06:64:D8:D8:96:6E:06:D5:DD
X509v3 Authority Key Identifier:
keyid:38:B7:8C:8E:EF:9A:D2:57:D6:90:D7:7D:C9:AE:3F:E9:A6:24:B2:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLeMju-a0lfWkNd9ya4_6aYkso0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/B4T9I26qaJC4mIwGZNjYlm4G1d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/225fd6-caf3-4caf-b311-f518a9f79790/1/OLeMju-a0lfWkNd9ya4_6aYkso0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.184.0/21
93.189.24.0/21
185.119.116.0/22
IPv6:
2a00:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:6b:17:80:03:97:d8:4a:66:87:28:c0:44:86:65:18:85:c0:
4c:8a:67:8a:e9:e7:99:34:4b:4d:28:9e:69:27:11:99:d7:7d:
c4:36:fe:33:c0:1f:bf:2c:85:aa:27:d4:f0:f3:6d:91:0a:7d:
50:93:18:56:d5:fd:95:46:14:81:2a:ba:ef:12:9a:dd:39:cc:
95:d6:08:81:c9:63:a5:d5:b9:96:be:5e:7e:b8:72:91:9b:8b:
f5:5f:ee:79:83:8f:ef:da:39:ac:4b:8d:7c:18:e2:33:bb:51:
65:e7:df:da:04:02:21:d5:8e:74:db:e1:27:45:c8:66:d5:d5:
b0:d2:cf:56:37:03:33:90:66:90:b2:36:db:3d:48:ac:cb:b0:
83:c1:8b:ed:b7:b2:da:71:0f:8b:e6:42:a9:c0:23:61:a4:b5:
8a:2a:ca:5a:e6:33:1a:df:96:21:86:7e:39:b9:cb:a9:2b:ee:
2e:25:98:14:fc:a1:48:65:4f:eb:76:5f:f9:20:94:23:a9:46:
b6:e2:12:dd:80:6d:05:bd:f2:c5:7e:00:96:22:74:6b:27:57:
32:23:6c:cd:5a:1b:1d:df:09:88:da:18:7e:33:d5:2c:3e:43:
ab:41:9a:1c:79:3f:a8:00:4f:db:89:09:ad:ba:9c:d5:af:1a:
5f:f0:28:58
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECnwnYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGI3OGM4ZWVmOWFkMjU3ZDY5MGQ3N2RjOWFlM2ZlOWE2MjRiMjhkMB4XDTIyMDEw
MTEyMDU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDc4NGZkMjM2ZWFh
Njg5MGI4OTg4YzA2NjRkOGQ4OTY2ZTA2ZDVkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKi7RjkvHmsSeBZjSoqNHI3RHR7zL75hVFG4Ng92UqKUrtx4
o2Tqvj11dW37k9y/sNWd04WMCTC9YlzmcipBdL/Yng1XEC/z0kW/dFBya0ClCLCy
M1PsWf/P56ZrSzQlaKnueQDsUhcyxAnzYlSpAmnimZgZ4tX3m60ab50a+VxWW8Qc
fvz0TSzYbh4GGcaCezWlKeYLcPr+OF4xO+qdoLHUvjNohonqmXexb6YiewBaGwJx
L0DPVh20E8sWuBhuEuupmfZBgjPyRY+/Jnt4Z9xFbWcX/MsE0v6p5CvRn+n4TdIs
HeR4WR/Z+5pgXQl73+Ayyd692tl6EYYIqyMfC/ECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQHhP0jbqpokLiYjAZk2NiWbgbV3TAfBgNVHSMEGDAWgBQ4t4yO75rSV9aQ
133Jrj/ppiSyjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09MZU1qdS1hMGxmV2tOZDl5YTRfNmFZa3NvMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvMjI1ZmQ2LWNhZjMtNGNhZi1iMzExLWY1MThhOWY3OTc5MC8x
L0I0VDlJMjZxYUpDNG1Jd0daTmpZbG00RzFkMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
MjI1ZmQ2LWNhZjMtNGNhZi1iMzExLWY1MThhOWY3OTc5MC8xL09MZU1qdS1hMGxm
V2tOZDl5YTRfNmFZa3NvMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAyX8uAMEA129GAMEArl3dDANBAIA
AjAHAwUDKgBjwDANBgkqhkiG9w0BAQsFAAOCAQEAP2sXgAOX2EpmhyjARIZlGIXA
TIpniunnmTRLTSieaScRmdd9xDb+M8AfvyyFqifU8PNtkQp9UJMYVtX9lUYUgSq6
7xKa3TnMldYIgcljpdW5lr5efrhykZuL9V/ueYOP79o5rEuNfBjiM7tRZeff2gQC
IdWOdNvhJ0XIZtXVsNLPVjcDM5BmkLI22z1IrMuwg8GL7bey2nEPi+ZCqcAjYaS1
iirKWuYzGt+WIYZ+ObnLqSvuLiWYFPyhSGVP63Zf+SCUI6lGtuIS3YBtBb3yxX4A
liJ0aydXMiNszVobHd8JiNoYfjPVLD5Dq0GaHHk/qABP24kJrbqc1a8aX/AoWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:43 2024 by rpki-client on console-ams.rpki-client.org