Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/l6Xeg_Jijz9IEqq3p75ypTMWvgg.roa
File: l6Xeg_Jijz9IEqq3p75ypTMWvgg.roa (raw, json)
Hash identifier: 6zjOYgOi0EIuDLHU7Eo/qM97oaVMJkI18e5GjSAhYLk=
Subject key identifier: 97:A5:DE:83:F2:62:8F:3F:48:12:AA:B7:A7:BE:72:A5:33:16:BE:08
Certificate issuer: /CN=47b80caa97c13147d680c80976f8a4b15cade04f
Certificate serial: 0181FE21FFB54B1C49D362DCB6FA7319FF09
Authority key identifier: 47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/l6Xeg_Jijz9IEqq3p75ypTMWvgg.roa
Signing time: Thu 14 Jul 2022 19:14:09 +0000
ROA not before: Thu 14 Jul 2022 19:14:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44547
IP address blocks: 185.161.122.0/24 maxlen: 24
185.171.88.0/24 maxlen: 24
185.171.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:fe:21:ff:b5:4b:1c:49:d3:62:dc:b6:fa:73:19:ff:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47b80caa97c13147d680c80976f8a4b15cade04f
Validity
Not Before: Jul 14 19:14:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97a5de83f2628f3f4812aab7a7be72a53316be08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:d2:fe:25:3b:2a:c5:cb:a2:52:d0:64:f0:ac:
0e:e3:7c:1a:09:c1:fc:4b:c7:8e:a3:83:da:c5:15:
58:a4:87:c8:49:f8:f8:5d:bd:29:35:dc:88:0f:5c:
7a:b1:00:da:34:1f:86:d0:4e:ad:38:c7:14:cd:4d:
99:ff:4a:d0:8d:5d:9b:e8:b9:44:42:a9:52:be:42:
24:ab:d8:86:5a:6c:81:66:b9:0d:69:a8:14:94:be:
ef:5d:48:16:13:22:4a:e2:a6:78:e6:4c:ca:48:0b:
63:32:c9:6a:0d:57:3f:cd:a5:3e:b4:78:13:f0:b9:
83:5d:9b:33:af:65:10:d1:1f:54:d9:60:37:3a:1f:
16:8f:1f:52:4a:97:53:98:97:07:d7:f5:4d:59:a8:
5a:eb:4f:d2:26:53:8e:6a:d7:4b:1e:91:83:f4:c2:
fc:96:52:01:37:a0:af:96:3f:71:22:ad:a5:13:58:
54:ad:88:d8:24:0f:d1:3b:e3:a7:25:05:ae:99:39:
aa:53:f4:6d:a4:14:df:ea:2c:1f:40:ab:fd:a3:09:
61:e3:65:e9:8f:7e:de:d1:0d:e3:ae:bf:5c:4a:ea:
fd:98:74:4c:69:15:ac:2b:01:24:7e:71:81:66:2d:
a1:a1:cf:26:d7:45:89:95:ac:a7:41:02:9b:de:9b:
be:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A5:DE:83:F2:62:8F:3F:48:12:AA:B7:A7:BE:72:A5:33:16:BE:08
X509v3 Authority Key Identifier:
keyid:47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/l6Xeg_Jijz9IEqq3p75ypTMWvgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/R7gMqpfBMUfWgMgJdviksVyt4E8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.122.0/24
185.171.88.0/24
185.171.91.0/24
Signature Algorithm: sha256WithRSAEncryption
50:c4:18:e7:b4:a9:2c:7e:79:90:9d:25:19:5a:6e:88:bf:33:
fb:d2:48:38:07:38:56:5d:cf:63:b6:68:10:88:73:2b:90:4e:
a7:0e:9b:7a:7f:38:7f:44:66:35:f4:ca:25:4b:96:87:95:48:
75:41:e5:1e:f1:8d:c6:67:47:73:20:7d:39:41:af:ca:a2:2f:
c2:bf:02:3f:1b:cb:75:f9:70:a5:41:0a:40:1a:de:10:6f:7d:
c5:35:e2:99:60:54:7e:18:cb:d0:9e:f3:f2:5e:b8:09:d1:09:
64:d0:ee:08:b0:d7:c2:a9:64:7e:2e:82:3d:81:5d:1a:6b:52:
86:f4:c1:b7:7d:46:9f:be:3b:c3:14:3e:83:78:2c:ba:6c:66:
ee:6d:dd:b6:bf:af:b6:92:27:94:d3:cd:36:09:db:ad:7b:06:
69:35:b3:8b:bc:13:0d:01:3f:57:78:0a:1c:9d:62:1c:e4:3f:
53:69:4d:8d:7f:16:26:06:d5:86:03:4a:58:62:97:f0:3f:76:
2d:ae:98:52:ed:64:d7:5e:2e:2b:70:60:bd:be:a1:d5:28:a2:
0b:95:11:21:a1:18:ed:1c:31:7f:87:fc:ce:d6:1a:9f:af:74:
ce:86:aa:eb:6a:84:cb:74:69:d7:6c:3b:c2:68:66:ad:a2:96:
aa:91:3f:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYH+If+1SxxJ02LctvpzGf8JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjgwY2FhOTdjMTMxNDdkNjgwYzgwOTc2ZjhhNGIxNWNh
ZGUwNGYwHhcNMjIwNzE0MTkxNDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2E1ZGU4M2YyNjI4ZjNmNDgxMmFhYjdhN2JlNzJhNTMzMTZiZTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr9L+JTsqxcuiUtBk8KwO43waCcH8
S8eOo4PaxRVYpIfISfj4Xb0pNdyID1x6sQDaNB+G0E6tOMcUzU2Z/0rQjV2b6LlE
QqlSvkIkq9iGWmyBZrkNaagUlL7vXUgWEyJK4qZ45kzKSAtjMslqDVc/zaU+tHgT
8LmDXZszr2UQ0R9U2WA3Oh8Wjx9SSpdTmJcH1/VNWaha60/SJlOOatdLHpGD9ML8
llIBN6Cvlj9xIq2lE1hUrYjYJA/RO+OnJQWumTmqU/RtpBTf6iwfQKv9owlh42Xp
j37e0Q3jrr9cSur9mHRMaRWsKwEkfnGBZi2hoc8m10WJlaynQQKb3pu+NQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJel3oPyYo8/SBKqt6e+cqUzFr4IMB8GA1UdIwQY
MBaAFEe4DKqXwTFH1oDICXb4pLFcreBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAt
MTBlMjRlOWQwZmE3LzEvbDZYZWdfSmlqejlJRXFxM3A3NXlwVE1XdmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAtMTBlMjRlOWQwZmE3
LzEvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuaF6AwQA
uatYAwQAuatbMA0GCSqGSIb3DQEBCwUAA4IBAQBQxBjntKksfnmQnSUZWm6IvzP7
0kg4BzhWXc9jtmgQiHMrkE6nDpt6fzh/RGY19MolS5aHlUh1QeUe8Y3GZ0dzIH05
Qa/Koi/CvwI/G8t1+XClQQpAGt4Qb33FNeKZYFR+GMvQnvPyXrgJ0Qlk0O4IsNfC
qWR+LoI9gV0aa1KG9MG3fUafvjvDFD6DeCy6bGbubd22v6+2kieU0802CdutewZp
NbOLvBMNAT9XeAocnWIc5D9TaU2NfxYmBtWGA0pYYpfwP3YtrphS7WTXXi4rcGC9
vqHVKKILlREhoRjtHDF/h/zO1hqfr3TOhqrraoTLdGnXbDvCaGatopaqkT/Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:39 2024 by rpki-client on console-fra.rpki-client.org