Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/D4_uJj9lHmd5rpJYkJzg-JXYovQ.roa
File: D4_uJj9lHmd5rpJYkJzg-JXYovQ.roa (raw, json)
Hash identifier: JpPYiuAHJTCTgo1OMARm6ig+bAmjhUc7JnkEoGxb968=
Subject key identifier: 0F:8F:EE:26:3F:65:1E:67:79:AE:92:58:90:9C:E0:F8:95:D8:A2:F4
Certificate issuer: /CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e
Certificate serial: 092148D4
Authority key identifier: B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/D4_uJj9lHmd5rpJYkJzg-JXYovQ.roa
Signing time: Sat 01 Jan 2022 06:05:18 +0000
ROA not before: Sat 01 Jan 2022 06:05:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31531
IP address blocks: 185.248.128.0/22 maxlen: 24
194.31.168.0/22 maxlen: 24
2a0d:e580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153176276 (0x92148d4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e
Validity
Not Before: Jan 1 06:05:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f8fee263f651e6779ae9258909ce0f895d8a2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:0d:dc:58:a8:82:70:19:84:96:75:44:7a:d0:
49:e3:a3:a8:00:98:1b:36:b0:18:0d:8b:81:95:15:
21:ab:ea:85:96:fe:47:dc:a8:c7:9d:ed:4f:ba:0b:
0c:e2:c6:c3:ed:21:f6:ad:54:84:ca:19:a4:61:dd:
b9:f1:d2:82:54:e3:7b:b8:b1:c7:bc:e8:ba:7e:6b:
a2:41:e4:93:91:fe:92:34:68:6a:00:3c:9e:19:f4:
7b:93:79:64:3c:0a:60:0f:37:bf:f6:b2:09:d8:c6:
45:f0:5c:9f:54:a0:45:7e:9a:63:fc:66:ae:cd:b9:
0d:96:c0:9a:64:c8:23:11:e5:e4:72:96:3e:4e:87:
23:9a:b3:eb:20:95:66:f4:b4:4a:35:93:46:60:a6:
55:6a:2d:16:29:aa:52:0f:f0:1f:c1:ff:8c:5b:c6:
3c:0e:49:28:d6:90:e1:12:6a:b1:89:17:a9:a8:01:
18:98:25:53:81:ea:52:96:d3:ee:d3:2a:f3:ae:25:
c0:3a:2f:26:bf:a4:80:95:58:d3:61:7e:df:87:8e:
62:8b:75:e5:0a:31:23:85:1c:83:01:70:d3:59:97:
48:f0:bb:88:1e:7c:28:c0:4b:19:6a:b5:5c:e4:03:
8e:60:ad:cd:a4:77:02:fa:75:14:f3:c8:42:90:21:
33:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8F:EE:26:3F:65:1E:67:79:AE:92:58:90:9C:E0:F8:95:D8:A2:F4
X509v3 Authority Key Identifier:
keyid:B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/D4_uJj9lHmd5rpJYkJzg-JXYovQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tg1sqV4ncPVTQNkJ7HyX7so_4g4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.128.0/22
194.31.168.0/22
IPv6:
2a0d:e580::/29
Signature Algorithm: sha256WithRSAEncryption
4c:0e:15:81:d7:00:69:72:fc:3d:b0:91:94:3c:8e:32:2d:14:
f4:27:f2:da:87:8f:77:73:b5:ce:d3:c5:5b:1b:fb:10:13:b5:
