Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/jD2WrmeQKwHvU9auc_ocJAAZF6E.roa
File: jD2WrmeQKwHvU9auc_ocJAAZF6E.roa (raw, json)
Hash identifier: 4G6m/oo/gCZvmPibnDyRY8ApwnNhVZufC+SI7AeEAUA=
Subject key identifier: 8C:3D:96:AE:67:90:2B:01:EF:53:D6:AE:73:FA:1C:24:00:19:17:A1
Certificate issuer: /CN=7a0cfd5a51013e5fd6caf809878047a605ee9d6d
Certificate serial: 0C909B79
Authority key identifier: 7A:0C:FD:5A:51:01:3E:5F:D6:CA:F8:09:87:80:47:A6:05:EE:9D:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/jD2WrmeQKwHvU9auc_ocJAAZF6E.roa
Signing time: Sat 01 Jan 2022 15:56:14 +0000
ROA not before: Sat 01 Jan 2022 15:56:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198551
IP address blocks: 185.76.0.0/22 maxlen: 24
185.208.60.0/22 maxlen: 24
185.226.16.0/22 maxlen: 24
212.84.56.0/21 maxlen: 24
185.218.32.0/22 maxlen: 24
185.206.116.0/22 maxlen: 24
185.204.204.0/22 maxlen: 24
185.204.208.0/22 maxlen: 24
185.234.140.0/22 maxlen: 24
185.171.112.0/22 maxlen: 24
2a0a:d100::/29 maxlen: 32
2a00:dfc0::/29 maxlen: 29
2a00:dfc2::/32 maxlen: 32
2a00:dfc1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 210803577 (0xc909b79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0cfd5a51013e5fd6caf809878047a605ee9d6d
Validity
Not Before: Jan 1 15:56:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c3d96ae67902b01ef53d6ae73fa1c24001917a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:25:f1:54:a3:d8:6c:9a:75:e8:9a:8f:b9:90:
6b:a6:af:db:17:5d:8c:72:be:e0:b0:4d:38:3e:94:
e9:10:81:0d:22:38:e8:ed:b6:e4:cc:4e:57:79:e1:
3e:41:92:19:ba:88:a7:8b:bd:1e:7d:36:9c:2d:16:
33:05:80:7c:b4:98:15:f9:77:5e:23:39:c2:ee:72:
1b:24:50:52:eb:6a:02:92:a1:83:16:40:58:a2:df:
2b:67:ea:cc:a9:06:e9:3f:d6:70:8b:92:c6:03:16:
07:95:8e:db:12:c0:5b:4f:36:f3:98:69:c1:3c:eb:
75:4a:62:29:d8:b1:bd:7f:30:57:7b:a3:0e:ae:a8:
68:2c:6b:c7:6e:f5:a1:11:34:b5:8f:56:e4:22:ee:
0d:a7:6e:37:ce:5d:39:0e:89:28:20:59:fa:d0:54:
bd:47:2f:da:b1:ed:fc:ec:c6:5b:86:44:3d:82:c7:
d6:e4:48:2b:fc:93:b4:0e:58:c5:4b:1d:9e:70:03:
5a:f8:27:42:d9:3e:29:dc:e2:a5:69:cc:40:94:9e:
cd:50:01:91:78:e1:1b:ef:d0:7a:53:9e:4a:2c:5a:
be:0f:62:e3:91:f5:82:06:40:67:8c:17:e3:7c:12:
06:ab:92:ae:b0:56:72:34:25:2f:8d:1f:b1:20:0e:
a0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:3D:96:AE:67:90:2B:01:EF:53:D6:AE:73:FA:1C:24:00:19:17:A1
X509v3 Authority Key Identifier:
keyid:7A:0C:FD:5A:51:01:3E:5F:D6:CA:F8:09:87:80:47:A6:05:EE:9D:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egz9WlEBPl_WyvgJh4BHpgXunW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/jD2WrmeQKwHvU9auc_ocJAAZF6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ee04d8-49dc-409f-92fc-dd5623048ea2/1/egz9WlEBPl_WyvgJh4BHpgXunW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.0.0/22
185.171.112.0/22
185.204.204.0-185.204.211.255
185.206.116.0/22
