Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/pu1YVnaK3jPoCZ7FI5MuNbfjEv4.roa
File: pu1YVnaK3jPoCZ7FI5MuNbfjEv4.roa (raw, json)
Hash identifier: rem/+/KRqNFjJ67Uej0QwYJ/GZGqVkak06Dv+XnIU14=
Subject key identifier: A6:ED:58:56:76:8A:DE:33:E8:09:9E:C5:23:93:2E:35:B7:E3:12:FE
Certificate issuer: /CN=8a552a86e31b69e5d5320ede81d34bb128a45cee
Certificate serial: 01834643BCDBBCB803193E1D331CA493967C
Authority key identifier: 8A:55:2A:86:E3:1B:69:E5:D5:32:0E:DE:81:D3:4B:B1:28:A4:5C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ilUqhuMbaeXVMg7egdNLsSikXO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/pu1YVnaK3jPoCZ7FI5MuNbfjEv4.roa
Signing time: Fri 16 Sep 2022 12:26:27 +0000
ROA not before: Fri 16 Sep 2022 12:26:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60950
IP address blocks: 185.100.130.0/24 maxlen: 24
185.100.129.0/24 maxlen: 24
185.100.131.0/24 maxlen: 24
185.100.128.0/24 maxlen: 24
185.23.24.0/24 maxlen: 24
185.23.26.0/24 maxlen: 24
185.23.25.0/24 maxlen: 24
185.23.27.0/24 maxlen: 24
2a00:6960::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:46:43:bc:db:bc:b8:03:19:3e:1d:33:1c:a4:93:96:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a552a86e31b69e5d5320ede81d34bb128a45cee
Validity
Not Before: Sep 16 12:26:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6ed5856768ade33e8099ec523932e35b7e312fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f3:a3:1a:3f:a0:6f:4b:2d:e6:95:3b:80:4a:
5b:3b:79:51:70:10:d9:ec:84:53:2a:1b:c1:d3:cb:
7a:a1:9f:bc:e1:37:06:b2:1a:20:09:8e:8c:e3:ea:
d6:77:27:d7:0d:e1:90:cc:9d:88:6d:cb:f6:c6:cf:
3a:38:99:b3:51:64:21:76:70:91:88:b1:d3:92:a4:
30:6d:97:8a:41:7a:b1:07:7f:32:93:0a:99:d5:f2:
ec:7d:f5:db:a6:00:39:a7:70:85:41:b8:52:72:bc:
db:7a:3d:b9:8b:77:c7:96:ce:a4:2c:ee:89:00:93:
87:2d:af:73:25:1a:eb:5f:44:44:a9:60:ef:42:bd:
71:c8:2d:2b:1b:09:57:88:84:99:23:f1:36:51:44:
51:43:df:9c:37:d2:85:fb:58:e5:a4:64:13:f7:8b:
7f:31:20:f1:5a:5d:e4:64:37:7d:c9:7f:d2:44:ca:
98:03:d4:82:0c:a7:c9:a3:69:f5:8a:e1:9c:b8:ec:
74:0a:2b:ff:e2:75:41:70:4a:7c:f6:51:fc:3d:56:
f5:95:82:75:85:72:af:a6:42:98:9d:a4:c0:9f:a6:
6b:51:06:8e:a4:88:87:3a:01:d8:d6:f6:cf:2c:b6:
9a:c2:e7:25:59:41:77:50:0f:af:31:89:ec:f2:54:
02:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:ED:58:56:76:8A:DE:33:E8:09:9E:C5:23:93:2E:35:B7:E3:12:FE
X509v3 Authority Key Identifier:
keyid:8A:55:2A:86:E3:1B:69:E5:D5:32:0E:DE:81:D3:4B:B1:28:A4:5C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ilUqhuMbaeXVMg7egdNLsSikXO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/pu1YVnaK3jPoCZ7FI5MuNbfjEv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/e954b9-8738-4496-89ad-78a126bf0adc/1/ilUqhuMbaeXVMg7egdNLsSikXO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.24.0/22
