Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/5DADYdvoj-uNKBiK2JXq1ujx0Co.roa
File: 5DADYdvoj-uNKBiK2JXq1ujx0Co.roa (raw, json)
Hash identifier: GfMt3JachxLgH0is2eis6pN8qDdK6QrudNwWULELyLE=
Subject key identifier: E4:30:03:61:DB:E8:8F:EB:8D:28:18:8A:D8:95:EA:D6:E8:F1:D0:2A
Certificate issuer: /CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Certificate serial: 0CC3B51B
Authority key identifier: 3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/5DADYdvoj-uNKBiK2JXq1ujx0Co.roa
Signing time: Sat 01 Jan 2022 04:55:27 +0000
ROA not before: Sat 01 Jan 2022 04:55:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204796
IP address blocks: 195.158.252.0/23 maxlen: 23
185.240.0.0/22 maxlen: 22
195.190.11.0/24 maxlen: 24
2001:67c:11f8::/48 maxlen: 48
2a0c:6880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 214152475 (0xcc3b51b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d0ef4358adb040f333d9361a4261ea0e50d38ab
Validity
Not Before: Jan 1 04:55:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4300361dbe88feb8d28188ad895ead6e8f1d02a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:93:08:ed:e4:be:72:b1:91:3c:09:be:44:3c:
72:9f:48:ca:e6:da:bf:12:78:bd:5a:df:3d:5f:fb:
64:9e:36:5a:3f:b9:b6:b8:51:c7:b7:9e:89:38:61:
36:e3:a5:dc:e7:cc:3b:3d:4c:fb:31:72:94:79:25:
75:20:0f:30:07:69:3e:cd:76:17:e8:6e:d1:87:88:
25:47:bd:6d:6b:5f:b6:2b:87:5c:84:85:05:38:0f:
47:54:f0:66:73:fe:8d:66:93:96:65:b9:fc:3d:42:
22:3d:4e:8f:55:50:a2:77:a6:27:ea:f1:3d:7b:1a:
ee:f5:37:24:02:bc:22:b0:1d:0d:9e:6a:a1:aa:de:
05:8b:22:b5:74:66:30:c0:cb:7a:26:a1:20:1e:cc:
f1:e3:c3:4d:07:6b:80:6f:89:b3:45:6c:98:b0:eb:
2a:b0:a2:07:41:37:da:30:19:80:c7:96:bd:0c:19:
14:99:f3:06:d1:d4:df:20:6f:0b:24:40:36:7d:eb:
65:ea:74:d9:dc:7b:f4:d8:de:14:bb:b8:b8:ee:d3:
dd:eb:54:0b:2f:c7:fb:c1:93:a4:92:9f:7c:f9:a5:
4f:47:d9:bf:67:b0:0b:54:18:d2:c5:19:46:03:73:
1b:79:9f:66:f1:a2:99:90:df:2a:a5:7e:73:36:ae:
0a:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:30:03:61:DB:E8:8F:EB:8D:28:18:8A:D8:95:EA:D6:E8:F1:D0:2A
X509v3 Authority Key Identifier:
keyid:3D:0E:F4:35:8A:DB:04:0F:33:3D:93:61:A4:26:1E:A0:E5:0D:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PQ70NYrbBA8zPZNhpCYeoOUNOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/5DADYdvoj-uNKBiK2JXq1ujx0Co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/f946ef-9619-4bdd-9f47-d2bc96a98a18/1/PQ70NYrbBA8zPZNhpCYeoOUNOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.0.0/22
195.158.252.0/23
195.190.11.0/24
IPv6:
2001:67c:11f8::/48
2a0c:6880::/32
Signature Algorithm: sha256WithRSAEncryption
