Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/ckg9x1N77wMQ5COQycSUzBSHbAo.roa
File: ckg9x1N77wMQ5COQycSUzBSHbAo.roa (raw, json)
Hash identifier: oJsHF0Pf6ChJS65dwNblkLu2nf2dDMKtQbzmz6L1SMA=
Subject key identifier: 72:48:3D:C7:53:7B:EF:03:10:E4:23:90:C9:C4:94:CC:14:87:6C:0A
Certificate issuer: /CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Certificate serial: 02FEB9B9
Authority key identifier: A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/ckg9x1N77wMQ5COQycSUzBSHbAo.roa
Signing time: Sat 01 Jan 2022 11:55:05 +0000
ROA not before: Sat 01 Jan 2022 11:55:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203216
IP address blocks: 185.137.88.0/22 maxlen: 24
185.137.88.0/24 maxlen: 24
185.137.91.0/24 maxlen: 24
185.137.90.0/24 maxlen: 24
185.137.89.0/24 maxlen: 24
2a07:3300::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50248121 (0x2feb9b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a184409e5c183bbcc31535f4c7eee4782cd67be3
Validity
Not Before: Jan 1 11:55:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72483dc7537bef0310e42390c9c494cc14876c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:80:7d:21:94:74:95:f0:b0:5b:7e:54:cf:87:
89:51:56:31:d4:6f:20:c9:a1:6d:e0:1e:54:1e:9b:
95:6d:22:51:c3:b3:e2:0e:ea:68:ac:48:14:55:da:
3d:26:5f:4a:33:f4:c5:9d:8f:9f:b5:cc:aa:64:79:
e8:e9:eb:5a:d2:79:b8:1e:41:d4:d7:2f:ad:81:23:
cd:c5:21:61:af:6d:75:ad:81:32:53:e4:6e:eb:4c:
b9:34:ff:b1:52:5b:0a:0a:1a:e2:53:74:2d:0a:03:
00:46:c5:6c:0a:2e:3d:17:ec:c4:af:d3:d1:39:e9:
e5:70:6b:38:30:56:3b:2e:b9:71:76:6b:c9:c0:ff:
be:5c:4f:01:78:7a:d8:10:eb:37:51:3b:8c:3b:4c:
af:29:ce:8b:3b:52:8e:d3:7e:02:2b:3d:da:80:02:
15:b3:1b:3e:0b:95:76:08:32:6b:bf:19:89:d6:fa:
71:79:0e:96:34:6e:33:81:dd:32:25:71:ff:fa:89:
a2:81:d3:7d:72:84:c0:9b:5a:f0:a7:0c:22:02:51:
d7:6a:d6:bd:d6:0f:e0:eb:1f:ff:42:60:56:09:1f:
6c:19:c6:19:ba:27:b9:45:b6:14:8f:bc:35:73:e7:
94:21:fc:2b:9d:23:d1:2e:0d:cf:ac:b6:77:da:1a:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:48:3D:C7:53:7B:EF:03:10:E4:23:90:C9:C4:94:CC:14:87:6C:0A
X509v3 Authority Key Identifier:
keyid:A1:84:40:9E:5C:18:3B:BC:C3:15:35:F4:C7:EE:E4:78:2C:D6:7B:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYRAnlwYO7zDFTX0x-7keCzWe-M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/ckg9x1N77wMQ5COQycSUzBSHbAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/1e9694-c285-4ccf-943b-c2b7cff0661c/1/oYRAnlwYO7zDFTX0x-7keCzWe-M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.88.0/22
IPv6:
2a07:3300::/29
Signature Algorithm: sha256WithRSAEncryption
