Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/agXPIt1m8vD3ydJOxbx8OLWIfxk.roa
File: agXPIt1m8vD3ydJOxbx8OLWIfxk.roa (raw, json)
Hash identifier: uAAgrtVWGSbMDWLyAceWqxtvVef79vN34gn3lj8/jXY=
Subject key identifier: 6A:05:CF:22:DD:66:F2:F0:F7:C9:D2:4E:C5:BC:7C:38:B5:88:7F:19
Certificate issuer: /CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Certificate serial: 0A17F0E6
Authority key identifier: 60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/agXPIt1m8vD3ydJOxbx8OLWIfxk.roa
Signing time: Sat 01 Jan 2022 15:54:57 +0000
ROA not before: Sat 01 Jan 2022 15:54:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57354
IP address blocks: 91.231.219.0/24 maxlen: 24
91.231.218.0/24 maxlen: 24
91.231.218.0/23 maxlen: 23
185.228.132.0/24 maxlen: 24
185.228.132.0/22 maxlen: 22
185.228.135.0/24 maxlen: 24
185.228.133.0/24 maxlen: 24
185.228.134.0/24 maxlen: 24
2a0d:1600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169341158 (0xa17f0e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601dc00f9a481b415086b143a7dd4cda1ffb2470
Validity
Not Before: Jan 1 15:54:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a05cf22dd66f2f0f7c9d24ec5bc7c38b5887f19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:52:2b:79:9b:e6:99:5d:22:a3:36:bd:9e:e2:
8c:95:45:e6:95:2f:65:c2:c8:f9:1d:72:f7:49:74:
0b:3a:63:4d:a6:3c:82:6f:5f:5d:ec:8e:a6:7b:43:
64:d2:0f:f2:48:b7:a7:df:2b:c1:78:3d:5e:2e:a5:
53:8c:e2:ad:ca:15:b3:e4:6a:b0:8e:5f:b4:32:e9:
64:47:6a:9d:97:d1:1a:35:db:89:36:58:29:5e:fa:
7a:2c:36:e7:2f:28:c9:5b:55:9c:5d:cd:67:48:28:
d0:db:5f:81:77:cc:19:26:b6:c2:5a:ba:58:28:62:
20:95:e9:4b:b3:9b:5b:8e:a3:a1:5b:d7:37:f4:79:
a6:24:e0:47:22:e2:2f:fd:82:89:60:f8:d0:ad:20:
cc:e9:9e:74:fe:45:35:96:6c:a7:e5:03:17:ef:86:
4f:ef:3d:d1:64:2c:f4:f2:71:18:fb:b9:3e:71:3e:
13:f6:45:27:ee:dd:77:71:53:4c:47:86:73:6d:10:
ca:54:d2:e7:02:a5:31:5e:14:cd:87:ba:08:2b:46:
17:08:92:c6:73:1f:ed:e2:cd:26:4e:6f:c7:c6:f0:
67:e6:1c:89:e3:b1:c8:c2:c0:aa:db:7e:6f:17:4e:
81:6c:b6:10:06:93:a0:9b:58:18:13:d8:da:00:ea:
4c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:05:CF:22:DD:66:F2:F0:F7:C9:D2:4E:C5:BC:7C:38:B5:88:7F:19
X509v3 Authority Key Identifier:
keyid:60:1D:C0:0F:9A:48:1B:41:50:86:B1:43:A7:DD:4C:DA:1F:FB:24:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YB3AD5pIG0FQhrFDp91M2h_7JHA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/agXPIt1m8vD3ydJOxbx8OLWIfxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/ab2b25-2a13-41f0-b9c5-fba49b0cdded/1/YB3AD5pIG0FQhrFDp91M2h_7JHA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.218.0/23
185.228.132.0/22
IPv6:
2a0d:1600::/32
Signature Algorithm: sha256WithRSAEncryption
81:5f:15:27:ca:b9:cc:32:0f:98:00:43:11:97:6b:94:22:62:
5c:48:8d:07:d2:95:f9:cc:8f:80:18:15:71:c4:2b:94:fe:f4:
ef:da:e4:08:10:e8:da:72:80:25:45:a3:d6:58:33:8a:86:11:
de:4d:04:ec:dd:6d:38:0e:b8:cc:88:22:2d:2e:da:ea:f8:13:
4e:f3:55:92:2a:8b:bf:33:5b:7c:dd:ce:b3:de:94:f5:4b:43:
16:49:6d:2b:ab:4f:a3:2e:33:1c:2f:11:7e:5a:7b:55:1d:9b:
aa:a3:84:78:d7:99:ab:e3:df:b0:35:49:19:29:16:30:f4:03:
84:93:b4:fd:27:96:51:f1:ca:6b:9b:52:cc:70:07:f1:1a:e4:
a7:ff:28:d1:51:6d:75:ee:7d:cd:64:15:41:07:a6:7a:13:fa:
97:c7:e9:40:2e:27:32:60:0f:6a:ed:32:6e:ce:17:48:95:bf:
4f:02:11:c2:58:93:d4:93:b6:a2:3d:c1:6a:2e:08:55:55:2d:
23:79:29:b5:9b:c5:cd:fa:63:30:f4:e8:cb:33:35:03:bd:f6:
58:ad:3d:89:0d:03:f1:1e:66:57:ec:e4:b5:fe:6a:d7:7b:30:
a1:c6:56:2b:05:0d:14:3d:0a:aa:3b:7b:b4:cd:d8:fd:34:26:
68:24:39:90
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEChfw5jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDFkYzAwZjlhNDgxYjQxNTA4NmIxNDNhN2RkNGNkYTFmZmIyNDcwMB4XDTIyMDEw
MTE1NTQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmEwNWNmMjJkZDY2
ZjJmMGY3YzlkMjRlYzViYzdjMzhiNTg4N2YxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1SK3mb5pldIqM2vZ7ijJVF5pUvZcLI+R1y90l0CzpjTaY8
gm9fXeyOpntDZNIP8ki3p98rwXg9Xi6lU4zircoVs+RqsI5ftDLpZEdqnZfRGjXb
iTZYKV76eiw25y8oyVtVnF3NZ0go0NtfgXfMGSa2wlq6WChiIJXpS7ObW46joVvX
N/R5piTgRyLiL/2CiWD40K0gzOmedP5FNZZsp+UDF++GT+890WQs9PJxGPu5PnE+
E/ZFJ+7dd3FTTEeGc20QylTS5wKlMV4UzYe6CCtGFwiSxnMf7eLNJk5vx8bwZ+Yc
ieOxyMLAqtt+bxdOgWy2EAaToJtYGBPY2gDqTN0CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRqBc8i3Wby8PfJ0k7FvHw4tYh/GTAfBgNVHSMEGDAWgBRgHcAPmkgbQVCG
sUOn3UzaH/skcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lCM0FENXBJRzBGUWhyRkRwOTFNMmhfN0pIQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvYWIyYjI1LTJhMTMtNDFmMC1iOWM1LWZiYTQ5YjBjZGRlZC8x
L2FnWFBJdDFtOHZEM3lkSk94Yng4T0xXSWZ4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
YWIyYjI1LTJhMTMtNDFmMC1iOWM1LWZiYTQ5YjBjZGRlZC8xL1lCM0FENXBJRzBG
UWhyRkRwOTFNMmhfN0pIQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAVvn2gMEArnkhDANBAIAAjAHAwUA
Kg0WADANBgkqhkiG9w0BAQsFAAOCAQEAgV8VJ8q5zDIPmABDEZdrlCJiXEiNB9KV
+cyPgBgVccQrlP7079rkCBDo2nKAJUWj1lgzioYR3k0E7N1tOA64zIgiLS7a6vgT
TvNVkiqLvzNbfN3Os96U9UtDFkltK6tPoy4zHC8Rflp7VR2bqqOEeNeZq+PfsDVJ
GSkWMPQDhJO0/SeWUfHKa5tSzHAH8Rrkp/8o0VFtde59zWQVQQemehP6l8fpQC4n
MmAPau0ybs4XSJW/TwIRwliT1JO2oj3Bai4IVVUtI3kptZvFzfpjMPToyzM1A732
WK09iQ0D8R5mV+zktf5q13swocZWKwUNFD0Kqjt7tM3Y/TQmaCQ5kA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:30 2024 by rpki-client on console-ams.rpki-client.org