Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1gA4hBxZIyQxXL-7F20g34-jOqc.roa
File: 1gA4hBxZIyQxXL-7F20g34-jOqc.roa (raw, json)
Hash identifier: VcUcOscW1zRU6VxxqHte3/asRoHKf7ZWNSPIs7Uy3l8=
Subject key identifier: D6:00:38:84:1C:59:23:24:31:5C:BF:BB:17:6D:20:DF:8F:A3:3A:A7
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0D34A76A
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1gA4hBxZIyQxXL-7F20g34-jOqc.roa
Signing time: Tue 08 Feb 2022 10:23:07 +0000
ROA not before: Tue 08 Feb 2022 10:23:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 185.121.120.0/24 maxlen: 24
45.133.1.0/24 maxlen: 24
45.144.225.0/24 maxlen: 24
62.197.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 221554538 (0xd34a76a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 8 10:23:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d60038841c592324315cbfbb176d20df8fa33aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:84:81:35:ac:23:1f:3b:d1:21:cc:bb:e3:56:
36:e3:f1:47:ce:08:38:ba:4e:23:df:64:27:61:2c:
a3:89:77:6b:ea:db:25:a4:a4:9a:e0:91:4f:3d:9c:
09:3c:b8:21:f9:b6:83:2a:04:a5:e0:0e:e9:ce:17:
02:8d:bd:a3:33:cd:a1:ba:f1:a0:41:91:1e:f9:18:
6b:0b:48:79:97:80:9e:1a:fb:6e:e2:64:17:ad:70:
4e:b3:88:8a:4f:9a:9e:91:07:f9:9b:45:ed:ee:a5:
1a:46:bf:7c:ed:ba:d7:e1:0f:fd:d4:ed:f4:3e:1f:
ed:e7:a0:08:4d:31:6a:be:5c:6b:30:57:99:ee:45:
74:0a:9c:9b:c0:b5:ad:10:09:74:d8:d7:d9:aa:4a:
80:20:0a:3b:a8:d5:33:66:f3:17:84:2b:73:c8:72:
26:4c:a1:3a:da:55:d9:35:f9:f9:3b:4f:96:93:90:
ca:c6:db:c4:53:f0:8a:a5:cf:c3:58:de:39:97:64:
c5:ed:b4:11:b2:cc:a4:5d:78:eb:20:df:b0:34:1a:
04:de:d2:bc:8b:29:c3:c9:d8:35:87:55:6d:57:ce:
2d:02:03:ba:3a:8d:0b:97:be:9e:24:62:f0:b6:28:
33:5d:fc:8e:60:93:cd:1b:d2:0a:f8:41:5a:3f:ef:
87:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:00:38:84:1C:59:23:24:31:5C:BF:BB:17:6D:20:DF:8F:A3:3A:A7
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/1gA4hBxZIyQxXL-7F20g34-jOqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.1.0/24
45.144.225.0/24
62.197.136.0/24
185.121.120.0/24
Signature Algorithm: sha256WithRSAEncryption
46:55:28:b5:92:70:c5:54:6a:38:ab:d6:68:97:6c:77:0e:d1:
3b:91:e4:51:17:cd:f2:db:be:7b:68:24:5e:0b:d4:92:60:24:
a6:d9:f4:00:2e:06:65:a1:da:35:0f:34:f0:d0:41:cb:4c:fb:
fa:c2:ec:e5:13:17:07:63:c9:eb:87:41:d0:ef:94:72:57:bc:
a3:4d:e9:f2:7f:90:c7:ad:ed:1b:e1:a4:a6:cd:38:f6:5e:39:
11:cc:eb:b2:b9:34:56:18:a8:30:83:c2:7d:1e:04:09:39:58:
7c:b0:7f:2f:1c:60:a7:f8:e5:44:df:f3:97:18:b3:12:bc:9e:
f4:f9:26:8f:9c:5e:a1:67:e8:0c:ef:c0:bd:e0:2f:6f:2b:2d:
9c:ea:ad:75:d2:81:31:83:d1:79:14:30:b5:90:62:b0:fd:a2:
9e:00:e6:99:90:d6:93:97:6e:20:c5:6c:65:6a:6b:aa:a8:4b:
dd:48:31:44:3f:b6:26:19:1f:2b:6e:e0:1f:d3:d1:cc:3c:bf:
19:9e:cb:77:15:1a:b3:93:0b:90:60:d8:cb:5a:5c:3c:25:c6:
98:a7:d8:41:c8:69:58:48:db:9f:70:b4:5a:9c:96:64:e2:86:
2f:21:4e:cf:52:ef:d9:05:af:df:75:ef:d9:2c:48:6f:10:90:
00:d0:42:8a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDTSnajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDIw
ODEwMjMwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDYwMDM4ODQxYzU5
MjMyNDMxNWNiZmJiMTc2ZDIwZGY4ZmEzM2FhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALaEgTWsIx870SHMu+NWNuPxR84IOLpOI99kJ2Eso4l3a+rb
JaSkmuCRTz2cCTy4Ifm2gyoEpeAO6c4XAo29ozPNobrxoEGRHvkYawtIeZeAnhr7
buJkF61wTrOIik+anpEH+ZtF7e6lGka/fO261+EP/dTt9D4f7eegCE0xar5cazBX
me5FdAqcm8C1rRAJdNjX2apKgCAKO6jVM2bzF4Qrc8hyJkyhOtpV2TX5+TtPlpOQ
ysbbxFPwiqXPw1jeOZdkxe20EbLMpF146yDfsDQaBN7SvIspw8nYNYdVbVfOLQID
ujqNC5e+niRi8LYoM138jmCTzRvSCvhBWj/vh7sCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTWADiEHFkjJDFcv7sXbSDfj6M6pzAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
LzFnQTRoQnhaSXlReFhMLTdGMjBnMzQtak9xYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAC2FAQMEAC2Q4QMEAD7FiAMEALl5
eDANBgkqhkiG9w0BAQsFAAOCAQEARlUotZJwxVRqOKvWaJdsdw7RO5HkURfN8tu+
e2gkXgvUkmAkptn0AC4GZaHaNQ808NBBy0z7+sLs5RMXB2PJ64dB0O+Ucle8o03p
8n+Qx63tG+Gkps049l45Eczrsrk0VhioMIPCfR4ECTlYfLB/Lxxgp/jlRN/zlxiz
Erye9Pkmj5xeoWfoDO/AveAvbystnOqtddKBMYPReRQwtZBisP2ingDmmZDWk5du
IMVsZWprqqhL3UgxRD+2JhkfK27gH9PRzDy/GZ7LdxUas5MLkGDYy1pcPCXGmKfY
QchpWEjbn3C0WpyWZOKGLyFOz1Lv2QWv33Xv2SxIbxCQANBCig==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org