Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/j4fD4_ttENflSdAT29olcks9xaQ.roa
File: j4fD4_ttENflSdAT29olcks9xaQ.roa (raw, json)
Hash identifier: /e1Sqmmhcd8/zZ+zsKLofGkPYs9067MRuCPmM2eFPWg=
Subject key identifier: 8F:87:C3:E3:FB:6D:10:D7:E5:49:D0:13:DB:DA:25:72:4B:3D:C5:A4
Certificate issuer: /CN=3126e0d5d37bf66f3e9d887eaead9ca63c189489
Certificate serial: 0896D081
Authority key identifier: 31:26:E0:D5:D3:7B:F6:6F:3E:9D:88:7E:AE:AD:9C:A6:3C:18:94:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MSbg1dN79m8-nYh-rq2cpjwYlIk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/j4fD4_ttENflSdAT29olcks9xaQ.roa
Signing time: Sat 01 Jan 2022 04:02:41 +0000
ROA not before: Sat 01 Jan 2022 04:02:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15600
IP address blocks: 185.74.116.0/22 maxlen: 22
194.153.176.0/21 maxlen: 21
94.143.88.0/21 maxlen: 21
2a00:d320::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144101505 (0x896d081)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3126e0d5d37bf66f3e9d887eaead9ca63c189489
Validity
Not Before: Jan 1 04:02:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f87c3e3fb6d10d7e549d013dbda25724b3dc5a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d2:66:4e:73:3e:91:2c:11:3f:1e:f9:d5:13:
8c:72:77:c7:ae:d2:1b:67:47:d5:cb:82:75:77:d2:
1d:c1:14:58:63:11:f0:18:f3:db:0a:c6:aa:85:92:
8d:c0:fa:2a:03:a6:fe:d4:58:83:0b:fa:c3:d1:bf:
47:11:97:90:f1:b4:ad:24:74:b0:9c:81:9a:42:31:
8c:bf:f0:34:9a:1b:ac:66:70:a6:05:ab:01:4b:a7:
0c:d4:ba:35:e0:b7:e3:77:81:fc:60:a9:98:f6:87:
7e:d5:ed:70:d9:2f:05:95:e8:57:59:cf:d3:99:2d:
ca:46:44:5c:60:d8:99:4d:b1:59:a2:8b:a6:74:33:
4a:47:92:57:77:87:be:cc:ac:14:2b:11:b6:18:16:
01:da:47:f2:b5:32:61:da:c6:2a:db:6e:9e:f7:42:
03:47:b0:40:76:e0:c8:bf:a3:24:d6:54:60:b7:0a:
2a:0f:94:12:a0:7a:53:b0:3d:63:35:e4:96:1d:f0:
64:7a:07:f8:f0:fe:88:57:9f:64:25:6d:c3:32:fb:
3b:97:03:fa:04:65:23:ff:aa:84:42:7e:23:66:3c:
92:48:51:c3:02:69:f5:93:18:46:6b:dc:bb:e6:0a:
8d:c7:ab:6f:90:d7:5e:8e:03:5c:b5:04:e4:fc:ff:
92:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:87:C3:E3:FB:6D:10:D7:E5:49:D0:13:DB:DA:25:72:4B:3D:C5:A4
X509v3 Authority Key Identifier:
keyid:31:26:E0:D5:D3:7B:F6:6F:3E:9D:88:7E:AE:AD:9C:A6:3C:18:94:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MSbg1dN79m8-nYh-rq2cpjwYlIk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/j4fD4_ttENflSdAT29olcks9xaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/32ef5a-e2b9-4999-bfb2-6e8ed3c7307e/1/MSbg1dN79m8-nYh-rq2cpjwYlIk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.88.0/21
185.74.116.0/22
194.153.176.0/21
IPv6:
