Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/0CliZXlGn_E5MLBH8niEgWYMyZE.roa
File: 0CliZXlGn_E5MLBH8niEgWYMyZE.roa (raw, json)
Hash identifier: Ird5ozvP7h1AocJVjHFcbT2dw1kCMYkQqDC3Snpj2/A=
Subject key identifier: D0:29:62:65:79:46:9F:F1:39:30:B0:47:F2:78:84:81:66:0C:C9:91
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 03977C6D
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/0CliZXlGn_E5MLBH8niEgWYMyZE.roa
Signing time: Sat 01 Jan 2022 00:51:11 +0000
ROA not before: Sat 01 Jan 2022 00:51:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34871
IP address blocks: 195.238.247.0/24 maxlen: 24
185.240.151.0/24 maxlen: 24
185.240.148.0/22 maxlen: 22
195.238.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 60259437 (0x3977c6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Jan 1 00:51:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d029626579469ff13930b047f2788481660cc991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:eb:7d:81:1a:87:a5:7a:6a:9e:7d:31:30:32:
19:b7:77:ba:46:48:eb:64:06:3f:e9:e8:53:bb:57:
47:1b:b7:4c:7e:60:b4:5f:ed:72:cf:7f:e2:19:fc:
e1:35:a4:2a:6e:75:9c:c0:d7:f6:2b:1f:4c:0a:f6:
b6:4f:c2:8c:c3:1a:0d:b3:14:c8:f1:47:4d:03:12:
17:c3:df:8e:16:36:e8:0b:a4:e3:9c:13:14:62:53:
ad:ba:6a:a4:04:6b:9a:b1:d7:ce:70:a0:84:b9:39:
77:b9:bc:22:97:09:37:5b:2b:6d:88:77:ab:47:5c:
7f:d6:34:12:26:1e:05:2f:6f:86:4e:7e:3e:c0:a3:
a9:11:c2:f8:f8:45:1c:98:21:3a:30:11:c5:5f:7f:
50:2b:4d:a5:5e:28:33:12:cf:0a:ab:75:e7:99:3f:
58:ff:72:58:a6:7f:b5:9d:c1:97:1b:db:a3:e0:b3:
9f:18:a6:78:d1:8e:7a:0b:e5:ab:82:b3:fa:35:2b:
e9:c9:ea:81:16:64:4b:55:08:12:2c:32:28:51:65:
93:b8:11:67:f4:72:cb:f2:f3:92:7d:06:91:67:29:
b8:26:32:f5:d5:28:30:39:90:ae:39:62:d6:6b:66:
00:f4:e9:73:4d:4d:64:d6:0b:15:3f:e3:35:71:50:
4c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:29:62:65:79:46:9F:F1:39:30:B0:47:F2:78:84:81:66:0C:C9:91
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/0CliZXlGn_E5MLBH8niEgWYMyZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.148.0/22
195.238.240.0/24
195.238.247.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:1f:15:30:dd:be:c5:61:12:ac:3f:75:8f:12:1e:60:72:b2:
e3:7f:44:0b:89:45:43:81:7f:53:62:de:b4:45:83:79:bf:53:
66:65:48:40:16:80:b3:79:e2:49:d6:39:c3:63:65:ba:e6:3b:
0b:ed:7e:53:ce:b4:a5:02:8e:95:f9:bc:66:e7:41:a5:7a:a7:
39:d9:ed:b3:81:b9:1e:00:e4:3d:b7:f6:96:2e:db:97:8e:17:
00:a2:68:f9:ec:9d:a0:04:a8:c7:5d:7f:a2:68:a8:08:8b:63:
20:b4:4f:39:bd:24:91:71:9a:04:c0:72:83:76:48:78:79:de:
f3:bf:71:dc:02:a7:21:fe:1c:3b:db:ca:25:88:e2:b9:df:b8:
b7:b2:aa:0e:bd:f6:40:74:ad:f2:16:00:e2:26:ae:4d:a6:f0:
95:05:f7:d3:c5:ad:e6:b8:79:d0:95:76:22:74:c3:3b:55:b0:
96:26:0a:a5:8b:12:12:7f:93:51:2c:0d:ff:9c:92:ec:6c:53:
06:53:1e:7a:0e:73:bc:e5:35:40:90:f9:58:ea:d1:62:1b:4d:
21:51:fe:1b:51:af:da:8b:ad:ce:f8:73:ef:98:b9:f9:12:9a:
27:7d:38:dc:dd:25:b7:7c:78:18:dd:61:36:48:eb:c4:e7:21:
2d:1a:e8:74
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEA5d8bTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjczNDEwODcwNWE5NTc5NmU4NTc3MTI1ZGQzMDBjNzUxZGZkOWE4MB4XDTIyMDEw
MTAwNTExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDAyOTYyNjU3OTQ2
OWZmMTM5MzBiMDQ3ZjI3ODg0ODE2NjBjYzk5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOHrfYEah6V6ap59MTAyGbd3ukZI62QGP+noU7tXRxu3TH5g
tF/tcs9/4hn84TWkKm51nMDX9isfTAr2tk/CjMMaDbMUyPFHTQMSF8PfjhY26Auk
45wTFGJTrbpqpARrmrHXznCghLk5d7m8IpcJN1srbYh3q0dcf9Y0EiYeBS9vhk5+
PsCjqRHC+PhFHJghOjARxV9/UCtNpV4oMxLPCqt155k/WP9yWKZ/tZ3Blxvbo+Cz
nximeNGOegvlq4Kz+jUr6cnqgRZkS1UIEiwyKFFlk7gRZ/Ryy/Lzkn0GkWcpuCYy
9dUoMDmQrjli1mtmAPTpc01NZNYLFT/jNXFQTBsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTQKWJleUaf8TkwsEfyeISBZgzJkTAfBgNVHSMEGDAWgBSvc0EIcFqVeW6F
dxJd0wDHUd/ZqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3IzTkJDSEJhbFhsdWhYY1NYZE1BeDFIZjJhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWUvYzkzYTY2LWM3YzctNGMzMy1hNzI1LTE4ZDFhNDA2YWFlZC8x
LzBDbGlaWGxHbl9FNU1MQkg4bmlFZ1dZTXlaRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWUv
YzkzYTY2LWM3YzctNGMzMy1hNzI1LTE4ZDFhNDA2YWFlZC8xL3IzTkJDSEJhbFhs
dWhYY1NYZE1BeDFIZjJhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArnwlAMEAMPu8AMEAMPu9zANBgkq
hkiG9w0BAQsFAAOCAQEAah8VMN2+xWESrD91jxIeYHKy439EC4lFQ4F/U2LetEWD
eb9TZmVIQBaAs3niSdY5w2NluuY7C+1+U860pQKOlfm8ZudBpXqnOdnts4G5HgDk
Pbf2li7bl44XAKJo+eydoASox11/omioCItjILRPOb0kkXGaBMByg3ZIeHne879x
3AKnIf4cO9vKJYjiud+4t7KqDr32QHSt8hYA4iauTabwlQX308Wt5rh50JV2InTD
O1WwliYKpYsSEn+TUSwN/5yS7GxTBlMeeg5zvOU1QJD5WOrRYhtNIVH+G1Gv2out
zvhz75i5+RKaJ3043N0lt3x4GN1hNkjrxOchLRrodA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:05 2024 by rpki-client on console-fra.rpki-client.org