Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/05DdjQwUH7zGQh6KkiQ58BdwdTY.roa
File: 05DdjQwUH7zGQh6KkiQ58BdwdTY.roa (raw, json)
Hash identifier: nInx/YD1vV7Gy5jPmMioPG6Bp7v9oVd3rW7o1LqYtYY=
Subject key identifier: D3:90:DD:8D:0C:14:1F:BC:C6:42:1E:8A:92:24:39:F0:17:70:75:36
Certificate issuer: /CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Certificate serial: 04E42170
Authority key identifier: 21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/05DdjQwUH7zGQh6KkiQ58BdwdTY.roa
Signing time: Sat 01 Jan 2022 02:55:22 +0000
ROA not before: Sat 01 Jan 2022 02:55:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14413
IP address blocks: 144.2.192.0/19 maxlen: 24
144.2.0.0/19 maxlen: 24
185.63.144.0/22 maxlen: 24
144.2.176.0/20 maxlen: 24
2a04:f540::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 82059632 (0x4e42170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21e86ff9973c93abe6398f031966c29d75a3ba86
Validity
Not Before: Jan 1 02:55:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d390dd8d0c141fbcc6421e8a922439f017707536
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:93:fe:9b:75:9b:84:74:ee:44:e9:19:b0:1d:
eb:ca:83:91:9f:b2:59:96:c2:e1:4b:ca:76:b4:31:
cf:fa:92:19:00:15:c0:f9:55:b3:2a:b8:3f:80:5e:
51:42:b9:4b:99:5b:30:ef:14:8a:4c:01:23:53:9c:
01:af:6e:b1:77:5d:2e:fd:30:de:89:c1:60:12:a1:
40:ea:70:51:2e:65:34:c7:76:2d:4b:28:20:2c:3c:
82:91:69:59:aa:17:a4:fe:63:8a:91:f7:0b:78:d9:
8d:48:35:30:a4:d2:47:71:c5:2b:c2:6f:5f:97:d8:
de:f9:30:29:3a:e8:8f:cc:e6:40:5f:77:f4:df:ab:
5c:d7:fb:5a:67:0c:cb:c9:d3:97:58:2a:f7:c1:16:
a8:ee:a6:c4:66:c1:98:db:be:72:1e:b0:1b:89:96:
ab:51:61:95:12:61:ae:55:a6:2e:a1:35:86:25:3b:
02:d6:e0:b3:69:b7:94:84:e6:86:df:7c:d8:07:53:
c2:34:f7:13:09:4c:f6:40:07:86:ca:94:93:d9:a3:
4c:f5:cd:0f:4d:c2:81:50:26:f7:21:66:59:3b:20:
26:bd:26:68:55:db:c7:d8:da:3b:cc:f1:d2:32:6c:
19:ec:99:11:45:aa:05:7c:55:c2:37:bf:1e:4c:f2:
c4:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:90:DD:8D:0C:14:1F:BC:C6:42:1E:8A:92:24:39:F0:17:70:75:36
X509v3 Authority Key Identifier:
keyid:21:E8:6F:F9:97:3C:93:AB:E6:39:8F:03:19:66:C2:9D:75:A3:BA:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/05DdjQwUH7zGQh6KkiQ58BdwdTY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/2f6dd0-b76f-47d5-a4ab-32feeb566ee6/1/Iehv-Zc8k6vmOY8DGWbCnXWjuoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.0.0/19
144.2.176.0-144.2.223.255
185.63.144.0/22
IPv6:
2a04:f540::/29
Signature Algorithm: sha256WithRSAEncryption
