Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/dOZ9acE3ZHjwUMmB8c_maOYECSg.roa
File: dOZ9acE3ZHjwUMmB8c_maOYECSg.roa (raw, json)
Hash identifier: XGVNIO56/qcfRDRPpzP36Cttqaug3shianwkxQa1cMU=
Subject key identifier: 74:E6:7D:69:C1:37:64:78:F0:50:C9:81:F1:CF:E6:68:E6:04:09:28
Certificate issuer: /CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Certificate serial: 0182AC33E7D489901DC6335BB4D84C89AA85
Authority key identifier: FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/dOZ9acE3ZHjwUMmB8c_maOYECSg.roa
Signing time: Wed 17 Aug 2022 14:27:39 +0000
ROA not before: Wed 17 Aug 2022 14:27:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50272
IP address blocks: 185.41.64.0/22 maxlen: 24
62.24.32.0/19 maxlen: 19
185.155.140.0/22 maxlen: 24
2a03:1400::/32 maxlen: 32
2a07:33c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ac:33:e7:d4:89:90:1d:c6:33:5b:b4:d8:4c:89:aa:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fca98b1d0ecccc4f6ff1a7e7db84b4bb2f55b08d
Validity
Not Before: Aug 17 14:27:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74e67d69c1376478f050c981f1cfe668e6040928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ca:cd:18:e4:69:40:5b:65:2d:e3:7f:7a:f5:
56:3c:d4:89:39:10:93:e5:1b:b3:e3:72:30:8e:30:
19:bf:7b:e9:54:f3:0c:f8:2f:f1:1b:50:20:7a:cb:
37:bb:ed:fa:28:95:f9:c1:35:86:63:b5:04:ed:3e:
23:83:b4:19:86:e5:02:6b:aa:7d:88:8b:08:c4:ef:
04:29:ca:68:f6:d8:90:83:a3:f2:af:a2:78:bd:9b:
7b:51:32:66:26:75:e1:b1:ae:1e:30:cd:1a:11:5c:
89:cd:73:66:54:61:b5:d1:e6:78:5e:03:28:3f:f9:
96:ae:43:66:12:65:a0:c6:b3:61:3e:db:a9:02:c4:
fd:06:96:1a:dd:64:03:e1:19:c4:d1:6a:47:43:c8:
7c:b8:ff:ed:c5:42:a9:5f:7d:68:3e:9e:78:f3:3e:
f1:d0:d5:67:ee:c9:fd:94:b9:b5:1a:26:04:74:42:
22:a1:c4:3d:f7:ef:17:17:02:65:c9:20:9f:51:1e:
f7:84:81:89:37:80:e0:95:d4:0b:4e:a8:1e:fe:6e:
5b:b7:8a:0e:ee:47:21:d2:71:d1:fa:12:cc:73:99:
ed:e9:26:a2:93:c8:21:af:d5:69:01:78:7a:94:7d:
e9:d9:22:15:15:f6:c1:68:fb:74:44:7e:23:1b:a1:
5f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E6:7D:69:C1:37:64:78:F0:50:C9:81:F1:CF:E6:68:E6:04:09:28
X509v3 Authority Key Identifier:
keyid:FC:A9:8B:1D:0E:CC:CC:4F:6F:F1:A7:E7:DB:84:B4:BB:2F:55:B0:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_KmLHQ7MzE9v8afn24S0uy9VsI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/dOZ9acE3ZHjwUMmB8c_maOYECSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/971e73-fa83-4579-8532-58f0f325c2b8/1/_KmLHQ7MzE9v8afn24S0uy9VsI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.24.32.0/19
