Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/l9JZSwqpsjDuvjXWzvk-dDKqqIw.roa
File: l9JZSwqpsjDuvjXWzvk-dDKqqIw.roa (raw, json)
Hash identifier: 6ZtLbtyGMqvVHjjS87JBQtkfARS9IkW02bO9zOk6wIs=
Subject key identifier: 97:D2:59:4B:0A:A9:B2:30:EE:BE:35:D6:CE:F9:3E:74:32:AA:A8:8C
Certificate issuer: /CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40
Certificate serial: 0182449602FB140875234530DB6FFD26479F
Authority key identifier: A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/l9JZSwqpsjDuvjXWzvk-dDKqqIw.roa
Signing time: Thu 28 Jul 2022 11:34:18 +0000
ROA not before: Thu 28 Jul 2022 11:34:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39650
IP address blocks: 185.161.36.0/22 maxlen: 24
185.229.28.0/24 maxlen: 24
185.229.29.0/24 maxlen: 24
185.229.30.0/24 maxlen: 24
185.229.31.0/24 maxlen: 24
185.164.75.0/24 maxlen: 24
185.164.72.0/22 maxlen: 24
185.164.74.0/24 maxlen: 24
2a0d:6600::/29 maxlen: 29
2a0a:d400::/29 maxlen: 29
2a06:5a40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:44:96:02:fb:14:08:75:23:45:30:db:6f:fd:26:47:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0e381b6e76cb9520e8d8f56776eca0fe176cc40
Validity
Not Before: Jul 28 11:34:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97d2594b0aa9b230eebe35d6cef93e7432aaa88c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:27:b5:6e:35:4e:e1:d6:70:02:0a:11:5c:0c:
a7:4c:02:1a:19:e1:13:7e:27:10:d4:b8:23:3e:c9:
2b:d9:14:3b:63:d4:fb:25:d9:2d:04:ea:ed:9c:dc:
da:ea:65:17:29:3d:58:4a:5b:1a:7b:e2:1b:c9:8b:
85:ae:ca:65:39:c3:29:46:e0:aa:16:ef:f9:7e:63:
d8:4d:d0:18:44:87:f6:28:a5:4a:b0:0d:41:59:1f:
de:d4:58:a6:4c:a6:a8:a1:bd:21:78:5e:93:83:1d:
f2:3c:3d:80:95:2c:b7:c1:46:0c:50:fb:4d:50:de:
47:d6:eb:5f:74:0b:b1:02:50:d8:94:ba:dc:de:88:
95:d3:d9:ec:9c:02:c9:e1:00:3c:ad:93:c0:53:c0:
13:d4:70:53:94:5a:d5:df:96:68:4a:f0:19:c8:cd:
ca:1f:4f:1f:ac:7a:d6:f1:8e:fa:34:90:14:80:8d:
e9:86:9c:fd:cf:d8:93:41:a7:92:de:57:3a:bc:5e:
ce:02:98:da:2c:d6:7b:4a:92:58:45:f0:7d:3e:a7:
a0:ac:f1:2d:8b:a9:58:f7:f2:fe:88:52:26:ea:13:
8a:6a:40:7a:84:21:26:fc:f6:2a:80:9d:dd:91:4a:
56:17:29:88:e5:ea:67:21:85:7d:00:95:91:4a:8f:
62:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D2:59:4B:0A:A9:B2:30:EE:BE:35:D6:CE:F9:3E:74:32:AA:A8:8C
X509v3 Authority Key Identifier:
keyid:A0:E3:81:B6:E7:6C:B9:52:0E:8D:8F:56:77:6E:CA:0F:E1:76:CC:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oOOBtudsuVIOjY9Wd27KD-F2zEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/l9JZSwqpsjDuvjXWzvk-dDKqqIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/8e6f08-30f0-46dd-a7a1-a9c384128d42/1/oOOBtudsuVIOjY9Wd27KD-F2zEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.36.0/22
185.164.72.0/22
