Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/R0jITUUcPWCnYSLL294EM60fniY.roa
File: R0jITUUcPWCnYSLL294EM60fniY.roa (raw, json)
Hash identifier: 3Pu2lNpFo6Bdzk0hyjwH1O78S85h7OIUYB6Yq/b40aY=
Subject key identifier: 47:48:C8:4D:45:1C:3D:60:A7:61:22:CB:DB:DE:04:33:AD:1F:9E:26
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 09424B56
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/R0jITUUcPWCnYSLL294EM60fniY.roa
Signing time: Sat 01 Jan 2022 16:02:39 +0000
ROA not before: Sat 01 Jan 2022 16:02:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 157.167.134.0/24 maxlen: 24
157.167.135.0/24 maxlen: 24
157.167.136.0/21 maxlen: 21
157.167.144.0/21 maxlen: 21
157.167.152.0/24 maxlen: 24
157.167.156.0/24 maxlen: 24
157.167.155.0/24 maxlen: 24
157.167.153.0/24 maxlen: 24
157.167.184.0/21 maxlen: 21
85.115.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155339606 (0x9424b56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Jan 1 16:02:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4748c84d451c3d60a76122cbdbde0433ad1f9e26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:67:9d:cc:6e:4f:90:6b:5c:81:4c:b9:12:7e:
9a:4b:93:c1:2c:49:3f:7b:4e:8a:1d:86:ba:04:8a:
3c:81:7e:d5:e7:c1:20:55:c8:65:36:aa:c4:1d:74:
a4:db:40:c2:75:70:a9:eb:91:87:00:b9:88:e5:f2:
57:c9:37:85:2c:3c:d1:14:6e:f9:82:0f:6d:7d:a0:
59:32:db:9a:b7:21:ab:e3:d0:ab:0b:3e:23:62:90:
11:8b:48:d0:34:fd:a9:0b:07:02:a6:5e:e4:65:94:
12:bc:94:fc:53:3b:ed:c8:54:b8:69:04:6b:c1:c5:
15:96:57:ed:b2:bc:6b:22:35:71:85:53:b8:d6:56:
b5:db:70:36:1f:8a:dc:69:b3:aa:e9:50:34:be:bf:
2e:eb:28:78:c1:d2:90:29:14:c8:56:9d:ba:81:3b:
67:4c:5e:9e:ef:50:e8:e4:8d:12:9c:b0:e1:d2:c0:
a0:14:63:e4:0b:ee:47:19:2b:93:98:97:7d:96:bb:
ed:3f:fa:b6:a1:ac:8e:cd:a5:c1:ec:71:00:86:84:
d2:18:30:06:9b:5d:62:5a:35:04:be:c9:08:3f:db:
fb:3d:e3:04:7d:34:21:61:68:1a:7b:8a:1c:a1:0d:
ae:e8:5e:4c:ad:72:af:95:a6:c4:79:92:e8:19:9d:
fc:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:48:C8:4D:45:1C:3D:60:A7:61:22:CB:DB:DE:04:33:AD:1F:9E:26
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/R0jITUUcPWCnYSLL294EM60fniY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.38.0/24
157.167.134.0-157.167.153.255
157.167.155.0-157.167.156.255
157.167.184.0/21
Signature Algorithm: sha256WithRSAEncryption
90:d1:21:17:06:c3:b5:79:94:7c:50:13:81:97:51:22:10:c4:
8b:b4:22:0e:0f:3c:21:4c:b5:c0:bf:b2:27:e7:37:dc:50:b6:
77:fc:40:43:96:78:b4:05:98:4b:c8:0f:6c:8d:75:3c:fe:18:
35:4f:55:60:0b:ad:33:ce:8e:a0:36:c3:e7:1d:56:64:bd:61:
5a:a6:5d:87:65:c0:54:45:5b:be:26:59:ea:b9:7d:82:b6:bc:
ca:55:c3:3c:dd:e0:84:5e:6a:d3:d4:7e:3f:21:96:1d:37:b7:
6c:ae:b9:32:16:b8:23:5c:d5:de:d1:ab:03:5b:97:2b:fb:fd:
1a:a3:d8:3a:c2:65:b8:cc:93:11:b2:d0:64:7c:e5:9e:24:67:
44:80:78:03:12:f7:b7:d7:39:9d:0f:2c:2f:5a:fa:82:57:cf:
7e:e3:fe:60:f3:85:f4:94:b8:a4:b6:74:82:0c:13:26:9d:d1:
a2:0c:0b:cf:3f:d2:a1:f2:60:b4:f7:8c:57:59:ea:dc:3e:9c:
77:ad:47:6b:8f:9c:59:43:dd:00:53:74:8a:ce:01:38:da:2b:
9a:77:d5:f1:9f:b9:61:d7:2c:8a:4c:71:89:16:43:3f:b1:32:
2b:6e:12:3b:7c:fb:d3:54:88:7c:0b:a1:fa:44:db:78:f7:aa:
e8:8e:c8:2b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECUJLVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
N2RkOWMyM2FmNjllYzJjZGI2ZmUyYjk5MzZlYjQ5NGNmZDE2MjFmMB4XDTIyMDEw
MTE2MDIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc0OGM4NGQ0NTFj
M2Q2MGE3NjEyMmNiZGJkZTA0MzNhZDFmOWUyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMtnncxuT5BrXIFMuRJ+mkuTwSxJP3tOih2GugSKPIF+1efB
IFXIZTaqxB10pNtAwnVwqeuRhwC5iOXyV8k3hSw80RRu+YIPbX2gWTLbmrchq+PQ
qws+I2KQEYtI0DT9qQsHAqZe5GWUEryU/FM77chUuGkEa8HFFZZX7bK8ayI1cYVT
uNZWtdtwNh+K3GmzqulQNL6/LusoeMHSkCkUyFaduoE7Z0xenu9Q6OSNEpyw4dLA
oBRj5AvuRxkrk5iXfZa77T/6tqGsjs2lwexxAIaE0hgwBptdYlo1BL7JCD/b+z3j
BH00IWFoGnuKHKENruheTK1yr5WmxHmS6Bmd/EsCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRHSMhNRRw9YKdhIsvb3gQzrR+eJjAfBgNVHSMEGDAWgBQX3Zwjr2nsLNtv
4rmTbrSUz9FiHzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0Y5MmNJNjlwN0N6YmItSzVrMjYwbE1fUlloOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvODM1N2UyLWExMDYtNDRhZS1iODY2LThmYTdiNGM1MzA3My8x
L1IwaklUVVVjUFdDbllTTEwyOTRFTTYwZm5pWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
ODM1N2UyLWExMDYtNDRhZS1iODY2LThmYTdiNGM1MzA3My8xL0Y5MmNJNjlwN0N6
YmItSzVrMjYwbE1fUlloOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKAMEAFVzJjAMAwQBnaeGAwQBnaeYMAwD
BACdp5sDBACdp5wDBAOdp7gwDQYJKoZIhvcNAQELBQADggEBAJDRIRcGw7V5lHxQ
E4GXUSIQxIu0Ig4PPCFMtcC/sifnN9xQtnf8QEOWeLQFmEvID2yNdTz+GDVPVWAL
rTPOjqA2w+cdVmS9YVqmXYdlwFRFW74mWeq5fYK2vMpVwzzd4IReatPUfj8hlh03
t2yuuTIWuCNc1d7RqwNblyv7/Rqj2DrCZbjMkxGy0GR85Z4kZ0SAeAMS97fXOZ0P
LC9a+oJXz37j/mDzhfSUuKS2dIIMEyad0aIMC88/0qHyYLT3jFdZ6tw+nHetR2uP
nFlD3QBTdIrOATjaK5p31fGfuWHXLIpMcYkWQz+xMituEjt8+9NUiHwLofpE23j3
quiOyCs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:21 2024 by rpki-client on console-fra.rpki-client.org