Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/e47510-294f-4f05-abe1-ad59557e28c2/1/DFwdrqPrOr4XoQAfry6u6hbmcdQ.roa
File: DFwdrqPrOr4XoQAfry6u6hbmcdQ.roa (raw, json)
Hash identifier: g6xcBcoeY30Z4LUIYuNEdwuyCbjMTlYHqZT1KW4W9vc=
Subject key identifier: 0C:5C:1D:AE:A3:EB:3A:BE:17:A1:00:1F:AF:2E:AE:EA:16:E6:71:D4
Certificate issuer: /CN=67d16781bca64c2b236434edeffe6e452e7162d4
Certificate serial: 08967E47
Authority key identifier: 67:D1:67:81:BC:A6:4C:2B:23:64:34:ED:EF:FE:6E:45:2E:71:62:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z9FngbymTCsjZDTt7_5uRS5xYtQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/e47510-294f-4f05-abe1-ad59557e28c2/1/DFwdrqPrOr4XoQAfry6u6hbmcdQ.roa
Signing time: Sat 01 Jan 2022 04:57:24 +0000
ROA not before: Sat 01 Jan 2022 04:57:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15600
IP address blocks: 185.74.156.0/22 maxlen: 24
5.145.0.0/19 maxlen: 24
2a00:d520::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144080455 (0x8967e47)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67d16781bca64c2b236434edeffe6e452e7162d4
Validity
Not Before: Jan 1 04:57:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c5c1daea3eb3abe17a1001faf2eaeea16e671d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:d7:02:da:9e:5d:3b:2e:04:74:0d:f4:64:df:
54:27:2d:3f:7e:01:5e:90:b7:e9:1f:a7:4e:fc:91:
3a:ec:53:b7:5a:60:62:bd:6c:b9:84:12:01:e5:d1:
f2:3f:12:88:48:ba:78:20:fa:a4:a1:d7:c2:ab:d9:
e7:10:bf:66:4a:ad:52:f3:23:08:0b:c5:cd:72:8b:
fb:9a:fe:53:b0:09:8c:40:82:da:cd:53:37:80:2f:
70:f8:d8:a3:e5:21:ee:d8:0a:47:6b:f0:23:9c:2b:
74:58:e8:65:a5:03:29:e0:be:9a:e8:99:89:2f:5c:
62:b5:c1:83:f6:7e:ac:3f:c1:95:18:6c:3f:84:ce:
fa:f8:89:51:da:e8:97:b2:7a:b4:33:c9:88:40:ea:
42:80:5d:6a:a7:20:1f:f9:c2:04:85:02:f0:7e:42:
8a:e8:72:4b:1d:73:e0:ff:46:1f:07:cf:87:7d:ce:
20:15:72:b5:ad:6e:8e:d1:2c:ee:4c:1f:06:a0:29:
be:93:59:97:fd:b6:0a:be:07:ba:d0:a6:8e:bc:87:
9e:14:95:21:63:53:a1:cb:2f:ef:81:e0:65:5d:1d:
59:0d:5b:64:77:e1:99:36:0e:0b:48:44:e8:ad:b6:
bf:31:de:ca:b9:40:69:70:c9:aa:12:3d:4a:5d:51:
65:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:5C:1D:AE:A3:EB:3A:BE:17:A1:00:1F:AF:2E:AE:EA:16:E6:71:D4
X509v3 Authority Key Identifier:
keyid:67:D1:67:81:BC:A6:4C:2B:23:64:34:ED:EF:FE:6E:45:2E:71:62:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z9FngbymTCsjZDTt7_5uRS5xYtQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/e47510-294f-4f05-abe1-ad59557e28c2/1/DFwdrqPrOr4XoQAfry6u6hbmcdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/e47510-294f-4f05-abe1-ad59557e28c2/1/Z9FngbymTCsjZDTt7_5uRS5xYtQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.0.0/19
