Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/39tfqocJ6qh8jQCIKtPCjZa49CU.roa
File: 39tfqocJ6qh8jQCIKtPCjZa49CU.roa (raw, json)
Hash identifier: xkpi9oWPeNObJL57Lxbzc6H9e4xzp3YpZy6IxHVOEak=
Subject key identifier: DF:DB:5F:AA:87:09:EA:A8:7C:8D:00:88:2A:D3:C2:8D:96:B8:F4:25
Certificate issuer: /CN=39d43c26468819c07b1925115fe4921f84203d16
Certificate serial: 018A884AFB85C4A44AFF420E573F7287AAAB
Authority key identifier: 39:D4:3C:26:46:88:19:C0:7B:19:25:11:5F:E4:92:1F:84:20:3D:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/39tfqocJ6qh8jQCIKtPCjZa49CU.roa
Signing time: Tue 12 Sep 2023 07:28:50 +0000
ROA not before: Tue 12 Sep 2023 07:28:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59970
IP address blocks: 185.61.84.0/22 maxlen: 22
185.244.188.0/22 maxlen: 22
185.219.16.0/22 maxlen: 22
2a0b:ddc0::/29 maxlen: 29
2a02:78a0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:88:4a:fb:85:c4:a4:4a:ff:42:0e:57:3f:72:87:aa:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39d43c26468819c07b1925115fe4921f84203d16
Validity
Not Before: Sep 12 07:28:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dfdb5faa8709eaa87c8d00882ad3c28d96b8f425
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:18:49:c0:b1:50:8d:22:06:99:e5:ba:0b:fe:
25:4e:99:48:3e:77:0c:fc:1f:18:7b:78:d3:f8:23:
40:2b:8c:1f:4b:be:4c:9d:1c:d2:9f:32:c0:a9:21:
f6:40:cd:48:2e:41:61:6c:c4:3b:45:e3:f7:59:ad:
67:fc:e1:cc:91:db:cd:53:63:49:b8:b9:6f:22:06:
55:e8:a6:79:74:d0:01:e3:a4:89:69:47:da:7b:ca:
47:0c:b7:b4:d6:39:6f:54:87:76:f4:3d:16:0e:6d:
b1:18:ac:ea:de:74:90:71:5d:36:c0:4f:3d:87:42:
1c:b5:0a:41:05:7e:3c:cb:4e:93:19:b6:dc:3f:17:
9e:61:59:81:d1:70:a7:62:c6:8d:5c:7b:58:00:bf:
6b:7d:57:a7:9b:84:12:9f:49:cd:44:5a:3b:17:a2:
51:31:48:95:68:78:cd:51:69:e2:fc:b0:f6:7d:fd:
7f:ac:66:80:ce:9a:d9:2b:b3:3d:a9:b4:a5:84:a8:
e3:c9:8a:0a:58:4c:e5:5a:ed:77:fe:ea:aa:9d:90:
7c:2d:1c:fe:af:04:8b:84:61:a9:37:59:b7:e1:08:
ae:fc:aa:90:f2:89:12:26:b2:ce:58:8a:f9:ad:37:
a2:6c:54:c5:8b:5f:ce:41:cc:38:27:44:d6:d0:40:
ac:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DB:5F:AA:87:09:EA:A8:7C:8D:00:88:2A:D3:C2:8D:96:B8:F4:25
X509v3 Authority Key Identifier:
keyid:39:D4:3C:26:46:88:19:C0:7B:19:25:11:5F:E4:92:1F:84:20:3D:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OdQ8JkaIGcB7GSURX-SSH4QgPRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/39tfqocJ6qh8jQCIKtPCjZa49CU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/affc01-a58f-4f70-a404-abf0ea07efaf/1/OdQ8JkaIGcB7GSURX-SSH4QgPRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.84.0/22
