Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/4qwpfI0YOd8xR1Psp-60uc2Jd74.roa
File: 4qwpfI0YOd8xR1Psp-60uc2Jd74.roa (raw, json)
Hash identifier: IHQEoolrHl9PrbExxbrNJo0FFHf81ipCnLPvD0pnLY8=
Subject key identifier: E2:AC:29:7C:8D:18:39:DF:31:47:53:EC:A7:EE:B4:B9:CD:89:77:BE
Certificate issuer: /CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Certificate serial: 04334767
Authority key identifier: 97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/4qwpfI0YOd8xR1Psp-60uc2Jd74.roa
Signing time: Sat 01 Jan 2022 06:57:48 +0000
ROA not before: Sat 01 Jan 2022 06:57:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25773
IP address blocks: 141.226.252.0/22 maxlen: 24
185.139.240.0/22 maxlen: 24
2a07:1980::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70469479 (0x4334767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Validity
Not Before: Jan 1 06:57:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2ac297c8d1839df314753eca7eeb4b9cd8977be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:37:cc:07:7b:98:87:47:c3:33:35:3e:15:31:
49:c8:dc:d7:c8:92:b1:96:b5:46:8b:fe:59:9d:c0:
75:3a:86:0b:06:67:de:17:76:cd:b7:21:d5:c8:83:
a1:17:d4:58:7e:d9:98:f8:2e:f7:76:5b:68:8e:b8:
0b:67:af:de:ee:4e:45:2a:4c:0c:01:c4:78:88:ce:
a8:d7:03:0d:78:b5:01:65:d2:a5:28:ae:e1:5a:ba:
9f:b8:ea:06:96:c5:9a:8f:82:85:cd:84:bb:e5:e1:
6d:0e:8e:69:cf:93:8a:9b:cd:f4:ac:80:fd:b8:69:
6d:c4:71:11:c6:b3:e3:ba:5c:ad:a9:11:f2:58:88:
a7:54:55:49:71:47:e9:9a:1e:5b:b8:3b:ce:fe:5d:
41:ea:fc:09:19:3f:24:1a:4b:bf:c5:81:4b:4b:dd:
b3:0a:54:5e:82:6e:58:ce:75:15:be:cc:7a:a1:c7:
12:fa:e4:34:37:e5:fc:59:9a:69:5a:47:85:67:bb:
eb:0e:51:48:70:0b:6f:29:a7:ae:24:4e:ee:29:33:
e2:13:5e:dc:82:6f:fc:c9:d2:42:03:16:3b:49:fd:
3a:86:e8:68:d9:50:59:db:47:12:6d:5e:4f:93:51:
cc:5b:ca:b1:3d:1d:66:34:ac:d6:9d:1f:98:dd:17:
6d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:AC:29:7C:8D:18:39:DF:31:47:53:EC:A7:EE:B4:B9:CD:89:77:BE
X509v3 Authority Key Identifier:
keyid:97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/4qwpfI0YOd8xR1Psp-60uc2Jd74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/l72bhlMeVEr6AwnYvip7ppFj-a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.252.0/22
185.139.240.0/22
IPv6:
2a07:1980::/29
Signature Algorithm: sha256WithRSAEncryption
4d:a2:4b:d3:c0:7e:02:ff:ce:09:ea:fa:30:7c:73:01:32:d3:
cd:e0:81:6a:8f:33:bb:15:87:fc:61:3f:b9:40:b8:92:5a:ea:
18:13:c6:c2:04:af:aa:ee:6c:70:72:07:cf:59:05:2f:79:9e:
79:8d:1d:62:f4:14:66:a8:2b:96:bf:8f:06:d6:d5:c7:39:55:
af:2b:9e:5b:a6:6c:32:01:79:c7:64:7b:29:2b:57:1e:88:b5:
67:f6:ce:f5:d7:d1:02:26:cc:a7:08:c7:1b:b0:2d:82:0e:5a:
eb:07:3b:b7:b2:49:50:8a:71:09:66:34:af:e2:c8:c0:4f:60:
b5:15:b3:e8:69:db:09:ec:6c:8b:a1:87:fd:27:8e:6b:07:56:
29:7d:78:a1:9c:24:e6:a7:ff:76:b5:c3:c8:8c:b4:c5:8d:2a:
14:9b:78:2e:68:ab:d3:12:b9:4e:0b:8a:8c:93:16:94:bb:35:
99:01:db:ad:ae:a7:84:7a:61:1c:f0:61:e7:77:94:33:f7:27:
5b:d8:d7:48:cd:f8:3b:c6:9d:9c:fd:53:29:d7:93:0a:92:13:
23:b9:e8:44:ed:c7:b0:a1:ef:b7:84:6b:14:7b:d6:6b:7c:95:
3d:ec:94:ac:54:a0:4f:a8:18:76:74:85:73:0d:e7:f0:99:7c:
c8:de:70:e9
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBDNHZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
N2JkOWI4NjUzMWU1NDRhZmEwMzA5ZDhiZTJhN2JhNjkxNjNmOWFkMB4XDTIyMDEw
MTA2NTc0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJhYzI5N2M4ZDE4
MzlkZjMxNDc1M2VjYTdlZWI0YjljZDg5NzdiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOY3zAd7mIdHwzM1PhUxScjc18iSsZa1Rov+WZ3AdTqGCwZn
3hd2zbch1ciDoRfUWH7ZmPgu93ZbaI64C2ev3u5ORSpMDAHEeIjOqNcDDXi1AWXS
pSiu4Vq6n7jqBpbFmo+Chc2Eu+XhbQ6Oac+TipvN9KyA/bhpbcRxEcaz47pcrakR
8liIp1RVSXFH6ZoeW7g7zv5dQer8CRk/JBpLv8WBS0vdswpUXoJuWM51Fb7MeqHH
EvrkNDfl/FmaaVpHhWe76w5RSHALbymnriRO7ikz4hNe3IJv/MnSQgMWO0n9Oobo
aNlQWdtHEm1eT5NRzFvKsT0dZjSs1p0fmN0XbZsCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBTirCl8jRg53zFHU+yn7rS5zYl3vjAfBgNVHSMEGDAWgBSXvZuGUx5USvoD
Cdi+KnumkWP5rTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2w3MmJobE1lVkVyNkF3bll2aXA3cHBGai1hMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvZDRiZDhiLTU1ZjQtNDc2NS1hZDIyLTM0NjBjYzI2NDgwYi8x
LzRxd3BmSTBZT2Q4eFIxUHNwLTYwdWMySmQ3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
ZDRiZDhiLTU1ZjQtNDc2NS1hZDIyLTM0NjBjYzI2NDgwYi8xL2w3MmJobE1lVkVy
NkF3bll2aXA3cHBGai1hMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAo3i/AMEArmL8DANBAIAAjAHAwUD
KgcZgDANBgkqhkiG9w0BAQsFAAOCAQEATaJL08B+Av/OCer6MHxzATLTzeCBao8z
uxWH/GE/uUC4klrqGBPGwgSvqu5scHIHz1kFL3meeY0dYvQUZqgrlr+PBtbVxzlV
ryueW6ZsMgF5x2R7KStXHoi1Z/bO9dfRAibMpwjHG7Atgg5a6wc7t7JJUIpxCWY0
r+LIwE9gtRWz6GnbCexsi6GH/SeOawdWKX14oZwk5qf/drXDyIy0xY0qFJt4Lmir
0xK5TguKjJMWlLs1mQHbra6nhHphHPBh53eUM/cnW9jXSM34O8adnP1TKdeTCpIT
I7noRO3HsKHvt4RrFHvWa3yVPeyUrFSgT6gYdnSFcw3n8Jl8yN5w6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:10 2024 by rpki-client on console-fra.rpki-client.org