Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/iQCpYtF9OiJAMDcHnxhbRPrt5e4.roa
File: iQCpYtF9OiJAMDcHnxhbRPrt5e4.roa (raw, json)
Hash identifier: sN14hmE2Dn96nHGGixwh0/pRH7fEfJ378Gf9K8RHf6E=
Subject key identifier: 89:00:A9:62:D1:7D:3A:22:40:30:37:07:9F:18:5B:44:FA:ED:E5:EE
Certificate issuer: /CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2
Certificate serial: 096AACE6
Authority key identifier: 00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/iQCpYtF9OiJAMDcHnxhbRPrt5e4.roa
Signing time: Sat 01 Jan 2022 08:02:19 +0000
ROA not before: Sat 01 Jan 2022 08:02:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24634
IP address blocks: 185.40.208.0/22 maxlen: 24
2a04:86c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 157986022 (0x96aace6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2
Validity
Not Before: Jan 1 08:02:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8900a962d17d3a22403037079f185b44faede5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5d:dc:7a:73:50:99:cc:77:98:46:1b:ba:4b:
59:eb:91:c8:68:55:8c:b2:24:fd:a3:c0:09:dd:eb:
8f:38:a0:0a:bc:15:98:5e:2f:e0:f7:57:9b:b8:96:
5e:21:74:2b:de:bd:89:4a:2d:cd:c5:ef:09:b4:a2:
b3:8f:2c:b7:43:33:81:40:db:5f:ef:cb:1a:db:e8:
13:3e:18:06:75:54:51:5f:75:a6:02:cb:eb:3e:18:
7b:4e:b0:52:e5:0e:5d:75:21:8a:86:ed:5a:d1:85:
8a:a9:18:37:2f:b5:41:15:f1:9a:2a:4c:68:a1:dd:
1a:15:69:e3:70:cb:3f:07:b7:9e:99:6e:5b:89:af:
3c:b8:16:bc:90:e9:57:49:6b:0f:7c:bd:7c:cb:a4:
a0:d2:95:9b:7c:ac:ad:b4:d8:8e:82:e1:a5:4c:1e:
97:7d:98:86:13:d6:a0:59:81:60:28:12:5b:39:72:
4d:34:2b:7e:21:fb:1a:74:e0:24:2f:8d:10:6a:8e:
71:ec:13:0b:37:b3:21:c8:40:f4:99:14:b7:6b:9c:
09:f1:58:ed:c3:f2:fa:e2:dc:53:f4:ea:af:bd:8a:
9b:07:5c:55:fe:ee:49:78:12:cb:4d:e6:17:b0:58:
a9:20:ac:23:12:6c:5d:8e:51:a8:e8:ea:88:95:ec:
74:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:00:A9:62:D1:7D:3A:22:40:30:37:07:9F:18:5B:44:FA:ED:E5:EE
X509v3 Authority Key Identifier:
keyid:00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/iQCpYtF9OiJAMDcHnxhbRPrt5e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.40.208.0/22
IPv6:
2a04:86c0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:7e:2f:9f:d4:f6:89:5d:41:78:4b:ad:11:91:19:b6:9e:da:
35:53:36:db:8a:92:8e:4e:34:57:d2:ce:17:97:fb:84:70:ec:
b0:c6:12:2f:44:20:db:3b:4a:e3:86:e4:70:83:a3:18:52:09:
70:61:ef:05:e5:b1:ed:29:92:4f:2f:68:64:9c:d1:2e:89:6e:
60:0d:1a:a8:9c:d3:b8:ef:14:56:f3:4f:c0:3e:7c:e1:2b:10:
2e:eb:c5:bd:b8:cb:e9:b1:40:ad:aa:5e:e8:97:7b:03:e8:23:
5c:68:55:f0:7d:a5:c6:41:3c:ad:25:4f:28:2f:83:d6:68:d5:
ec:43:a5:ed:81:28:ef:35:1a:86:6f:34:0b:d2:36:e0:73:6d:
25:aa:77:97:5f:db:c3:71:a7:36:a0:8d:87:2d:dc:8f:cb:63:
15:3a:26:fd:af:6c:3f:78:70:19:0c:88:ff:3f:9a:03:c5:12:
7b:ac:ed:82:69:fc:fa:03:78:a6:15:5b:ef:96:d4:42:b7:c1:
c9:34:1b:fe:1d:1f:30:2c:18:8c:71:4a:f7:1f:8e:a5:34:94:
99:a9:e1:85:cc:c8:ec:d6:4c:1d:1d:ae:57:fa:a3:9e:16:aa:
63:56:1a:69:5d:bf:8d:56:ae:04:2c:3c:55:9b:0c:82:3d:52:
15:3f:ad:1d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECWqs5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MGFmOWRkYTMwN2NiNTI1Mzg1ZWY5MGY1MDZkMGQ1N2JiOWQyYmYyMB4XDTIyMDEw
MTA4MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODkwMGE5NjJkMTdk
M2EyMjQwMzAzNzA3OWYxODViNDRmYWVkZTVlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJld3HpzUJnMd5hGG7pLWeuRyGhVjLIk/aPACd3rjzigCrwV
mF4v4PdXm7iWXiF0K969iUotzcXvCbSis48st0MzgUDbX+/LGtvoEz4YBnVUUV91
pgLL6z4Ye06wUuUOXXUhiobtWtGFiqkYNy+1QRXxmipMaKHdGhVp43DLPwe3nplu
W4mvPLgWvJDpV0lrD3y9fMukoNKVm3ysrbTYjoLhpUwel32YhhPWoFmBYCgSWzly
TTQrfiH7GnTgJC+NEGqOcewTCzezIchA9JkUt2ucCfFY7cPy+uLcU/Tqr72Kmwdc
Vf7uSXgSy03mF7BYqSCsIxJsXY5RqOjqiJXsdMkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSJAKli0X06IkAwNwefGFtE+u3l7jAfBgNVHSMEGDAWgBQAr53aMHy1JThe
+Q9QbQ1Xu50r8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FLLWQyakI4dFNVNFh2a1BVRzBOVjd1ZEtfSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvZDBlMmY0LWI2MGEtNDBiMi05MmU5LTkwZWFjZTllMDU5ZS8x
L2lRQ3BZdEY5T2lKQU1EY0hueGhiUlBydDVlNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
ZDBlMmY0LWI2MGEtNDBiMi05MmU5LTkwZWFjZTllMDU5ZS8xL0FLLWQyakI4dFNV
NFh2a1BVRzBOVjd1ZEtfSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArko0DANBAIAAjAHAwUDKgSGwDAN
BgkqhkiG9w0BAQsFAAOCAQEAen4vn9T2iV1BeEutEZEZtp7aNVM224qSjk40V9LO
F5f7hHDssMYSL0Qg2ztK44bkcIOjGFIJcGHvBeWx7SmSTy9oZJzRLoluYA0aqJzT
uO8UVvNPwD584SsQLuvFvbjL6bFArape6Jd7A+gjXGhV8H2lxkE8rSVPKC+D1mjV
7EOl7YEo7zUahm80C9I24HNtJap3l1/bw3GnNqCNhy3cj8tjFTom/a9sP3hwGQyI
/z+aA8USe6ztgmn8+gN4phVb75bUQrfByTQb/h0fMCwYjHFK9x+OpTSUmanhhczI
7NZMHR2uV/qjnhaqY1YaaV2/jVauBCw8VZsMgj1SFT+tHQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:07 2023 by rpki-client on console-ams.rpki-client.org