185.229.28.0/22
IPv6:
2a06:5a40::/29
2a0a:d400::/29
2a0d:6600::/29
Signature Algorithm: sha256WithRSAEncryption
48:78:9a:2e:ae:f6:0e:0b:8b:aa:6e:ff:de:ba:07:e7:cb:0e:
5e:6d:64:6f:e3:2f:14:a7:ae:b2:16:f0:1e:68:94:b3:c9:9d:
c6:3c:43:aa:1f:93:30:07:40:96:a0:61:d8:56:64:b3:b3:d2:
d1:c8:f9:cc:0a:12:d1:1e:c9:08:b6:c1:1a:2a:27:fa:0c:56:
ef:41:12:35:74:df:bf:04:57:c2:1d:28:e6:ce:78:ed:d3:64:
b6:18:f2:a4:42:cc:f0:af:3b:03:56:94:ae:f4:b8:2d:54:93:
1b:eb:ce:70:de:34:9c:cb:e5:2e:af:50:d0:dc:d4:39:3b:7b:
5f:0e:4c:ba:db:41:22:00:52:69:8d:9a:79:91:0c:2d:04:a2:
34:1f:e5:a4:95:18:2d:bc:81:8f:91:94:b0:eb:cc:b6:bc:32:
4e:51:78:20:19:8c:91:50:ca:c0:47:c7:2c:20:4f:23:06:a0:
8f:b5:b3:1f:3b:21:c4:31:55:09:fb:93:0d:aa:df:18:72:31:
60:9e:7a:37:f7:b4:f4:2b:45:10:25:64:ec:27:91:8d:7a:40:
08:96:09:e6:45:86:b4:c5:0e:7c:09:2a:b3:e8:82:c4:cf:bf:
97:b1:f5:7b:1d:f1:a1:e9:04:5f:5a:6e:81:38:5c:fe:99:f7:
0e:16:78:e0
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYJElgL7FAh1I0Uw22/9JkefMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZTM4MWI2ZTc2Y2I5NTIwZThkOGY1Njc3NmVjYTBmZTE3
NmNjNDAwHhcNMjIwNzI4MTEzNDE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2QyNTk0YjBhYTliMjMwZWViZTM1ZDZjZWY5M2U3NDMyYWFhODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSe1bjVO4dZwAgoRXAynTAIaGeET
ficQ1LgjPskr2RQ7Y9T7JdktBOrtnNza6mUXKT1YSlsae+IbyYuFrsplOcMpRuCq
Fu/5fmPYTdAYRIf2KKVKsA1BWR/e1FimTKaoob0heF6Tgx3yPD2AlSy3wUYMUPtN
UN5H1utfdAuxAlDYlLrc3oiV09nsnALJ4QA8rZPAU8AT1HBTlFrV35ZoSvAZyM3K
H08frHrW8Y76NJAUgI3phpz9z9iTQaeS3lc6vF7OApjaLNZ7SpJYRfB9PqegrPEt
i6lY9/L+iFIm6hOKakB6hCEm/PYqgJ3dkUpWFymI5epnIYV9AJWRSo9ipwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJfSWUsKqbIw7r411s75PnQyqqiMMB8GA1UdIwQY
MBaAFKDjgbbnbLlSDo2PVnduyg/hdsxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb09PQnR1ZHN1VklPalk5V2QyN0tELUYyekVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS84ZTZmMDgtMzBmMC00NmRkLWE3YTEt
YTljMzg0MTI4ZDQyLzEvbDlKWlN3cXBzakR1dmpYV3p2ay1kREtxcUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS84ZTZmMDgtMzBmMC00NmRkLWE3YTEtYTljMzg0MTI4ZDQy
LzEvb09PQnR1ZHN1VklPalk5V2QyN0tELUYyekVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCuaEkAwQC
uaRIAwQCueUcMBsEAgACMBUDBQMqBlpAAwUDKgrUAAMFAyoNZgAwDQYJKoZIhvcN
AQELBQADggEBAEh4mi6u9g4Li6pu/966B+fLDl5tZG/jLxSnrrIW8B5olLPJncY8
Q6ofkzAHQJagYdhWZLOz0tHI+cwKEtEeyQi2wRoqJ/oMVu9BEjV0378EV8IdKObO
eO3TZLYY8qRCzPCvOwNWlK70uC1UkxvrznDeNJzL5S6vUNDc1Dk7e18OTLrbQSIA
UmmNmnmRDC0EojQf5aSVGC28gY+RlLDrzLa8Mk5ReCAZjJFQysBHxywgTyMGoI+1
sx87IcQxVQn7kw2q3xhyMWCeejf3tPQrRRAlZOwnkY16QAiWCeZFhrTFDnwJKrPo
gsTPv5ex9Xsd8aHpBF9aboE4XP6Z9w4WeOA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:01 2024 by rpki-client on console-fra.rpki-client.org