Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/4cLoGNiioneBzfDrcJSBW7DVWI0.roa
File: 4cLoGNiioneBzfDrcJSBW7DVWI0.roa (raw, json)
Hash identifier: gWNLE32vN67NijFPHgsj9PX+oMIyF+RJiGq9PoKWiyY=
Subject key identifier: E1:C2:E8:18:D8:A2:A2:77:81:CD:F0:EB:70:94:81:5B:B0:D5:58:8D
Certificate issuer: /CN=7712e20f510b22b8217cdf0d211496b1b9c1edb8
Certificate serial: 094CEB3A
Authority key identifier: 77:12:E2:0F:51:0B:22:B8:21:7C:DF:0D:21:14:96:B1:B9:C1:ED:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dxLiD1ELIrghfN8NIRSWsbnB7bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/4cLoGNiioneBzfDrcJSBW7DVWI0.roa
Signing time: Sat 01 Jan 2022 13:57:43 +0000
ROA not before: Sat 01 Jan 2022 13:57:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59919
IP address blocks: 185.204.220.0/22 maxlen: 24
5.178.88.0/21 maxlen: 24
185.187.172.0/22 maxlen: 24
185.248.240.0/22 maxlen: 24
185.136.136.0/22 maxlen: 24
185.60.188.0/22 maxlen: 24
45.152.144.0/22 maxlen: 24
2.59.140.0/22 maxlen: 24
2a01:9ac0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156035898 (0x94ceb3a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7712e20f510b22b8217cdf0d211496b1b9c1edb8
Validity
Not Before: Jan 1 13:57:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1c2e818d8a2a27781cdf0eb7094815bb0d5588d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:aa:f7:21:da:ab:9e:e6:fd:32:76:dd:a4:87:
c4:80:d6:66:08:4d:5d:51:34:0d:3c:67:12:b0:f9:
ee:26:d1:c3:a1:77:1d:98:f1:4b:0b:0e:5f:71:3c:
00:27:2e:61:8f:eb:62:de:86:c6:2e:39:9e:b4:53:
c1:ad:c6:c8:99:33:4a:26:35:8c:09:b3:bf:83:7c:
bd:72:10:38:c8:2a:e7:47:c0:43:22:ca:ec:1c:62:
18:be:86:f9:74:82:58:c5:cd:9d:1b:29:5c:11:72:
bf:57:eb:1c:d2:6e:1a:a1:af:25:ec:08:0d:e1:a7:
7e:17:15:27:a0:d8:ca:1f:25:e7:36:ea:a9:dc:8b:
30:da:9b:f4:94:21:5a:fe:71:11:0e:81:06:2d:d6:
24:c2:10:ea:95:0a:3d:e0:60:00:90:b0:6c:8c:7c:
cb:0a:2f:ee:bd:ca:38:8f:76:c4:30:f8:86:ef:28:
28:af:59:a4:fd:19:d2:7e:b8:c3:89:28:f0:3f:06:
61:6d:e3:98:bc:81:26:9d:60:94:10:0c:f1:8a:3a:
75:01:16:68:67:96:60:bb:13:79:c9:bc:a3:ff:af:
c4:d1:98:37:a9:99:ed:66:4e:7b:a4:b0:a9:4b:e0:
45:c1:76:af:cb:83:db:22:48:db:77:ae:4c:44:92:
b4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:C2:E8:18:D8:A2:A2:77:81:CD:F0:EB:70:94:81:5B:B0:D5:58:8D
X509v3 Authority Key Identifier:
keyid:77:12:E2:0F:51:0B:22:B8:21:7C:DF:0D:21:14:96:B1:B9:C1:ED:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dxLiD1ELIrghfN8NIRSWsbnB7bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/4cLoGNiioneBzfDrcJSBW7DVWI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6cb714-c714-4281-8ada-43ce949663d9/1/dxLiD1ELIrghfN8NIRSWsbnB7bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.140.0/22
5.178.88.0/21
45.152.144.0/22
