Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/ADgeNWR8ktZyeHkRjCWXtMiFQa0.roa
File: ADgeNWR8ktZyeHkRjCWXtMiFQa0.roa (raw, json)
Hash identifier: KXSsV056mQMDPaPAGuv6vHdpgfrVKBoA/Yeu6FWL8v8=
Subject key identifier: 00:38:1E:35:64:7C:92:D6:72:78:79:11:8C:25:97:B4:C8:85:41:AD
Certificate issuer: /CN=5140b5cb5986084126f68d6032316d3b1b57696e
Certificate serial: 01850287A033CB95754FBEFD2EE2336D9D31
Authority key identifier: 51:40:B5:CB:59:86:08:41:26:F6:8D:60:32:31:6D:3B:1B:57:69:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UUC1y1mGCEEm9o1gMjFtOxtXaW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/ADgeNWR8ktZyeHkRjCWXtMiFQa0.roa
Signing time: Sun 11 Dec 2022 18:52:00 +0000
ROA not before: Sun 11 Dec 2022 18:52:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199462
IP address blocks: 185.101.78.0/24 maxlen: 24
185.101.77.0/24 maxlen: 24
185.101.76.0/24 maxlen: 24
185.101.79.0/24 maxlen: 24
2a06:1b87::/32 maxlen: 32
2001:67c:11bc::/48 maxlen: 48
2a06:1b86::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:02:87:a0:33:cb:95:75:4f:be:fd:2e:e2:33:6d:9d:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5140b5cb5986084126f68d6032316d3b1b57696e
Validity
Not Before: Dec 11 18:52:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00381e35647c92d6727879118c2597b4c88541ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4e:7d:5c:48:44:2f:a1:ae:38:de:6c:7b:a2:
40:48:72:0b:40:24:8a:2a:b9:34:b8:ee:9d:0f:1a:
94:d5:40:b6:cb:bc:8b:67:8b:4e:f3:33:8f:ca:6c:
a4:9c:8b:4a:fe:70:1a:32:5b:a4:2c:c0:d3:d2:07:
8d:fb:15:39:93:c5:9e:4c:e7:0a:2a:67:12:99:fb:
91:fa:5b:4e:ca:e5:ea:dc:b7:82:cd:f8:fa:c3:68:
79:0e:54:5b:c3:3e:97:d8:b6:4e:b1:d4:9e:16:43:
03:46:bc:fa:25:f9:d4:70:ce:ff:d8:85:b4:11:d8:
2a:65:c4:e3:18:d9:d5:e3:6f:b1:a3:0f:78:32:81:
fd:87:9b:82:5f:56:ac:2d:47:09:23:88:ad:6d:88:
f9:4f:81:3a:8c:01:f4:2e:3d:79:ee:81:03:6e:f1:
d2:8c:ec:38:01:fd:13:85:79:71:e7:bd:13:c4:ca:
33:1a:0b:7d:5b:43:6d:5a:32:79:65:a1:f0:81:3c:
43:95:00:e3:1a:b0:e4:13:4c:1c:8d:cf:a7:bf:78:
0d:23:7f:70:39:c4:c5:f8:d7:49:41:35:1f:5d:ec:
b3:3e:ba:a5:32:95:ab:33:6f:72:5b:23:11:55:31:
61:d1:11:32:3f:c0:42:d2:c6:80:1b:4f:93:6f:fe:
30:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:38:1E:35:64:7C:92:D6:72:78:79:11:8C:25:97:B4:C8:85:41:AD
X509v3 Authority Key Identifier:
keyid:51:40:B5:CB:59:86:08:41:26:F6:8D:60:32:31:6D:3B:1B:57:69:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UUC1y1mGCEEm9o1gMjFtOxtXaW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/ADgeNWR8ktZyeHkRjCWXtMiFQa0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/UUC1y1mGCEEm9o1gMjFtOxtXaW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.76.0/22
