Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/2Ll0VQ_hOycPOuoJCuMwCAS16lY.roa
File: 2Ll0VQ_hOycPOuoJCuMwCAS16lY.roa (raw, json)
Hash identifier: xi/3UPj7Vb9vwxFEgatmMau5S/q6PwzaoIXcjMDbFdY=
Subject key identifier: D8:B9:74:55:0F:E1:3B:27:0F:3A:EA:09:0A:E3:30:08:04:B5:EA:56
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 06B67302
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/2Ll0VQ_hOycPOuoJCuMwCAS16lY.roa
Signing time: Sat 01 Jan 2022 05:06:30 +0000
ROA not before: Sat 01 Jan 2022 05:06:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35478
IP address blocks: 192.144.52.0/22 maxlen: 24
193.9.36.0/22 maxlen: 24
185.161.252.0/22 maxlen: 24
193.187.168.0/22 maxlen: 24
185.220.28.0/22 maxlen: 24
193.9.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112620290 (0x6b67302)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jan 1 05:06:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8b974550fe13b270f3aea090ae3300804b5ea56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:49:39:d2:c3:e1:ec:b6:60:26:8f:34:2c:01:
23:e8:38:97:01:58:f9:66:a8:57:48:bd:3a:a2:a8:
f8:50:78:1b:a8:69:47:2f:79:7c:48:55:10:33:13:
05:76:d4:8f:2c:c0:b7:ea:e3:e8:33:15:b1:a4:47:
77:b0:ed:54:85:b5:23:bb:83:e4:c1:17:10:33:ce:
3e:1a:48:63:15:3a:11:4d:f8:4b:43:df:14:5a:a7:
90:4e:e5:bf:f9:01:e4:6c:3d:9d:5c:4a:df:cc:55:
32:95:ae:12:15:8c:d9:bb:32:05:f7:41:f3:b3:f5:
08:d2:be:28:42:34:b8:60:7a:13:98:43:f1:37:c5:
fa:85:a4:a0:ef:10:6b:14:bf:ba:a3:31:95:50:b0:
ff:6a:c5:fa:ce:e6:a1:ef:65:91:79:f9:a4:17:44:
62:c2:e6:22:a4:8f:6e:9e:25:ef:c7:e8:e5:b5:98:
b3:df:01:45:49:49:32:fc:51:b4:21:e8:60:66:64:
b4:21:9b:be:16:b8:8f:c5:e5:98:98:42:a5:2b:59:
73:40:28:78:10:e6:98:9c:eb:84:26:ba:21:a8:24:
94:ec:1a:6d:9c:e7:ca:c2:6a:e2:d3:31:42:bf:87:
fa:51:d1:d8:e5:bf:c9:bd:08:1b:5b:58:62:7c:1c:
e0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B9:74:55:0F:E1:3B:27:0F:3A:EA:09:0A:E3:30:08:04:B5:EA:56
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/2Ll0VQ_hOycPOuoJCuMwCAS16lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.252.0/22
185.220.28.0/22
192.144.52.0/22
193.9.36.0-193.9.43.255
193.187.168.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:25:3e:cb:2a:59:88:2b:55:e7:e1:66:f6:b1:d3:ec:fd:cc:
cc:b9:13:30:f7:6c:48:04:0b:06:0d:63:e8:46:33:eb:27:eb:
1d:7d:4b:bf:cf:7e:3f:a7:50:5f:ed:62:31:76:28:f7:31:45:
e9:4e:af:8c:70:9c:5f:72:1c:e0:0e:17:93:86:f0:49:95:cc:
3a:6e:b9:81:10:3b:02:01:b5:ae:f8:10:ed:1f:3a:8f:cf:43:
77:8d:c5:28:8d:33:03:a1:1f:57:0f:9f:f0:7f:ef:e2:eb:bc:
0c:59:18:60:bb:09:0a:9c:ba:39:51:c1:95:7c:75:8d:1d:c7:
d6:23:2f:04:9f:d1:bb:07:6e:e5:67:93:40:ec:90:26:a2:ab:
d7:ad:07:70:6a:2d:46:4c:ea:93:0c:77:cf:e2:72:22:e1:b3:
cc:82:90:73:2d:97:9e:16:de:66:c7:92:ae:26:b1:1e:74:b5:
6a:1a:0b:d3:b3:80:32:45:00:97:e4:0c:25:88:aa:41:3f:9d:
89:ea:29:94:e5:2e:3c:bf:45:dd:48:bd:87:90:8c:20:76:52:
0c:8c:b8:d9:1d:3e:2f:cc:d5:49:1c:4c:e0:07:cb:78:64:af:
b3:2d:38:2e:5c:6d:e4:32:70:92:f2:27:24:ee:bc:a5:d6:cf:
ca:b5:98:5a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEBrZzAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MjZjNjYwYjMwZjU2OTJiMmIxNmUyODliMjQ5MDFjNTE4ZmRhNTIwMB4XDTIyMDEw
MTA1MDYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhiOTc0NTUwZmUx
M2IyNzBmM2FlYTA5MGFlMzMwMDgwNGI1ZWE1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALxJOdLD4ey2YCaPNCwBI+g4lwFY+WaoV0i9OqKo+FB4G6hp
Ry95fEhVEDMTBXbUjyzAt+rj6DMVsaRHd7DtVIW1I7uD5MEXEDPOPhpIYxU6EU34
S0PfFFqnkE7lv/kB5Gw9nVxK38xVMpWuEhWM2bsyBfdB87P1CNK+KEI0uGB6E5hD
8TfF+oWkoO8QaxS/uqMxlVCw/2rF+s7moe9lkXn5pBdEYsLmIqSPbp4l78fo5bWY
s98BRUlJMvxRtCHoYGZktCGbvha4j8XlmJhCpStZc0AoeBDmmJzrhCa6IagklOwa
bZznysJq4tMxQr+H+lHR2OW/yb0IG1tYYnwc4KMCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTYuXRVD+E7Jw866gkK4zAIBLXqVjAfBgNVHSMEGDAWgBQSbGYLMPVpKysW
4omySQHFGP2lIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VteG1DekQxYVNzckZ1S0pza2tCeFJqOXBTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvZGI3ODdmLWMyN2EtNGYyMy05OWIyLTQzOGFjYjcyZmM1Yi8x
LzJMbDBWUV9oT3ljUE91b0pDdU13Q0FTMTZsWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
ZGI3ODdmLWMyN2EtNGYyMy05OWIyLTQzOGFjYjcyZmM1Yi8xL0VteG1DekQxYVNz
ckZ1S0pza2tCeFJqOXBTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wLAQCAAEwJgMEArmh/AMEArncHAMEAsCQNDAMAwQC
wQkkAwQCwQkoAwQCwbuoMA0GCSqGSIb3DQEBCwUAA4IBAQC2JT7LKlmIK1Xn4Wb2
sdPs/czMuRMw92xIBAsGDWPoRjPrJ+sdfUu/z34/p1Bf7WIxdij3MUXpTq+McJxf
chzgDheThvBJlcw6brmBEDsCAbWu+BDtHzqPz0N3jcUojTMDoR9XD5/wf+/i67wM
WRhguwkKnLo5UcGVfHWNHcfWIy8En9G7B27lZ5NA7JAmoqvXrQdwai1GTOqTDHfP
4nIi4bPMgpBzLZeeFt5mx5KuJrEedLVqGgvTs4AyRQCX5AwliKpBP52J6imU5S48
v0XdSL2HkIwgdlIMjLjZHT4vzNVJHEzgB8t4ZK+zLTguXG3kMnCS8ick7ryl1s/K
tZha
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:05 2024 by rpki-client on console-fra.rpki-client.org