Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/_1bsNZJdXMsaCR1UdSCZWM2R-Ok.roa
File: _1bsNZJdXMsaCR1UdSCZWM2R-Ok.roa (raw, json)
Hash identifier: Pd31yQD7xAtYHfj7HygoodCc2wEi4jX+Mutw9iRbn6Q=
Subject key identifier: FF:56:EC:35:92:5D:5C:CB:1A:09:1D:54:75:20:99:58:CD:91:F8:E9
Certificate issuer: /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial: 1451C71B
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/_1bsNZJdXMsaCR1UdSCZWM2R-Ok.roa
Signing time: Wed 04 May 2022 10:36:44 +0000
ROA not before: Wed 04 May 2022 10:36:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56655
IP address blocks: 45.88.200.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.216.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
185.181.60.0/22 maxlen: 24
185.125.168.0/22 maxlen: 24
2a03:94e1::/32 maxlen: 32
2a0a:cd80::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 340903707 (0x1451c71b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
Validity
Not Before: May 4 10:36:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ff56ec35925d5ccb1a091d5475209958cd91f8e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:50:5a:36:cf:28:18:29:52:88:46:0e:0f:0a:
3a:2f:f5:98:e5:dc:6e:d8:2e:c6:46:f5:5b:51:51:
ef:ca:b2:0d:9d:a5:7b:a1:d5:69:44:b6:4e:04:51:
db:45:9d:e4:6d:2d:f5:02:c5:30:c3:24:ec:0a:e9:
84:a4:5f:40:e0:d0:13:88:ad:af:22:b7:30:8f:2d:
22:bc:8f:9b:09:26:64:4b:5c:c5:13:92:68:ef:4a:
e4:55:cb:52:dc:a3:38:cb:ea:f8:35:c7:38:5a:6c:
0d:5a:31:ec:df:c5:ef:bb:7e:50:2c:35:1f:66:3e:
78:f4:96:99:48:66:b4:25:4c:0a:a9:21:22:e0:8b:
3e:9b:cc:df:e9:c8:43:61:5b:9e:c2:57:62:de:88:
22:94:5c:ba:70:40:1a:da:dc:6c:ba:19:96:9b:e0:
af:61:f6:5e:64:74:42:d7:a9:c3:57:90:a5:2c:9c:
31:db:51:66:a9:91:3a:e6:15:b6:0d:09:6e:0b:76:
b9:65:66:9d:d1:28:74:b9:7d:7b:d7:3b:35:4f:51:
a6:c1:51:d7:da:7b:98:4a:a5:93:59:d2:ed:b9:60:
13:47:5c:c4:7a:64:4c:ee:00:b8:2e:55:52:11:8a:
96:9a:20:b0:86:15:68:dd:0c:62:54:9a:fa:75:21:
2e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:56:EC:35:92:5D:5C:CB:1A:09:1D:54:75:20:99:58:CD:91:F8:E9
X509v3 Authority Key Identifier:
keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/_1bsNZJdXMsaCR1UdSCZWM2R-Ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0/24
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
IPv6:
2a03:94e0::-2a03:94e2:ffff:ffff:ffff:ffff:ffff:ffff
2a0a:cd80::/32
Signature Algorithm: sha256WithRSAEncryption
26:80:69:b1:ea:4c:0c:90:b6:87:0a:b6:65:6f:fe:0c:3a:fb:
07:d1:d6:1d:08:ae:97:0e:08:99:90:56:55:23:17:45:48:95:
f6:36:31:74:95:77:9a:54:c8:53:67:2d:2a:b5:ff:77:83:cd:
06:4c:74:8d:48:e3:d9:34:a8:04:d6:03:f2:48:7c:e2:ce:9d:
d8:95:d4:95:ae:bd:24:4f:22:7f:ee:05:8b:01:7c:48:3b:63:
13:de:89:19:07:e1:5b:ba:30:e4:1f:e8:4a:04:0c:ad:b4:fb:
65:fb:6f:7f:38:c2:d9:78:8a:8d:be:a2:51:e7:f1:b6:26:20:
d0:1d:f5:82:e6:1b:bc:1d:6e:fa:9f:2f:3f:86:bb:79:8c:72:
35:1b:62:47:58:af:e6:da:cd:40:9e:44:ec:58:00:9d:d9:81:
58:0c:87:8a:32:49:02:77:dd:63:60:8d:11:0f:3e:6c:09:10:
a8:ed:58:78:69:64:95:70:fc:aa:93:20:31:b8:42:77:d4:2b:
85:e2:5e:77:70:13:bf:da:79:a7:d7:1f:56:2f:ca:a6:94:c4:
14:c1:00:02:16:fe:38:e8:03:2b:48:2c:77:fa:41:82:ac:09:
c7:ca:78:a4:93:8e:1f:36:b8:fc:bf:31:9e:f0:b5:0d:17:2f:
8f:76:04:a6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEFFHHGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
M2EyMjllMjY2YjI1NTg4OTlmMzU0N2VlNjNkODRlZDY1OTQ3NjhiMB4XDTIyMDUw
NDEwMzY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmY1NmVjMzU5MjVk
NWNjYjFhMDkxZDU0NzUyMDk5NThjZDkxZjhlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpQWjbPKBgpUohGDg8KOi/1mOXcbtguxkb1W1FR78qyDZ2l
e6HVaUS2TgRR20Wd5G0t9QLFMMMk7ArphKRfQODQE4itryK3MI8tIryPmwkmZEtc
xROSaO9K5FXLUtyjOMvq+DXHOFpsDVox7N/F77t+UCw1H2Y+ePSWmUhmtCVMCqkh
IuCLPpvM3+nIQ2FbnsJXYt6IIpRcunBAGtrcbLoZlpvgr2H2XmR0Qtepw1eQpSyc
MdtRZqmROuYVtg0Jbgt2uWVmndEodLl9e9c7NU9RpsFR19p7mEqlk1nS7blgE0dc
xHpkTO4AuC5VUhGKlpogsIYVaN0MYlSa+nUhLvMCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBT/Vuw1kl1cyxoJHVR1IJlYzZH46TAfBgNVHSMEGDAWgBSToiniZrJViJnz
VH7mPYTtZZR2izAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2s2SXA0bWF5VllpWjgxUi01ajJFN1dXVWRvcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvYzQwNzNhLTkyM2ItNGVjZi05NTY2LTRkNzc3Y2FjZDlhNC8x
L18xYnNOWkpkWE1zYUNSMVVkU0NaV00yUi1Pay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
YzQwNzNhLTkyM2ItNGVjZi05NTY2LTRkNzc3Y2FjZDlhNC8xL2s2SXA0bWF5Vllp
WjgxUi01ajJFN1dXVWRvcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwJgQCAAEwIAMEAC1YyAMEArl9qAMEArm1PDAMAwQD
ufPYAwQAufPaMB0EAgACMBcwDgMFBSoDlOADBQAqA5TiAwUAKgrNgDANBgkqhkiG
9w0BAQsFAAOCAQEAJoBpsepMDJC2hwq2ZW/+DDr7B9HWHQiulw4ImZBWVSMXRUiV
9jYxdJV3mlTIU2ctKrX/d4PNBkx0jUjj2TSoBNYD8kh84s6d2JXUla69JE8if+4F
iwF8SDtjE96JGQfhW7ow5B/oSgQMrbT7ZftvfzjC2XiKjb6iUefxtiYg0B31guYb
vB1u+p8vP4a7eYxyNRtiR1iv5trNQJ5E7FgAndmBWAyHijJJAnfdY2CNEQ8+bAkQ
qO1YeGlklXD8qpMgMbhCd9QrheJed3ATv9p5p9cfVi/KppTEFMEAAhb+OOgDK0gs
d/pBgqwJx8p4pJOOHza4/L8xnvC1DRcvj3YEpg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:30 2024 by rpki-client on console-ams.rpki-client.org