IPv6:
2001:67c:11bc::/48
2a06:1b86::/31
Signature Algorithm: sha256WithRSAEncryption
69:d6:a8:25:83:68:e8:45:df:22:4a:c1:5b:5d:3e:ab:d5:95:
4e:d8:7d:92:68:db:d1:1c:0c:9f:e6:7f:8b:c2:a8:f9:f7:61:
6a:71:73:63:78:1a:86:72:1e:f7:b4:5a:2b:be:a4:8f:a9:fe:
11:51:c0:9c:f3:81:12:98:28:04:6f:36:91:81:59:5c:f3:04:
ea:d3:0e:64:f5:67:e1:92:25:c7:e4:04:8b:de:92:84:e4:ec:
29:0f:11:de:d1:75:70:81:27:12:6b:8c:db:1f:f7:bb:e6:62:
f4:e8:9c:2b:04:96:a1:0a:69:39:9f:af:34:6c:fa:b3:8d:62:
1e:f9:1c:7f:06:13:05:9b:6b:d8:48:7f:c3:49:10:3d:ec:14:
bf:d3:a6:38:4a:76:dc:a7:d4:e2:41:c5:9f:f4:1b:c7:54:83:
90:a4:47:3d:a3:94:8a:ec:62:15:d2:19:ac:69:32:75:b6:82:
c1:90:d4:86:b4:18:68:2d:8d:ef:2a:a4:1e:a4:29:02:9e:03:
48:3e:fe:1f:64:66:b8:06:6d:b9:1d:b3:b8:cb:92:cf:b5:f1:
74:43:7b:26:64:87:40:20:cb:23:58:48:a5:4f:89:f7:48:f3:
b4:7c:be:28:ed:60:6b:83:8a:45:83:d9:7b:35:09:36:a1:b7:
c9:ed:5e:6c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYUCh6Azy5V1T779LuIzbZ0xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxNDBiNWNiNTk4NjA4NDEyNmY2OGQ2MDMyMzE2ZDNiMWI1
NzY5NmUwHhcNMjIxMjExMTg1MjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDM4MWUzNTY0N2M5MmQ2NzI3ODc5MTE4YzI1OTdiNGM4ODU0MWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAok59XEhEL6GuON5se6JASHILQCSK
Krk0uO6dDxqU1UC2y7yLZ4tO8zOPymyknItK/nAaMlukLMDT0geN+xU5k8WeTOcK
KmcSmfuR+ltOyuXq3LeCzfj6w2h5DlRbwz6X2LZOsdSeFkMDRrz6JfnUcM7/2IW0
EdgqZcTjGNnV42+xow94MoH9h5uCX1asLUcJI4itbYj5T4E6jAH0Lj157oEDbvHS
jOw4Af0ThXlx570TxMozGgt9W0NtWjJ5ZaHwgTxDlQDjGrDkE0wcjc+nv3gNI39w
OcTF+NdJQTUfXeyzPrqlMpWrM29yWyMRVTFh0REyP8BC0saAG0+Tb/4wCwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAA4HjVkfJLWcnh5EYwll7TIhUGtMB8GA1UdIwQY
MBaAFFFAtctZhghBJvaNYDIxbTsbV2luMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVVDMXkxbUdDRUVtOW8xZ01qRnRPeHRYYVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9kMTlmMmQtOTY1OS00OGIxLWIxZTgt
ZGUxM2E1NTJkZjYzLzEvQURnZU5XUjhrdFp5ZUhrUmpDV1h0TWlGUWEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9kMTlmMmQtOTY1OS00OGIxLWIxZTgtZGUxM2E1NTJkZjYz
LzEvVVVDMXkxbUdDRUVtOW8xZ01qRnRPeHRYYVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuWVMMBYE
AgACMBADBwAgAQZ8EbwDBQEqBhuGMA0GCSqGSIb3DQEBCwUAA4IBAQBp1qglg2jo
Rd8iSsFbXT6r1ZVO2H2SaNvRHAyf5n+Lwqj592FqcXNjeBqGch73tForvqSPqf4R
UcCc84ESmCgEbzaRgVlc8wTq0w5k9WfhkiXH5ASL3pKE5OwpDxHe0XVwgScSa4zb
H/e75mL06JwrBJahCmk5n680bPqzjWIe+Rx/BhMFm2vYSH/DSRA97BS/06Y4Snbc
p9TiQcWf9BvHVIOQpEc9o5SK7GIV0hmsaTJ1toLBkNSGtBhoLY3vKqQepCkCngNI
Pv4fZGa4Bm25HbO4y5LPtfF0Q3smZIdAIMsjWEilT4n3SPO0fL4o7WBrg4pFg9l7
NQk2obfJ7V5s
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:18 2024 by rpki-client on console-fra.rpki-client.org