Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/T0ln5cBbjLQwfxJJL1JDkVNIN60.roa
File: T0ln5cBbjLQwfxJJL1JDkVNIN60.roa (raw, json)
Hash identifier: FYmnZ8Xwp9fiLyAkJJAxtOuP+kAw2m4gJdcHGR68PfE=
Subject key identifier: 4F:49:67:E5:C0:5B:8C:B4:30:7F:12:49:2F:52:43:91:53:48:37:AD
Certificate issuer: /CN=674a61a8a9c97c03cdebe05f82558e51dbf90821
Certificate serial: 0A5AFEB7
Authority key identifier: 67:4A:61:A8:A9:C9:7C:03:CD:EB:E0:5F:82:55:8E:51:DB:F9:08:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z0phqKnJfAPN6-BfglWOUdv5CCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/T0ln5cBbjLQwfxJJL1JDkVNIN60.roa
Signing time: Sat 01 Jan 2022 06:58:03 +0000
ROA not before: Sat 01 Jan 2022 06:58:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208035
IP address blocks: 85.202.196.0/24 maxlen: 24
85.202.196.0/22 maxlen: 24
85.202.197.0/24 maxlen: 24
85.202.198.0/24 maxlen: 24
85.202.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 173735607 (0xa5afeb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=674a61a8a9c97c03cdebe05f82558e51dbf90821
Validity
Not Before: Jan 1 06:58:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f4967e5c05b8cb4307f12492f524391534837ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:41:3e:1d:a5:e9:3b:65:e9:39:c3:6a:0c:a4:
ad:ef:e7:46:f5:1c:b1:d2:95:ec:e8:dd:d0:5b:23:
ca:39:15:bb:d2:30:8c:82:a9:96:7b:ec:68:80:61:
27:de:93:4d:4c:5b:95:cf:8a:f4:91:33:ce:58:db:
39:8e:da:e0:ab:a4:81:ff:31:7a:cc:df:85:84:bb:
57:d5:c8:b5:f9:fc:a8:f6:a9:b5:eb:e9:8f:9b:3a:
fc:45:7f:78:1d:86:e7:0b:8e:44:69:c3:d2:d6:74:
84:8f:bd:3d:90:fa:84:ba:14:90:56:fa:59:cd:4b:
56:f6:de:5a:84:99:75:50:66:12:9a:17:46:6f:03:
4f:0b:a8:54:6b:f3:48:43:a2:55:b0:76:ee:95:6b:
8d:24:54:ff:fa:b1:49:da:5a:47:15:ee:7b:ac:26:
f0:d8:20:f9:9e:49:dd:29:e0:36:01:cc:a9:04:b8:
9b:e4:20:6b:3e:92:c0:ef:ed:80:7f:4a:6d:49:dd:
84:15:f5:2e:f0:4a:15:c2:fa:95:b5:1e:03:58:87:
63:0e:d0:f0:ae:4d:b0:0b:2b:7c:cb:4e:60:a5:e3:
a6:d7:64:d8:95:50:74:cf:c5:db:49:91:d5:b0:4b:
0f:96:17:a0:54:cd:09:12:8c:fd:b5:0e:50:b2:21:
0f:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:49:67:E5:C0:5B:8C:B4:30:7F:12:49:2F:52:43:91:53:48:37:AD
X509v3 Authority Key Identifier:
keyid:67:4A:61:A8:A9:C9:7C:03:CD:EB:E0:5F:82:55:8E:51:DB:F9:08:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z0phqKnJfAPN6-BfglWOUdv5CCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/T0ln5cBbjLQwfxJJL1JDkVNIN60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/72488a-035d-4931-8dfb-4c86cbe03610/1/Z0phqKnJfAPN6-BfglWOUdv5CCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.196.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:5f:bb:4a:63:72:04:59:94:30:b6:ce:60:f8:1c:59:56:5f:
67:9c:b6:fc:b9:d1:b5:a9:99:02:6b:c1:f2:71:d2:f4:50:25:
5d:cc:2a:7d:a6:c2:36:08:e8:70:74:16:2d:7e:66:1c:4e:3a:
6e:21:51:0f:53:0d:6e:d3:9e:34:bb:6a:1e:b2:18:28:22:e6:
fb:71:d6:89:a9:01:55:7b:74:96:86:98:f0:72:8c:9c:b1:7e:
7a:ad:9d:b9:a4:ba:cb:73:0c:64:7b:1b:71:83:2e:79:9d:b1:
df:c4:2f:74:d5:ce:c3:97:fb:cc:38:9f:01:35:86:41:92:9d:
dd:64:d8:96:89:c9:a8:2b:42:11:07:6d:5f:14:f6:95:de:f2:
13:88:db:ef:aa:30:5d:36:5d:c4:4b:c9:c0:90:d2:b5:9e:2c:
52:d9:86:01:80:f3:a9:6c:0f:2d:24:f6:ca:61:53:0d:89:aa:
bb:6a:7c:15:0b:9e:76:75:ef:8e:54:fc:6b:e3:33:40:86:b3:
51:da:23:cb:ec:d2:e5:7d:4a:4a:42:1c:3f:a8:82:f5:0f:b0:
ab:4f:9e:3c:9b:c2:88:e8:b0:cc:d1:fc:40:11:81:1f:06:3c:
2e:24:00:a7:d4:87:f5:6d:8e:74:6b:72:70:0e:1b:19:66:d3:
0e:c2:05:53
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEClr+tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzRhNjFhOGE5Yzk3YzAzY2RlYmUwNWY4MjU1OGU1MWRiZjkwODIxMB4XDTIyMDEw
MTA2NTgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGY0OTY3ZTVjMDVi
OGNiNDMwN2YxMjQ5MmY1MjQzOTE1MzQ4MzdhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNBPh2l6Ttl6TnDagykre/nRvUcsdKV7Ojd0FsjyjkVu9Iw
jIKplnvsaIBhJ96TTUxblc+K9JEzzljbOY7a4Kukgf8xeszfhYS7V9XItfn8qPap
tevpj5s6/EV/eB2G5wuORGnD0tZ0hI+9PZD6hLoUkFb6Wc1LVvbeWoSZdVBmEpoX
Rm8DTwuoVGvzSEOiVbB27pVrjSRU//qxSdpaRxXue6wm8Ngg+Z5J3SngNgHMqQS4
m+Qgaz6SwO/tgH9KbUndhBX1LvBKFcL6lbUeA1iHYw7Q8K5NsAsrfMtOYKXjptdk
2JVQdM/F20mR1bBLD5YXoFTNCRKM/bUOULIhDwMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRPSWflwFuMtDB/EkkvUkORU0g3rTAfBgNVHSMEGDAWgBRnSmGoqcl8A83r
4F+CVY5R2/kIITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1owcGhxS25KZkFQTjYtQmZnbFdPVWR2NUNDRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvNzI0ODhhLTAzNWQtNDkzMS04ZGZiLTRjODZjYmUwMzYxMC8x
L1QwbG41Y0JiakxRd2Z4SkpMMUpEa1ZOSU42MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
NzI0ODhhLTAzNWQtNDkzMS04ZGZiLTRjODZjYmUwMzYxMC8xL1owcGhxS25KZkFQ
TjYtQmZnbFdPVWR2NUNDRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXKxDANBgkqhkiG9w0BAQsFAAOC
AQEAG1+7SmNyBFmUMLbOYPgcWVZfZ5y2/LnRtamZAmvB8nHS9FAlXcwqfabCNgjo
cHQWLX5mHE46biFRD1MNbtOeNLtqHrIYKCLm+3HWiakBVXt0loaY8HKMnLF+eq2d
uaS6y3MMZHsbcYMueZ2x38QvdNXOw5f7zDifATWGQZKd3WTYlonJqCtCEQdtXxT2
ld7yE4jb76owXTZdxEvJwJDStZ4sUtmGAYDzqWwPLST2ymFTDYmqu2p8FQuednXv
jlT8a+MzQIazUdojy+zS5X1KSkIcP6iC9Q+wq0+ePJvCiOiwzNH8QBGBHwY8LiQA
p9SH9W2OdGtycA4bGWbTDsIFUw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:04 2024 by rpki-client on console-fra.rpki-client.org