185.219.16.0/22
185.244.188.0/22
IPv6:
2a02:78a0::/29
2a0b:ddc0::/29
Signature Algorithm: sha256WithRSAEncryption
1f:69:ca:63:00:22:28:4b:5a:99:74:38:71:97:a1:d2:17:03:
eb:cf:1f:77:ce:d3:b2:f7:48:2c:52:a5:48:09:d9:d7:10:86:
d1:d2:c7:29:11:7d:dd:71:58:77:fa:a6:2e:1f:cd:6b:3d:60:
30:86:85:d6:45:ec:23:34:18:27:8d:eb:80:10:7c:04:19:f0:
d5:ed:ab:85:0e:de:d3:72:a9:e9:93:65:93:28:59:aa:bb:af:
6c:b4:6d:a1:4a:fa:cc:3f:b6:5e:88:9c:be:dd:39:c9:55:7e:
a9:ba:32:6a:62:65:8e:4f:f0:a8:34:cc:cc:9a:46:e9:01:92:
23:fe:bf:96:d6:ec:3a:ed:9c:e1:20:91:c1:b8:ef:3e:06:0b:
f2:4b:c8:19:17:0c:56:1d:8c:8a:1f:14:86:e1:7e:ab:02:bd:
75:f1:0d:9d:95:4b:62:6f:3b:ac:b9:3e:a3:b7:ff:0f:ed:3e:
93:bb:03:ba:37:40:6a:75:ee:a4:dd:c0:c7:ef:a8:79:87:a6:
11:81:6c:86:3a:d6:61:c0:c4:db:8e:ef:ad:e6:88:89:bd:ff:
de:02:b1:59:eb:61:3f:29:c3:26:2a:55:fc:fe:a5:5e:3a:1e:
ed:9b:d6:a1:3b:6a:e3:06:f8:05:85:e7:e0:a9:7e:f1:a0:9d:
d4:ee:fe:09
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYqISvuFxKRK/0IOVz9yh6qrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZDQzYzI2NDY4ODE5YzA3YjE5MjUxMTVmZTQ5MjFmODQy
MDNkMTYwHhcNMjMwOTEyMDcyODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRiNWZhYTg3MDllYWE4N2M4ZDAwODgyYWQzYzI4ZDk2YjhmNDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixhJwLFQjSIGmeW6C/4lTplIPncM
/B8Ye3jT+CNAK4wfS75MnRzSnzLAqSH2QM1ILkFhbMQ7ReP3Wa1n/OHMkdvNU2NJ
uLlvIgZV6KZ5dNAB46SJaUfae8pHDLe01jlvVId29D0WDm2xGKzq3nSQcV02wE89
h0IctQpBBX48y06TGbbcPxeeYVmB0XCnYsaNXHtYAL9rfVenm4QSn0nNRFo7F6JR
MUiVaHjNUWni/LD2ff1/rGaAzprZK7M9qbSlhKjjyYoKWEzlWu13/uqqnZB8LRz+
rwSLhGGpN1m34Qiu/KqQ8okSJrLOWIr5rTeibFTFi1/OQcw4J0TW0ECszwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFN/bX6qHCeqofI0AiCrTwo2WuPQlMB8GA1UdIwQY
MBaAFDnUPCZGiBnAexklEV/kkh+EID0WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hZmZjMDEtYTU4Zi00ZjcwLWE0MDQt
YWJmMGVhMDdlZmFmLzEvMzl0ZnFvY0o2cWg4alFDSUt0UENqWmE0OUNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hZmZjMDEtYTU4Zi00ZjcwLWE0MDQtYWJmMGVhMDdlZmFm
LzEvT2RROEprYUlHY0I3R1NVUlgtU1NINFFnUFJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuT1UAwQC
udsQAwQCufS8MBQEAgACMA4DBQMqAnigAwUDKgvdwDANBgkqhkiG9w0BAQsFAAOC
AQEAH2nKYwAiKEtamXQ4cZeh0hcD688fd87TsvdILFKlSAnZ1xCG0dLHKRF93XFY
d/qmLh/Naz1gMIaF1kXsIzQYJ43rgBB8BBnw1e2rhQ7e03Kp6ZNlkyhZqruvbLRt
oUr6zD+2Xoicvt05yVV+qboyamJljk/wqDTMzJpG6QGSI/6/ltbsOu2c4SCRwbjv
PgYL8kvIGRcMVh2Mih8UhuF+qwK9dfENnZVLYm87rLk+o7f/D+0+k7sDujdAanXu
pN3Ax++oeYemEYFshjrWYcDE247vreaIib3/3gKxWethPynDJipV/P6lXjoe7ZvW
oTtq4wb4BYXn4Kl+8aCd1O7+CQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:18 2025 by rpki-client