Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/0DJUjmYU4h6PHKmi6I8P_QhpKC0.roa
File: 0DJUjmYU4h6PHKmi6I8P_QhpKC0.roa (raw, json)
Hash identifier: xfjeCb7oEqneITP3ALGuRygB1fGEukHQSN5v33mLLBY=
Subject key identifier: D0:32:54:8E:66:14:E2:1E:8F:1C:A9:A2:E8:8F:0F:FD:08:69:28:2D
Certificate issuer: /CN=94a32e445c24ded9b85212d479b88008165ebdba
Certificate serial: 072849C4
Authority key identifier: 94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/0DJUjmYU4h6PHKmi6I8P_QhpKC0.roa
Signing time: Sat 01 Jan 2022 09:59:47 +0000
ROA not before: Sat 01 Jan 2022 09:59:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29608
IP address blocks: 185.101.208.0/22 maxlen: 22
178.20.64.0/21 maxlen: 21
185.152.24.0/22 maxlen: 22
185.152.24.0/23 maxlen: 23
185.152.26.0/23 maxlen: 23
193.239.192.0/23 maxlen: 23
2a07:81c0::/29 maxlen: 29
2a01:40c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120080836 (0x72849c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94a32e445c24ded9b85212d479b88008165ebdba
Validity
Not Before: Jan 1 09:59:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d032548e6614e21e8f1ca9a2e88f0ffd0869282d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7c:3e:16:8d:aa:52:07:a3:85:69:4b:86:70:
b9:ad:43:95:81:d5:01:28:ae:e6:7a:68:94:49:10:
17:77:2e:0c:d2:28:09:1b:e8:04:6e:e1:31:58:bf:
e5:80:81:b7:60:98:60:df:b6:f2:72:ce:54:fc:16:
15:32:4d:17:dd:31:95:24:f2:d8:c8:2e:1d:b8:1a:
9f:7d:78:6e:0e:5b:36:01:ef:cc:c1:9b:4a:51:d3:
ce:b1:82:b8:9d:06:5b:b0:b2:4b:24:01:0f:0f:bb:
e5:66:65:73:be:6b:86:7b:d5:de:60:55:44:32:86:
db:8a:8a:90:3e:66:31:6f:81:d5:11:96:86:f3:1d:
fa:5c:49:74:ad:be:05:23:e1:00:a7:58:ec:1e:f2:
39:9b:c0:e1:f1:e0:27:6e:03:8b:2b:ec:df:01:8d:
8e:59:92:29:9c:20:42:39:56:20:d7:85:a9:0e:d2:
51:33:47:b9:99:ab:9f:8f:0c:01:1f:3b:56:e7:34:
82:84:fd:a5:f9:96:51:3a:8a:f1:5b:e1:a7:b1:4a:
7a:aa:91:a7:45:ec:5b:77:b5:74:62:70:97:8b:61:
e1:41:c1:4a:3b:d8:d9:83:68:c1:02:af:db:7e:b6:
ba:7b:3f:e4:db:d4:b5:e2:ef:de:9d:68:4c:ed:9b:
45:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:32:54:8E:66:14:E2:1E:8F:1C:A9:A2:E8:8F:0F:FD:08:69:28:2D
X509v3 Authority Key Identifier:
keyid:94:A3:2E:44:5C:24:DE:D9:B8:52:12:D4:79:B8:80:08:16:5E:BD:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKMuRFwk3tm4UhLUebiACBZevbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/0DJUjmYU4h6PHKmi6I8P_QhpKC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/f891c4-19ac-437c-b782-e1487a54c1e5/1/lKMuRFwk3tm4UhLUebiACBZevbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.64.0/21
185.101.208.0/22
185.152.24.0/22
193.239.192.0/23
IPv6:
2a01:40c0::/29
2a07:81c0::/29
