Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1-w8TIK6aifkCJw2p3MI_w20L9y4.roa
File: 1-w8TIK6aifkCJw2p3MI_w20L9y4.roa (raw, json)
Hash identifier: y31Phx3TAZaze528YWLr1S5NmvznKaQZwXeMmgEwWk8=
Subject key identifier: FB:0F:13:20:AE:9A:89:F9:02:27:0D:A9:DC:C2:3F:C3:6D:0B:F7:2E
Certificate issuer: /CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Certificate serial: 05B9118F
Authority key identifier: D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1-w8TIK6aifkCJw2p3MI_w20L9y4.roa
Signing time: Sat 01 Jan 2022 15:03:08 +0000
ROA not before: Sat 01 Jan 2022 15:03:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200561
IP address blocks: 185.79.24.0/22 maxlen: 22
185.79.24.0/24 maxlen: 24
185.79.25.0/24 maxlen: 24
185.175.28.0/22 maxlen: 22
2a0b:cb00::/29 maxlen: 29
2a03:20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96014735 (0x5b9118f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d535f8fac7062f77f24b98cd5c3b54a89bad4838
Validity
Not Before: Jan 1 15:03:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb0f1320ae9a89f902270da9dcc23fc36d0bf72e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:60:9b:47:7f:37:94:a2:c9:3f:00:2c:2c:71:
3b:90:80:3a:4e:eb:c0:1a:24:40:e8:2e:8f:a1:4b:
81:06:f1:c0:66:90:b7:9a:a3:59:ce:cf:c6:4f:e1:
34:b3:79:5f:10:5b:18:8b:82:2c:44:65:6e:6b:a3:
ca:1b:16:1e:fe:97:e5:db:79:f3:88:52:51:38:46:
c3:38:ca:2a:7d:b0:44:ab:19:58:33:9e:f1:68:c5:
2c:c0:c3:e0:ae:4a:94:fe:29:ef:43:03:4a:ee:ae:
eb:bc:87:ee:d9:49:bb:45:cb:f3:32:93:1e:0b:96:
38:7f:7b:52:cb:c9:66:55:6b:b8:59:e2:5e:8a:df:
fa:d8:c4:aa:47:a8:a0:db:10:29:d2:3e:90:81:a4:
ab:43:ea:20:b9:27:1a:e1:a5:b1:9d:29:c7:f2:a7:
35:db:db:28:fd:7f:f7:26:cf:96:ed:9d:e7:1f:cb:
d3:28:31:ce:04:f4:a1:ed:1a:bc:34:0b:e0:c8:8f:
0d:71:75:db:fc:e7:ee:13:97:8a:87:91:3b:cd:da:
15:60:2f:49:77:f5:4f:31:c0:f3:97:47:37:12:e1:
ce:b8:2a:7a:d8:47:0b:ef:a8:06:da:1c:d0:53:19:
dd:c6:a1:24:c8:3e:a8:27:74:89:15:b5:59:72:b8:
4f:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:0F:13:20:AE:9A:89:F9:02:27:0D:A9:DC:C2:3F:C3:6D:0B:F7:2E
X509v3 Authority Key Identifier:
keyid:D5:35:F8:FA:C7:06:2F:77:F2:4B:98:CD:5C:3B:54:A8:9B:AD:48:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TX4-scGL3fyS5jNXDtUqJutSDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1-w8TIK6aifkCJw2p3MI_w20L9y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/097da1-7cc9-4343-8024-b310d71c2cad/1/1TX4-scGL3fyS5jNXDtUqJutSDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.24.0/22
185.175.28.0/22
IPv6:
2a03:20::/32
2a0b:cb00::/29
Signature Algorithm: sha256WithRSAEncryption
