Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/rBT0mRAWyUrALda_EZehGUJ0CbM.roa
File: rBT0mRAWyUrALda_EZehGUJ0CbM.roa (raw, json)
Hash identifier: KU1N1L27sa6KcqgFyLYTXA1PjphonJ9xsmJSBA8060Q=
Subject key identifier: AC:14:F4:99:10:16:C9:4A:C0:2D:D6:BF:11:97:A1:19:42:74:09:B3
Certificate issuer: /CN=47b80caa97c13147d680c80976f8a4b15cade04f
Certificate serial: 0183BFEDE32F17C9045D287C4AC99DCAE16C
Authority key identifier: 47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/rBT0mRAWyUrALda_EZehGUJ0CbM.roa
Signing time: Mon 10 Oct 2022 03:26:21 +0000
ROA not before: Mon 10 Oct 2022 03:26:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44547
IP address blocks: 185.161.122.0/24 maxlen: 24
185.171.88.0/24 maxlen: 24
185.171.91.0/24 maxlen: 24
2a0c:f500::/29 maxlen: 29
2a07:5dc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:bf:ed:e3:2f:17:c9:04:5d:28:7c:4a:c9:9d:ca:e1:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47b80caa97c13147d680c80976f8a4b15cade04f
Validity
Not Before: Oct 10 03:26:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac14f4991016c94ac02dd6bf1197a119427409b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:81:41:11:65:9f:2b:42:55:99:89:4a:85:c4:
b0:78:e6:f3:57:ba:63:0c:63:4d:9b:e4:d9:ed:ca:
c3:8d:c0:4d:44:14:80:94:ec:6d:54:1e:b5:d7:20:
05:07:58:90:4b:57:52:f3:82:55:0a:8e:c4:fd:94:
f1:fb:d1:7d:ae:33:19:1a:bc:60:51:aa:f1:ae:f7:
63:63:c4:24:62:48:83:d8:f2:91:d6:40:4d:64:60:
75:46:cc:14:8f:47:0d:1a:5e:48:1e:3b:1f:64:6d:
f5:e5:6a:7f:18:6a:2f:90:7d:d3:e2:15:ca:3e:43:
71:bf:d0:dc:e6:09:97:ef:ae:53:09:0e:fb:fd:22:
ea:6e:03:71:f2:08:9a:40:a0:76:ff:ad:77:40:a3:
df:4a:d5:ab:80:fe:8f:34:97:e2:fb:8c:26:a2:f2:
aa:f5:74:50:ac:56:7a:0b:b3:39:5e:4f:18:aa:3f:
b0:3e:4f:3c:d2:20:ad:b1:11:b9:b1:22:39:27:08:
17:60:85:a9:8f:54:4a:da:88:07:fd:58:9e:db:9b:
ef:a3:38:27:5e:3b:92:77:52:4f:f0:fa:61:86:fc:
aa:62:1c:ea:9e:10:5f:76:90:1d:73:6f:16:87:80:
dd:4f:55:2e:5a:7c:95:c7:4b:b3:be:d0:3d:cc:88:
8a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:14:F4:99:10:16:C9:4A:C0:2D:D6:BF:11:97:A1:19:42:74:09:B3
X509v3 Authority Key Identifier:
keyid:47:B8:0C:AA:97:C1:31:47:D6:80:C8:09:76:F8:A4:B1:5C:AD:E0:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7gMqpfBMUfWgMgJdviksVyt4E8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/rBT0mRAWyUrALda_EZehGUJ0CbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a59fc5-2049-42de-b1b0-10e24e9d0fa7/1/R7gMqpfBMUfWgMgJdviksVyt4E8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.122.0/24
185.171.88.0/24
185.171.91.0/24
