Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/9TSzLmnDvTR4TjkoY4s1RMHYcTA.roa
File: 9TSzLmnDvTR4TjkoY4s1RMHYcTA.roa (raw, json)
Hash identifier: 8pC8EJDod00RbW3FUf89p7n8+oSa1LOTd8lEUlZjD5s=
Subject key identifier: F5:34:B3:2E:69:C3:BD:34:78:4E:39:28:63:8B:35:44:C1:D8:71:30
Certificate issuer: /CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Certificate serial: 01827DF7183E455E9A125CBAAC4380894857
Authority key identifier: 36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/9TSzLmnDvTR4TjkoY4s1RMHYcTA.roa
Signing time: Mon 08 Aug 2022 14:58:41 +0000
ROA not before: Mon 08 Aug 2022 14:58:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48659
IP address blocks: 185.228.140.0/24 maxlen: 24
185.228.142.0/24 maxlen: 24
185.38.225.0/24 maxlen: 24
2a00:fb20:8::/46 maxlen: 46
2a00:fb20:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7d:f7:18:3e:45:5e:9a:12:5c:ba:ac:43:80:89:48:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36fe3a91263e2e8319c2a678e629851d09e77f0d
Validity
Not Before: Aug 8 14:58:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f534b32e69c3bd34784e3928638b3544c1d87130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:1d:fd:77:08:79:07:a8:a2:4a:cb:eb:b4:17:
21:8d:f7:9f:4c:52:bb:01:ed:ff:b0:a0:f9:78:7d:
04:f9:43:83:3d:1f:9f:e1:ca:81:4c:cb:36:c4:bc:
db:fd:7e:b4:6c:f2:c3:e2:98:37:3d:2e:71:7f:de:
2a:3f:d2:b9:a8:e1:95:0c:ea:ef:bb:dd:b6:40:e1:
77:8b:a1:ee:7a:09:e3:63:7d:bc:9d:42:08:92:d8:
a5:dc:59:60:a7:a5:0f:e7:9b:4c:03:7c:32:e0:64:
dd:90:55:6a:f6:10:0b:07:dc:5f:8d:d3:e9:ec:0c:
4f:44:31:06:b8:0e:cd:a5:85:7e:07:43:09:e9:cc:
5e:c4:56:28:b3:18:3e:ed:cd:ff:b0:0d:f7:5d:fc:
60:4e:66:d1:84:ed:90:a7:e4:de:74:25:9a:ab:d4:
58:7b:cc:07:d3:37:46:05:ee:4d:b9:25:30:dd:60:
04:ec:2b:83:c1:19:59:e1:ab:b9:b3:0f:1c:85:75:
5d:c9:c1:c2:61:6d:ff:68:36:c6:e1:6f:05:42:27:
c7:ad:ed:25:15:b3:6c:6a:08:23:c8:0c:6b:c3:0e:
d2:bb:19:27:5a:3b:be:fc:06:fb:22:03:e1:b3:7f:
f0:19:9c:e4:a1:91:ff:f1:fa:f2:53:37:5d:0b:a5:
92:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:34:B3:2E:69:C3:BD:34:78:4E:39:28:63:8B:35:44:C1:D8:71:30
X509v3 Authority Key Identifier:
keyid:36:FE:3A:91:26:3E:2E:83:19:C2:A6:78:E6:29:85:1D:09:E7:7F:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv46kSY-LoMZwqZ45imFHQnnfw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/9TSzLmnDvTR4TjkoY4s1RMHYcTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e96ef4-4f45-47c0-bebf-fa3e0901f240/1/Nv46kSY-LoMZwqZ45imFHQnnfw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.225.0/24
185.228.140.0/24
185.228.142.0/24