2f:90:45:a6:cc:17:da:47:eb:78:4e:f3:cd:3c:76:c5:58:42:
1b:54:cf:22:15:13:86:43:73:ad:6f:01:c8:bd:88:df:71:ac:
dc:b6:d1:b2:61:7f:fa:b4:5d:c9:44:5c:f7:65:8d:12:6e:20:
5c:c2:e9:39:44:f6:c0:c8:bf:85:28:4a:86:6a:28:52:c4:89:
c6:c7:07:25:5a:57:c0:90:77:f9:23:4f:e5:f1:1c:bd:8a:f3:
94:28:59:50:ff:44:90:db:28:0e:61:49:15:11:96:d1:75:d2:
a6:d1:fc:83:c9:27:64:e0:e0:a9:f2:7f:b7:d7:0f:2c:b0:7a:
ae:67:6f:c7:aa:ec:3f:f9:cd:b7:00:89:91:0b:10:dd:30:5d:
44:e2:d6:3a:03:87:ca:84:e6:50:f0:ca:ba:c0:90:7a:c3:92:
23:58:02:52:b5:8a:94:7f:0c:7e:ad:10:ff:01:bb:99:4c:ca:
b2:2f:28:e2:85:19:5c:e8:a1:2e:a9:b8:43:e9:87:22:21:f1:
b9:ab:58:dd:2a:5a:f2:b7:81:fe:f1:32:eb:b4:e6:92:dd:ff:
a1:ed:44:c6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECSFI1DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjBkNmNhOTVlMjc3MGY1NTM0MGQ5MDllYzdjOTdlZWNhM2ZlMjBlMB4XDTIyMDEw
MTA2MDUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY4ZmVlMjYzZjY1
MWU2Nzc5YWU5MjU4OTA5Y2UwZjg5NWQ4YTJmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK4N3FiognAZhJZ1RHrQSeOjqACYGzawGA2LgZUVIavqhZb+
R9yox53tT7oLDOLGw+0h9q1UhMoZpGHdufHSglTje7ixx7zoun5rokHkk5H+kjRo
agA8nhn0e5N5ZDwKYA83v/ayCdjGRfBcn1SgRX6aY/xmrs25DZbAmmTIIxHl5HKW
Pk6HI5qz6yCVZvS0SjWTRmCmVWotFimqUg/wH8H/jFvGPA5JKNaQ4RJqsYkXqagB
GJglU4HqUpbT7tMq864lwDovJr+kgJVY02F+34eOYot15QoxI4UcgwFw01mXSPC7
iB58KMBLGWq1XOQDjmCtzaR3Avp1FPPIQpAhMz0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQPj+4mP2UeZ3mukliQnOD4ldii9DAfBgNVHSMEGDAWgBS2DWypXidw9VNA
2QnsfJfuyj/iDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RnMXNxVjRuY1BWVFFOa0o3SHlYN3NvXzRnNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvMDMzZThiLWJkZTEtNGY5MC1iYWY1LTIzODQ3YTQwZDllNC8x
L0Q0X3VKajlsSG1kNXJwSllrSnpnLUpYWW92US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
MDMzZThiLWJkZTEtNGY5MC1iYWY1LTIzODQ3YTQwZDllNC8xL3RnMXNxVjRuY1BW
VFFOa0o3SHlYN3NvXzRnNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArn4gAMEAsIfqDANBAIAAjAHAwUD
Kg3lgDANBgkqhkiG9w0BAQsFAAOCAQEATA4VgdcAaXL8PbCRlDyOMi0U9Cfy2oeP
d3O1ztPFWxv7EBO1L5BFpswX2kfreE7zzTx2xVhCG1TPIhUThkNzrW8ByL2I33Gs
3LbRsmF/+rRdyURc92WNEm4gXMLpOUT2wMi/hShKhmooUsSJxscHJVpXwJB3+SNP
5fEcvYrzlChZUP9EkNsoDmFJFRGW0XXSptH8g8knZODgqfJ/t9cPLLB6rmdvx6rs
P/nNtwCJkQsQ3TBdROLWOgOHyoTmUPDKusCQesOSI1gCUrWKlH8Mfq0Q/wG7mUzK
si8o4oUZXOihLqm4Q+mHIiHxuatY3Spa8reB/vEy67Tmkt3/oe1Exg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:15 2024 by rpki-client on console-ams.rpki-client.org