Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/At7OXWJ4dVk8ylmyPeUYnfeK5xQ.roa
File: At7OXWJ4dVk8ylmyPeUYnfeK5xQ.roa (raw, json)
Hash identifier: rFq/Ij5nq3Ns3wzjCCWdj7hw9a9okqyMbzpLUN9n+AM=
Subject key identifier: 02:DE:CE:5D:62:78:75:59:3C:CA:59:B2:3D:E5:18:9D:F7:8A:E7:14
Certificate issuer: /CN=74e3c336972094b1a8c13d41816857d197a3aae9
Certificate serial: 047F4C44
Authority key identifier: 74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/At7OXWJ4dVk8ylmyPeUYnfeK5xQ.roa
Signing time: Wed 06 Apr 2022 15:18:05 +0000
ROA not before: Wed 06 Apr 2022 15:18:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12963
IP address blocks: 94.247.224.0/21 maxlen: 21
94.247.224.0/23 maxlen: 23
185.192.216.0/22 maxlen: 22
194.183.160.0/24 maxlen: 24
194.183.160.0/19 maxlen: 19
213.160.128.0/19 maxlen: 19
2a00:9880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75451460 (0x47f4c44)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e3c336972094b1a8c13d41816857d197a3aae9
Validity
Not Before: Apr 6 15:18:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02dece5d627875593cca59b23de5189df78ae714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:55:fe:b2:1d:88:02:12:c0:3c:06:0d:32:ae:
f3:ba:49:77:ec:8c:7c:c7:1d:80:78:21:b0:19:d2:
f1:3d:25:bf:1e:7e:f0:f3:14:0d:6d:9b:5d:3e:39:
20:ef:0f:2b:00:1e:b8:e6:97:28:1a:fc:d4:64:65:
23:26:0b:31:82:c0:55:33:c2:aa:14:fd:ca:c4:50:
84:d2:ee:18:c1:7f:a1:c8:a7:bd:06:9f:00:f7:51:
71:e1:67:a3:b9:dc:e9:1b:15:32:58:e7:b1:f6:ff:
c8:db:8f:0d:1b:bd:a9:4b:2e:d3:f1:91:ce:20:25:
af:eb:c9:d7:a1:c7:92:92:1d:84:5d:f2:f9:03:5d:
cd:93:c3:43:2a:62:68:5b:c7:86:b1:a7:e0:85:88:
2c:15:7d:58:4a:42:43:0b:56:d1:71:04:aa:29:60:
6b:72:a1:75:f0:44:2d:f5:e6:66:57:c9:96:a6:70:
c2:41:9f:45:3d:9d:05:9c:1c:6f:ed:07:b6:c9:e8:
4e:8a:e8:1e:c3:16:ee:71:f0:d8:05:c6:65:9e:4e:
6b:95:51:7b:78:de:f8:9f:ac:aa:e2:2b:f7:32:65:
43:75:17:bb:2b:ff:b7:7d:0a:ac:28:16:b2:75:ea:
ea:b7:62:30:12:70:44:69:52:20:d9:ad:d3:46:11:
78:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:DE:CE:5D:62:78:75:59:3C:CA:59:B2:3D:E5:18:9D:F7:8A:E7:14
X509v3 Authority Key Identifier:
keyid:74:E3:C3:36:97:20:94:B1:A8:C1:3D:41:81:68:57:D1:97:A3:AA:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOPDNpcglLGowT1BgWhX0Zejquk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/At7OXWJ4dVk8ylmyPeUYnfeK5xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/18c498-2171-4e1c-8d80-a6c49eb28287/1/dOPDNpcglLGowT1BgWhX0Zejquk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.224.0/21
185.192.216.0/22
194.183.160.0/19
213.160.128.0/19
IPv6:
2a00:9880::/32