66:2d:2c:fc:d5:78:5d:a2:43:6a:e7:40:18:cb:e7:4e:8d:21:
ad:53:b4:ca:a6:33:a8:94:b9:0c:42:35:6f:8c:d0:7b:55:90:
7f:9a:fd:a8:e6:21:fc:d0:de:4f:77:ea:ba:3c:cf:a7:5c:89:
8f:b0:83:92:46:32:8d:67:8f:a0:66:29:47:c1:01:0c:56:2f:
df:65:64:21:90:ee:e1:2f:d0:1d:11:fc:22:4b:9b:65:aa:e5:
ac:14:2a:0b:b5:44:26:6a:77:98:f8:c6:9b:9c:b0:aa:ca:4c:
44:fc:67:e5:47:08:87:e4:38:29:43:c9:82:fa:5a:3e:1f:94:
f5:62:27:d9:75:65:ac:7b:30:f6:ea:5e:77:19:c9:aa:47:72:
ce:7b:5f:9b:47:9a:13:22:b5:9b:3e:30:b7:8b:ab:48:80:b7:
75:5e:24:64:14:9c:82:04:57:89:d3:5a:f1:e1:3f:14:66:ac:
8b:3a:60:89:8f:60:79:aa:10:16:67:9e:5a:67:05:54:9c:23:
44:ad:8e:22:07:07:2d:a6:65:df:39:96:4b:3c:7f:e7:33:74:
71:12:82:63:09:c4:16:6f:d3:7a:a7:67:40:90:9f:c1:3f:9e:
9e:cf:51:69:ea:ea:fe:2e:60:4f:b1:ff:b4:6f:00:eb:9d:db:
5f:b7:6e:54
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAv65uTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MTg0NDA5ZTVjMTgzYmJjYzMxNTM1ZjRjN2VlZTQ3ODJjZDY3YmUzMB4XDTIyMDEw
MTExNTUwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzI0ODNkYzc1Mzdi
ZWYwMzEwZTQyMzkwYzljNDk0Y2MxNDg3NmMwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGAfSGUdJXwsFt+VM+HiVFWMdRvIMmhbeAeVB6blW0iUcOz
4g7qaKxIFFXaPSZfSjP0xZ2Pn7XMqmR56OnrWtJ5uB5B1NcvrYEjzcUhYa9tda2B
MlPkbutMuTT/sVJbCgoa4lN0LQoDAEbFbAouPRfsxK/T0Tnp5XBrODBWOy65cXZr
ycD/vlxPAXh62BDrN1E7jDtMrynOiztSjtN+Ais92oACFbMbPguVdggya78Zidb6
cXkOljRuM4HdMiVx//qJooHTfXKEwJta8KcMIgJR12rWvdYP4Osf/0JgVgkfbBnG
GbonuUW2FI+8NXPnlCH8K50j0S4Nz6y2d9oaRDUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRySD3HU3vvAxDkI5DJxJTMFIdsCjAfBgNVHSMEGDAWgBShhECeXBg7vMMV
NfTH7uR4LNZ74zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29ZUkFubHdZTzd6REZUWDB4LTdrZUN6V2UtTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvMWU5Njk0LWMyODUtNGNjZi05NDNiLWMyYjdjZmYwNjYxYy8x
L2NrZzl4MU43N3dNUTVDT1F5Y1NVekJTSGJBby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
MWU5Njk0LWMyODUtNGNjZi05NDNiLWMyYjdjZmYwNjYxYy8xL29ZUkFubHdZTzd6
REZUWDB4LTdrZUN6V2UtTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmJWDANBAIAAjAHAwUDKgczADAN
BgkqhkiG9w0BAQsFAAOCAQEAZi0s/NV4XaJDaudAGMvnTo0hrVO0yqYzqJS5DEI1
b4zQe1WQf5r9qOYh/NDeT3fqujzPp1yJj7CDkkYyjWePoGYpR8EBDFYv32VkIZDu
4S/QHRH8IkubZarlrBQqC7VEJmp3mPjGm5ywqspMRPxn5UcIh+Q4KUPJgvpaPh+U
9WIn2XVlrHsw9upedxnJqkdyzntfm0eaEyK1mz4wt4urSIC3dV4kZBScggRXidNa
8eE/FGasizpgiY9geaoQFmeeWmcFVJwjRK2OIgcHLaZl3zmWSzx/5zN0cRKCYwnE
Fm/TeqdnQJCfwT+ens9Raerq/i5gT7H/tG8A653bX7duVA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:30 2023 by rpki-client on console-ams.rpki-client.org