Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/Rph-8j8uu4WaqgQatDpTKR8ftDw.roa
File: Rph-8j8uu4WaqgQatDpTKR8ftDw.roa (raw, json)
Hash identifier: 5crkQjYDiXTmp5LPFSHrHxlw5oB4S2FFl3MYpnI5jbs=
Subject key identifier: 46:98:7E:F2:3F:2E:BB:85:9A:AA:04:1A:B4:3A:53:29:1F:1F:B4:3C
Certificate issuer: /CN=4044fa54400bc6cfc30cb8311a819d5bda421a72
Certificate serial: 0DA3C4B0
Authority key identifier: 40:44:FA:54:40:0B:C6:CF:C3:0C:B8:31:1A:81:9D:5B:DA:42:1A:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QET6VEALxs_DDLgxGoGdW9pCGnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/Rph-8j8uu4WaqgQatDpTKR8ftDw.roa
Signing time: Sat 01 Jan 2022 03:59:37 +0000
ROA not before: Sat 01 Jan 2022 03:59:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60627
IP address blocks: 185.124.112.0/22 maxlen: 22
185.143.204.0/22 maxlen: 22
185.113.56.0/22 maxlen: 22
185.140.56.0/22 maxlen: 22
185.145.8.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228836528 (0xda3c4b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4044fa54400bc6cfc30cb8311a819d5bda421a72
Validity
Not Before: Jan 1 03:59:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46987ef23f2ebb859aaa041ab43a53291f1fb43c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a5:9f:6e:d7:15:73:7e:20:8a:66:d6:62:77:
52:b8:b1:2c:5c:1e:87:a3:52:98:e6:ce:10:5c:a6:
61:59:13:40:a3:c2:a1:85:80:54:67:41:a0:53:d3:
d7:c6:f4:b5:75:4d:d3:9d:99:8a:96:b6:06:c1:d6:
0c:bd:a6:10:f0:6c:52:ba:4e:89:c9:11:2f:65:b6:
18:b0:39:0c:75:22:77:c5:cc:70:46:e0:fe:43:e1:
20:e7:70:7e:d3:6a:1b:c9:e1:e5:fa:36:ee:d1:29:
70:55:84:28:b7:8e:93:58:5f:7a:50:00:ee:ee:f2:
8a:9f:39:45:34:f2:19:6e:24:7b:18:47:d2:3a:73:
09:57:af:a6:35:33:f2:58:93:ca:22:c5:e1:20:4d:
53:89:a7:23:e8:4c:6f:c9:8b:c0:50:57:16:e3:2f:
9c:64:a8:72:36:65:27:ad:45:73:d7:30:d7:82:be:
d7:12:ad:15:22:7a:b8:05:46:c7:90:ed:d7:b1:25:
77:1c:4b:b7:4d:1f:92:aa:ea:1d:48:41:a4:9e:00:
d5:e4:34:fa:fe:5e:20:cc:bb:ca:d4:d5:aa:e8:f1:
17:71:f7:0b:57:d5:9f:e2:55:83:e0:65:44:0f:7b:
2b:ab:db:d8:71:79:3c:5a:7b:f7:ae:2a:b9:d6:6e:
a6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:98:7E:F2:3F:2E:BB:85:9A:AA:04:1A:B4:3A:53:29:1F:1F:B4:3C
X509v3 Authority Key Identifier:
keyid:40:44:FA:54:40:0B:C6:CF:C3:0C:B8:31:1A:81:9D:5B:DA:42:1A:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QET6VEALxs_DDLgxGoGdW9pCGnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/Rph-8j8uu4WaqgQatDpTKR8ftDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/4d5551-0330-43ea-80f1-bb433ba476f2/1/QET6VEALxs_DDLgxGoGdW9pCGnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.56.0/22
185.124.112.0/22
185.140.56.0/22
