Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/s4r2RT9ZGJYwTe4emGREK79W8KQ.roa
File: s4r2RT9ZGJYwTe4emGREK79W8KQ.roa (raw, json)
Hash identifier: BY1aWMQdyp7pEtxDG62jNfIIpOt66zjhWJhaVKNnPxs=
Subject key identifier: B3:8A:F6:45:3F:59:18:96:30:4D:EE:1E:98:64:44:2B:BF:56:F0:A4
Certificate issuer: /CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Certificate serial: 043485F5
Authority key identifier: 97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/s4r2RT9ZGJYwTe4emGREK79W8KQ.roa
Signing time: Sat 01 Jan 2022 06:57:48 +0000
ROA not before: Sat 01 Jan 2022 06:57:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48851
IP address blocks: 141.226.252.0/22 maxlen: 24
185.139.240.0/22 maxlen: 24
2a07:1980::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70551029 (0x43485f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97bd9b86531e544afa0309d8be2a7ba69163f9ad
Validity
Not Before: Jan 1 06:57:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b38af6453f591896304dee1e9864442bbf56f0a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:0b:ed:57:a5:2d:d6:4e:70:d5:1b:56:5f:5a:
14:22:61:1e:45:fb:34:52:d0:cd:85:c1:75:b3:f6:
c8:a5:71:3c:6f:b6:ad:3c:a0:c7:47:3d:c4:82:83:
71:42:7f:b8:aa:f4:13:08:c2:06:fe:69:7d:7d:c8:
41:ef:73:09:0b:2b:32:9f:f2:59:98:53:89:c0:2c:
13:f9:e1:a6:ff:92:a7:89:e1:b2:42:4c:04:08:d6:
05:0c:a9:63:74:33:30:3a:f2:d3:fa:10:52:2c:9b:
c7:28:8f:df:1a:d9:29:a2:e4:18:ac:52:ae:bc:29:
73:25:e2:97:6e:e5:66:68:6e:89:72:df:c5:81:06:
ed:95:30:0a:9b:be:0f:8a:2d:33:1c:d9:fe:94:ff:
91:6e:f5:c2:87:bc:b3:6d:94:66:cf:f4:47:37:46:
72:46:bc:c0:55:62:01:7b:a3:28:62:c5:43:09:bd:
80:89:8b:8d:de:02:a5:66:8e:74:b6:33:13:c4:34:
e4:b3:c5:e9:39:f2:b7:ba:c6:7a:63:19:95:9d:86:
57:da:bb:2e:46:f2:52:af:10:fe:34:77:cb:ab:2a:
e1:68:dc:33:f2:c3:7d:c4:42:a4:f4:7a:b0:98:7c:
bd:30:15:d3:31:ee:3e:b7:79:c3:74:c9:4a:6c:34:
dc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:8A:F6:45:3F:59:18:96:30:4D:EE:1E:98:64:44:2B:BF:56:F0:A4
X509v3 Authority Key Identifier:
keyid:97:BD:9B:86:53:1E:54:4A:FA:03:09:D8:BE:2A:7B:A6:91:63:F9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l72bhlMeVEr6AwnYvip7ppFj-a0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/s4r2RT9ZGJYwTe4emGREK79W8KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d4bd8b-55f4-4765-ad22-3460cc26480b/1/l72bhlMeVEr6AwnYvip7ppFj-a0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.252.0/22
185.139.240.0/22
IPv6:
2a07:1980::/29
Signature Algorithm: sha256WithRSAEncryption
63:04:c9:fe:3c:ab:68:ff:9c:b3:cd:39:ab:72:00:cf:da:1d:
e3:4d:02:c1:94:3e:f2:ec:9e:7b:00:ea:dd:3e:a6:ea:8d:63:
ca:b1:84:52:c9:12:00:46:21:42:69:d0:3a:13:b5:f0:9d:ec:
8c:67:be:50:20:09:bc:49:23:3e:aa:99:1e:23:c3:91:fd:19:
d5:be:76:20:38:93:d0:56:0c:5f:2a:5f:25:29:13:8b:76:9d:
6f:35:2d:31:d0:e3:8e:29:d5:07:f3:c2:51:06:97:e6:4f:88:
03:09:48:4c:ee:80:67:0c:0f:63:ca:d9:25:be:40:59:56:e8:
2c:36:8b:b8:a0:9c:4d:6d:c0:39:cd:54:d1:c4:7a:ee:2c:67:
d8:de:e9:74:29:d2:9b:84:29:1f:b8:66:1d:73:54:f7:6e:fe:
64:6e:b7:13:0c:82:06:a0:7e:af:8a:ac:42:13:52:2a:c6:8e:
fb:4b:6a:19:2b:a7:08:29:54:cc:f9:75:34:0d:e5:0e:7d:aa:
63:d1:5f:76:35:90:38:4c:84:89:f0:ec:67:be:27:c1:81:9d:
84:c7:2b:5f:a7:6f:23:87:76:ef:8a:f6:bd:0e:42:ed:74:ea:
61:95:88:a7:f8:b8:2a:93:37:3a:c4:3d:29:4c:ad:2f:98:71:
1f:1b:91:64
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBDSF9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
N2JkOWI4NjUzMWU1NDRhZmEwMzA5ZDhiZTJhN2JhNjkxNjNmOWFkMB4XDTIyMDEw
MTA2NTc0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjM4YWY2NDUzZjU5
MTg5NjMwNGRlZTFlOTg2NDQ0MmJiZjU2ZjBhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKYL7VelLdZOcNUbVl9aFCJhHkX7NFLQzYXBdbP2yKVxPG+2
rTygx0c9xIKDcUJ/uKr0EwjCBv5pfX3IQe9zCQsrMp/yWZhTicAsE/nhpv+Sp4nh
skJMBAjWBQypY3QzMDry0/oQUiybxyiP3xrZKaLkGKxSrrwpcyXil27lZmhuiXLf
xYEG7ZUwCpu+D4otMxzZ/pT/kW71woe8s22UZs/0RzdGcka8wFViAXujKGLFQwm9
gImLjd4CpWaOdLYzE8Q05LPF6Tnyt7rGemMZlZ2GV9q7LkbyUq8Q/jR3y6sq4Wjc
M/LDfcRCpPR6sJh8vTAV0zHuPrd5w3TJSmw03BkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSzivZFP1kYljBN7h6YZEQrv1bwpDAfBgNVHSMEGDAWgBSXvZuGUx5USvoD
Cdi+KnumkWP5rTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2w3MmJobE1lVkVyNkF3bll2aXA3cHBGai1hMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvZDRiZDhiLTU1ZjQtNDc2NS1hZDIyLTM0NjBjYzI2NDgwYi8x
L3M0cjJSVDlaR0pZd1RlNGVtR1JFSzc5VzhLUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
ZDRiZDhiLTU1ZjQtNDc2NS1hZDIyLTM0NjBjYzI2NDgwYi8xL2w3MmJobE1lVkVy
NkF3bll2aXA3cHBGai1hMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAo3i/AMEArmL8DANBAIAAjAHAwUD
KgcZgDANBgkqhkiG9w0BAQsFAAOCAQEAYwTJ/jyraP+cs805q3IAz9od400CwZQ+
8uyeewDq3T6m6o1jyrGEUskSAEYhQmnQOhO18J3sjGe+UCAJvEkjPqqZHiPDkf0Z
1b52IDiT0FYMXypfJSkTi3adbzUtMdDjjinVB/PCUQaX5k+IAwlITO6AZwwPY8rZ
Jb5AWVboLDaLuKCcTW3AOc1U0cR67ixn2N7pdCnSm4QpH7hmHXNU927+ZG63EwyC
BqB+r4qsQhNSKsaO+0tqGSunCClUzPl1NA3lDn2qY9FfdjWQOEyEifDsZ74nwYGd
hMcrX6dvI4d274r2vQ5C7XTqYZWIp/i4KpM3OsQ9KUytL5hxHxuRZA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:10 2024 by rpki-client on console-fra.rpki-client.org