Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/RdbXXzZEkk6fhKI9XqKpJ_Q-ZkU.roa
File: RdbXXzZEkk6fhKI9XqKpJ_Q-ZkU.roa (raw, json)
Hash identifier: Uoa0vYgG5Ji4sAwWPzlMXunaCzZo2mRXwugfiJ5m7lY=
Subject key identifier: 45:D6:D7:5F:36:44:92:4E:9F:84:A2:3D:5E:A2:A9:27:F4:3E:66:45
Certificate issuer: /CN=7b5754e4d208c6435f1abec937cde20009204dc0
Certificate serial: 0184E1DCE6AD61EF91E45795C7171387DF35
Authority key identifier: 7B:57:54:E4:D2:08:C6:43:5F:1A:BE:C9:37:CD:E2:00:09:20:4D:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1dU5NIIxkNfGr7JN83iAAkgTcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/RdbXXzZEkk6fhKI9XqKpJ_Q-ZkU.roa
Signing time: Mon 05 Dec 2022 10:37:41 +0000
ROA not before: Mon 05 Dec 2022 10:37:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199486
IP address blocks: 185.214.158.0/24 maxlen: 24
185.214.157.0/24 maxlen: 24
185.214.156.0/24 maxlen: 24
31.47.64.0/21 maxlen: 21
31.47.69.0/24 maxlen: 24
2a09:2e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:dc:e6:ad:61:ef:91:e4:57:95:c7:17:13:87:df:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5754e4d208c6435f1abec937cde20009204dc0
Validity
Not Before: Dec 5 10:37:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45d6d75f3644924e9f84a23d5ea2a927f43e6645
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:59:1c:66:6b:97:c1:35:c3:90:e0:b9:80:7b:
ae:27:23:50:da:95:dd:8a:b5:35:d6:33:59:9b:0d:
5c:be:82:29:a1:23:1d:53:35:bb:15:8f:f0:a5:c9:
b9:e2:0b:6e:a8:f4:28:16:f1:9b:52:fe:be:e9:c9:
e4:73:dc:bf:47:c8:3e:23:6f:f7:64:23:03:ba:cd:
53:46:44:41:15:8c:de:3d:68:4b:9a:98:d3:51:d6:
82:7c:2f:da:d6:9d:20:90:5e:d8:6c:e8:a3:4e:b4:
fd:0c:6b:f6:14:45:b1:8a:04:ff:c6:2e:5a:f6:46:
f4:11:b1:55:11:bc:ab:fb:90:60:14:d9:84:b2:a5:
95:6f:03:ba:b1:8d:ae:39:ac:8c:c2:33:3c:45:c8:
a4:ad:6d:19:b6:5f:9d:d5:05:29:69:3b:b8:c4:69:
70:53:51:9b:b7:88:03:b0:5f:9d:84:7a:9b:74:02:
e1:e7:87:4b:51:c3:fc:54:5c:e9:0f:9a:e6:e5:3a:
95:5c:f9:84:a2:dd:ac:64:b1:db:8a:d1:2b:66:cb:
b6:53:ee:22:5b:43:88:09:1f:cb:de:99:19:fe:4c:
15:b2:f6:0f:c3:3b:60:20:3d:dc:7d:7c:85:05:9a:
40:0a:71:d3:0b:a7:93:53:7d:dc:b0:fa:0a:b1:46:
c3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:D6:D7:5F:36:44:92:4E:9F:84:A2:3D:5E:A2:A9:27:F4:3E:66:45
X509v3 Authority Key Identifier:
keyid:7B:57:54:E4:D2:08:C6:43:5F:1A:BE:C9:37:CD:E2:00:09:20:4D:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1dU5NIIxkNfGr7JN83iAAkgTcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/RdbXXzZEkk6fhKI9XqKpJ_Q-ZkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/1dd1ac-4a87-4bf1-8d52-fd493c6a5c76/1/e1dU5NIIxkNfGr7JN83iAAkgTcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.47.64.0/21
