Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/u07fc74Jh0mCo-GZMCVLU-_mSx0.roa
File: u07fc74Jh0mCo-GZMCVLU-_mSx0.roa (raw, json)
Hash identifier: c0Ro5759KDANW/05AE5zOwR54/+GYNkOHzIuQRffox0=
Subject key identifier: BB:4E:DF:73:BE:09:87:49:82:A3:E1:99:30:25:4B:53:EF:E6:4B:1D
Certificate issuer: /CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Certificate serial: 08531744
Authority key identifier: A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/u07fc74Jh0mCo-GZMCVLU-_mSx0.roa
Signing time: Sat 01 Jan 2022 07:03:02 +0000
ROA not before: Sat 01 Jan 2022 07:03:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57814
IP address blocks: 185.229.108.0/22 maxlen: 32
185.229.108.0/24 maxlen: 32
185.229.111.0/24 maxlen: 32
185.229.110.0/24 maxlen: 32
185.229.109.0/24 maxlen: 32
188.93.90.0/24 maxlen: 32
188.93.89.0/24 maxlen: 32
188.93.88.0/24 maxlen: 32
188.93.91.0/24 maxlen: 32
188.93.95.0/24 maxlen: 32
188.93.94.0/24 maxlen: 32
188.93.92.0/24 maxlen: 32
2a0a:5000::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139663172 (0x8531744)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9ec57bc8464fec2e9a1b098ffce34c21aaf9ca6
Validity
Not Before: Jan 1 07:03:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb4edf73be09874982a3e19930254b53efe64b1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:8c:6c:5c:0a:1e:a0:00:8f:a5:1b:a9:17:29:
06:2d:93:69:30:48:0b:0c:6d:04:45:83:9a:48:8a:
4c:c4:7b:02:35:30:f7:8f:c2:bd:cf:6c:7f:64:ab:
0c:29:a9:f2:c4:0d:35:49:e3:8d:54:1e:e4:97:36:
df:0a:2a:de:ad:e7:29:2b:b5:20:e9:a4:80:8a:1c:
89:0b:c7:39:c6:e4:6a:9c:02:dd:ed:69:5e:2b:a7:
3d:14:49:11:57:8d:7a:3a:71:4e:03:d6:c4:3a:c7:
c2:fa:58:6f:3f:9b:ac:d7:11:47:7f:5f:be:eb:06:
e6:66:a0:25:46:d6:e9:37:41:ae:72:15:08:a7:f9:
8b:ae:99:ce:3e:76:ed:99:c3:bf:e7:a2:ff:93:03:
d5:02:82:e3:8d:05:d8:31:e1:59:95:f9:08:17:94:
32:33:b7:15:ac:e1:d2:9d:ac:b6:86:5b:79:da:67:
73:9d:13:e4:5e:7c:98:23:01:c0:12:d5:84:fc:a5:
29:ed:ea:f6:bc:d2:c1:31:7a:a6:bd:82:66:2d:d1:
b9:11:cd:1b:49:c3:79:ac:fc:7c:6a:c3:17:6a:e0:
ed:07:e6:aa:39:b0:f3:7e:e0:82:de:48:85:38:1e:
12:ea:d6:82:5b:89:0f:d7:4f:3c:ba:1a:ef:c1:d7:
47:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4E:DF:73:BE:09:87:49:82:A3:E1:99:30:25:4B:53:EF:E6:4B:1D
X509v3 Authority Key Identifier:
keyid:A9:EC:57:BC:84:64:FE:C2:E9:A1:B0:98:FF:CE:34:C2:1A:AF:9C:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qexXvIRk_sLpobCY_840whqvnKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/u07fc74Jh0mCo-GZMCVLU-_mSx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/41b40c-f3b6-40b8-840c-19a3c5649b57/1/qexXvIRk_sLpobCY_840whqvnKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.108.0/22