185.60.188.0/22
185.136.136.0/22
185.187.172.0/22
185.204.220.0/22
185.248.240.0/22
IPv6:
2a01:9ac0::/32
Signature Algorithm: sha256WithRSAEncryption
3a:43:cf:8f:54:fc:41:6a:d8:da:bc:1e:c2:2d:47:1b:b7:bf:
46:bb:30:8b:a0:cc:d1:bf:18:3f:c6:83:3e:65:ff:3a:00:c6:
d7:b2:96:7b:2a:fb:55:aa:8e:1c:31:50:31:d0:a0:87:ff:cd:
b2:de:4e:04:a1:b7:a5:24:d9:68:f6:0f:0e:8a:06:89:de:e3:
9f:4e:75:1a:12:c1:4f:5d:0d:d3:f9:40:6c:a2:d7:3d:24:fd:
f0:4e:49:65:d2:40:92:96:32:f1:14:67:3d:96:bd:22:e1:64:
af:ef:7a:11:04:40:35:55:8a:a5:6c:9c:11:72:68:5c:6a:29:
e4:fd:59:3f:41:da:70:ba:a7:12:52:7a:04:fb:cb:69:65:a2:
80:f5:1e:c0:7c:6b:f9:e7:b9:3d:40:49:1f:08:55:ad:c0:6f:
4a:a9:fc:b8:43:10:82:11:23:1c:92:bb:7f:80:15:ea:da:99:
f5:40:07:d0:f3:2e:80:9c:6e:5a:52:09:5b:f0:db:12:bc:55:
2f:2e:72:32:5b:c7:5a:c3:e9:f8:e8:da:34:71:2c:76:18:b0:
f5:ff:6a:91:ab:af:be:b0:e5:f2:6d:52:bc:b4:d9:0d:27:83:
a1:be:3f:bb:7b:0b:af:d6:3f:c0:8d:39:11:81:fa:dc:51:40:
54:8f:0d:4f
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIECUzrOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NzEyZTIwZjUxMGIyMmI4MjE3Y2RmMGQyMTE0OTZiMWI5YzFlZGI4MB4XDTIyMDEw
MTEzNTc0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTFjMmU4MThkOGEy
YTI3NzgxY2RmMGViNzA5NDgxNWJiMGQ1NTg4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKOq9yHaq57m/TJ23aSHxIDWZghNXVE0DTxnErD57ibRw6F3
HZjxSwsOX3E8ACcuYY/rYt6Gxi45nrRTwa3GyJkzSiY1jAmzv4N8vXIQOMgq50fA
QyLK7BxiGL6G+XSCWMXNnRspXBFyv1frHNJuGqGvJewIDeGnfhcVJ6DYyh8l5zbq
qdyLMNqb9JQhWv5xEQ6BBi3WJMIQ6pUKPeBgAJCwbIx8ywov7r3KOI92xDD4hu8o
KK9ZpP0Z0n64w4ko8D8GYW3jmLyBJp1glBAM8Yo6dQEWaGeWYLsTecm8o/+vxNGY
N6mZ7WZOe6SwqUvgRcF2r8uD2yJI23euTESStGcCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBThwugY2KKid4HN8OtwlIFbsNVYjTAfBgNVHSMEGDAWgBR3EuIPUQsiuCF8
3w0hFJaxucHtuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2R4TGlEMUVMSXJnaGZOOE5JUlNXc2JuQjdiZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvNmNiNzE0LWM3MTQtNDI4MS04YWRhLTQzY2U5NDk2NjNkOS8x
LzRjTG9HTmlpb25lQnpmRHJjSlNCVzdEVldJMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
NmNiNzE0LWM3MTQtNDI4MS04YWRhLTQzY2U5NDk2NjNkOS8xL2R4TGlEMUVMSXJn
aGZOOE5JUlNXc2JuQjdiZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAgI7jAMEAwWyWAMEAi2YkAMEArk8
vAMEArmIiAMEArm7rAMEArnM3AMEArn48DANBAIAAjAHAwUAKgGawDANBgkqhkiG
9w0BAQsFAAOCAQEAOkPPj1T8QWrY2rwewi1HG7e/Rrswi6DM0b8YP8aDPmX/OgDG
17KWeyr7VaqOHDFQMdCgh//Nst5OBKG3pSTZaPYPDooGid7jn051GhLBT10N0/lA
bKLXPST98E5JZdJAkpYy8RRnPZa9IuFkr+96EQRANVWKpWycEXJoXGop5P1ZP0Ha
cLqnElJ6BPvLaWWigPUewHxr+ee5PUBJHwhVrcBvSqn8uEMQghEjHJK7f4AV6tqZ
9UAH0PMugJxuWlIJW/DbErxVLy5yMlvHWsPp+OjaNHEsdhiw9f9qkauvvrDl8m1S
vLTZDSeDob4/u3sLr9Y/wI05EYH63FFAVI8NTw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:15 2025 by rpki-client