Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/21Y5eTYxmzfy0TAY3o7EiZpjpyk.roa
File: 21Y5eTYxmzfy0TAY3o7EiZpjpyk.roa (raw, json)
Hash identifier: 71bJ7hkKK1awYPQwmqn9Bh1aKgkEXD1IY7RLW6Qrx9Y=
Subject key identifier: DB:56:39:79:36:31:9B:37:F2:D1:30:18:DE:8E:C4:89:9A:63:A7:29
Certificate issuer: /CN=04268ae40737536a464c28493eaf503db9a18f20
Certificate serial: 018322243A8D6A8495C82ECACB6FB27AD9EE
Authority key identifier: 04:26:8A:E4:07:37:53:6A:46:4C:28:49:3E:AF:50:3D:B9:A1:8F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCaK5Ac3U2pGTChJPq9QPbmhjyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/21Y5eTYxmzfy0TAY3o7EiZpjpyk.roa
Signing time: Fri 09 Sep 2022 12:05:43 +0000
ROA not before: Fri 09 Sep 2022 12:05:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50754
IP address blocks: 185.134.76.0/22 maxlen: 24
2a06:ebc0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:22:24:3a:8d:6a:84:95:c8:2e:ca:cb:6f:b2:7a:d9:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04268ae40737536a464c28493eaf503db9a18f20
Validity
Not Before: Sep 9 12:05:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db56397936319b37f2d13018de8ec4899a63a729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9f:42:80:60:1b:60:46:98:77:79:7f:22:73:
f6:9b:cc:dd:1d:11:4b:2f:51:cc:11:76:e7:cf:7d:
a2:6a:cf:b7:65:59:8c:cd:40:3a:af:8d:ad:e2:20:
63:03:5a:4f:e0:e4:c5:ea:99:5f:ba:15:c1:df:21:
c3:12:8a:9c:05:80:f7:f0:4b:67:b3:d9:4b:d1:22:
41:34:03:71:7e:a0:42:50:7b:27:5d:2a:5b:56:82:
d4:60:e7:84:96:7e:8f:b7:13:e9:35:42:f8:5d:0d:
6b:2c:5e:8a:66:c5:c0:55:c3:24:79:4e:01:a8:33:
63:af:bc:33:88:45:35:b1:f6:91:de:ce:3e:f7:90:
eb:21:a4:a9:a9:d8:82:0c:d6:9b:97:15:a2:6f:0d:
47:c8:04:92:36:d1:b6:a1:cd:af:12:a9:61:53:be:
f3:71:00:b5:79:f2:6b:98:3b:cf:de:03:f7:44:7d:
c0:96:a9:85:65:bb:b4:95:53:83:c8:cd:34:c5:ad:
3d:1f:dc:3e:8f:fb:62:7d:7e:43:74:98:b6:35:36:
fd:be:fc:61:a3:f8:7b:11:15:3a:8a:11:f7:09:40:
68:82:8a:33:cc:94:46:43:a3:94:3e:15:11:31:fe:
c8:53:30:2e:db:2f:28:50:44:b4:fe:ef:b7:9e:0c:
c8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:56:39:79:36:31:9B:37:F2:D1:30:18:DE:8E:C4:89:9A:63:A7:29
X509v3 Authority Key Identifier:
keyid:04:26:8A:E4:07:37:53:6A:46:4C:28:49:3E:AF:50:3D:B9:A1:8F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCaK5Ac3U2pGTChJPq9QPbmhjyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/21Y5eTYxmzfy0TAY3o7EiZpjpyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/796823-6d81-4d91-b664-e0abd4d84571/1/BCaK5Ac3U2pGTChJPq9QPbmhjyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.76.0/22
IPv6:
2a06:ebc0::/29
