Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/sIqvuXqJ9cvAdyuHDzCQ2NHLwnE.roa
File: sIqvuXqJ9cvAdyuHDzCQ2NHLwnE.roa (raw, json)
Hash identifier: NaIrbCNiUToHFIVgg1sLi2LpZRbPqK47UTftbrB/Lpw=
Subject key identifier: B0:8A:AF:B9:7A:89:F5:CB:C0:77:2B:87:0F:30:90:D8:D1:CB:C2:71
Certificate issuer: /CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Certificate serial: 01852B0B687E472D7E3143E57AE42655D426
Authority key identifier: 29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/sIqvuXqJ9cvAdyuHDzCQ2NHLwnE.roa
Signing time: Mon 19 Dec 2022 15:40:45 +0000
ROA not before: Mon 19 Dec 2022 15:40:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 185.20.148.0/24 maxlen: 24
91.102.104.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2b:0b:68:7e:47:2d:7e:31:43:e5:7a:e4:26:55:d4:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29c9b04016f6f02183307c17df630a0289ec5bb5
Validity
Not Before: Dec 19 15:40:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b08aafb97a89f5cbc0772b870f3090d8d1cbc271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:57:b5:45:0d:75:9b:93:83:1a:f4:8c:b3:d3:
dd:41:18:9d:fb:17:3d:ea:39:2d:34:5c:bd:af:9b:
a2:b0:51:52:57:00:cb:79:67:fc:b1:c9:ab:42:e0:
c4:85:75:d3:e7:24:1b:85:2a:72:1e:06:13:b2:76:
05:5b:91:29:ac:b3:c2:11:e2:e2:58:9a:d2:69:ee:
29:98:c4:cc:eb:2d:9f:ce:1f:c9:c6:ed:c9:13:1a:
57:91:13:fe:f0:75:3e:04:b8:57:b5:98:0c:ac:c1:
a8:ca:83:ba:e5:52:a1:d4:e6:27:90:68:71:48:9d:
50:87:ba:7d:38:b9:dd:5f:e3:a7:e1:e6:38:48:05:
b4:e3:7a:4b:4c:bd:54:35:79:20:93:b2:89:3b:d5:
15:cc:98:81:46:59:6c:db:b2:62:de:eb:f9:4a:8a:
3f:f9:73:ed:1e:ae:c7:74:96:94:74:bd:b2:3e:12:
47:3b:d3:57:45:6f:7e:de:06:17:70:7b:76:35:f9:
22:8d:ae:04:80:eb:9c:d1:f0:3a:98:be:af:77:71:
fa:2d:87:85:e9:a7:13:f9:78:b5:62:e0:b0:1f:1d:
e8:e6:83:14:c6:b9:ac:b7:3c:d7:54:f7:ce:a5:74:
3d:73:42:93:ea:3a:eb:e0:67:4d:af:2f:41:99:3b:
3d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:8A:AF:B9:7A:89:F5:CB:C0:77:2B:87:0F:30:90:D8:D1:CB:C2:71
X509v3 Authority Key Identifier:
keyid:29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/sIqvuXqJ9cvAdyuHDzCQ2NHLwnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.104.0/21
185.20.148.0/24
Signature Algorithm: sha256WithRSAEncryption
06:4e:21:f1:da:92:42:fd:67:68:0b:dc:2e:bb:2d:fe:f5:a5:
6c:43:a5:42:7f:73:b0:ce:f5:36:e8:68:c1:a2:d9:76:60:db:
17:49:39:16:18:68:02:b2:28:3b:33:94:8c:e6:c1:53:82:d3:
9c:4b:62:0b:74:b6:f1:ba:1d:ee:0b:c0:a6:6b:b4:95:5e:9e:
a5:14:b1:12:c6:ce:20:a7:9b:91:84:8a:d2:16:98:df:b7:fd:
8e:7e:bb:be:a9:ec:d8:28:6f:ba:90:48:cc:b3:f4:ff:a0:e0:
1a:47:ce:3e:e6:f0:50:6d:e7:4c:36:e0:e2:10:df:47:fb:41:
12:81:5a:b5:b3:f1:e6:4d:df:2d:c4:ff:ba:ec:83:bc:ce:ca:
a3:17:25:de:25:fd:e1:d2:e0:d7:56:02:6c:22:bf:6c:98:9a:
56:25:83:1c:40:cb:c9:b8:72:4e:c6:68:43:e3:8c:14:12:e8:
f1:50:97:2f:a5:73:56:8d:26:31:5f:1f:46:0a:5a:55:8d:6a:
f3:1d:a9:11:15:78:96:d9:43:45:e8:97:74:0b:9b:29:f0:00:
6d:dd:2b:3d:f9:f9:8a:73:b7:41:21:36:d6:f8:de:74:81:50:
03:52:c1:9d:a4:db:ca:52:ab:e6:9b:ea:ab:27:17:9c:56:11:
95:6e:85:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUrC2h+Ry1+MUPleuQmVdQmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YzliMDQwMTZmNmYwMjE4MzMwN2MxN2RmNjMwYTAyODll
YzViYjUwHhcNMjIxMjE5MTU0MDQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDhhYWZiOTdhODlmNWNiYzA3NzJiODcwZjMwOTBkOGQxY2JjMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFe1RQ11m5ODGvSMs9PdQRid+xc9
6jktNFy9r5uisFFSVwDLeWf8scmrQuDEhXXT5yQbhSpyHgYTsnYFW5EprLPCEeLi
WJrSae4pmMTM6y2fzh/Jxu3JExpXkRP+8HU+BLhXtZgMrMGoyoO65VKh1OYnkGhx
SJ1Qh7p9OLndX+On4eY4SAW043pLTL1UNXkgk7KJO9UVzJiBRlls27Ji3uv5Soo/
+XPtHq7HdJaUdL2yPhJHO9NXRW9+3gYXcHt2Nfkija4EgOuc0fA6mL6vd3H6LYeF
6acT+Xi1YuCwHx3o5oMUxrmstzzXVPfOpXQ9c0KT6jrr4GdNry9BmTs9mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLCKr7l6ifXLwHcrhw8wkNjRy8JxMB8GA1UdIwQY
MBaAFCnJsEAW9vAhgzB8F99jCgKJ7Fu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2Et
MWQ1OTFiYmQ0MDYwLzEvc0lxdnVYcUo5Y3ZBZHl1SER6Q1EyTkhMd25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2EtMWQ1OTFiYmQ0MDYw
LzEvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW2ZoAwQA
uRSUMA0GCSqGSIb3DQEBCwUAA4IBAQAGTiHx2pJC/WdoC9wuuy3+9aVsQ6VCf3Ow
zvU26GjBotl2YNsXSTkWGGgCsig7M5SM5sFTgtOcS2ILdLbxuh3uC8Cma7SVXp6l
FLESxs4gp5uRhIrSFpjft/2Ofru+qezYKG+6kEjMs/T/oOAaR84+5vBQbedMNuDi
EN9H+0ESgVq1s/HmTd8txP+67IO8zsqjFyXeJf3h0uDXVgJsIr9smJpWJYMcQMvJ
uHJOxmhD44wUEujxUJcvpXNWjSYxXx9GClpVjWrzHakRFXiW2UNF6Jd0C5sp8ABt
3Ss9+fmKc7dBITbW+N50gVADUsGdpNvKUqvmm+qrJxecVhGVboXD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:02 2024 by rpki-client on console-ams.rpki-client.org