Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/ppr3LThtAZfRgABeokrgDlbtIVo.roa
File: ppr3LThtAZfRgABeokrgDlbtIVo.roa (raw, json)
Hash identifier: V/AAw3z3g/NAb8P4gm5y/d8zrRLImtsgHzb89JjX9jk=
Subject key identifier: A6:9A:F7:2D:38:6D:01:97:D1:80:00:5E:A2:4A:E0:0E:56:ED:21:5A
Certificate issuer: /CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Certificate serial: 1C2B6E67
Authority key identifier: F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/ppr3LThtAZfRgABeokrgDlbtIVo.roa
Signing time: Sat 01 Jan 2022 09:56:37 +0000
ROA not before: Sat 01 Jan 2022 09:56:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49206
IP address blocks: 185.24.175.0/24 maxlen: 24
2a00:6fa0::/32 maxlen: 32
2a00:6fa0:3100::/40 maxlen: 40
2a00:6fa0:4200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 472608359 (0x1c2b6e67)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Validity
Not Before: Jan 1 09:56:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a69af72d386d0197d180005ea24ae00e56ed215a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b3:29:e3:a9:39:19:17:da:7a:66:ef:96:79:
51:de:d7:0d:c1:79:2a:8a:a9:14:b7:7b:1d:c7:8c:
27:95:f3:e6:0f:29:68:79:da:ae:fb:d0:ee:cb:f8:
f1:7a:b7:8e:35:b2:bd:f8:56:bc:91:7d:5d:59:c1:
58:96:17:e0:9f:8f:86:39:23:23:5b:08:e3:fe:18:
e3:54:21:64:29:56:cf:54:11:89:cf:9a:15:bc:39:
d0:a2:2b:6f:a6:a9:c4:d0:f1:fb:49:9b:c4:9e:95:
ca:3d:cc:93:8d:f6:0f:17:84:43:a3:92:1f:d0:4c:
fc:11:fb:ad:29:89:fa:b5:3d:4c:a3:7b:ca:29:97:
db:af:6c:d5:3c:77:07:76:89:83:90:6f:18:9b:f2:
b5:af:b8:61:18:84:7e:fd:2a:26:bf:20:3f:42:2b:
7e:b5:7e:a9:62:2e:d5:22:f5:2b:62:10:94:57:4c:
ee:48:76:cf:0f:90:02:e5:66:5f:32:e4:7a:60:63:
97:c7:eb:c8:1a:17:f4:74:44:9b:20:73:48:c9:21:
e0:26:08:f7:dc:48:7e:04:03:5a:20:72:f3:d9:bd:
dc:c4:9d:96:41:b6:93:89:90:aa:02:78:ca:e0:3a:
bb:1a:cf:43:53:7a:50:43:0a:c2:79:36:09:bd:bc:
c5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:9A:F7:2D:38:6D:01:97:D1:80:00:5E:A2:4A:E0:0E:56:ED:21:5A
X509v3 Authority Key Identifier:
keyid:F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/ppr3LThtAZfRgABeokrgDlbtIVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.175.0/24
IPv6:
2a00:6fa0::/32
Signature Algorithm: sha256WithRSAEncryption
a8:c3:17:8d:8d:3a:62:c5:83:74:05:7d:11:dd:aa:35:c0:74:
c2:87:51:ce:10:50:c2:3a:e0:52:90:0b:b7:71:75:4a:62:34:
c9:e6:c4:15:c0:65:0f:25:c8:2c:30:3e:01:2b:14:48:a4:10:
76:4b:82:f0:dc:ff:ec:82:c3:d7:b0:3a:e5:c7:b5:e8:83:1c:
5a:af:76:67:ae:f2:dd:0a:71:4c:8e:5b:99:3f:8a:78:0a:df:
c6:14:c6:97:e6:3e:37:1a:a0:74:21:2b:5f:53:e9:9b:a4:f9:
aa:3e:fc:85:0c:29:86:ae:fd:22:b3:61:16:d6:40:f2:94:a2:
8e:c3:6d:0a:62:3c:40:7b:78:e4:af:52:87:29:fe:fc:2f:b4:
17:8e:58:8c:55:f8:ff:41:98:12:f5:99:08:73:b8:c8:a8:16:
06:04:04:fb:98:7f:25:6a:75:37:a0:d0:57:8b:1a:5b:26:4c:
1f:6e:dd:3e:a0:de:a5:f8:cd:d8:4f:2e:df:ee:53:36:9e:46:
24:ab:c2:f3:a2:ce:4d:09:e6:e5:70:eb:7a:4b:31:4c:b0:15:
99:eb:8a:ad:77:2c:43:5f:82:93:b9:19:3f:4f:4a:18:68:82:
69:8f:56:a2:5f:de:e6:6b:7d:ae:16:23:9d:53:70:01:98:26:
c2:f4:56:89
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEHCtuZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NDJiMDg0ZjliOWM5OGNmZDkwNDEwYjgzMDVjYzZjYjQ2ZGNjZWQ4MB4XDTIyMDEw
MTA5NTYzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY5YWY3MmQzODZk
MDE5N2QxODAwMDVlYTI0YWUwMGU1NmVkMjE1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKzKeOpORkX2npm75Z5Ud7XDcF5KoqpFLd7HceMJ5Xz5g8p
aHnarvvQ7sv48Xq3jjWyvfhWvJF9XVnBWJYX4J+PhjkjI1sI4/4Y41QhZClWz1QR
ic+aFbw50KIrb6apxNDx+0mbxJ6Vyj3Mk432DxeEQ6OSH9BM/BH7rSmJ+rU9TKN7
yimX269s1Tx3B3aJg5BvGJvyta+4YRiEfv0qJr8gP0IrfrV+qWIu1SL1K2IQlFdM
7kh2zw+QAuVmXzLkemBjl8fryBoX9HREmyBzSMkh4CYI99xIfgQDWiBy89m93MSd
lkG2k4mQqgJ4yuA6uxrPQ1N6UEMKwnk2Cb28xUMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSmmvctOG0Bl9GAAF6iSuAOVu0hWjAfBgNVHSMEGDAWgBT0KwhPm5yYz9kE
ELgwXMbLRtzO2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlDc0lUNXVjbU1fWkJCQzRNRnpHeTBiY3p0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGEvZjk0OWE1LTg0YWMtNDU5ZC1iOWEwLTZhOWNkOTQyMDJmZi8x
L3BwcjNMVGh0QVpmUmdBQmVva3JnRGxidElWby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGEv
Zjk0OWE1LTg0YWMtNDU5ZC1iOWEwLTZhOWNkOTQyMDJmZi8xLzlDc0lUNXVjbU1f
WkJCQzRNRnpHeTBiY3p0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALkYrzANBAIAAjAHAwUAKgBvoDAN
BgkqhkiG9w0BAQsFAAOCAQEAqMMXjY06YsWDdAV9Ed2qNcB0wodRzhBQwjrgUpAL
t3F1SmI0yebEFcBlDyXILDA+ASsUSKQQdkuC8Nz/7ILD17A65ce16IMcWq92Z67y
3QpxTI5bmT+KeArfxhTGl+Y+NxqgdCErX1Ppm6T5qj78hQwphq79IrNhFtZA8pSi
jsNtCmI8QHt45K9Shyn+/C+0F45YjFX4/0GYEvWZCHO4yKgWBgQE+5h/JWp1N6DQ
V4saWyZMH27dPqDepfjN2E8u3+5TNp5GJKvC86LOTQnm5XDreksxTLAVmeuKrXcs
Q1+Ck7kZP09KGGiCaY9Wol/e5mt9rhYjnVNwAZgmwvRWiQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:22 2023 by rpki-client on console-ams.rpki-client.org