37:ef:45:fb:91:79:78:93:18:64:40:7f:e2:4f:13:bd:0e:11:
88:21:c9:d8:d9:0b:82:67:ff:90:79:fa:3b:c9:d2:29:be:f0:
b6:f5:f3:15:8d:7f:05:c3:16:8e:27:f1:22:c0:c9:81:54:b8:
88:25:cd:00:ec:96:d1:7a:e0:86:23:67:1d:92:ec:8d:8d:cd:
aa:2b:b2:36:93:67:89:76:61:22:d7:93:d1:8d:cc:7c:4c:ac:
6e:4f:f1:29:66:99:81:1b:4a:0d:c4:4a:51:89:55:a9:2b:6f:
40:a8:34:79:23:27:89:b2:76:22:1a:45:d4:7b:9e:4a:04:92:
89:6a:19:da:79:48:14:80:b3:07:a1:fd:ea:c3:3e:e7:e8:3e:
5a:ac:d1:1e:4b:79:7a:b0:41:c5:82:c0:00:3d:28:ce:7e:b6:
b8:2a:97:3a:ce:d0:c5:a5:6c:3e:a0:4f:ac:08:54:80:73:0a:
9b:c8:f1:f7:c1:12:24:5e:a6:65:52:d3:21:b7:5b:fd:8a:0c:
c7:4b:ab:c4:ef:52:64:9f:08:f8:36:d9:87:48:21:c8:b3:d7:
62:80:8e:73:8f:fe:99:f9:64:c7:5f:e6:ea:60:43:67:5f:ce:
99:50:1f:91:17:e9:98:e7:85:ed:31:f9:03:37:56:7e:7d:04:
91:6e:b2:f7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEBOQhcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWU4NmZmOTk3M2M5M2FiZTYzOThmMDMxOTY2YzI5ZDc1YTNiYTg2MB4XDTIyMDEw
MTAyNTUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDM5MGRkOGQwYzE0
MWZiY2M2NDIxZThhOTIyNDM5ZjAxNzcwNzUzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMuT/pt1m4R07kTpGbAd68qDkZ+yWZbC4UvKdrQxz/qSGQAV
wPlVsyq4P4BeUUK5S5lbMO8UikwBI1OcAa9usXddLv0w3onBYBKhQOpwUS5lNMd2
LUsoICw8gpFpWaoXpP5jipH3C3jZjUg1MKTSR3HFK8JvX5fY3vkwKTroj8zmQF93
9N+rXNf7WmcMy8nTl1gq98EWqO6mxGbBmNu+ch6wG4mWq1FhlRJhrlWmLqE1hiU7
Atbgs2m3lITmht982AdTwjT3EwlM9kAHhsqUk9mjTPXND03CgVAm9yFmWTsgJr0m
aFXbx9jaO8zx0jJsGeyZEUWqBXxVwje/HkzyxN0CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTTkN2NDBQfvMZCHoqSJDnwF3B1NjAfBgNVHSMEGDAWgBQh6G/5lzyTq+Y5
jwMZZsKddaO6hjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0llaHYtWmM4azZ2bU9ZOERHV2JDblhXanVvWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTIvMmY2ZGQwLWI3NmYtNDdkNS1hNGFiLTMyZmVlYjU2NmVlNi8x
LzA1RGRqUXdVSDd6R1FoNktraVE1OEJkd2RUWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTIv
MmY2ZGQwLWI3NmYtNDdkNS1hNGFiLTMyZmVlYjU2NmVlNi8xL0llaHYtWmM4azZ2
bU9ZOERHV2JDblhXanVvWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEBZACADAMAwQEkAKwAwQFkALAAwQC
uT+QMA0EAgACMAcDBQMqBPVAMA0GCSqGSIb3DQEBCwUAA4IBAQA370X7kXl4kxhk
QH/iTxO9DhGIIcnY2QuCZ/+Qefo7ydIpvvC29fMVjX8FwxaOJ/EiwMmBVLiIJc0A
7JbReuCGI2cdkuyNjc2qK7I2k2eJdmEi15PRjcx8TKxuT/EpZpmBG0oNxEpRiVWp
K29AqDR5IyeJsnYiGkXUe55KBJKJahnaeUgUgLMHof3qwz7n6D5arNEeS3l6sEHF
gsAAPSjOfra4Kpc6ztDFpWw+oE+sCFSAcwqbyPH3wRIkXqZlUtMht1v9igzHS6vE
71Jknwj4NtmHSCHIs9digI5zj/6Z+WTHX+bqYENnX86ZUB+RF+mY54XtMfkDN1Z+
fQSRbrL3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-fra.rpki-client.org