IPv6:
2a00:fb20:1::/48
2a00:fb20:8::/46
Signature Algorithm: sha256WithRSAEncryption
27:6d:84:45:c8:74:0c:7a:57:04:55:f2:2d:84:c3:0a:cc:e4:
6b:8d:0f:60:ce:40:fa:4f:ad:df:08:4d:15:6b:86:9a:f0:8a:
d4:e1:08:06:2c:f1:04:08:89:2b:a2:aa:8d:e3:f9:97:13:36:
c6:64:1a:d9:55:c1:c9:43:93:58:71:9f:f6:10:6a:a2:08:73:
f6:2a:5a:48:b4:85:da:78:bc:0f:61:e9:f3:d0:ef:06:7e:06:
38:3b:6f:f3:96:e9:27:28:59:89:de:17:88:96:5e:c4:e5:a7:
5c:65:70:ca:b4:87:ce:09:fd:26:1a:ad:d2:f7:5e:0f:92:5a:
cd:ad:18:f1:ed:28:11:7d:2f:46:58:30:fd:4e:af:d2:7e:0f:
86:c1:55:d2:c6:4a:00:60:d3:ea:a7:5d:44:6c:bc:87:6e:7b:
9f:85:af:d8:8a:11:d7:20:f5:c7:cd:1c:f6:9c:b8:15:39:47:
73:73:91:37:80:90:67:dd:d3:9d:48:4e:bc:f4:70:01:6d:10:
1d:14:15:0a:4c:c1:b5:b9:1e:fe:32:02:b9:4a:3c:a6:2f:8e:
52:67:74:ab:2f:c2:6e:94:6b:86:fd:6f:2d:3d:e9:0e:9d:6e:
e8:d4:33:9c:df:48:c6:4b:f6:11:4d:4d:15:0a:79:40:35:d0:
2b:3c:80:00
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYJ99xg+RV6aEly6rEOAiUhXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmUzYTkxMjYzZTJlODMxOWMyYTY3OGU2Mjk4NTFkMDll
NzdmMGQwHhcNMjIwODA4MTQ1ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTM0YjMyZTY5YzNiZDM0Nzg0ZTM5Mjg2MzhiMzU0NGMxZDg3MTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgh39dwh5B6iiSsvrtBchjfefTFK7
Ae3/sKD5eH0E+UODPR+f4cqBTMs2xLzb/X60bPLD4pg3PS5xf94qP9K5qOGVDOrv
u922QOF3i6HuegnjY328nUIIktil3Flgp6UP55tMA3wy4GTdkFVq9hALB9xfjdPp
7AxPRDEGuA7NpYV+B0MJ6cxexFYosxg+7c3/sA33XfxgTmbRhO2Qp+TedCWaq9RY
e8wH0zdGBe5NuSUw3WAE7CuDwRlZ4au5sw8chXVdycHCYW3/aDbG4W8FQifHre0l
FbNsaggjyAxrww7SuxknWju+/Ab7IgPhs3/wGZzkoZH/8fryUzddC6WSswIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPU0sy5pw700eE45KGOLNUTB2HEwMB8GA1UdIwQY
MBaAFDb+OpEmPi6DGcKmeOYphR0J538NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYt
ZmEzZTA5MDFmMjQwLzEvOVRTekxtbkR2VFI0VGprb1k0czFSTUhZY1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lOTZlZjQtNGY0NS00N2MwLWJlYmYtZmEzZTA5MDFmMjQw
LzEvTnY0NmtTWS1Mb01ad3FaNDVpbUZIUW5uZncwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAuSbhAwQA
ueSMAwQAueSOMBgEAgACMBIDBwAqAPsgAAEDBwIqAPsgAAgwDQYJKoZIhvcNAQEL
BQADggEBACdthEXIdAx6VwRV8i2EwwrM5GuND2DOQPpPrd8ITRVrhprwitThCAYs
8QQIiSuiqo3j+ZcTNsZkGtlVwclDk1hxn/YQaqIIc/YqWki0hdp4vA9h6fPQ7wZ+
Bjg7b/OW6ScoWYneF4iWXsTlp1xlcMq0h84J/SYardL3Xg+SWs2tGPHtKBF9L0ZY
MP1Or9J+D4bBVdLGSgBg0+qnXURsvIdue5+Fr9iKEdcg9cfNHPacuBU5R3NzkTeA
kGfd051ITrz0cAFtEB0UFQpMwbW5Hv4yArlKPKYvjlJndKsvwm6Ua4b9by096Q6d
bujUM5zfSMZL9hFNTRUKeUA10Cs8gAA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:21 2024 by rpki-client on console-fra.rpki-client.org