188.93.88.0-188.93.92.255
188.93.94.0/23
IPv6:
2a0a:5000::/29
Signature Algorithm: sha256WithRSAEncryption
6b:54:4f:e0:e9:08:f5:13:e3:4e:be:62:ed:b9:ed:90:97:32:
e0:be:82:72:81:4c:96:b0:f3:b9:d8:c2:85:cd:e2:d5:03:79:
5e:67:6a:00:91:cc:db:e0:d0:67:c0:d8:30:ff:36:6b:ef:e9:
6b:75:ab:61:c2:a3:9d:89:85:49:42:01:c1:b1:51:ac:95:95:
72:30:3f:f3:28:95:1b:d4:10:be:27:16:5c:8f:2f:51:42:50:
67:45:b5:20:0a:b1:57:09:d5:7e:6c:b5:2f:99:16:90:8b:5a:
ac:59:06:47:14:cb:e6:a9:54:33:21:35:b5:34:22:bf:be:b6:
3c:e6:dd:37:5f:75:be:22:01:85:39:67:76:32:46:07:7a:34:
9f:16:a5:90:e3:73:15:32:af:5a:c0:03:5d:fc:f4:87:19:30:
12:8f:0a:20:66:11:0c:b5:4a:0e:e1:1e:29:01:ce:09:a0:d0:
41:5d:2d:47:f9:45:19:a5:b0:fb:0e:68:81:2f:78:06:40:4a:
84:2d:ec:76:1b:89:af:ce:02:2a:5e:da:78:7e:27:ae:19:72:
fc:dc:98:49:a6:24:7b:8d:17:bd:ab:7e:c2:4d:69:53:79:e4:
5a:ae:d9:50:e9:82:e5:88:ad:dd:79:da:7d:1a:cc:3c:ab:fc:
4d:8e:a1:c9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIECFMXRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OWVjNTdiYzg0NjRmZWMyZTlhMWIwOThmZmNlMzRjMjFhYWY5Y2E2MB4XDTIyMDEw
MTA3MDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI0ZWRmNzNiZTA5
ODc0OTgyYTNlMTk5MzAyNTRiNTNlZmU2NGIxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANWMbFwKHqAAj6UbqRcpBi2TaTBICwxtBEWDmkiKTMR7AjUw
94/Cvc9sf2SrDCmp8sQNNUnjjVQe5Jc23woq3q3nKSu1IOmkgIociQvHOcbkapwC
3e1pXiunPRRJEVeNejpxTgPWxDrHwvpYbz+brNcRR39fvusG5magJUbW6TdBrnIV
CKf5i66Zzj527ZnDv+ei/5MD1QKC440F2DHhWZX5CBeUMjO3Fazh0p2stoZbedpn
c50T5F58mCMBwBLVhPylKe3q9rzSwTF6pr2CZi3RuRHNG0nDeaz8fGrDF2rg7Qfm
qjmw837ggt5IhTgeEurWgluJD9dPPLoa78HXR5ECAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBS7Tt9zvgmHSYKj4ZkwJUtT7+ZLHTAfBgNVHSMEGDAWgBSp7Fe8hGT+wumh
sJj/zjTCGq+cpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FleFh2SVJrX3NMcG9iQ1lfODQwd2hxdm5LWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvNDFiNDBjLWYzYjYtNDBiOC04NDBjLTE5YTNjNTY0OWI1Ny8x
L3UwN2ZjNzRKaDBtQ28tR1pNQ1ZMVS1fbVN4MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
NDFiNDBjLWYzYjYtNDBiOC04NDBjLTE5YTNjNTY0OWI1Ny8xL3FleFh2SVJrX3NM
cG9iQ1lfODQwd2hxdm5LWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEArnlbDAMAwQDvF1YAwQAvF1cAwQB
vF1eMA0EAgACMAcDBQMqClAAMA0GCSqGSIb3DQEBCwUAA4IBAQBrVE/g6Qj1E+NO
vmLtue2QlzLgvoJygUyWsPO52MKFzeLVA3leZ2oAkczb4NBnwNgw/zZr7+lrdath
wqOdiYVJQgHBsVGslZVyMD/zKJUb1BC+JxZcjy9RQlBnRbUgCrFXCdV+bLUvmRaQ
i1qsWQZHFMvmqVQzITW1NCK/vrY85t03X3W+IgGFOWd2MkYHejSfFqWQ43MVMq9a
wANd/PSHGTASjwogZhEMtUoO4R4pAc4JoNBBXS1H+UUZpbD7DmiBL3gGQEqELex2
G4mvzgIqXtp4fieuGXL83JhJpiR7jRe9q37CTWlTeeRartlQ6YLliK3dedp9Gsw8
q/xNjqHJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:48 2024 by rpki-client on console-fra.rpki-client.org