Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/4505ee-5fe0-448c-b621-8924850d95d6/1/uD_ngGLtCrbX10mvIyYh-FTW2IE.roa
File: uD_ngGLtCrbX10mvIyYh-FTW2IE.roa (raw, json)
Hash identifier: JJ5ViUWsHetUunItB6HU8cXiK8V7T7Pxuzia0TDD+NY=
Subject key identifier: B8:3F:E7:80:62:ED:0A:B6:D7:D7:49:AF:23:26:21:F8:54:D6:D8:81
Certificate issuer: /CN=e8c3469d1e735ae4d60837b7709c33ff427c8e84
Certificate serial: 018516012F910F6DC4DB46DBD2186F19D360
Authority key identifier: E8:C3:46:9D:1E:73:5A:E4:D6:08:37:B7:70:9C:33:FF:42:7C:8E:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6MNGnR5zWuTWCDe3cJwz_0J8joQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/4505ee-5fe0-448c-b621-8924850d95d6/1/uD_ngGLtCrbX10mvIyYh-FTW2IE.roa
Signing time: Thu 15 Dec 2022 13:37:34 +0000
ROA not before: Thu 15 Dec 2022 13:37:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48903
IP address blocks: 185.140.4.0/24 maxlen: 24
185.140.4.0/22 maxlen: 22
185.92.4.0/22 maxlen: 22
185.140.5.0/24 maxlen: 24
185.140.7.0/24 maxlen: 24
185.140.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:01:2f:91:0f:6d:c4:db:46:db:d2:18:6f:19:d3:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8c3469d1e735ae4d60837b7709c33ff427c8e84
Validity
Not Before: Dec 15 13:37:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b83fe78062ed0ab6d7d749af232621f854d6d881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f5:7e:68:83:2c:b2:08:df:67:fa:de:55:1d:
7e:38:b5:5c:94:35:f3:12:1c:55:75:f3:d1:fd:99:
68:9b:b5:2d:26:54:fe:9a:62:76:74:8e:8d:7a:c8:
01:68:a0:bf:ef:21:ef:01:49:26:63:65:0f:b0:6a:
41:85:ef:d0:c9:ec:06:ce:4f:17:25:dd:20:7d:88:
86:17:12:fc:10:3a:ac:9e:eb:bb:a7:31:f4:3c:c4:
2e:96:25:56:34:21:1f:68:0c:8f:40:ab:fb:a1:ad:
85:40:f3:bc:08:18:98:84:0a:c6:0b:86:a4:2c:ea:
f9:0e:3d:f5:be:2a:3e:58:b1:49:0f:65:50:bc:73:
c6:b3:d8:88:21:a4:59:a6:8c:f1:b1:74:41:ae:8d:
a6:1e:28:24:41:8a:3d:be:34:84:39:d7:34:b3:1f:
a9:9f:b8:a1:c2:df:60:4a:18:d4:64:ae:0b:86:04:
9e:e3:5c:ef:ee:21:42:88:ae:13:74:6f:af:4d:6d:
58:d0:73:90:7d:c4:45:24:97:d5:4e:89:98:f4:d5:
5b:df:da:c5:a3:03:28:00:c1:58:dd:58:87:f1:53:
20:45:6c:21:93:6d:4a:c8:1f:71:64:ca:d9:13:e5:
3c:99:b9:cc:5e:a9:3b:c7:8d:4d:4c:86:d4:5e:12:
c2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:3F:E7:80:62:ED:0A:B6:D7:D7:49:AF:23:26:21:F8:54:D6:D8:81
X509v3 Authority Key Identifier:
keyid:E8:C3:46:9D:1E:73:5A:E4:D6:08:37:B7:70:9C:33:FF:42:7C:8E:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6MNGnR5zWuTWCDe3cJwz_0J8joQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4505ee-5fe0-448c-b621-8924850d95d6/1/uD_ngGLtCrbX10mvIyYh-FTW2IE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/4505ee-5fe0-448c-b621-8924850d95d6/1/6MNGnR5zWuTWCDe3cJwz_0J8joQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.4.0/22