Signature Algorithm: sha256WithRSAEncryption
22:27:db:70:3c:7f:d5:95:7d:af:7b:3d:bd:1b:6d:2f:50:35:
c8:59:08:80:30:26:5f:40:2f:2a:18:ae:c1:1f:07:77:42:97:
1b:59:46:5e:7b:a0:b5:d9:da:45:80:ab:83:d3:c2:61:41:83:
75:23:3e:5e:52:c9:da:72:08:f9:f7:25:92:1b:1e:1f:3c:41:
f1:33:5b:3c:61:26:d1:0f:00:67:8e:44:24:e6:5a:39:a7:bc:
c3:e6:eb:98:3e:ae:c7:6d:a6:1d:75:95:78:fe:89:5f:e4:9d:
04:41:72:9f:48:85:dc:38:cb:9b:4f:a2:5c:01:c8:42:c0:46:
9a:70:85:bf:01:3e:f8:8a:ea:21:2a:43:64:3f:19:9b:a9:ab:
f2:45:02:4f:11:1e:7e:61:0a:3f:16:79:56:5d:a8:80:33:75:
f9:8d:34:38:c5:a4:33:96:da:99:11:87:fa:26:5d:72:a0:7c:
dd:79:50:f4:75:ec:fe:48:3e:07:c3:ff:dd:f1:68:16:fc:f9:
b6:51:08:2b:e2:c2:f4:7c:f9:35:90:79:74:4a:ac:a7:35:0e:
45:ed:a8:8e:95:d7:25:78:90:53:43:89:44:7a:d4:b6:ce:55:
01:dd:da:dd:94:14:f4:47:18:d0:2c:19:26:0d:ff:cb:00:e1:
92:a5:7f:fb
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEByhJxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NGEzMmU0NDVjMjRkZWQ5Yjg1MjEyZDQ3OWI4ODAwODE2NWViZGJhMB4XDTIyMDEw
MTA5NTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDAzMjU0OGU2NjE0
ZTIxZThmMWNhOWEyZTg4ZjBmZmQwODY5MjgyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALl8PhaNqlIHo4VpS4Zwua1DlYHVASiu5npolEkQF3cuDNIo
CRvoBG7hMVi/5YCBt2CYYN+28nLOVPwWFTJNF90xlSTy2MguHbgan314bg5bNgHv
zMGbSlHTzrGCuJ0GW7CySyQBDw+75WZlc75rhnvV3mBVRDKG24qKkD5mMW+B1RGW
hvMd+lxJdK2+BSPhAKdY7B7yOZvA4fHgJ24Diyvs3wGNjlmSKZwgQjlWINeFqQ7S
UTNHuZmrn48MAR87Vuc0goT9pfmWUTqK8Vvhp7FKeqqRp0XsW3e1dGJwl4th4UHB
SjvY2YNowQKv2362uns/5NvUteLv3p1oTO2bRXkCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBTQMlSOZhTiHo8cqaLojw/9CGkoLTAfBgNVHSMEGDAWgBSUoy5EXCTe2bhS
EtR5uIAIFl69ujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xLTXVSRndrM3RtNFVoTFVlYmlBQ0JaZXZiby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvZjg5MWM0LTE5YWMtNDM3Yy1iNzgyLWUxNDg3YTU0YzFlNS8x
LzBESlVqbVlVNGg2UEhLbWk2SThQX1FocEtDMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
Zjg5MWM0LTE5YWMtNDM3Yy1iNzgyLWUxNDg3YTU0YzFlNS8xL2xLTXVSRndrM3Rt
NFVoTFVlYmlBQ0JaZXZiby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEA7IUQAMEArll0AMEArmYGAMEAcHv
wDAUBAIAAjAOAwUDKgFAwAMFAyoHgcAwDQYJKoZIhvcNAQELBQADggEBACIn23A8
f9WVfa97Pb0bbS9QNchZCIAwJl9ALyoYrsEfB3dClxtZRl57oLXZ2kWAq4PTwmFB
g3UjPl5SydpyCPn3JZIbHh88QfEzWzxhJtEPAGeORCTmWjmnvMPm65g+rsdtph11
lXj+iV/knQRBcp9Ihdw4y5tPolwByELARppwhb8BPviK6iEqQ2Q/GZupq/JFAk8R
Hn5hCj8WeVZdqIAzdfmNNDjFpDOW2pkRh/omXXKgfN15UPR17P5IPgfD/93xaBb8
+bZRCCviwvR8+TWQeXRKrKc1DkXtqI6V1yV4kFNDiUR61LbOVQHd2t2UFPRHGNAs
GSYN/8sA4ZKlf/s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:48 2023 by rpki-client on console-ams.rpki-client.org