185.100.128.0/22
IPv6:
2a00:6960::/32
Signature Algorithm: sha256WithRSAEncryption
77:91:99:93:3a:48:b6:60:33:99:0a:17:2d:50:d6:85:01:a5:
3b:36:4b:7d:87:60:b5:94:c9:af:67:35:6a:a3:6e:ba:e8:b2:
a8:60:26:73:02:c2:3c:ce:4d:19:c5:1b:66:28:2a:12:29:fe:
79:1d:4e:14:9d:45:e1:21:48:16:8e:40:bd:e8:bf:71:73:54:
b8:31:a0:2f:1a:6b:60:8d:4a:3b:20:74:ca:f0:02:83:12:19:
9b:8e:c9:34:6e:2c:e4:59:85:9f:8f:a7:d4:79:54:b0:c9:10:
d7:0a:9a:e6:4f:e5:95:57:5e:58:62:2f:65:c2:36:69:0c:3d:
e4:ed:4a:69:ff:82:a6:83:ab:83:41:7b:08:23:bc:d6:73:c5:
bf:6a:b0:0b:77:8a:fc:50:2b:53:9d:1e:4c:82:e1:59:59:33:
e3:90:45:b1:0b:dd:3c:dc:a9:d9:16:48:9e:3e:d6:a5:63:02:
5f:2e:c4:47:4e:52:68:be:e8:a0:c4:ca:08:60:00:4b:18:76:
e2:9d:3f:3a:81:75:df:f2:e3:6b:63:5f:e8:69:e0:94:d3:07:
54:50:7d:a6:f6:83:89:00:5f:57:3b:e9:a1:bd:68:64:d1:0e:
bc:80:3b:fd:dd:3b:a2:0f:24:91:ce:77:53:70:24:76:af:4b:
33:a7:68:1d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYNGQ7zbvLgDGT4dMxykk5Z8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNTUyYTg2ZTMxYjY5ZTVkNTMyMGVkZTgxZDM0YmIxMjhh
NDVjZWUwHhcNMjIwOTE2MTIyNjI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmVkNTg1Njc2OGFkZTMzZTgwOTllYzUyMzkzMmUzNWI3ZTMxMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovOjGj+gb0st5pU7gEpbO3lRcBDZ
7IRTKhvB08t6oZ+84TcGshogCY6M4+rWdyfXDeGQzJ2Ibcv2xs86OJmzUWQhdnCR
iLHTkqQwbZeKQXqxB38ykwqZ1fLsffXbpgA5p3CFQbhScrzbej25i3fHls6kLO6J
AJOHLa9zJRrrX0REqWDvQr1xyC0rGwlXiISZI/E2UURRQ9+cN9KF+1jlpGQT94t/
MSDxWl3kZDd9yX/SRMqYA9SCDKfJo2n1iuGcuOx0Civ/4nVBcEp89lH8PVb1lYJ1
hXKvpkKYnaTAn6ZrUQaOpIiHOgHY1vbPLLaawuclWUF3UA+vMYns8lQCOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKbtWFZ2it4z6AmexSOTLjW34xL+MB8GA1UdIwQY
MBaAFIpVKobjG2nl1TIO3oHTS7EopFzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWxVcWh1TWJhZVhWTWc3ZWdkTkxzU2lrWE80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lOTU0YjktODczOC00NDk2LTg5YWQt
NzhhMTI2YmYwYWRjLzEvcHUxWVZuYUszalBvQ1o3Rkk1TXVOYmZqRXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lOTU0YjktODczOC00NDk2LTg5YWQtNzhhMTI2YmYwYWRj
LzEvaWxVcWh1TWJhZVhWTWc3ZWdkTkxzU2lrWE80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRcYAwQC
uWSAMA0EAgACMAcDBQAqAGlgMA0GCSqGSIb3DQEBCwUAA4IBAQB3kZmTOki2YDOZ
ChctUNaFAaU7Nkt9h2C1lMmvZzVqo2666LKoYCZzAsI8zk0ZxRtmKCoSKf55HU4U
nUXhIUgWjkC96L9xc1S4MaAvGmtgjUo7IHTK8AKDEhmbjsk0bizkWYWfj6fUeVSw
yRDXCprmT+WVV15YYi9lwjZpDD3k7Upp/4Kmg6uDQXsII7zWc8W/arALd4r8UCtT
nR5MguFZWTPjkEWxC9083KnZFkiePtalYwJfLsRHTlJovuigxMoIYABLGHbinT86
gXXf8uNrY1/oaeCU0wdUUH2m9oOJAF9XO+mhvWhk0Q68gDv93TuiDySRzndTcCR2
r0szp2gd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:42 2024 by rpki-client on console-ams.rpki-client.org