185.74.156.0/22
IPv6:
2a00:d520::/29
Signature Algorithm: sha256WithRSAEncryption
9a:a6:b6:67:34:4e:12:dc:27:24:63:c8:e6:48:62:e5:f9:4a:
5f:6d:b7:22:f2:78:fa:33:1b:ea:db:7c:65:da:9d:fe:d4:55:
45:d5:fd:b8:fe:7c:cb:3b:c7:ea:ec:16:de:11:88:3c:33:d7:
7b:c1:e7:6b:2c:bc:9f:ad:83:9b:3e:13:b8:63:0f:7f:27:cc:
e6:70:c0:d6:aa:99:8e:83:24:c0:27:4f:f7:c6:a0:93:c3:f9:
90:f8:57:d6:e5:04:a5:82:c8:5e:bb:ac:2d:f1:75:dc:2f:96:
e1:9a:3a:33:7c:52:d9:3e:f0:db:6f:b4:4c:16:fe:fa:31:cc:
08:7f:d4:58:bb:56:b3:ce:93:77:1f:63:70:e3:1f:3b:b6:99:
d5:d2:0c:44:8c:18:cf:f0:db:30:84:85:e1:c7:03:d8:3a:5a:
00:6e:3e:44:e8:2c:89:12:1b:16:8c:2d:fd:a8:6c:2b:04:07:
ac:6b:27:95:a9:06:23:45:2b:20:40:87:37:7d:e3:07:20:79:
bf:4c:27:cd:9e:68:4c:e1:51:50:7e:40:13:5c:e7:a1:50:ba:
8b:46:d6:5b:09:c6:aa:64:4d:92:96:ca:28:95:73:45:1d:76:
b5:a9:f5:c8:33:c7:9b:71:48:3d:56:3d:e8:e0:61:a9:2f:0b:
47:73:88:61
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECJZ+RzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
N2QxNjc4MWJjYTY0YzJiMjM2NDM0ZWRlZmZlNmU0NTJlNzE2MmQ0MB4XDTIyMDEw
MTA0NTcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGM1YzFkYWVhM2Vi
M2FiZTE3YTEwMDFmYWYyZWFlZWExNmU2NzFkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjXAtqeXTsuBHQN9GTfVCctP34BXpC36R+nTvyROuxTt1pg
Yr1suYQSAeXR8j8SiEi6eCD6pKHXwqvZ5xC/ZkqtUvMjCAvFzXKL+5r+U7AJjECC
2s1TN4AvcPjYo+Uh7tgKR2vwI5wrdFjoZaUDKeC+muiZiS9cYrXBg/Z+rD/BlRhs
P4TO+viJUdrol7J6tDPJiEDqQoBdaqcgH/nCBIUC8H5CiuhySx1z4P9GHwfPh33O
IBVyta1ujtEs7kwfBqApvpNZl/22Cr4HutCmjryHnhSVIWNTocsv74HgZV0dWQ1b
ZHfhmTYOC0hE6K22vzHeyrlAaXDJqhI9Sl1RZeECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQMXB2uo+s6vhehAB+vLq7qFuZx1DAfBgNVHSMEGDAWgBRn0WeBvKZMKyNk
NO3v/m5FLnFi1DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o5Rm5nYnltVENzalpEVHQ3XzV1UlM1eFl0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmYvZTQ3NTEwLTI5NGYtNGYwNS1hYmUxLWFkNTk1NTdlMjhjMi8x
L0RGd2RycVByT3I0WG9RQWZyeTZ1NmhibWNkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmYv
ZTQ3NTEwLTI5NGYtNGYwNS1hYmUxLWFkNTk1NTdlMjhjMi8xL1o5Rm5nYnltVENz
alpEVHQ3XzV1UlM1eFl0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBQWRAAMEArlKnDANBAIAAjAHAwUD
KgDVIDANBgkqhkiG9w0BAQsFAAOCAQEAmqa2ZzROEtwnJGPI5khi5flKX223IvJ4
+jMb6tt8Zdqd/tRVRdX9uP58yzvH6uwW3hGIPDPXe8Hnayy8n62Dmz4TuGMPfyfM
5nDA1qqZjoMkwCdP98agk8P5kPhX1uUEpYLIXrusLfF13C+W4Zo6M3xS2T7w22+0
TBb++jHMCH/UWLtWs86Tdx9jcOMfO7aZ1dIMRIwYz/DbMISF4ccD2DpaAG4+ROgs
iRIbFowt/ahsKwQHrGsnlakGI0UrIECHN33jByB5v0wnzZ5oTOFRUH5AE1znoVC6
i0bWWwnGqmRNkpbKKJVzRR12tan1yDPHm3FIPVY96OBhqS8LR3OIYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:24 2024 by rpki-client on console-fra.rpki-client.org