Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/5eecf3-637f-450c-8489-34ba0738a341/1/829qpxVNdrVfiRCtpuBH8mXkVTE.roa
File: 829qpxVNdrVfiRCtpuBH8mXkVTE.roa (raw, json)
Hash identifier: 9yCjMEv6Yz0EpfwVljM57M/kj4jtPv06AhPWVt0YG48=
Subject key identifier: F3:6F:6A:A7:15:4D:76:B5:5F:89:10:AD:A6:E0:47:F2:65:E4:55:31
Certificate issuer: /CN=932e8078ea420afc1a78bf922a9a2f274679c8a8
Certificate serial: 0916D068
Authority key identifier: 93:2E:80:78:EA:42:0A:FC:1A:78:BF:92:2A:9A:2F:27:46:79:C8:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ky6AeOpCCvwaeL-SKpovJ0Z5yKg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/5eecf3-637f-450c-8489-34ba0738a341/1/829qpxVNdrVfiRCtpuBH8mXkVTE.roa
Signing time: Sat 01 Jan 2022 06:58:09 +0000
ROA not before: Sat 01 Jan 2022 06:58:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42989
IP address blocks: 185.231.4.0/24 maxlen: 24
185.231.7.0/24 maxlen: 24
2a0c:3500:2::/48 maxlen: 48
2a0c:3500::/48 maxlen: 48
2a0c:3500:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152490088 (0x916d068)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=932e8078ea420afc1a78bf922a9a2f274679c8a8
Validity
Not Before: Jan 1 06:58:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f36f6aa7154d76b55f8910ada6e047f265e45531
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ec:a5:49:3b:83:da:5e:a2:16:97:ef:37:91:
5f:61:12:7b:01:6d:76:ac:b7:b4:ea:5c:8f:4e:d1:
e8:25:b4:d9:c5:f0:1f:7d:7a:16:ea:a4:0c:03:8f:
13:9d:59:0a:af:f7:1d:1e:a9:8b:f3:b5:c8:0f:13:
66:ed:fa:12:a0:43:ca:d8:3b:8a:42:16:ee:bc:65:
7a:7f:ae:f8:ad:23:7b:30:0c:24:66:83:84:7c:0f:
b2:ae:a8:19:56:b2:b9:af:20:20:1b:93:10:eb:ae:
d8:1e:b5:70:0d:60:4a:4d:73:52:89:91:6e:e2:36:
48:c5:21:9c:bb:10:c5:db:cb:43:fd:8d:ff:01:e6:
85:e0:ae:5d:7b:92:8f:a0:1e:28:c9:bf:27:a1:b3:
46:3c:7d:c9:4b:69:0c:61:d6:62:9b:5c:19:3c:b5:
59:cd:6d:5a:07:84:82:12:16:56:91:00:1d:68:6a:
98:78:d4:90:59:0a:37:78:3e:1f:f1:46:00:95:67:
37:93:45:7f:d8:21:7d:e5:de:5c:ab:1c:bf:b8:b9:
82:6c:45:c9:da:be:79:c6:49:94:04:75:90:03:71:
bf:4a:ea:4c:1c:ea:0f:54:fb:69:15:5c:26:ca:c2:
48:b1:ed:80:ce:dc:2a:4d:fd:8e:10:85:f0:e1:22:
51:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:6F:6A:A7:15:4D:76:B5:5F:89:10:AD:A6:E0:47:F2:65:E4:55:31
X509v3 Authority Key Identifier:
keyid:93:2E:80:78:EA:42:0A:FC:1A:78:BF:92:2A:9A:2F:27:46:79:C8:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky6AeOpCCvwaeL-SKpovJ0Z5yKg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/5eecf3-637f-450c-8489-34ba0738a341/1/829qpxVNdrVfiRCtpuBH8mXkVTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/5eecf3-637f-450c-8489-34ba0738a341/1/ky6AeOpCCvwaeL-SKpovJ0Z5yKg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.4.0/24
