Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/dPEY1p9S5hlSQ7fT8tCEkNl02D0.roa
File: dPEY1p9S5hlSQ7fT8tCEkNl02D0.roa (raw, json)
Hash identifier: +SQzNCwGUacnWdt4iPGWMrGEp+/6haZa1ovn/2VgqL4=
Subject key identifier: 74:F1:18:D6:9F:52:E6:19:52:43:B7:D3:F2:D0:84:90:D9:74:D8:3D
Certificate issuer: /CN=0a4bd1d30f7235cd71739c042310dc26080738f6
Certificate serial: 0181F872508DAD382691C98D936BBF104F22
Authority key identifier: 0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/dPEY1p9S5hlSQ7fT8tCEkNl02D0.roa
Signing time: Wed 13 Jul 2022 16:44:09 +0000
ROA not before: Wed 13 Jul 2022 16:44:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51269
IP address blocks: 178.255.96.0/21 maxlen: 24
185.103.140.0/22 maxlen: 24
2a03:b700::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f8:72:50:8d:ad:38:26:91:c9:8d:93:6b:bf:10:4f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a4bd1d30f7235cd71739c042310dc26080738f6
Validity
Not Before: Jul 13 16:44:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74f118d69f52e6195243b7d3f2d08490d974d83d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:35:2f:35:03:9e:fb:e2:b6:a2:ff:41:7b:25:
a9:a9:9e:82:e6:ae:cd:23:87:67:17:4a:2c:40:88:
90:07:58:51:fc:93:9a:a8:98:08:5e:c0:d0:1e:fc:
e2:3f:ff:af:56:ff:1d:1c:df:69:1c:57:0d:77:e8:
34:2b:bf:b6:d5:47:40:5a:94:53:b9:84:e7:00:d8:
26:d9:d7:5f:9d:5c:98:29:e7:70:f3:dc:52:96:5b:
1a:f4:fb:2f:f2:ba:ba:71:da:3e:1f:ea:de:1b:4c:
92:68:3e:53:df:e1:a7:04:dd:98:dc:2d:02:6d:6d:
7c:8f:12:f0:94:d3:8a:6f:0a:e1:63:45:9c:94:47:
89:f9:b1:b5:43:b5:ac:24:66:e9:7b:74:5d:13:6c:
49:d6:b8:0d:b8:8b:ba:9e:a4:1b:29:e9:27:dc:e5:
07:d7:19:1e:60:7b:96:cb:0e:c0:08:10:93:99:1b:
ae:e1:db:07:e2:29:a5:d9:86:9b:32:e0:d3:ec:5a:
35:d5:75:69:f2:b0:bf:1f:49:a5:ae:9f:5a:b6:0e:
f8:2f:b0:bb:3c:c5:17:1d:ae:0b:8f:c6:d7:af:dd:
f2:8b:e3:b4:87:42:78:cf:76:10:d4:b4:be:ad:cc:
01:51:f6:49:41:d7:59:db:ad:c7:e6:37:b8:e6:41:
8d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:F1:18:D6:9F:52:E6:19:52:43:B7:D3:F2:D0:84:90:D9:74:D8:3D
X509v3 Authority Key Identifier:
keyid:0A:4B:D1:D3:0F:72:35:CD:71:73:9C:04:23:10:DC:26:08:07:38:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkvR0w9yNc1xc5wEIxDcJggHOPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/dPEY1p9S5hlSQ7fT8tCEkNl02D0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/8d509f-fb64-423d-b261-388443d5f00f/1/CkvR0w9yNc1xc5wEIxDcJggHOPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.96.0/21
185.103.140.0/22
IPv6:
2a03:b700::/29
Signature Algorithm: sha256WithRSAEncryption