89:27:b0:c6:b8:96:df:b3:cb:ab:a5:7e:0d:d8:7f:db:0e:d4:
bb:26:2d:a3:32:aa:58:3c:e2:3a:85:d9:e8:e3:97:cf:56:18:
72:77:23:57:2e:12:e0:b5:86:1b:7b:6f:48:ba:af:54:59:f9:
11:39:f3:b1:57:04:09:4a:7a:1c:bc:1b:c4:a4:69:63:92:f7:
42:38:3d:59:da:e3:e5:97:59:0d:e4:da:81:63:61:64:60:ab:
6a:b7:34:a1:8e:fc:51:24:af:b6:65:9a:05:37:87:eb:82:b0:
c5:28:7e:83:7e:23:0c:81:23:4f:c6:e2:ad:16:9a:a0:76:59:
8f:a2:ce:89:83:a8:d9:5c:25:90:ea:bc:75:d0:7e:ed:8c:77:
b5:4e:29:0c:ea:1a:8b:e7:a9:a5:ca:02:dd:76:2c:53:63:0f:
65:9b:52:6a:50:78:77:83:f1:f2:83:55:93:88:61:cd:fd:da:
b4:2a:fd:f9:53:79:e2:92:cd:d2:f8:3b:04:d7:af:c8:f6:05:
26:95:68:1a:32:fb:f5:b9:1c:4a:ba:8b:c0:76:29:43:55:b1:
bd:c4:15:6e:f3:aa:99:ec:4d:3c:6e:68:85:27:3d:5e:33:7f:
d0:b2:2d:64:72:db:e1:69:90:a6:32:f3:77:cf:4c:b8:92:52:
de:fe:3e:86
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEDMO1GzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
ZDBlZjQzNThhZGIwNDBmMzMzZDkzNjFhNDI2MWVhMGU1MGQzOGFiMB4XDTIyMDEw
MTA0NTUyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQzMDAzNjFkYmU4
OGZlYjhkMjgxODhhZDg5NWVhZDZlOGYxZDAyYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCTCO3kvnKxkTwJvkQ8cp9IyubavxJ4vVrfPV/7ZJ42Wj+5
trhRx7eeiThhNuOl3OfMOz1M+zFylHkldSAPMAdpPs12F+hu0YeIJUe9bWtftiuH
XISFBTgPR1TwZnP+jWaTlmW5/D1CIj1Oj1VQonemJ+rxPXsa7vU3JAK8IrAdDZ5q
oareBYsitXRmMMDLeiahIB7M8ePDTQdrgG+Js0VsmLDrKrCiB0E32jAZgMeWvQwZ
FJnzBtHU3yBvCyRANn3rZep02dx79NjeFLu4uO7T3etUCy/H+8GTpJKffPmlT0fZ
v2ewC1QY0sUZRgNzG3mfZvGimZDfKqV+czauCpsCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBTkMANh2+iP640oGIrYlerW6PHQKjAfBgNVHSMEGDAWgBQ9DvQ1itsEDzM9
k2GkJh6g5Q04qzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BRNzBOWXJiQkE4elBaTmhwQ1llb09VTk9Lcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvZjk0NmVmLTk2MTktNGJkZC05ZjQ3LWQyYmM5NmE5OGExOC8x
LzVEQURZZHZvai11TktCaUsySlhxMXVqeDBDby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Zjk0NmVmLTk2MTktNGJkZC05ZjQ3LWQyYmM5NmE5OGExOC8xL1BRNzBOWXJiQkE4
elBaTmhwQ1llb09VTk9Lcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwGAQCAAEwEgMEArnwAAMEAcOe/AMEAMO+CzAWBAIA
AjAQAwcAIAEGfBH4AwUAKgxogDANBgkqhkiG9w0BAQsFAAOCAQEAiSewxriW37PL
q6V+Ddh/2w7UuyYtozKqWDziOoXZ6OOXz1YYcncjVy4S4LWGG3tvSLqvVFn5ETnz
sVcECUp6HLwbxKRpY5L3Qjg9Wdrj5ZdZDeTagWNhZGCrarc0oY78USSvtmWaBTeH
64KwxSh+g34jDIEjT8birRaaoHZZj6LOiYOo2VwlkOq8ddB+7Yx3tU4pDOoai+ep
pcoC3XYsU2MPZZtSalB4d4Px8oNVk4hhzf3atCr9+VN54pLN0vg7BNevyPYFJpVo
GjL79bkcSrqLwHYpQ1WxvcQVbvOqmexNPG5ohSc9XjN/0LItZHLb4WmQpjLzd89M
uJJS3v4+hg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:42 2024 by rpki-client on console-fra.rpki-client.org