2a00:d320::/29
Signature Algorithm: sha256WithRSAEncryption
74:ee:5f:f5:a2:64:21:98:fc:f1:ad:df:f9:94:39:54:e9:eb:
08:fb:37:1c:23:41:c4:31:76:af:bb:0b:50:9a:86:1a:71:b4:
e9:78:a2:26:41:3c:04:07:47:7a:7d:1d:b6:a7:89:aa:d5:a1:
cb:9a:a6:8f:50:70:a4:8c:1a:74:7f:9a:d9:f4:5f:b9:57:ef:
bf:e5:04:b6:ee:90:87:19:85:d8:1d:37:18:34:f2:5d:67:7a:
49:6b:11:69:0c:28:b4:23:ba:74:9a:20:63:61:d7:8f:e1:d5:
6a:35:8c:e0:34:ea:f0:0f:46:29:b5:c5:97:eb:e7:97:9d:28:
9b:96:85:7e:70:f3:6b:6a:cb:c0:42:26:43:49:78:82:bd:b1:
fb:80:3e:77:b1:2a:59:b0:b6:b4:51:7a:4a:a4:be:c2:48:a0:
a0:eb:41:ee:66:20:c6:0f:18:05:12:35:74:a1:79:8e:51:28:
99:ee:25:aa:43:51:43:fe:4b:f0:cd:7e:53:3a:13:c1:75:07:
52:1a:58:62:4f:fe:8a:91:73:1d:ce:47:eb:b9:31:f8:aa:40:
34:30:ea:d4:08:6d:42:64:16:0a:d4:1c:e5:ea:c8:10:35:84:
56:17:fc:46:c8:17:e3:29:a2:b3:82:56:4d:89:39:5d:95:ef:
66:1e:52:f2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECJbQgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTI2ZTBkNWQzN2JmNjZmM2U5ZDg4N2VhZWFkOWNhNjNjMTg5NDg5MB4XDTIyMDEw
MTA0MDI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY4N2MzZTNmYjZk
MTBkN2U1NDlkMDEzZGJkYTI1NzI0YjNkYzVhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvSZk5zPpEsET8e+dUTjHJ3x67SG2dH1cuCdXfSHcEUWGMR
8Bjz2wrGqoWSjcD6KgOm/tRYgwv6w9G/RxGXkPG0rSR0sJyBmkIxjL/wNJobrGZw
pgWrAUunDNS6NeC343eB/GCpmPaHftXtcNkvBZXoV1nP05ktykZEXGDYmU2xWaKL
pnQzSkeSV3eHvsysFCsRthgWAdpH8rUyYdrGKttunvdCA0ewQHbgyL+jJNZUYLcK
Kg+UEqB6U7A9YzXklh3wZHoH+PD+iFefZCVtwzL7O5cD+gRlI/+qhEJ+I2Y8kkhR
wwJp9ZMYRmvcu+YKjcerb5DXXo4DXLUE5Pz/krMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSPh8Pj+20Q1+VJ0BPb2iVySz3FpDAfBgNVHSMEGDAWgBQxJuDV03v2bz6d
iH6urZymPBiUiTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01TYmcxZE43OW04LW5ZaC1ycTJjcGp3WWxJay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2MvMzJlZjVhLWUyYjktNDk5OS1iZmIyLTZlOGVkM2M3MzA3ZS8x
L2o0ZkQ0X3R0RU5mbFNkQVQyOW9sY2tzOXhhUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Mv
MzJlZjVhLWUyYjktNDk5OS1iZmIyLTZlOGVkM2M3MzA3ZS8xL01TYmcxZE43OW04
LW5ZaC1ycTJjcGp3WWxJay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA16PWAMEArlKdAMEA8KZsDANBAIA
AjAHAwUDKgDTIDANBgkqhkiG9w0BAQsFAAOCAQEAdO5f9aJkIZj88a3f+ZQ5VOnr
CPs3HCNBxDF2r7sLUJqGGnG06XiiJkE8BAdHen0dtqeJqtWhy5qmj1BwpIwadH+a
2fRfuVfvv+UEtu6QhxmF2B03GDTyXWd6SWsRaQwotCO6dJogY2HXj+HVajWM4DTq
8A9GKbXFl+vnl50om5aFfnDza2rLwEImQ0l4gr2x+4A+d7EqWbC2tFF6SqS+wkig
oOtB7mYgxg8YBRI1dKF5jlEome4lqkNRQ/5L8M1+UzoTwXUHUhpYYk/+ipFzHc5H
67kx+KpANDDq1AhtQmQWCtQc5erIEDWEVhf8RsgX4ymis4JWTYk5XZXvZh5S8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:07 2024 by rpki-client on console-fra.rpki-client.org