Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/4wM-aq6LhulcEVY5LbsUb-oYW9E.roa
File: 4wM-aq6LhulcEVY5LbsUb-oYW9E.roa (raw, json)
Hash identifier: CVJKXyjHUIGq3PNeM8q9FHOqVBIvks+4hKwOQhraJRk=
Subject key identifier: E3:03:3E:6A:AE:8B:86:E9:5C:11:56:39:2D:BB:14:6F:EA:18:5B:D1
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1AAEB9F3
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/4wM-aq6LhulcEVY5LbsUb-oYW9E.roa
Signing time: Sat 01 Jan 2022 16:03:03 +0000
ROA not before: Sat 01 Jan 2022 16:03:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34418
IP address blocks: 176.236.215.0/24 maxlen: 24
212.252.211.0/24 maxlen: 24
212.252.208.0/23 maxlen: 23
212.252.210.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447658483 (0x1aaeb9f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 16:03:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3033e6aae8b86e95c1156392dbb146fea185bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fe:6e:95:b5:23:7d:6c:21:fd:34:0d:3e:87:
df:79:8b:84:2d:8e:b6:83:f8:3b:11:b7:e0:2b:8b:
82:87:93:a3:62:81:b5:54:7c:36:b4:e5:80:00:db:
0f:61:cd:8b:79:c7:b4:a0:9e:34:90:67:ae:6a:a1:
3b:6b:ea:08:56:55:f9:16:8d:36:7c:08:d2:16:86:
99:48:a6:4c:83:b7:96:1a:19:86:d7:fe:87:1d:09:
b2:d8:a6:5e:18:0d:29:18:0a:5d:2e:e3:48:9e:06:
dd:67:86:df:39:91:d3:67:f4:a1:7c:7c:82:78:a7:
98:19:d5:af:ae:a1:20:32:6a:fa:9f:9c:38:e6:d8:
a1:29:b9:1d:23:fc:61:b7:a1:19:51:49:f0:b3:f1:
f1:73:12:5f:0d:f3:33:3e:0b:0d:b7:c0:e4:10:3f:
24:dd:ee:60:e7:c5:af:2b:04:79:0f:97:ca:b0:71:
8d:74:8f:da:27:bc:92:c6:79:1e:7f:fc:60:e6:ee:
69:d7:37:24:a3:62:a0:ed:6c:87:82:98:33:20:07:
9c:1c:7f:66:c1:52:69:0a:89:d1:81:4a:68:f6:c9:
9a:67:c9:a8:d8:5b:73:95:a6:35:06:af:7a:d0:21:
a9:b4:fc:21:21:49:2e:67:19:e3:64:d5:2b:5d:a8:
fc:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:03:3E:6A:AE:8B:86:E9:5C:11:56:39:2D:BB:14:6F:EA:18:5B:D1
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/4wM-aq6LhulcEVY5LbsUb-oYW9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.236.215.0/24
212.252.208.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:54:d1:61:1f:19:79:47:37:38:7d:12:3c:1d:37:cb:68:f5:
60:fa:da:e3:a1:36:10:c8:fb:95:a4:92:7b:70:e6:b4:d1:97:
0d:d5:18:ce:12:1a:da:81:6e:d0:a8:0a:e8:d8:25:7e:f4:b0:
bd:e1:de:f1:fd:e5:8b:68:c5:a7:2e:59:44:e8:81:a1:d0:bd:
99:86:45:79:25:ed:e1:af:86:e4:a9:03:fb:bc:05:72:7f:21:
6f:b4:11:bd:72:28:fe:df:47:34:e8:fa:22:b6:d4:e0:a0:67:
5c:bb:60:14:d6:ac:a0:ea:52:f1:47:e7:9a:6d:29:0f:aa:19:
d0:df:b9:93:80:ac:c1:f1:2a:f0:7e:12:34:bf:8f:26:c4:97:
bb:12:89:55:25:ea:97:53:28:3b:24:ef:2c:92:e7:53:32:2d:
83:dd:3d:0c:24:08:76:d3:a4:76:b8:fa:41:61:77:08:3f:81:
0b:a6:74:7c:57:af:d9:da:ba:07:0d:99:38:fd:0c:5a:a7:04:
48:1b:1a:98:4d:c1:f7:03:54:f1:81:5d:8b:ff:fa:9d:96:aa:
b4:91:66:21:cf:f2:0d:ab:df:4e:e2:51:f0:60:30:e5:ab:77:
9a:2b:7f:d2:c3:3f:b3:cf:b4:2f:b6:52:a0:4f:2f:d4:dc:ad:
9d:cc:11:83
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGq658zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDEw
MTE2MDMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTMwMzNlNmFhZThi
ODZlOTVjMTE1NjM5MmRiYjE0NmZlYTE4NWJkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALf+bpW1I31sIf00DT6H33mLhC2OtoP4OxG34CuLgoeTo2KB
tVR8NrTlgADbD2HNi3nHtKCeNJBnrmqhO2vqCFZV+RaNNnwI0haGmUimTIO3lhoZ
htf+hx0JstimXhgNKRgKXS7jSJ4G3WeG3zmR02f0oXx8gninmBnVr66hIDJq+p+c
OObYoSm5HSP8YbehGVFJ8LPx8XMSXw3zMz4LDbfA5BA/JN3uYOfFrysEeQ+XyrBx
jXSP2ie8ksZ5Hn/8YObuadc3JKNioO1sh4KYMyAHnBx/ZsFSaQqJ0YFKaPbJmmfJ
qNhbc5WmNQavetAhqbT8ISFJLmcZ42TVK12o/FMCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTjAz5qrouG6VwRVjktuxRv6hhb0TAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
LzR3TS1hcTZMaHVsY0VWWTVMYnNVYi1vWVc5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALDs1wMEAtT80DANBgkqhkiG9w0B
AQsFAAOCAQEADlTRYR8ZeUc3OH0SPB03y2j1YPra46E2EMj7laSSe3DmtNGXDdUY
zhIa2oFu0KgK6NglfvSwveHe8f3li2jFpy5ZROiBodC9mYZFeSXt4a+G5KkD+7wF
cn8hb7QRvXIo/t9HNOj6IrbU4KBnXLtgFNasoOpS8Ufnmm0pD6oZ0N+5k4CswfEq
8H4SNL+PJsSXuxKJVSXql1MoOyTvLJLnUzItg909DCQIdtOkdrj6QWF3CD+BC6Z0
fFev2dq6Bw2ZOP0MWqcESBsamE3B9wNU8YFdi//6nZaqtJFmIc/yDavfTuJR8GAw
5at3mit/0sM/s8+0L7ZSoE8v1NytncwRgw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:22 2024 by rpki-client on console-ams.rpki-client.org