185.41.64.0/22
185.155.140.0/22
IPv6:
2a03:1400::/32
2a07:33c0::/29
Signature Algorithm: sha256WithRSAEncryption
ba:e5:e0:87:3b:95:bc:19:ab:37:e7:ac:2a:e0:39:13:7d:d2:
d7:65:6a:3f:55:07:c7:d8:e2:6d:b5:36:2e:10:8c:7a:cf:1d:
2e:b8:27:41:72:1e:84:cf:b1:81:f7:4f:e8:77:3c:99:df:bc:
ae:90:32:87:30:af:77:97:13:b6:b3:32:14:5a:0d:2d:af:56:
61:1c:47:4c:d8:c0:f7:68:b9:d9:14:18:bb:04:9c:48:e7:23:
82:77:12:8e:70:29:8a:49:2b:b3:5e:a8:f6:c6:eb:15:a1:c7:
c9:5b:d5:da:5c:32:8b:83:57:c0:c0:3c:68:31:7d:35:ee:9a:
cf:73:2d:39:13:f0:e4:75:7c:70:bc:99:d2:a4:f1:d1:11:aa:
9a:ad:15:57:40:5c:28:f7:85:42:2e:da:ba:60:5c:66:7d:dc:
2e:b3:1e:5c:8d:86:b6:55:5d:78:2d:57:2d:b3:80:ad:53:5a:
47:ba:ad:f3:b8:f5:fc:63:da:52:20:70:f1:4c:db:d5:38:41:
ac:20:55:5e:b6:28:d5:a1:ee:9f:7f:08:b2:67:f9:ec:0c:30:
4f:3e:37:c3:7d:99:4f:32:dc:d3:87:8f:a2:17:2f:b8:6c:c4:
c9:fa:c5:19:15:be:6b:36:e6:92:bf:35:40:2b:57:3a:ac:67:
08:f3:1b:61
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYKsM+fUiZAdxjNbtNhMiaqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjYTk4YjFkMGVjY2NjNGY2ZmYxYTdlN2RiODRiNGJiMmY1
NWIwOGQwHhcNMjIwODE3MTQyNzM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGU2N2Q2OWMxMzc2NDc4ZjA1MGM5ODFmMWNmZTY2OGU2MDQwOTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8rNGORpQFtlLeN/evVWPNSJORCT
5Ruz43IwjjAZv3vpVPMM+C/xG1Agess3u+36KJX5wTWGY7UE7T4jg7QZhuUCa6p9
iIsIxO8EKcpo9tiQg6Pyr6J4vZt7UTJmJnXhsa4eMM0aEVyJzXNmVGG10eZ4XgMo
P/mWrkNmEmWgxrNhPtupAsT9BpYa3WQD4RnE0WpHQ8h8uP/txUKpX31oPp548z7x
0NVn7sn9lLm1GiYEdEIiocQ99+8XFwJlySCfUR73hIGJN4DgldQLTqge/m5bt4oO
7kch0nHR+hLMc5nt6Saik8ghr9VpAXh6lH3p2SIVFfbBaPt0RH4jG6FfeQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFHTmfWnBN2R48FDJgfHP5mjmBAkoMB8GA1UdIwQY
MBaAFPypix0OzMxPb/Gn59uEtLsvVbCNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzIt
NThmMGYzMjVjMmI4LzEvZE9aOWFjRTNaSGp3VU1tQjhjX21hT1lFQ1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85NzFlNzMtZmE4My00NTc5LTg1MzItNThmMGYzMjVjMmI4
LzEvX0ttTEhRN016RTl2OGFmbjI0UzB1eTlWc0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQFPhggAwQC
uSlAAwQCuZuMMBQEAgACMA4DBQAqAxQAAwUDKgczwDANBgkqhkiG9w0BAQsFAAOC
AQEAuuXghzuVvBmrN+esKuA5E33S12VqP1UHx9jibbU2LhCMes8dLrgnQXIehM+x
gfdP6Hc8md+8rpAyhzCvd5cTtrMyFFoNLa9WYRxHTNjA92i52RQYuwScSOcjgncS
jnApikkrs16o9sbrFaHHyVvV2lwyi4NXwMA8aDF9Ne6az3MtORPw5HV8cLyZ0qTx
0RGqmq0VV0BcKPeFQi7aumBcZn3cLrMeXI2GtlVdeC1XLbOArVNaR7qt87j1/GPa
UiBw8Uzb1ThBrCBVXrYo1aHun38Ismf57AwwTz43w32ZTzLc04ePohcvuGzEyfrF
GRW+azbmkr81QCtXOqxnCPMbYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org