Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/tDKKeUVBKKwPkEAwMqL27cHXozU.roa
File: tDKKeUVBKKwPkEAwMqL27cHXozU.roa (raw, json)
Hash identifier: aiVOlqSJ8l+OdA81VJTRXFs8CBZ88Lsmt8SsN/g/TW8=
Subject key identifier: B4:32:8A:79:45:41:28:AC:0F:90:40:30:32:A2:F6:ED:C1:D7:A3:35
Certificate issuer: /CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Certificate serial: 05405326
Authority key identifier: B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/tDKKeUVBKKwPkEAwMqL27cHXozU.roa
Signing time: Sat 01 Jan 2022 10:56:02 +0000
ROA not before: Sat 01 Jan 2022 10:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60422
IP address blocks: 188.116.39.0/24 maxlen: 24
185.31.76.0/22 maxlen: 22
2a00:b920::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88101670 (0x5405326)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b287ff2a733e33beaf53494a90eec152bbc758bc
Validity
Not Before: Jan 1 10:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4328a79454128ac0f90403032a2f6edc1d7a335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:b0:ad:f0:9a:52:c0:5e:ad:b5:16:7f:9f:eb:
c4:25:42:96:65:02:bc:a1:13:f2:57:a1:94:13:54:
c3:21:f3:90:14:29:f2:18:8e:d7:a2:86:eb:1c:91:
ca:de:65:17:f3:cf:ec:91:17:e2:45:04:c7:94:0b:
3d:1c:73:f2:df:0b:2a:8e:cf:8c:6b:14:ab:ca:01:
98:48:a8:9a:3d:a7:46:0f:ec:f0:23:ef:ac:56:11:
e9:39:ba:2f:fb:b0:cc:71:38:56:81:7a:e5:35:42:
36:d1:ee:70:8e:23:09:59:80:d4:66:ef:e1:28:2c:
45:1b:5d:e3:56:d3:68:ea:32:14:eb:65:69:86:e2:
96:af:ff:34:bb:9e:fd:56:96:42:b2:90:2d:e8:08:
96:e5:fc:d2:be:97:13:41:1e:c6:4c:db:03:05:50:
6f:a3:25:cb:e1:16:c8:1e:14:ed:e5:22:24:c0:1e:
80:26:3e:7a:f5:cf:66:db:f8:92:20:86:0a:b0:3d:
fc:b6:ee:86:19:99:3e:b6:57:32:a9:c5:2e:10:73:
fd:3e:49:8f:fb:5c:c3:2d:dc:e2:52:a8:4d:5f:d9:
6c:58:6f:32:9a:1e:49:ed:59:b7:0b:68:70:3f:61:
79:da:77:8c:ca:67:10:1c:b2:40:45:f4:fa:63:96:
49:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:32:8A:79:45:41:28:AC:0F:90:40:30:32:A2:F6:ED:C1:D7:A3:35
X509v3 Authority Key Identifier:
keyid:B2:87:FF:2A:73:3E:33:BE:AF:53:49:4A:90:EE:C1:52:BB:C7:58:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sof_KnM-M76vU0lKkO7BUrvHWLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/tDKKeUVBKKwPkEAwMqL27cHXozU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/cb2151-05ca-4a76-859f-4f5ec0a7e006/1/sof_KnM-M76vU0lKkO7BUrvHWLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.76.0/22
188.116.39.0/24
IPv6:
2a00:b920::/32
Signature Algorithm: sha256WithRSAEncryption
5f:b6:d3:59:b1:6c:9c:5c:df:05:a7:c9:84:60:77:1c:b8:e1:
90:ba:15:f1:aa:26:da:45:81:e4:0c:0f:ae:48:d1:c1:88:bb:
67:84:db:48:e8:b3:02:51:9b:9d:3f:f9:0f:60:97:e1:04:32:
97:c0:6a:ce:a6:20:83:59:3f:38:42:ac:ac:15:ed:8c:b2:a3:
5b:72:2d:33:63:41:75:dc:ca:fb:2f:eb:1f:50:71:36:d8:77:
7c:43:91:ad:f4:92:c5:8f:18:87:c1:60:c6:a0:86:d1:99:c1:
01:52:59:7a:68:70:20:96:6f:c2:28:96:a1:a4:9c:12:9c:a7:
c9:27:f8:60:ea:7e:94:52:d3:b7:3a:00:f2:57:7e:05:73:e7:
0c:a4:8c:de:38:14:71:39:19:c3:ce:19:6e:9d:83:1d:20:86:
c2:6a:ba:48:50:f0:d3:06:52:61:10:33:bb:f1:7b:fa:c0:95:
41:9c:00:d2:df:58:9d:5a:d8:e9:9e:77:a3:1c:b4:b8:0d:e7:
76:62:52:99:7b:31:38:64:37:52:bf:9c:b2:46:21:e2:6a:f7:
a5:a8:78:4a:0e:d1:d6:63:40:9e:87:21:4b:45:93:83:ef:10:
a3:92:b5:14:fd:79:c2:c5:74:dc:cd:5a:be:e0:01:fa:4b:05:
2c:8c:cf:4f
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEBUBTJjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
Mjg3ZmYyYTczM2UzM2JlYWY1MzQ5NGE5MGVlYzE1MmJiYzc1OGJjMB4XDTIyMDEw
MTEwNTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQzMjhhNzk0NTQx
MjhhYzBmOTA0MDMwMzJhMmY2ZWRjMWQ3YTMzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOWwrfCaUsBerbUWf5/rxCVClmUCvKET8lehlBNUwyHzkBQp
8hiO16KG6xyRyt5lF/PP7JEX4kUEx5QLPRxz8t8LKo7PjGsUq8oBmEiomj2nRg/s
8CPvrFYR6Tm6L/uwzHE4VoF65TVCNtHucI4jCVmA1Gbv4SgsRRtd41bTaOoyFOtl
aYbilq//NLue/VaWQrKQLegIluX80r6XE0EexkzbAwVQb6Mly+EWyB4U7eUiJMAe
gCY+evXPZtv4kiCGCrA9/LbuhhmZPrZXMqnFLhBz/T5Jj/tcwy3c4lKoTV/ZbFhv
MpoeSe1ZtwtocD9hedp3jMpnEByyQEX0+mOWSf0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBS0Mop5RUEorA+QQDAyovbtwdejNTAfBgNVHSMEGDAWgBSyh/8qcz4zvq9T
SUqQ7sFSu8dYvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NvZl9Lbk0tTTc2dlUwbEtrTzdCVXJ2SFdMdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2MvY2IyMTUxLTA1Y2EtNGE3Ni04NTlmLTRmNWVjMGE3ZTAwNi8x
L3RES0tlVVZCS0t3UGtFQXdNcUwyN2NIWG96VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Mv
Y2IyMTUxLTA1Y2EtNGE3Ni04NTlmLTRmNWVjMGE3ZTAwNi8xL3NvZl9Lbk0tTTc2
dlUwbEtrTzdCVXJ2SFdMdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkfTAMEALx0JzANBAIAAjAHAwUA
KgC5IDANBgkqhkiG9w0BAQsFAAOCAQEAX7bTWbFsnFzfBafJhGB3HLjhkLoV8aom
2kWB5AwPrkjRwYi7Z4TbSOizAlGbnT/5D2CX4QQyl8BqzqYgg1k/OEKsrBXtjLKj
W3ItM2NBddzK+y/rH1BxNth3fEORrfSSxY8Yh8FgxqCG0ZnBAVJZemhwIJZvwiiW
oaScEpynySf4YOp+lFLTtzoA8ld+BXPnDKSM3jgUcTkZw84Zbp2DHSCGwmq6SFDw
0wZSYRAzu/F7+sCVQZwA0t9YnVrY6Z53oxy0uA3ndmJSmXsxOGQ3Ur+cskYh4mr3
pah4Sg7R1mNAnochS0WTg+8Qo5K1FP15wsV03M1avuAB+ksFLIzPTw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:01 2023 by rpki-client on console-ams.rpki-client.org