16:1c:33:c4:2f:63:ed:91:a4:1a:41:e0:04:98:06:0c:e6:37:
b7:de:25:d3:6b:cf:a6:de:23:be:8e:a7:4e:f7:44:fc:7b:61:
cb:6f:ad:24:12:c6:9a:9a:05:32:86:6b:8d:dc:fa:65:40:72:
6e:aa:ac:0b:8a:e1:69:cf:b7:58:d9:ca:f8:35:19:b1:e0:b7:
76:6d:44:0e:82:6c:65:6d:cf:cd:11:69:2a:de:f6:62:40:21:
b0:e8:08:bd:5c:16:55:41:d3:60:a3:10:d7:61:94:a0:3b:cc:
98:da:6a:73:9f:d5:7c:e4:37:9b:40:04:8b:9a:a7:b5:c3:91:
c0:44:61:5f:eb:81:6f:4a:1f:42:5f:d5:bc:c0:81:09:11:24:
47:1a:ab:7c:46:95:18:4f:24:2c:61:ce:43:60:06:43:00:71:
90:e4:c2:c0:1d:36:14:46:2d:00:50:d0:7b:67:ec:58:7e:a4:
6b:42:8b:dd:7b:e0:fd:4c:f5:b6:ed:0b:eb:95:bc:fe:78:c9:
ed:7d:29:66:32:ca:4a:70:80:b6:27:c6:19:26:61:9b:42:2e:
00:a7:f0:e0:bb:e4:d4:7d:8d:b2:62:55:b6:01:6b:3d:62:30:
85:70:83:1b:b6:5c:c9:27:6b:e5:da:63:dc:70:09:c7:3e:c9:
8b:2e:02:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBbkRjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTM1ZjhmYWM3MDYyZjc3ZjI0Yjk4Y2Q1YzNiNTRhODliYWQ0ODM4MB4XDTIyMDEw
MTE1MDMwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmIwZjEzMjBhZTlh
ODlmOTAyMjcwZGE5ZGNjMjNmYzM2ZDBiZjcyZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxgm0d/N5SiyT8ALCxxO5CAOk7rwBokQOguj6FLgQbxwGaQ
t5qjWc7Pxk/hNLN5XxBbGIuCLERlbmujyhsWHv6X5dt584hSUThGwzjKKn2wRKsZ
WDOe8WjFLMDD4K5KlP4p70MDSu6u67yH7tlJu0XL8zKTHguWOH97UsvJZlVruFni
Xorf+tjEqkeooNsQKdI+kIGkq0PqILknGuGlsZ0px/KnNdvbKP1/9ybPlu2d5x/L
0ygxzgT0oe0avDQL4MiPDXF12/zn7hOXioeRO83aFWAvSXf1TzHA85dHNxLhzrgq
ethHC++oBtoc0FMZ3cahJMg+qCd0iRW1WXK4T4MCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBT7DxMgrpqJ+QInDancwj/DbQv3LjAfBgNVHSMEGDAWgBTVNfj6xwYvd/JL
mM1cO1Som61IODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFUWDQtc2NHTDNmeVM1ak5YRHRVcUp1dFNEZy5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvMDk3ZGExLTdjYzktNDM0My04MDI0LWIzMTBkNzFjMmNhZC8x
LzEtdzhUSUs2YWlma0NKdzJwM01JX3cyMEw5eTQucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Ni
LzA5N2RhMS03Y2M5LTQzNDMtODAyNC1iMzEwZDcxYzJjYWQvMS8xVFg0LXNjR0wz
ZnlTNWpOWER0VXFKdXRTRGcuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
OwYIKwYBBQUHAQcBAf8ELDAqMBIEAgABMAwDBAK5TxgDBAK5rxwwFAQCAAIwDgMF
ACoDACADBQMqC8sAMA0GCSqGSIb3DQEBCwUAA4IBAQAWHDPEL2PtkaQaQeAEmAYM
5je33iXTa8+m3iO+jqdO90T8e2HLb60kEsaamgUyhmuN3PplQHJuqqwLiuFpz7dY
2cr4NRmx4Ld2bUQOgmxlbc/NEWkq3vZiQCGw6Ai9XBZVQdNgoxDXYZSgO8yY2mpz
n9V85DebQASLmqe1w5HARGFf64FvSh9CX9W8wIEJESRHGqt8RpUYTyQsYc5DYAZD
AHGQ5MLAHTYURi0AUNB7Z+xYfqRrQovde+D9TPW27Qvrlbz+eMntfSlmMspKcIC2
J8YZJmGbQi4Ap/Dgu+TUfY2yYlW2AWs9YjCFcIMbtlzJJ2vl2mPccAnHPsmLLgJ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:23 2024 by rpki-client on console-ams.rpki-client.org