Signature Algorithm: sha256WithRSAEncryption
4b:a9:17:4a:e6:b7:7f:24:bc:a9:74:6d:48:37:88:bc:73:4a:
98:ca:82:ba:f5:6e:82:4d:f1:95:d4:75:2d:26:c7:32:f5:da:
31:93:95:7d:03:d7:ce:5d:33:66:3c:52:74:04:4e:17:f4:97:
b4:3c:dd:be:bb:d7:aa:de:2d:4a:b3:ab:2c:16:64:c7:24:24:
67:0e:9d:40:72:cb:57:a5:b5:fd:ef:30:ba:86:f0:3d:1b:b4:
ff:b1:08:f4:90:d9:7a:69:1e:81:5b:e8:87:d0:e2:53:04:9e:
7b:d6:c3:58:5b:58:9a:60:bd:19:67:fa:c7:a0:fa:47:8a:76:
29:2a:68:7e:24:6d:86:6c:84:06:c6:14:9d:0a:a6:8a:78:eb:
e5:95:a8:21:f0:77:80:9e:29:2a:8d:62:78:cc:31:e3:6f:92:
85:89:40:6a:a1:19:44:24:90:29:4e:80:f2:3b:3e:b2:7b:ce:
ca:a9:f5:28:a6:d2:fb:ff:c7:be:b6:84:18:32:27:13:1d:67:
84:30:7b:40:1c:10:32:ec:bb:95:0a:d8:bb:3e:04:db:95:7e:
83:93:54:e9:7f:c4:09:6c:21:4a:16:c1:85:f4:26:97:27:f5:
c6:4e:bc:3f:cf:af:ee:13:d8:8a:c8:43:e9:d2:92:2f:2d:be:
5b:3f:7c:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMiJDqNaoSVyC7Ky2+yetnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MjY4YWU0MDczNzUzNmE0NjRjMjg0OTNlYWY1MDNkYjlh
MThmMjAwHhcNMjIwOTA5MTIwNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjU2Mzk3OTM2MzE5YjM3ZjJkMTMwMThkZThlYzQ4OTlhNjNhNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ9CgGAbYEaYd3l/InP2m8zdHRFL
L1HMEXbnz32ias+3ZVmMzUA6r42t4iBjA1pP4OTF6plfuhXB3yHDEoqcBYD38Etn
s9lL0SJBNANxfqBCUHsnXSpbVoLUYOeEln6PtxPpNUL4XQ1rLF6KZsXAVcMkeU4B
qDNjr7wziEU1sfaR3s4+95DrIaSpqdiCDNablxWibw1HyASSNtG2oc2vEqlhU77z
cQC1efJrmDvP3gP3RH3AlqmFZbu0lVODyM00xa09H9w+j/tifX5DdJi2NTb9vvxh
o/h7ERU6ihH3CUBogoozzJRGQ6OUPhURMf7IUzAu2y8oUES0/u+3ngzIYwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNtWOXk2MZs38tEwGN6OxImaY6cpMB8GA1UdIwQY
MBaAFAQmiuQHN1NqRkwoST6vUD25oY8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNhSzVBYzNVMnBHVENoSlBxOVFQYm1oanlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy83OTY4MjMtNmQ4MS00ZDkxLWI2NjQt
ZTBhYmQ0ZDg0NTcxLzEvMjFZNWVUWXhtemZ5MFRBWTNvN0VpWnBqcHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy83OTY4MjMtNmQ4MS00ZDkxLWI2NjQtZTBhYmQ0ZDg0NTcx
LzEvQkNhSzVBYzNVMnBHVENoSlBxOVFQYm1oanlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYZMMA0E
AgACMAcDBQMqBuvAMA0GCSqGSIb3DQEBCwUAA4IBAQBLqRdK5rd/JLypdG1IN4i8
c0qYyoK69W6CTfGV1HUtJscy9doxk5V9A9fOXTNmPFJ0BE4X9Je0PN2+u9eq3i1K
s6ssFmTHJCRnDp1AcstXpbX97zC6hvA9G7T/sQj0kNl6aR6BW+iH0OJTBJ571sNY
W1iaYL0ZZ/rHoPpHinYpKmh+JG2GbIQGxhSdCqaKeOvllagh8HeAnikqjWJ4zDHj
b5KFiUBqoRlEJJApToDyOz6ye87KqfUoptL7/8e+toQYMicTHWeEMHtAHBAy7LuV
Cti7PgTblX6Dk1Tpf8QJbCFKFsGF9CaXJ/XGTrw/z6/uE9iKyEPp0pIvLb5bP3xl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:31 2024 by rpki-client on console-ams.rpki-client.org