Signature Algorithm: sha256WithRSAEncryption
6b:bc:18:6c:d5:bf:47:2a:25:6e:9b:03:30:0d:04:25:63:62:
9d:7b:df:93:25:93:4f:61:d4:ab:c3:1d:f0:c2:49:3a:c1:da:
8a:c5:4d:f1:eb:70:b5:e0:78:4a:e1:9b:ab:2f:1e:e2:29:5b:
ce:0f:d8:8e:5b:64:cb:16:04:f9:4f:cb:1d:f3:bd:b9:cd:db:
cd:44:74:75:b2:c0:e3:34:b6:8c:c6:5c:b3:b3:0c:9c:10:4e:
63:18:31:c7:a7:18:2d:aa:ee:37:dd:01:ae:f1:fb:6e:a1:aa:
b5:b9:5d:11:36:46:3c:02:8c:e0:b1:d9:f3:cc:e1:e5:a9:06:
71:83:f4:7c:21:fd:e6:75:30:99:fe:15:cd:6d:30:42:f2:7b:
59:a9:f0:67:dd:ea:09:28:07:e7:2a:f9:1c:7b:76:25:eb:87:
c2:6a:91:4c:ab:97:33:ff:52:5c:49:73:f9:6d:3b:4d:3f:b1:
b7:39:fd:83:5a:92:24:11:07:b5:cc:fe:9d:18:46:3b:62:6f:
77:e9:5e:01:5b:05:87:bb:88:1b:08:ca:96:4b:21:0c:1f:3b:
64:18:6f:0c:47:39:0b:7c:ab:c1:36:4f:7f:74:29:94:71:15:
82:1e:bc:e2:58:51:2d:6a:43:3b:7e:a8:d8:7e:62:65:20:cf:
d3:6b:98:54
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBH9MRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NGUzYzMzNjk3MjA5NGIxYThjMTNkNDE4MTY4NTdkMTk3YTNhYWU5MB4XDTIyMDQw
NjE1MTgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJkZWNlNWQ2Mjc4
NzU1OTNjY2E1OWIyM2RlNTE4OWRmNzhhZTcxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNV/rIdiAISwDwGDTKu87pJd+yMfMcdgHghsBnS8T0lvx5+
8PMUDW2bXT45IO8PKwAeuOaXKBr81GRlIyYLMYLAVTPCqhT9ysRQhNLuGMF/ocin
vQafAPdRceFno7nc6RsVMljnsfb/yNuPDRu9qUsu0/GRziAlr+vJ16HHkpIdhF3y
+QNdzZPDQypiaFvHhrGn4IWILBV9WEpCQwtW0XEEqilga3KhdfBELfXmZlfJlqZw
wkGfRT2dBZwcb+0HtsnoToroHsMW7nHw2AXGZZ5Oa5VRe3je+J+squIr9zJlQ3UX
uyv/t30KrCgWsnXq6rdiMBJwRGlSINmt00YReFECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQC3s5dYnh1WTzKWbI95Rid94rnFDAfBgNVHSMEGDAWgBR048M2lyCUsajB
PUGBaFfRl6Oq6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RPUEROcGNnbExHb3dUMUJnV2hYMFplanF1ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMThjNDk4LTIxNzEtNGUxYy04ZDgwLWE2YzQ5ZWIyODI4Ny8x
L0F0N09YV0o0ZFZrOHlsbXlQZVVZbmZlSzV4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MThjNDk4LTIxNzEtNGUxYy04ZDgwLWE2YzQ5ZWIyODI4Ny8xL2RPUEROcGNnbExH
b3dUMUJnV2hYMFplanF1ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA1734AMEArnA2AMEBcK3oAMEBdWg
gDANBAIAAjAHAwUAKgCYgDANBgkqhkiG9w0BAQsFAAOCAQEAa7wYbNW/RyolbpsD
MA0EJWNinXvfkyWTT2HUq8Md8MJJOsHaisVN8etwteB4SuGbqy8e4ilbzg/Yjltk
yxYE+U/LHfO9uc3bzUR0dbLA4zS2jMZcs7MMnBBOYxgxx6cYLaruN90BrvH7bqGq
tbldETZGPAKM4LHZ88zh5akGcYP0fCH95nUwmf4VzW0wQvJ7WanwZ93qCSgH5yr5
HHt2JeuHwmqRTKuXM/9SXElz+W07TT+xtzn9g1qSJBEHtcz+nRhGO2Jvd+leAVsF
h7uIGwjKlkshDB87ZBhvDEc5C3yrwTZPf3QplHEVgh684lhRLWpDO36o2H5iZSDP
02uYVA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:35 2024 by rpki-client on console-fra.rpki-client.org