185.143.204.0/22
185.145.8.0/22
Signature Algorithm: sha256WithRSAEncryption
95:95:aa:44:ba:63:fe:92:6d:5a:26:6f:83:4a:3c:fa:c5:23:
27:94:10:c6:97:7c:e7:d8:51:69:fa:93:28:e4:c8:c9:f2:32:
90:ef:cc:5e:92:11:7b:ba:c8:8c:c4:f3:2f:0e:22:f8:31:bd:
25:dd:bd:dc:1d:54:ae:a2:e5:fd:45:03:2f:72:a4:4a:6d:cc:
9d:67:d5:35:96:6d:60:28:21:15:9f:b2:c3:15:37:56:3e:00:
78:05:8a:19:3c:de:d2:7d:69:b5:5f:99:4e:a9:fe:3c:18:ba:
c5:73:1b:2b:ab:d0:27:cc:ae:95:cd:d6:4f:b1:90:7b:2c:3a:
65:9c:8f:0b:26:b0:7a:9b:59:88:10:f6:ef:e0:e0:25:62:e3:
47:67:45:37:30:25:68:6b:78:c5:cf:b0:d7:cf:d1:ed:04:82:
67:ad:c3:63:00:82:d4:50:8b:70:ca:36:73:fc:c3:d5:7a:06:
f1:36:0a:dd:ee:eb:30:cc:00:23:57:8c:b4:da:21:70:a7:c3:
9d:d1:37:c1:54:86:d3:03:33:d6:10:65:11:5b:90:0e:15:c0:
f3:09:84:e8:da:a2:63:a6:76:5d:06:53:95:a0:f6:fb:84:6e:
ee:5a:a5:6d:53:35:41:17:6e:e3:9a:ff:3b:f1:c1:38:44:1c:
f3:97:a0:b2
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEDaPEsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MDQ0ZmE1NDQwMGJjNmNmYzMwY2I4MzExYTgxOWQ1YmRhNDIxYTcyMB4XDTIyMDEw
MTAzNTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDY5ODdlZjIzZjJl
YmI4NTlhYWEwNDFhYjQzYTUzMjkxZjFmYjQzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMeln27XFXN+IIpm1mJ3UrixLFweh6NSmObOEFymYVkTQKPC
oYWAVGdBoFPT18b0tXVN052Zipa2BsHWDL2mEPBsUrpOickRL2W2GLA5DHUid8XM
cEbg/kPhIOdwftNqG8nh5fo27tEpcFWEKLeOk1hfelAA7u7yip85RTTyGW4kexhH
0jpzCVevpjUz8liTyiLF4SBNU4mnI+hMb8mLwFBXFuMvnGSocjZlJ61Fc9cw14K+
1xKtFSJ6uAVGx5Dt17EldxxLt00fkqrqHUhBpJ4A1eQ0+v5eIMy7ytTVqujxF3H3
C1fVn+JVg+BlRA97K6vb2HF5PFp7964qudZupl8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRGmH7yPy67hZqqBBq0OlMpHx+0PDAfBgNVHSMEGDAWgBRARPpUQAvGz8MM
uDEagZ1b2kIacjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FFVDZWRUFMeHNfRERMZ3hHb0dkVzlwQ0duSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNGQ1NTUxLTAzMzAtNDNlYS04MGYxLWJiNDMzYmE0NzZmMi8x
L1JwaC04ajh1dTRXYXFnUWF0RHBUS1I4ZnREdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
NGQ1NTUxLTAzMzAtNDNlYS04MGYxLWJiNDMzYmE0NzZmMi8xL1FFVDZWRUFMeHNf
RERMZ3hHb0dkVzlwQ0duSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEArlxOAMEArl8cAMEArmMOAMEArmP
zAMEArmRCDANBgkqhkiG9w0BAQsFAAOCAQEAlZWqRLpj/pJtWiZvg0o8+sUjJ5QQ
xpd859hRafqTKOTIyfIykO/MXpIRe7rIjMTzLw4i+DG9Jd293B1UrqLl/UUDL3Kk
Sm3MnWfVNZZtYCghFZ+ywxU3Vj4AeAWKGTze0n1ptV+ZTqn+PBi6xXMbK6vQJ8yu
lc3WT7GQeyw6ZZyPCyaweptZiBD27+DgJWLjR2dFNzAlaGt4xc+w18/R7QSCZ63D
YwCC1FCLcMo2c/zD1XoG8TYK3e7rMMwAI1eMtNohcKfDndE3wVSG0wMz1hBlEVuQ
DhXA8wmE6NqiY6Z2XQZTlaD2+4Ru7lqlbVM1QRdu45r/O/HBOEQc85egsg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:01 2024 by rpki-client on console-fra.rpki-client.org