185.208.60.0/22
185.218.32.0/22
185.226.16.0/22
185.234.140.0/22
212.84.56.0/21
IPv6:
2a00:dfc0::/29
2a0a:d100::/29
Signature Algorithm: sha256WithRSAEncryption
b4:20:5d:2a:30:d0:f3:47:37:f2:43:36:f8:7c:7a:21:89:3e:
32:bb:bb:9d:e5:1a:8f:1d:6a:74:b2:2b:2a:42:71:fe:a8:69:
72:b4:1f:8f:c5:72:15:16:d6:dc:6a:7d:83:f5:aa:91:21:15:
53:c2:0c:bc:55:14:32:7c:a8:ac:b6:30:7e:4b:c1:7b:e1:3e:
68:dc:db:33:0e:48:7f:be:10:f4:f7:d2:f2:5d:ca:32:5d:62:
fe:32:d4:f1:16:87:ac:db:3b:cf:b4:51:22:8d:d9:7d:1c:5e:
f6:4f:a3:c6:eb:92:7d:bf:5b:e3:24:51:9a:4c:6c:29:2e:87:
c0:9b:1c:23:73:dd:25:d4:67:17:e6:cf:51:79:68:46:9d:c8:
87:5b:aa:c0:d0:ef:9c:b9:b9:ac:d6:6a:1c:28:05:e1:21:e8:
54:e6:ac:7e:a9:57:0a:26:2a:37:97:31:d8:97:37:15:48:88:
27:04:b3:fd:6d:eb:68:84:76:2f:58:b0:ca:0a:ca:6a:9c:ea:
8b:fb:42:4a:1a:b1:80:00:0b:40:7e:24:90:26:bf:b4:23:1d:
03:da:78:01:44:96:7f:0b:86:46:48:3c:ed:1e:a3:d0:1d:b8:
3e:92:e2:37:2b:dd:61:cb:d2:85:57:42:92:62:6e:84:10:bf:
23:f8:cb:85
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIEDJCbeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTBjZmQ1YTUxMDEzZTVmZDZjYWY4MDk4NzgwNDdhNjA1ZWU5ZDZkMB4XDTIyMDEw
MTE1NTYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGMzZDk2YWU2Nzkw
MmIwMWVmNTNkNmFlNzNmYTFjMjQwMDE5MTdhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJol8VSj2Gyadeiaj7mQa6av2xddjHK+4LBNOD6U6RCBDSI4
6O225MxOV3nhPkGSGbqIp4u9Hn02nC0WMwWAfLSYFfl3XiM5wu5yGyRQUutqApKh
gxZAWKLfK2fqzKkG6T/WcIuSxgMWB5WO2xLAW08285hpwTzrdUpiKdixvX8wV3uj
Dq6oaCxrx271oRE0tY9W5CLuDaduN85dOQ6JKCBZ+tBUvUcv2rHt/OzGW4ZEPYLH
1uRIK/yTtA5YxUsdnnADWvgnQtk+KdzipWnMQJSezVABkXjhG+/QelOeSixavg9i
45H1ggZAZ4wX43wSBquSrrBWcjQlL40fsSAOoLkCAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBSMPZauZ5ArAe9T1q5z+hwkABkXoTAfBgNVHSMEGDAWgBR6DP1aUQE+X9bK
+AmHgEemBe6dbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VnejlXbEVCUGxfV3l2Z0poNEJIcGdYdW5XMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZWUwNGQ4LTQ5ZGMtNDA5Zi05MmZjLWRkNTYyMzA0OGVhMi8x
L2pEMldybWVRS3dIdlU5YXVjX29jSkFBWkY2RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZWUwNGQ4LTQ5ZGMtNDA5Zi05MmZjLWRkNTYyMzA0OGVhMi8xL2VnejlXbEVCUGxf
V3l2Z0poNEJIcGdYdW5XMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwRAQCAAEwPgMEArlMAAMEArmrcDAMAwQCuczMAwQC
uczQAwQCuc50AwQCudA8AwQCudogAwQCueIQAwQCueqMAwQD1FQ4MBQEAgACMA4D
BQMqAN/AAwUDKgrRADANBgkqhkiG9w0BAQsFAAOCAQEAtCBdKjDQ80c38kM2+Hx6
IYk+Mru7neUajx1qdLIrKkJx/qhpcrQfj8VyFRbW3Gp9g/WqkSEVU8IMvFUUMnyo
rLYwfkvBe+E+aNzbMw5If74Q9PfS8l3KMl1i/jLU8RaHrNs7z7RRIo3ZfRxe9k+j
xuuSfb9b4yRRmkxsKS6HwJscI3PdJdRnF+bPUXloRp3Ih1uqwNDvnLm5rNZqHCgF
4SHoVOasfqlXCiYqN5cx2Jc3FUiIJwSz/W3raIR2L1iwygrKapzqi/tCShqxgAAL
QH4kkCa/tCMdA9p4AUSWfwuGRkg87R6j0B24PpLiNyvdYcvShVdCkmJuhBC/I/jL
hQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:43 2024 by rpki-client on console-ams.rpki-client.org