Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/AE0ALkoSFo66HXZFnf1QJoHvv9U.roa
File: AE0ALkoSFo66HXZFnf1QJoHvv9U.roa (raw, json)
Hash identifier: Yc/fQeyhErD3rbHouOhvXMSkMZBf6CJFlda1lUVa8aw=
Subject key identifier: 00:4D:00:2E:4A:12:16:8E:BA:1D:76:45:9D:FD:50:26:81:EF:BF:D5
Certificate issuer: /CN=acfb02432688674260c6d012a597d70bcd5149c4
Certificate serial: 0AB3DEEC
Authority key identifier: AC:FB:02:43:26:88:67:42:60:C6:D0:12:A5:97:D7:0B:CD:51:49:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rPsCQyaIZ0JgxtASpZfXC81RScQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/AE0ALkoSFo66HXZFnf1QJoHvv9U.roa
Signing time: Sat 01 Jan 2022 06:04:44 +0000
ROA not before: Sat 01 Jan 2022 06:04:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48638
IP address blocks: 185.43.152.0/22 maxlen: 24
91.194.86.0/23 maxlen: 24
185.59.168.0/22 maxlen: 24
94.143.184.0/21 maxlen: 24
2a02:4a00::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179560172 (0xab3deec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acfb02432688674260c6d012a597d70bcd5149c4
Validity
Not Before: Jan 1 06:04:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=004d002e4a12168eba1d76459dfd502681efbfd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:3f:6f:ca:43:47:93:47:b7:ab:6c:fb:a5:
4b:9a:a2:6f:be:e1:0c:c2:d6:a9:2a:7e:1f:39:e8:
60:d9:30:36:ef:e1:82:35:fa:a8:6a:52:2a:98:4a:
d3:60:ed:7a:bd:43:e1:2e:6d:fc:e8:69:65:62:fa:
fe:08:a8:fe:f1:b2:ef:7d:e4:89:8e:4d:28:f7:cd:
ff:47:55:a1:30:58:c4:bc:66:6e:9f:eb:9a:42:fb:
b7:fd:8d:a0:da:ac:46:82:d4:9d:6a:08:b2:6e:01:
c8:98:99:07:70:59:54:38:8b:8c:9f:42:cc:c2:88:
d5:ee:d2:7e:b6:21:ef:f3:02:68:28:b6:9c:ba:e1:
b4:da:c3:c7:b5:43:1e:de:ea:5d:19:89:0e:fb:35:
31:64:85:3d:f8:05:14:27:87:cd:c8:54:73:98:c3:
e5:5e:e5:3e:6b:8e:de:ac:ff:fa:22:ff:d0:09:92:
99:c8:49:ac:6a:6c:ba:ac:50:83:52:a1:ab:46:71:
38:56:e6:e5:56:7a:1f:08:2f:4d:23:2b:20:62:9b:
a2:48:e1:86:64:03:8c:53:0f:ba:11:ba:4a:14:aa:
54:18:ce:b9:43:81:e3:9e:5b:22:b6:3f:9d:b9:2c:
c5:93:71:fa:a9:17:cc:ec:9f:5f:d5:68:04:db:73:
79:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4D:00:2E:4A:12:16:8E:BA:1D:76:45:9D:FD:50:26:81:EF:BF:D5
X509v3 Authority Key Identifier:
keyid:AC:FB:02:43:26:88:67:42:60:C6:D0:12:A5:97:D7:0B:CD:51:49:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rPsCQyaIZ0JgxtASpZfXC81RScQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/AE0ALkoSFo66HXZFnf1QJoHvv9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/a41794-d619-4c74-824d-31d7010a7256/1/rPsCQyaIZ0JgxtASpZfXC81RScQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.86.0/23
94.143.184.0/21
185.43.152.0/22
185.59.168.0/22