185.214.156.0-185.214.158.255
IPv6:
2a09:2e80::/29
Signature Algorithm: sha256WithRSAEncryption
48:44:4c:a6:db:be:79:a0:18:f0:f1:02:0f:ac:8f:62:9e:1a:
7f:78:bb:3b:1f:63:fb:f6:29:8c:da:2d:92:2c:6c:36:6f:76:
94:07:fe:9f:2c:87:c5:ee:57:33:7a:b5:c4:b4:9d:a7:e3:1b:
de:8c:72:5c:aa:61:25:10:0d:69:a3:e7:bb:cf:bd:a3:e7:38:
29:c9:a5:0f:94:a8:54:9a:69:74:a2:38:51:42:cf:83:40:47:
de:1b:14:2c:3c:c5:40:2b:f3:76:e6:25:87:30:4c:ea:14:09:
ea:3c:2e:ab:35:31:2a:6d:f0:03:ba:fe:37:50:2b:0b:ed:7e:
0e:7e:09:58:01:18:57:0e:ec:de:26:3f:b8:44:db:34:b4:f7:
57:21:d4:85:94:da:cf:ea:42:bf:a0:73:a8:76:87:c0:69:08:
9a:f8:f1:6f:d6:8b:89:e9:f2:6b:fd:2f:2f:49:79:e9:ed:b5:
a2:f3:11:2e:25:77:19:40:f4:eb:ec:f0:3a:b1:94:7d:62:04:
53:53:4b:d6:b8:65:56:1e:90:52:e6:e3:2e:e5:28:8f:34:c7:
e0:e7:96:22:02:59:01:ef:bb:57:42:3a:98:b9:1d:6d:48:4c:
1f:97:f7:30:57:af:a7:23:0c:37:24:a5:6e:08:f9:f2:db:d9:
ee:e9:7b:6c
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYTh3OatYe+R5FeVxxcTh981MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNTc1NGU0ZDIwOGM2NDM1ZjFhYmVjOTM3Y2RlMjAwMDky
MDRkYzAwHhcNMjIxMjA1MTAzNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWQ2ZDc1ZjM2NDQ5MjRlOWY4NGEyM2Q1ZWEyYTkyN2Y0M2U2NjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVkcZmuXwTXDkOC5gHuuJyNQ2pXd
irU11jNZmw1cvoIpoSMdUzW7FY/wpcm54gtuqPQoFvGbUv6+6cnkc9y/R8g+I2/3
ZCMDus1TRkRBFYzePWhLmpjTUdaCfC/a1p0gkF7YbOijTrT9DGv2FEWxigT/xi5a
9kb0EbFVEbyr+5BgFNmEsqWVbwO6sY2uOayMwjM8RcikrW0Ztl+d1QUpaTu4xGlw
U1Gbt4gDsF+dhHqbdALh54dLUcP8VFzpD5rm5TqVXPmEot2sZLHbitErZsu2U+4i
W0OICR/L3pkZ/kwVsvYPwztgID3cfXyFBZpACnHTC6eTU33csPoKsUbDAwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEXW1182RJJOn4SiPV6iqSf0PmZFMB8GA1UdIwQY
MBaAFHtXVOTSCMZDXxq+yTfN4gAJIE3AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTFkVTVOSUl4a05mR3I3Sk44M2lBQWtnVGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS8xZGQxYWMtNGE4Ny00YmYxLThkNTIt
ZmQ0OTNjNmE1Yzc2LzEvUmRiWFh6WkVrazZmaEtJOVhxS3BKX1EtWmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS8xZGQxYWMtNGE4Ny00YmYxLThkNTItZmQ0OTNjNmE1Yzc2
LzEvZTFkVTVOSUl4a05mR3I3Sk44M2lBQWtnVGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDHy9AMAwD
BAK51pwDBAC51p4wDQQCAAIwBwMFAyoJLoAwDQYJKoZIhvcNAQELBQADggEBAEhE
TKbbvnmgGPDxAg+sj2KeGn94uzsfY/v2KYzaLZIsbDZvdpQH/p8sh8XuVzN6tcS0
nafjG96MclyqYSUQDWmj57vPvaPnOCnJpQ+UqFSaaXSiOFFCz4NAR94bFCw8xUAr
83bmJYcwTOoUCeo8Lqs1MSpt8AO6/jdQKwvtfg5+CVgBGFcO7N4mP7hE2zS091ch
1IWU2s/qQr+gc6h2h8BpCJr48W/Wi4np8mv9Ly9JeenttaLzES4ldxlA9Ovs8Dqx
lH1iBFNTS9a4ZVYekFLm4y7lKI80x+DnliICWQHvu1dCOpi5HW1ITB+X9zBXr6cj
DDckpW4I+fLb2e7pe2w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:47 2024 by rpki-client on console-fra.rpki-client.org