Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/ArSqfVJt5MtNBPVVCAdzjMdvToU.roa
File: ArSqfVJt5MtNBPVVCAdzjMdvToU.roa (raw, json)
Hash identifier: IG0zjkbEYzLlriKdlT5nXsYGD2oFHfgDQzsdbA5CzfE=
Subject key identifier: 02:B4:AA:7D:52:6D:E4:CB:4D:04:F5:55:08:07:73:8C:C7:6F:4E:85
Certificate issuer: /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial: 19D9B509
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/ArSqfVJt5MtNBPVVCAdzjMdvToU.roa
Signing time: Sat 01 Jan 2022 04:55:08 +0000
ROA not before: Sat 01 Jan 2022 04:55:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31708
IP address blocks: 185.42.220.0/22 maxlen: 22
2a04:92c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 433698057 (0x19d9b509)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Validity
Not Before: Jan 1 04:55:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02b4aa7d526de4cb4d04f5550807738cc76f4e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:12:90:e7:38:e5:08:42:ac:7d:76:24:29:c1:
54:b0:9e:94:93:a6:e6:92:16:50:f1:3f:b2:73:f7:
28:c4:a7:02:f7:24:ab:21:24:3b:65:d4:f6:e3:03:
0c:16:c1:44:cc:41:63:49:34:60:81:27:fb:63:a9:
ef:56:be:19:ab:35:61:43:14:8f:75:be:6b:8f:d6:
28:94:0f:3e:9b:d9:65:3e:cb:78:df:d2:0c:94:05:
b0:a5:9c:57:8d:2e:8e:e5:fc:42:b6:df:6c:b3:94:
40:7c:ae:ef:c7:aa:c2:d0:d8:f4:bf:0a:ec:00:fd:
c6:d9:0f:c5:f3:2e:98:95:cc:78:78:9e:a4:a6:79:
c9:6b:db:70:6a:61:ee:0b:80:59:84:6f:85:0d:de:
d6:dc:f6:fc:50:34:c6:6e:e5:c2:c5:82:44:7a:a5:
ce:af:f9:0a:ca:32:a2:df:80:c0:b1:fc:0a:35:45:
c3:bf:e8:a5:ff:b7:83:c4:ca:5f:d5:20:21:38:03:
4b:78:ea:78:51:fa:d0:79:2f:f9:fe:fc:d3:8b:4d:
a2:47:6c:24:71:9c:e7:92:c9:9e:36:3d:47:e7:8b:
05:96:da:a7:b0:79:d8:ff:02:ae:1d:8b:dc:70:5c:
60:df:09:66:4d:82:2f:a2:92:73:f4:23:6e:59:ed:
ea:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:B4:AA:7D:52:6D:E4:CB:4D:04:F5:55:08:07:73:8C:C7:6F:4E:85
X509v3 Authority Key Identifier:
keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/ArSqfVJt5MtNBPVVCAdzjMdvToU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.220.0/22
IPv6:
2a04:92c0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:37:a1:51:16:b0:17:d4:f4:32:f3:01:bd:83:74:86:8d:11:
16:1e:b7:3f:2b:8b:64:5f:b6:88:f5:b2:36:0f:57:57:fb:54:
ee:f2:2d:55:27:23:12:cf:33:a0:0a:1f:3d:fa:0e:0f:04:85:
ad:c1:45:fc:94:3c:2e:81:74:f2:ab:16:d4:52:75:24:b4:dc:
d6:d3:09:a7:ab:00:1e:57:81:1b:77:e9:c3:b6:6a:ce:cc:93:
ba:24:11:f1:89:c8:6d:c0:c4:fb:66:6f:65:ea:54:97:41:fa:
ce:6b:52:31:9b:ee:6e:da:6b:2f:83:64:94:31:08:0a:74:ea:
29:ae:5a:18:13:02:00:3a:0b:76:f2:30:e2:30:75:10:8c:72:
ed:c4:cc:33:f4:22:70:19:1b:34:4a:b8:0b:64:13:50:f4:76:
20:a2:d5:25:e9:af:2e:43:65:6f:a0:29:e7:c4:b5:94:80:5e:
3f:86:6a:89:06:ec:00:a8:e8:66:ff:be:0b:d7:1a:15:52:12:
21:56:cb:bc:84:00:ca:dc:ca:be:04:c9:04:41:04:7a:c2:8b:
9e:ca:41:8c:ff:78:6c:39:f3:2e:b0:06:e0:d5:08:26:59:30:
f4:05:a1:6b:61:38:02:b8:d6:4c:e9:0a:fa:43:de:66:48:80:
f0:8c:59:9d
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGdm1CTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmRlYzRhNDZhNmU2ZTRmOWE5MmQwYmEyZTBiM2FiNTY1OGJlMWJkMB4XDTIyMDEw
MTA0NTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJiNGFhN2Q1MjZk
ZTRjYjRkMDRmNTU1MDgwNzczOGNjNzZmNGU4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgSkOc45QhCrH12JCnBVLCelJOm5pIWUPE/snP3KMSnAvck
qyEkO2XU9uMDDBbBRMxBY0k0YIEn+2Op71a+Gas1YUMUj3W+a4/WKJQPPpvZZT7L
eN/SDJQFsKWcV40ujuX8QrbfbLOUQHyu78eqwtDY9L8K7AD9xtkPxfMumJXMeHie
pKZ5yWvbcGph7guAWYRvhQ3e1tz2/FA0xm7lwsWCRHqlzq/5Csoyot+AwLH8CjVF
w7/opf+3g8TKX9UgITgDS3jqeFH60Hkv+f7804tNokdsJHGc55LJnjY9R+eLBZba
p7B52P8Crh2L3HBcYN8JZk2CL6KSc/Qjblnt6qsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQCtKp9Um3ky00E9VUIB3OMx29OhTAfBgNVHSMEGDAWgBT/3sSkam5uT5qS
0LouCzq1ZYvhvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L185N0VwR3B1YmstYWt0QzZMZ3M2dFdXTDRiMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvMTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8x
L0FyU3FmVkp0NU10TkJQVlZDQWR6ak1kdlRvVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
MTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8xL185N0VwR3B1Ymst
YWt0QzZMZ3M2dFdXTDRiMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkq3DANBAIAAjAHAwUDKgSSwDAN
BgkqhkiG9w0BAQsFAAOCAQEAijehURawF9T0MvMBvYN0ho0RFh63PyuLZF+2iPWy
Ng9XV/tU7vItVScjEs8zoAofPfoODwSFrcFF/JQ8LoF08qsW1FJ1JLTc1tMJp6sA
HleBG3fpw7ZqzsyTuiQR8YnIbcDE+2ZvZepUl0H6zmtSMZvubtprL4NklDEICnTq
Ka5aGBMCADoLdvIw4jB1EIxy7cTMM/QicBkbNEq4C2QTUPR2IKLVJemvLkNlb6Ap
58S1lIBeP4ZqiQbsAKjoZv++C9caFVISIVbLvIQAytzKvgTJBEEEesKLnspBjP94
bDnzLrAG4NUIJlkw9AWha2E4ArjWTOkK+kPeZkiA8IxZnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:52 2024 by rpki-client on console-ams.rpki-client.org