Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/KbbYTKpG2rst0mG-fu0T4gA8Pj4.roa
File: KbbYTKpG2rst0mG-fu0T4gA8Pj4.roa (raw, json)
Hash identifier: l5Ezs8440J1Ky0Sz5u+ak6NjaLsjVEmhlYdBqYfhRXM=
Subject key identifier: 29:B6:D8:4C:AA:46:DA:BB:2D:D2:61:BE:7E:ED:13:E2:00:3C:3E:3E
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 0DEB3D4E
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/KbbYTKpG2rst0mG-fu0T4gA8Pj4.roa
Signing time: Sat 01 Jan 2022 10:54:12 +0000
ROA not before: Sat 01 Jan 2022 10:54:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61161
IP address blocks: 185.100.56.0/22 maxlen: 24
185.17.72.0/22 maxlen: 24
185.102.4.0/22 maxlen: 24
2a04:600::/29 maxlen: 48
2a0d:3200::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233520462 (0xdeb3d4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 1 10:54:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29b6d84caa46dabb2dd261be7eed13e2003c3e3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8e:82:39:5b:bf:e7:17:55:e8:de:70:98:19:
22:2a:61:74:b9:5e:39:a8:7f:20:21:5a:35:0b:bb:
e4:40:16:e4:f0:17:c9:4d:08:51:f4:52:1b:f3:37:
3c:6a:17:5d:57:2b:7c:4a:b3:7d:13:33:2d:b2:76:
88:8c:20:81:a5:b8:37:4b:08:4c:64:af:02:e5:36:
91:64:7f:f2:99:80:af:18:0e:06:9b:1d:8e:52:d3:
c5:98:72:27:df:1f:e9:ec:99:df:2a:3b:2f:08:7a:
87:3d:3e:61:f5:b9:64:76:97:df:b2:41:f1:65:6b:
6f:cd:97:dc:1a:91:c5:df:81:95:eb:54:03:4c:87:
f5:48:73:23:b1:60:fd:fd:49:11:49:cc:f7:28:14:
aa:0e:19:31:0a:a7:8d:17:6a:be:6e:41:be:ae:33:
7e:69:7a:c3:a6:9c:35:96:dc:d8:5a:c1:63:30:cc:
2c:5b:04:c1:55:cc:1a:fa:b1:c4:d3:91:8a:22:2a:
9f:9c:66:61:c7:15:50:4c:6e:bc:73:85:a4:e9:c7:
f7:e9:ab:c2:40:88:ee:db:96:5a:0b:f2:78:23:96:
59:74:40:6f:ab:1d:66:09:12:40:96:8e:89:a7:11:
d5:e1:f6:59:27:fc:7f:73:bf:ee:d3:d7:86:7f:f5:
fb:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:B6:D8:4C:AA:46:DA:BB:2D:D2:61:BE:7E:ED:13:E2:00:3C:3E:3E
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/KbbYTKpG2rst0mG-fu0T4gA8Pj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.72.0/22
185.100.56.0/22
185.102.4.0/22
IPv6:
2a04:600::/29
2a0d:3200::/29
Signature Algorithm: sha256WithRSAEncryption
17:ce:bc:a8:3d:5f:ae:39:0e:c3:22:fe:15:eb:bf:78:22:25:
02:4b:a0:63:0d:ad:a7:cb:c0:59:cd:ee:84:36:05:71:2c:99:
26:e6:54:82:49:f9:5c:1c:04:e7:30:fd:da:75:b7:72:31:c7:
79:8c:11:84:4d:fa:78:44:e0:91:80:9f:71:8b:40:a4:e3:ff:
20:ed:e4:cf:eb:ac:3c:67:57:2e:81:2e:a3:09:0a:d1:3d:dc:
57:1a:31:3f:38:7b:58:c2:ad:b9:bf:a0:88:76:6a:80:0b:11:
a2:7f:d9:f1:f7:29:c5:5a:04:0b:c7:21:55:c5:57:ec:6f:9f:
94:9a:20:e1:eb:b8:e2:21:d6:df:9d:9a:93:af:18:c3:b9:9e:
d8:5d:55:fb:26:08:62:0e:f8:a1:a2:aa:ca:91:7a:c3:4b:82:
a6:97:e6:f6:90:4e:cd:c2:10:cb:d2:b1:a4:9c:a2:b5:94:23:
6b:10:9f:8f:4e:d9:c5:f7:2b:e1:3e:e0:51:c3:0e:6c:be:07:
53:6b:41:77:a6:37:13:c5:7d:af:fa:e9:b8:05:c5:98:20:0b:
3f:f0:cb:86:64:7e:5c:fe:9f:30:02:9a:2a:2e:ea:b0:6d:e3:
d2:da:b3:68:03:02:5d:46:23:9f:a7:20:0d:d4:4f:79:33:50:
8a:0e:1e:59
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEDes9TjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjY2MDViNGQyN2YxMzk2OGU4Nzk0ZTZlZjA5MTIyMzc0ODgxN2Q4MB4XDTIyMDEw
MTEwNTQxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjliNmQ4NGNhYTQ2
ZGFiYjJkZDI2MWJlN2VlZDEzZTIwMDNjM2UzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOOgjlbv+cXVejecJgZIiphdLleOah/ICFaNQu75EAW5PAX
yU0IUfRSG/M3PGoXXVcrfEqzfRMzLbJ2iIwggaW4N0sITGSvAuU2kWR/8pmArxgO
BpsdjlLTxZhyJ98f6eyZ3yo7Lwh6hz0+YfW5ZHaX37JB8WVrb82X3BqRxd+BletU
A0yH9UhzI7Fg/f1JEUnM9ygUqg4ZMQqnjRdqvm5Bvq4zfml6w6acNZbc2FrBYzDM
LFsEwVXMGvqxxNORiiIqn5xmYccVUExuvHOFpOnH9+mrwkCI7tuWWgvyeCOWWXRA
b6sdZgkSQJaOiacR1eH2WSf8f3O/7tPXhn/1+6cCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQptthMqkbauy3SYb5+7RPiADw+PjAfBgNVHSMEGDAWgBSCZgW00n8Tlo6H
lObvCRIjdIgX2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dtWUZ0TkpfRTVhT2g1VG03d2tTSTNTSUY5Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8x
L0tiYllUS3BHMnJzdDBtRy1mdTBUNGdBOFBqNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
ZmJjYzMyLTMzYzgtNDFmZi04OWZhLTJkMTkxOGJhMWMwZS8xL2dtWUZ0TkpfRTVh
T2g1VG03d2tTSTNTSUY5Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEArkRSAMEArlkOAMEArlmBDAUBAIA
AjAOAwUDKgQGAAMFAyoNMgAwDQYJKoZIhvcNAQELBQADggEBABfOvKg9X645DsMi
/hXrv3giJQJLoGMNrafLwFnN7oQ2BXEsmSbmVIJJ+VwcBOcw/dp1t3Ixx3mMEYRN
+nhE4JGAn3GLQKTj/yDt5M/rrDxnVy6BLqMJCtE93FcaMT84e1jCrbm/oIh2aoAL
EaJ/2fH3KcVaBAvHIVXFV+xvn5SaIOHruOIh1t+dmpOvGMO5nthdVfsmCGIO+KGi
qsqResNLgqaX5vaQTs3CEMvSsaScorWUI2sQn49O2cX3K+E+4FHDDmy+B1NrQXem
NxPFfa/66bgFxZggCz/wy4Zkflz+nzACmiou6rBt49Las2gDAl1GI5+nIA3UT3kz
UIoOHlk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:50 2024 by rpki-client on console-ams.rpki-client.org