IPv6:
2a02:4a00::/32
Signature Algorithm: sha256WithRSAEncryption
3e:39:26:fa:9a:b4:6a:e1:de:de:31:db:9f:13:ab:15:73:73:
1b:0e:2d:45:f7:fa:3d:d2:70:f0:20:2a:ed:b2:4a:5d:d6:a8:
1b:90:53:a9:50:49:3c:c8:ca:c5:8b:55:6e:52:e2:30:be:b7:
d4:a3:6a:41:95:cd:f1:e4:2f:2b:db:4f:e8:c9:18:05:c0:b8:
09:1c:dc:e2:cb:0a:d7:a4:ff:0f:23:32:ea:38:a6:27:74:47:
6d:b8:21:9a:f2:32:e8:6f:c6:af:f2:f5:0a:89:20:aa:1f:ce:
dd:55:6f:8f:d3:d8:e3:63:48:eb:f8:2c:1f:55:11:32:47:1c:
a6:e8:a2:ca:94:76:03:df:6a:fa:4b:21:b5:56:cc:e6:ad:94:
b0:8a:a4:f7:8e:03:04:7d:0e:ed:29:d5:32:2e:5c:d0:6e:ad:
de:5a:b4:24:52:83:58:e7:3a:eb:09:bb:c9:9a:58:48:8a:a4:
c0:1f:30:4c:20:a1:fc:2d:c9:da:2a:5e:46:5e:98:a4:87:e4:
f8:9b:b0:8f:ca:9f:c7:23:97:0e:41:90:6b:73:86:ae:09:54:
bd:42:0c:72:c6:1b:f6:1d:cb:99:ce:46:cd:6f:d8:14:a2:30:
58:32:f3:6c:68:e9:a9:7d:0b:16:27:54:3a:c0:e6:23:44:51:
b7:96:ae:ff
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECrPe7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2ZiMDI0MzI2ODg2NzQyNjBjNmQwMTJhNTk3ZDcwYmNkNTE0OWM0MB4XDTIyMDEw
MTA2MDQ0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA0ZDAwMmU0YTEy
MTY4ZWJhMWQ3NjQ1OWRmZDUwMjY4MWVmYmZkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHiP2/KQ0eTR7erbPulS5qib77hDMLWqSp+HznoYNkwNu/h
gjX6qGpSKphK02Dter1D4S5t/OhpZWL6/gio/vGy733kiY5NKPfN/0dVoTBYxLxm
bp/rmkL7t/2NoNqsRoLUnWoIsm4ByJiZB3BZVDiLjJ9CzMKI1e7SfrYh7/MCaCi2
nLrhtNrDx7VDHt7qXRmJDvs1MWSFPfgFFCeHzchUc5jD5V7lPmuO3qz/+iL/0AmS
mchJrGpsuqxQg1Khq0ZxOFbm5VZ6HwgvTSMrIGKbokjhhmQDjFMPuhG6ShSqVBjO
uUOB455bIrY/nbksxZNx+qkXzOyfX9VoBNtzea8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQATQAuShIWjroddkWd/VAmge+/1TAfBgNVHSMEGDAWgBSs+wJDJohnQmDG
0BKll9cLzVFJxDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JQc0NReWFJWjBKZ3h0QVNwWmZYQzgxUlNjUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvYTQxNzk0LWQ2MTktNGM3NC04MjRkLTMxZDcwMTBhNzI1Ni8x
L0FFMEFMa29TRm82NkhYWkZuZjFRSm9IdnY5VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
YTQxNzk0LWQ2MTktNGM3NC04MjRkLTMxZDcwMTBhNzI1Ni8xL3JQc0NReWFJWjBK
Z3h0QVNwWmZYQzgxUlNjUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAVvCVgMEA16PuAMEArkrmAMEArk7
qDANBAIAAjAHAwUAKgJKADANBgkqhkiG9w0BAQsFAAOCAQEAPjkm+pq0auHe3jHb
nxOrFXNzGw4tRff6PdJw8CAq7bJKXdaoG5BTqVBJPMjKxYtVblLiML631KNqQZXN
8eQvK9tP6MkYBcC4CRzc4ssK16T/DyMy6jimJ3RHbbghmvIy6G/Gr/L1Cokgqh/O
3VVvj9PY42NI6/gsH1URMkccpuiiypR2A99q+kshtVbM5q2UsIqk944DBH0O7SnV
Mi5c0G6t3lq0JFKDWOc66wm7yZpYSIqkwB8wTCCh/C3J2ipeRl6YpIfk+Juwj8qf
xyOXDkGQa3OGrglUvUIMcsYb9h3Lmc5GzW/YFKIwWDLzbGjpqX0LFidUOsDmI0RR
t5au/w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:14 2023 by rpki-client on console-ams.rpki-client.org