Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/4PBg1mtMGFmHRqb-jslQlPEpsvw.roa
File: 4PBg1mtMGFmHRqb-jslQlPEpsvw.roa (raw, json)
Hash identifier: BB5xo/fWUh9uP1jfFVo6glY1ooaLDNSR3gOmZL5pW4M=
Subject key identifier: E0:F0:60:D6:6B:4C:18:59:87:46:A6:FE:8E:C9:50:94:F1:29:B2:FC
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 04281B30
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/4PBg1mtMGFmHRqb-jslQlPEpsvw.roa
Signing time: Sat 02 Apr 2022 16:11:11 +0000
ROA not before: Sat 02 Apr 2022 16:11:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42910
IP address blocks: 188.132.141.0/24 maxlen: 32
77.92.152.0/24 maxlen: 32
188.132.149.0/24 maxlen: 32
188.132.146.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69737264 (0x4281b30)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Apr 2 16:11:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0f060d66b4c18598746a6fe8ec95094f129b2fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3b:c8:41:66:02:b4:7f:47:1a:0a:a5:8d:8d:
b6:7d:ab:71:16:52:9c:b2:af:d3:3c:76:14:95:0e:
f3:be:66:d3:28:21:e2:fd:c7:d7:a0:b8:0a:da:06:
13:4c:b8:94:6a:20:6e:33:e2:8b:fe:13:a5:30:8b:
30:ea:42:01:fb:58:bd:d4:cd:d8:a9:e4:fc:78:14:
ed:03:4b:5e:4a:b8:c2:77:d7:25:bb:37:6b:cf:62:
48:b8:91:e0:ee:aa:0f:03:de:ee:11:2c:66:ab:df:
ed:f7:89:7b:35:7d:3d:da:f8:3b:48:23:0d:4c:a1:
7b:f0:83:58:47:9e:29:fd:44:a0:e8:8a:79:f0:3c:
d3:85:12:2e:1d:44:2a:53:38:b9:ce:6a:54:11:9f:
eb:d9:c6:3d:b9:9f:29:cc:11:7d:59:db:4f:c0:09:
e4:92:b3:dd:b2:aa:63:0f:61:6e:d2:dc:35:5a:12:
9d:04:ec:dd:91:71:e6:a8:40:06:fe:02:c3:5c:61:
01:de:0b:81:1d:8d:06:ec:6d:04:f2:4c:8e:64:6d:
86:70:cf:be:71:cc:37:5c:aa:0f:19:dd:8b:1c:87:
3e:14:b6:da:60:35:91:f5:c1:d3:ca:6b:44:6a:88:
d9:2f:ad:9c:33:16:cf:53:b9:94:61:6e:f0:90:a0:
f3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:F0:60:D6:6B:4C:18:59:87:46:A6:FE:8E:C9:50:94:F1:29:B2:FC
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/4PBg1mtMGFmHRqb-jslQlPEpsvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.152.0/24
188.132.141.0/24
188.132.146.0/24
188.132.149.0/24
Signature Algorithm: sha256WithRSAEncryption
29:26:6e:4d:04:01:98:f0:31:d3:1a:de:08:0a:5e:0c:a9:21:
f4:b2:70:84:98:80:1e:e1:8e:f3:8a:5b:e9:18:a8:30:5e:5c:
6d:f6:2c:c7:70:64:6d:4f:a5:ec:63:7c:c8:b5:85:79:f9:7d:
91:f8:bb:26:bd:35:f0:b1:d8:ce:16:7f:68:79:ca:46:16:5d:
66:d2:33:40:15:2f:c9:57:f6:49:a1:d2:cb:5d:67:7f:6c:68:
74:6b:fe:19:36:45:bc:a3:6a:94:28:2e:f3:c0:08:cd:9f:3e:
fe:3c:d9:db:3a:c3:99:ee:d9:2e:6a:36:57:54:2d:d1:90:8f:
58:fc:9e:40:e1:bb:fb:58:9d:48:87:f4:b1:66:00:08:5e:c7:
24:48:e4:77:7a:e3:52:f7:93:41:c8:43:2c:88:bb:21:74:c2:
f7:31:fb:de:5a:78:31:57:de:09:d4:69:4c:ef:63:83:10:8c:
4c:64:6d:e6:13:08:94:2d:3c:95:80:45:c1:99:9b:ab:33:48:
6a:e5:d7:93:c9:50:26:a9:e1:e7:b5:e4:c7:31:84:0e:a8:c1:
42:33:d4:fc:fe:dd:9f:38:75:3d:75:8c:22:99:cd:0d:48:f2:
55:2a:de:37:61:eb:a6:b9:ef:f1:f8:49:92:ba:da:0e:ee:ae:
8d:eb:a3:7e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBCgbMDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWQ1NzQ0N2UzNDIwYjg1Mzg3NWI2ZmE0MDM3MmFhZGUzMTkyY2EyMB4XDTIyMDQw
MjE2MTExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBmMDYwZDY2YjRj
MTg1OTg3NDZhNmZlOGVjOTUwOTRmMTI5YjJmYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALU7yEFmArR/RxoKpY2Ntn2rcRZSnLKv0zx2FJUO875m0ygh
4v3H16C4CtoGE0y4lGogbjPii/4TpTCLMOpCAftYvdTN2Knk/HgU7QNLXkq4wnfX
Jbs3a89iSLiR4O6qDwPe7hEsZqvf7feJezV9Pdr4O0gjDUyhe/CDWEeeKf1EoOiK
efA804USLh1EKlM4uc5qVBGf69nGPbmfKcwRfVnbT8AJ5JKz3bKqYw9hbtLcNVoS
nQTs3ZFx5qhABv4Cw1xhAd4LgR2NBuxtBPJMjmRthnDPvnHMN1yqDxndixyHPhS2
2mA1kfXB08prRGqI2S+tnDMWz1O5lGFu8JCg8xMCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTg8GDWa0wYWYdGpv6OyVCU8Smy/DAfBgNVHSMEGDAWgBTJ1XRH40ILhTh1
tvpANyqt4xksojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lkVjBSLU5DQzRVNGRiYjZRRGNxcmVNWkxLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvMTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8x
LzRQQmcxbXRNR0ZtSFJxYi1qc2xRbFBFcHN2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
MTU4NmZkLWZkMmMtNDFmOC04ZmU5LTRlMTk4ZjBhNjAxMy8xL3lkVjBSLU5DQzRV
NGRiYjZRRGNxcmVNWkxLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAE1cmAMEALyEjQMEALyEkgMEALyE
lTANBgkqhkiG9w0BAQsFAAOCAQEAKSZuTQQBmPAx0xreCApeDKkh9LJwhJiAHuGO
84pb6RioMF5cbfYsx3BkbU+l7GN8yLWFefl9kfi7Jr018LHYzhZ/aHnKRhZdZtIz
QBUvyVf2SaHSy11nf2xodGv+GTZFvKNqlCgu88AIzZ8+/jzZ2zrDme7ZLmo2V1Qt
0ZCPWPyeQOG7+1idSIf0sWYACF7HJEjkd3rjUveTQchDLIi7IXTC9zH73lp4MVfe
CdRpTO9jgxCMTGRt5hMIlC08lYBFwZmbqzNIauXXk8lQJqnh57XkxzGEDqjBQjPU
/P7dnzh1PXWMIpnNDUjyVSreN2Hrprnv8fhJkrraDu6ujeujfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:58 2024 by rpki-client on console-ams.rpki-client.org