Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/dALgyVYf1vPzvfnH2EnE9uioAGE.roa
File: dALgyVYf1vPzvfnH2EnE9uioAGE.roa (raw, json)
Hash identifier: KDMhLvaxgPAITv1ki7xa2w2vQxlm/SdZqW+7OtfInvM=
Subject key identifier: 74:02:E0:C9:56:1F:D6:F3:F3:BD:F9:C7:D8:49:C4:F6:E8:A8:00:61
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 4D056969
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/dALgyVYf1vPzvfnH2EnE9uioAGE.roa
Signing time: Sat 01 Jan 2022 15:56:18 +0000
ROA not before: Sat 01 Jan 2022 15:56:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208221
IP address blocks: 185.84.172.0/23 maxlen: 23
185.84.172.0/24 maxlen: 24
185.84.173.0/24 maxlen: 24
2a05:7400:8000::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1292200297 (0x4d056969)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Jan 1 15:56:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7402e0c9561fd6f3f3bdf9c7d849c4f6e8a80061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:4b:fd:45:fc:61:3a:bd:81:5d:ce:bb:99:a1:
98:29:9e:8d:a5:30:7c:65:9c:4f:9c:82:ee:dd:71:
66:2d:31:85:2b:e5:a4:a8:d0:7f:f9:eb:49:b1:b3:
3f:c2:e5:f2:3f:98:c7:37:7b:79:bd:bf:ad:7a:96:
6b:39:ec:47:59:f5:32:56:da:d9:3e:fb:7a:61:70:
4d:2d:d5:43:40:39:e0:80:8f:7e:ad:81:4a:2a:19:
7d:90:3e:9c:3b:b0:f4:5e:96:e8:aa:18:1b:c4:8a:
8f:ae:9a:50:16:de:bd:c6:ac:4a:9e:ba:e1:95:46:
88:06:96:3b:e8:c9:4d:7b:54:54:a3:9a:62:fa:10:
b6:14:c6:d3:bc:2e:0a:91:bb:13:03:07:93:76:6e:
81:15:09:31:29:f1:6a:4e:0d:b7:2d:5c:c9:a1:d8:
89:69:a9:de:e1:76:1f:ae:54:ec:c7:51:29:46:83:
1f:80:f8:e1:28:8f:f9:f3:0f:e9:ca:15:48:4d:ef:
bb:62:7f:b9:e7:ca:59:2f:35:4a:5c:8a:dc:ca:46:
09:67:d0:c5:61:1f:e5:15:9f:9f:e0:07:87:90:66:
04:4e:92:6f:13:f2:a7:09:01:cf:8e:f6:35:91:5d:
41:f0:ee:98:23:12:65:ab:ed:f9:cc:55:59:68:54:
6c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:02:E0:C9:56:1F:D6:F3:F3:BD:F9:C7:D8:49:C4:F6:E8:A8:00:61
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/dALgyVYf1vPzvfnH2EnE9uioAGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.84.172.0/23
IPv6:
2a05:7400:8000::/34
Signature Algorithm: sha256WithRSAEncryption
29:02:c5:af:e0:01:c9:03:76:24:18:53:a2:26:a3:17:8b:4d:
00:20:57:6d:7a:41:70:d0:3d:b9:db:fd:a9:b7:42:56:bb:ae:
97:f8:f5:67:13:57:5c:9f:80:e9:2e:3b:16:ad:b1:cb:96:3b:
d1:6f:fd:2a:77:fc:e6:20:0a:27:df:0a:9a:46:9f:85:0c:94:
33:85:de:72:c3:bf:6b:95:e1:51:12:77:58:04:72:c4:44:6c:
c4:c9:47:77:c2:4f:83:93:23:63:30:fe:e8:fb:1a:e5:99:ef:
ab:3e:49:20:7e:82:a1:05:9e:8e:98:db:98:be:3f:40:ab:5b:
5a:89:32:58:47:04:50:91:0e:28:6d:00:68:6a:ff:6a:b6:a4:
a8:fa:bb:48:42:26:d4:b9:27:d8:ba:96:5a:a9:4d:20:5c:44:
49:6d:8b:46:0e:29:05:30:d1:9c:62:98:86:e2:08:13:3a:5d:
20:83:5c:a8:25:00:bb:3d:33:50:84:72:82:ba:93:55:e7:50:
01:6e:7e:34:17:4b:20:63:a3:77:3d:2b:ee:60:1a:a0:a5:38:
a9:52:f8:c9:a5:97:d1:4a:15:34:1d:53:83:5b:42:70:8e:7e:
d0:1c:72:6e:26:0a:a2:2f:79:56:7a:7d:c8:59:00:f0:75:c4:
ad:9a:eb:3d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIETQVpaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZTdmNzQ3ZGY1ZjI0MzUzMTU0ZGM0ZDRiZjcwZDJkZGNiNTNlOTAwMB4XDTIyMDEw
MTE1NTYxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQwMmUwYzk1NjFm
ZDZmM2YzYmRmOWM3ZDg0OWM0ZjZlOGE4MDA2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPZL/UX8YTq9gV3Ou5mhmCmejaUwfGWcT5yC7t1xZi0xhSvl
pKjQf/nrSbGzP8Ll8j+Yxzd7eb2/rXqWaznsR1n1Mlba2T77emFwTS3VQ0A54ICP
fq2BSioZfZA+nDuw9F6W6KoYG8SKj66aUBbevcasSp664ZVGiAaWO+jJTXtUVKOa
YvoQthTG07wuCpG7EwMHk3ZugRUJMSnxak4Nty1cyaHYiWmp3uF2H65U7MdRKUaD
H4D44SiP+fMP6coVSE3vu2J/uefKWS81SlyK3MpGCWfQxWEf5RWfn+AHh5BmBE6S
bxPypwkBz472NZFdQfDumCMSZavt+cxVWWhUbDsCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBR0AuDJVh/W8/O9+cfYScT26KgAYTAfBgNVHSMEGDAWgBSuf3R99fJDUxVN
xNS/cNLdy1PpADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JuOTBmZlh5UTFNVlRjVFV2M0RTM2N0VDZRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNThhZjI0LWM0NTQtNDRiMC1hN2NhLWM2ZjFlNmFjOWJhOS8x
L2RBTGd5VllmMXZQenZmbkgyRW5FOXVpb0FHRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NThhZjI0LWM0NTQtNDRiMC1hN2NhLWM2ZjFlNmFjOWJhOS8xL3JuOTBmZlh5UTFN
VlRjVFV2M0RTM2N0VDZRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAblUrDAOBAIAAjAIAwYGKgV0AIAw
DQYJKoZIhvcNAQELBQADggEBACkCxa/gAckDdiQYU6ImoxeLTQAgV216QXDQPbnb
/am3Qla7rpf49WcTV1yfgOkuOxatscuWO9Fv/Sp3/OYgCiffCppGn4UMlDOF3nLD
v2uV4VESd1gEcsREbMTJR3fCT4OTI2Mw/uj7GuWZ76s+SSB+gqEFno6Y25i+P0Cr
W1qJMlhHBFCRDihtAGhq/2q2pKj6u0hCJtS5J9i6llqpTSBcRElti0YOKQUw0Zxi
mIbiCBM6XSCDXKglALs9M1CEcoK6k1XnUAFufjQXSyBjo3c9K+5gGqClOKlS+Mml
l9FKFTQdU4NbQnCOftAccm4mCqIveVZ6fchZAPB1xK2a6z0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:22 2023 by rpki-client on console-ams.rpki-client.org