91:35:08:8e:51:b0:cf:1a:7d:67:2e:9e:d9:ef:37:c1:30:de:
5a:b2:34:22:73:5a:71:53:73:47:a9:a3:f4:71:16:f7:4e:44:
ca:6d:a0:14:96:55:78:bf:3e:ca:cf:02:3d:f8:a3:a4:9a:62:
8d:46:a5:70:72:b8:c0:c2:c7:c3:70:c5:7f:05:9f:4e:2b:6d:
3a:d3:45:5c:2f:c1:96:8f:87:64:fa:b0:8a:47:0b:e0:e4:ca:
6c:7e:79:1c:ed:37:39:19:a0:c6:6c:65:3f:19:fe:f8:34:fa:
cb:ca:ad:a2:53:3f:50:26:da:a0:65:28:0e:d2:b3:58:99:c0:
47:c6:87:18:82:0e:59:6a:fa:bd:c1:12:7d:4c:b6:62:37:db:
77:a0:60:bd:8b:a7:a2:79:31:cf:10:a0:55:a3:b4:20:7f:2a:
e6:15:78:b9:78:92:85:27:fc:7f:e0:0a:97:a0:33:93:10:8d:
5a:60:15:52:dd:19:01:b6:7a:db:00:c3:a3:85:62:ca:a7:43:
5c:4a:2d:d3:27:55:2d:93:e4:33:61:d4:51:22:7b:9f:72:c5:
3c:8e:95:4c:28:7d:1d:00:db:c5:94:16:71:da:71:79:16:9c:
18:95:a2:6f:b4:c2:be:a8:63:ef:e8:ca:0e:ee:f1:c2:7f:20:
67:b7:77:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYH4clCNrTgmkcmNk2u/EE8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNGJkMWQzMGY3MjM1Y2Q3MTczOWMwNDIzMTBkYzI2MDgw
NzM4ZjYwHhcNMjIwNzEzMTY0NDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGYxMThkNjlmNTJlNjE5NTI0M2I3ZDNmMmQwODQ5MGQ5NzRkODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlzUvNQOe++K2ov9BeyWpqZ6C5q7N
I4dnF0osQIiQB1hR/JOaqJgIXsDQHvziP/+vVv8dHN9pHFcNd+g0K7+21UdAWpRT
uYTnANgm2ddfnVyYKedw89xSllsa9Psv8rq6cdo+H+reG0ySaD5T3+GnBN2Y3C0C
bW18jxLwlNOKbwrhY0WclEeJ+bG1Q7WsJGbpe3RdE2xJ1rgNuIu6nqQbKekn3OUH
1xkeYHuWyw7ACBCTmRuu4dsH4iml2YabMuDT7Fo11XVp8rC/H0mlrp9atg74L7C7
PMUXHa4Lj8bXr93yi+O0h0J4z3YQ1LS+rcwBUfZJQddZ263H5je45kGNkQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHTxGNafUuYZUkO30/LQhJDZdNg9MB8GA1UdIwQY
MBaAFApL0dMPcjXNcXOcBCMQ3CYIBzj2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2t2UjB3OXlOYzF4YzV3RUl4RGNKZ2dIT1BZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi84ZDUwOWYtZmI2NC00MjNkLWIyNjEt
Mzg4NDQzZDVmMDBmLzEvZFBFWTFwOVM1aGxTUTdmVDh0Q0VrTmwwMkQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi84ZDUwOWYtZmI2NC00MjNkLWIyNjEtMzg4NDQzZDVmMDBm
LzEvQ2t2UjB3OXlOYzF4YzV3RUl4RGNKZ2dIT1BZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv9gAwQC
uWeMMA0EAgACMAcDBQMqA7cAMA0GCSqGSIb3DQEBCwUAA4IBAQCRNQiOUbDPGn1n
Lp7Z7zfBMN5asjQic1pxU3NHqaP0cRb3TkTKbaAUllV4vz7KzwI9+KOkmmKNRqVw
crjAwsfDcMV/BZ9OK20600VcL8GWj4dk+rCKRwvg5Mpsfnkc7Tc5GaDGbGU/Gf74
NPrLyq2iUz9QJtqgZSgO0rNYmcBHxocYgg5Zavq9wRJ9TLZiN9t3oGC9i6eieTHP
EKBVo7QgfyrmFXi5eJKFJ/x/4AqXoDOTEI1aYBVS3RkBtnrbAMOjhWLKp0NcSi3T
J1Utk+QzYdRRInufcsU8jpVMKH0dANvFlBZx2nF5FpwYlaJvtMK+qGPv6MoO7vHC
fyBnt3dF
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:13 2024 by rpki-client on console-fra.rpki-client.org