185.231.7.0/24
IPv6:
2a0c:3500::/48
2a0c:3500:2::/47
Signature Algorithm: sha256WithRSAEncryption
ba:c3:13:60:d7:7e:80:54:21:dc:1a:d2:fa:6b:c7:b8:21:de:
d6:c6:00:7f:73:54:2a:12:30:85:64:85:64:ce:71:f0:da:b1:
1a:9d:77:0b:86:db:64:a3:41:46:b0:41:9e:3d:42:6e:18:7e:
22:1b:1a:ff:9e:c8:cf:c3:e6:f3:75:a4:e3:69:4d:15:ea:44:
42:71:2e:91:e4:a4:77:b4:c0:65:bc:21:8b:b1:67:e4:5a:a2:
61:0d:eb:d3:09:be:7c:97:59:90:fe:7d:9e:ea:76:ca:06:0c:
54:07:71:78:00:31:bc:bf:ec:9e:3d:0e:99:24:a0:4c:38:6f:
c3:0d:25:64:fb:5c:ec:22:50:7d:1f:61:d3:f1:c0:9f:4f:6d:
cd:ed:76:f3:79:5f:6a:9b:97:0f:1d:2f:b2:44:a5:f6:ad:58:
ca:03:7b:c0:e0:5e:26:2a:6b:d9:e2:ed:c3:29:3f:7b:03:a3:
e4:10:d1:6d:ed:bb:84:84:57:d4:b5:7f:09:da:36:41:3f:8c:
69:46:59:d0:0f:df:64:bd:f3:7f:0f:45:46:ae:cd:69:e1:35:
8c:23:e1:1e:aa:49:f4:c4:5c:89:13:32:63:a6:39:32:e6:93:
2d:25:73:3e:8c:3b:17:9c:5c:65:dd:d8:33:94:3c:34:38:d9:
c6:e5:7c:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIECRbQaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzJlODA3OGVhNDIwYWZjMWE3OGJmOTIyYTlhMmYyNzQ2NzljOGE4MB4XDTIyMDEw
MTA2NTgwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjM2ZjZhYTcxNTRk
NzZiNTVmODkxMGFkYTZlMDQ3ZjI2NWU0NTUzMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOTspUk7g9peohaX7zeRX2ESewFtdqy3tOpcj07R6CW02cXw
H316FuqkDAOPE51ZCq/3HR6pi/O1yA8TZu36EqBDytg7ikIW7rxlen+u+K0jezAM
JGaDhHwPsq6oGVayua8gIBuTEOuu2B61cA1gSk1zUomRbuI2SMUhnLsQxdvLQ/2N
/wHmheCuXXuSj6AeKMm/J6GzRjx9yUtpDGHWYptcGTy1Wc1tWgeEghIWVpEAHWhq
mHjUkFkKN3g+H/FGAJVnN5NFf9ghfeXeXKscv7i5gmxFydq+ecZJlAR1kANxv0rq
TBzqD1T7aRVcJsrCSLHtgM7cKk39jhCF8OEiUYsCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBTzb2qnFU12tV+JEK2m4EfyZeRVMTAfBgNVHSMEGDAWgBSTLoB46kIK/Bp4
v5Iqmi8nRnnIqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t5NkFlT3BDQ3Z3YWVMLVNLcG92SjBaNXlLZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvNWVlY2YzLTYzN2YtNDUwYy04NDg5LTM0YmEwNzM4YTM0MS8x
LzgyOXFweFZOZHJWZmlSQ3RwdUJIOG1Ya1ZURS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
NWVlY2YzLTYzN2YtNDUwYy04NDg5LTM0YmEwNzM4YTM0MS8xL2t5NkFlT3BDQ3Z3
YWVMLVNLcG92SjBaNXlLZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEALnnBAMEALnnBzAYBAIAAjASAwcA
Kgw1AAAAAwcBKgw1AAACMA0GCSqGSIb3DQEBCwUAA4IBAQC6wxNg136AVCHcGtL6
a8e4Id7WxgB/c1QqEjCFZIVkznHw2rEanXcLhttko0FGsEGePUJuGH4iGxr/nsjP
w+bzdaTjaU0V6kRCcS6R5KR3tMBlvCGLsWfkWqJhDevTCb58l1mQ/n2e6nbKBgxU
B3F4ADG8v+yePQ6ZJKBMOG/DDSVk+1zsIlB9H2HT8cCfT23N7XbzeV9qm5cPHS+y
RKX2rVjKA3vA4F4mKmvZ4u3DKT97A6PkENFt7buEhFfUtX8J2jZBP4xpRlnQD99k
vfN/D0VGrs1p4TWMI+Eeqkn0xFyJEzJjpjky5pMtJXM+jDsXnFxl3dgzlDw0ONnG
5Xwi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:48 2024 by rpki-client on console-ams.rpki-client.org