IPv6:
2a07:5dc0::/29
2a0c:f500::/29
Signature Algorithm: sha256WithRSAEncryption
65:85:c8:dc:da:3a:32:86:d3:ab:d1:4b:88:62:45:cd:2e:e6:
1b:fd:79:b1:07:ac:3f:9b:df:64:83:f8:5e:75:6e:c0:82:db:
18:57:35:a1:4e:9e:23:8a:58:d2:d6:aa:c8:5c:18:62:56:25:
24:39:0f:01:04:ed:2c:dc:50:7d:a1:09:66:cb:62:b2:17:1c:
1b:39:23:d3:c5:28:3b:52:1b:8f:ae:11:90:06:6f:4b:4a:b1:
d4:f4:13:1a:9a:ad:de:c7:27:0c:a7:2b:09:f1:f8:68:9e:49:
25:a4:e9:b8:61:c1:0e:13:5a:bc:48:a9:97:7e:47:e1:8e:45:
4c:31:0b:1c:fd:8a:24:fe:fd:7a:ee:cd:ce:ce:b3:be:57:fb:
44:fd:9c:50:19:b1:92:dc:b8:c8:e0:34:d2:e8:0e:99:77:7b:
3c:03:3e:b6:a3:55:d0:dd:81:46:92:8f:a7:d9:8b:1b:86:dc:
64:91:f4:98:0b:1b:ad:b8:8b:1c:f9:5b:b3:ec:c8:4e:a4:78:
92:10:5a:a3:10:69:b9:35:52:50:c4:5d:1b:3e:78:b7:6d:f1:
21:10:11:b5:be:ad:97:5a:ba:0a:e7:1e:d4:ea:bb:14:73:eb:
b0:14:a6:5f:14:02:d4:2b:a1:27:8e:8c:39:32:6e:74:f2:bb:
84:aa:d8:fd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYO/7eMvF8kEXSh8SsmdyuFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjgwY2FhOTdjMTMxNDdkNjgwYzgwOTc2ZjhhNGIxNWNh
ZGUwNGYwHhcNMjIxMDEwMDMyNjIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzE0ZjQ5OTEwMTZjOTRhYzAyZGQ2YmYxMTk3YTExOTQyNzQwOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYFBEWWfK0JVmYlKhcSweObzV7pj
DGNNm+TZ7crDjcBNRBSAlOxtVB611yAFB1iQS1dS84JVCo7E/ZTx+9F9rjMZGrxg
UarxrvdjY8QkYkiD2PKR1kBNZGB1RswUj0cNGl5IHjsfZG315Wp/GGovkH3T4hXK
PkNxv9Dc5gmX765TCQ77/SLqbgNx8giaQKB2/613QKPfStWrgP6PNJfi+4wmovKq
9XRQrFZ6C7M5Xk8Yqj+wPk880iCtsRG5sSI5JwgXYIWpj1RK2ogH/Vie25vvozgn
XjuSd1JP8PphhvyqYhzqnhBfdpAdc28Wh4DdT1UuWnyVx0uzvtA9zIiKVwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKwU9JkQFslKwC3WvxGXoRlCdAmzMB8GA1UdIwQY
MBaAFEe4DKqXwTFH1oDICXb4pLFcreBPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAt
MTBlMjRlOWQwZmE3LzEvckJUMG1SQVd5VXJBTGRhX0VaZWhHVUowQ2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9hNTlmYzUtMjA0OS00MmRlLWIxYjAtMTBlMjRlOWQwZmE3
LzEvUjdnTXFwZkJNVWZXZ01nSmR2aWtzVnl0NEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAuaF6AwQA
uatYAwQAuatbMBQEAgACMA4DBQMqB13AAwUDKgz1ADANBgkqhkiG9w0BAQsFAAOC
AQEAZYXI3No6MobTq9FLiGJFzS7mG/15sQesP5vfZIP4XnVuwILbGFc1oU6eI4pY
0taqyFwYYlYlJDkPAQTtLNxQfaEJZstishccGzkj08UoO1Ibj64RkAZvS0qx1PQT
Gpqt3scnDKcrCfH4aJ5JJaTpuGHBDhNavEipl35H4Y5FTDELHP2KJP79eu7Nzs6z
vlf7RP2cUBmxkty4yOA00ugOmXd7PAM+tqNV0N2BRpKPp9mLG4bcZJH0mAsbrbiL
HPlbs+zITqR4khBaoxBpuTVSUMRdGz54t23xIRARtb6tl1q6Cuce1Oq7FHPrsBSm
XxQC1CuhJ46MOTJudPK7hKrY/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:39 2024 by rpki-client on console-fra.rpki-client.org