185.140.4.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:c9:c6:fb:c1:bc:35:26:d1:72:79:d6:0d:f8:a7:b1:e1:d3:
13:48:5b:27:6e:2c:55:d7:f6:6e:ac:fc:ac:1e:8b:a5:be:1f:
00:e0:16:cb:33:34:83:32:31:b2:16:43:2d:a2:e1:27:0b:5b:
99:2d:e9:90:57:d9:b4:22:d7:85:c4:4c:1d:c8:a4:5f:1d:32:
12:fe:5b:01:a0:3b:e6:1d:03:08:6e:0b:42:d5:63:1d:3e:c3:
54:7d:90:3f:fe:7d:56:79:cd:8c:1c:a5:c4:30:e1:24:c9:7f:
2a:c6:07:de:ee:2a:9b:c7:11:2c:75:e5:ef:1a:28:e3:8d:dc:
9a:b7:7a:67:66:63:76:e8:27:f8:93:38:5d:a3:92:8c:fb:1b:
62:c5:30:62:7d:c5:10:2e:76:05:f6:3d:f3:82:60:80:f7:b4:
aa:d6:ed:35:49:37:c3:cb:22:94:73:1a:73:fc:6a:0a:1a:63:
d4:c9:85:25:05:c1:03:1a:a9:25:41:05:29:a7:37:82:93:ae:
66:c8:34:cf:e9:fc:e8:95:23:e1:23:a3:72:21:03:05:0e:fc:
1d:93:7e:bd:bc:02:02:09:f2:ca:fa:a9:69:97:4b:1e:5a:99:
d5:b9:9f:30:7b:23:09:a6:e8:6d:10:f8:c7:a2:4d:cb:50:34:
02:d1:02:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUWAS+RD23E20bb0hhvGdNgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YzM0NjlkMWU3MzVhZTRkNjA4MzdiNzcwOWMzM2ZmNDI3
YzhlODQwHhcNMjIxMjE1MTMzNzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODNmZTc4MDYyZWQwYWI2ZDdkNzQ5YWYyMzI2MjFmODU0ZDZkODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvV+aIMssgjfZ/reVR1+OLVclDXz
EhxVdfPR/Zlom7UtJlT+mmJ2dI6NesgBaKC/7yHvAUkmY2UPsGpBhe/QyewGzk8X
Jd0gfYiGFxL8EDqsnuu7pzH0PMQuliVWNCEfaAyPQKv7oa2FQPO8CBiYhArGC4ak
LOr5Dj31vio+WLFJD2VQvHPGs9iIIaRZpozxsXRBro2mHigkQYo9vjSEOdc0sx+p
n7ihwt9gShjUZK4LhgSe41zv7iFCiK4TdG+vTW1Y0HOQfcRFJJfVTomY9NVb39rF
owMoAMFY3ViH8VMgRWwhk21KyB9xZMrZE+U8mbnMXqk7x41NTIbUXhLCnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLg/54Bi7Qq219dJryMmIfhU1tiBMB8GA1UdIwQY
MBaAFOjDRp0ec1rk1gg3t3CcM/9CfI6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNk1OR25SNXpXdVRXQ0RlM2NKd3pfMEo4am9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS80NTA1ZWUtNWZlMC00NDhjLWI2MjEt
ODkyNDg1MGQ5NWQ2LzEvdURfbmdHTHRDcmJYMTBtdkl5WWgtRlRXMklFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS80NTA1ZWUtNWZlMC00NDhjLWI2MjEtODkyNDg1MGQ5NWQ2
LzEvNk1OR25SNXpXdVRXQ0RlM2NKd3pfMEo4am9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuVwEAwQC
uYwEMA0GCSqGSIb3DQEBCwUAA4IBAQC/ycb7wbw1JtFyedYN+Kex4dMTSFsnbixV
1/ZurPysHoulvh8A4BbLMzSDMjGyFkMtouEnC1uZLemQV9m0IteFxEwdyKRfHTIS
/lsBoDvmHQMIbgtC1WMdPsNUfZA//n1Wec2MHKXEMOEkyX8qxgfe7iqbxxEsdeXv
Gijjjdyat3pnZmN26Cf4kzhdo5KM+xtixTBifcUQLnYF9j3zgmCA97Sq1u01STfD
yyKUcxpz/GoKGmPUyYUlBcEDGqklQQUppzeCk65myDTP6fzolSPhI6NyIQMFDvwd
k369vAICCfLK+qlpl0seWpnVuZ8weyMJpuhtEPjHok3LUDQC0QJo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:52 2024 by rpki-client on console-ams.rpki-client.org