Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/dJd4BewSLJmo9Fr2jSnWvz6aNH4.roa
File: dJd4BewSLJmo9Fr2jSnWvz6aNH4.roa (raw, json)
Hash identifier: bPMi/cNq/DgTB4FQ9pEuPk4tCEfvSiJbIUjTopCNO5A=
Subject key identifier: 74:97:78:05:EC:12:2C:99:A8:F4:5A:F6:8D:29:D6:BF:3E:9A:34:7E
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 05EDEE60
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/dJd4BewSLJmo9Fr2jSnWvz6aNH4.roa
Signing time: Fri 28 Jan 2022 13:38:49 +0000
ROA not before: Fri 28 Jan 2022 13:38:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205059
IP address blocks: 185.129.17.0/24 maxlen: 24
185.129.16.0/24 maxlen: 24
185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
185.231.110.0/24 maxlen: 24
185.231.111.0/24 maxlen: 24
2a0f:aac0::/48 maxlen: 48
2a0f:aac0:1::/48 maxlen: 48
2a0f:aac0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99479136 (0x5edee60)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 28 13:38:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74977805ec122c99a8f45af68d29d6bf3e9a347e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:33:a2:c4:69:3a:c2:0f:34:cd:b2:2d:a0:85:
ff:f8:0f:8c:7d:17:1a:61:b6:d9:11:08:ca:ec:89:
24:2c:e4:f1:83:91:e2:03:2b:87:39:29:73:86:7f:
8d:ae:93:ec:36:9d:33:8a:3a:0a:17:f3:34:90:b3:
e5:cb:c1:69:b9:df:2a:a3:3b:5d:97:31:cf:22:ed:
ca:a5:3e:2a:3e:16:86:bd:34:0b:19:dc:f8:31:26:
90:bf:b7:cb:f0:3a:59:e4:88:50:0f:2f:63:53:2c:
1a:23:02:e6:e7:ff:09:93:a0:56:4d:2b:55:ed:03:
52:aa:fc:6b:37:23:9c:6f:b5:21:d8:1e:31:fc:be:
a8:63:6d:04:a9:a0:56:88:0a:25:62:56:26:fe:73:
57:c8:e2:f7:81:27:db:ea:4b:33:f9:1e:c3:7f:a5:
6a:72:e8:aa:3e:9e:70:49:b8:ec:0b:0b:0b:03:56:
71:9c:69:b5:59:16:33:54:e0:b8:d2:9d:02:ac:20:
a0:2e:d8:93:96:ac:4f:6e:8f:e5:64:e5:d3:4a:4d:
67:c9:ea:3a:d9:27:56:0d:a7:bb:45:95:5a:bf:e3:
13:1c:82:10:c4:b1:16:65:3c:9b:a1:aa:60:55:0d:
c6:8d:38:86:a8:f5:5e:38:14:7b:05:00:eb:7c:ca:
89:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:97:78:05:EC:12:2C:99:A8:F4:5A:F6:8D:29:D6:BF:3E:9A:34:7E
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/dJd4BewSLJmo9Fr2jSnWvz6aNH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.16.0/23
185.231.108.0/22
IPv6:
2a0f:aac0::-2a0f:aac0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
92:71:89:19:fd:94:b1:19:53:da:3f:65:99:be:fa:f5:a0:64:
ae:53:63:40:ea:6b:fc:29:a9:af:77:9c:af:c3:72:07:42:51:
63:22:91:91:f7:b3:13:61:57:99:19:2f:87:e8:7a:4b:2b:4a:
c0:aa:03:46:f9:c7:e2:93:9d:86:e8:43:9a:20:15:7f:41:1d:
ef:cc:f4:bc:9e:f5:61:ab:44:ef:98:01:96:18:7e:b2:a5:e5:
44:12:4f:94:1f:d0:ac:0b:e4:e0:4d:bb:22:ba:3a:1c:f9:25:
54:6f:0e:40:8a:5a:5f:58:96:d2:3d:71:00:be:c8:52:77:c1:
d9:22:20:d8:03:a2:63:0e:aa:ab:55:ba:ef:b8:ae:b7:42:cc:
93:fb:86:b4:72:de:f9:b3:e0:35:c1:01:75:cf:f2:bc:a4:62:
be:d9:3b:c8:a9:ff:7e:06:fc:14:a5:af:10:e8:33:99:4f:d1:
73:50:24:d9:9a:ae:78:31:cc:40:f7:e4:96:34:64:dc:a5:cc:
59:e0:fb:96:af:00:00:5d:fc:10:6a:0e:61:c0:8b:cc:c8:98:
62:38:56:13:c1:14:92:b8:35:78:11:1f:10:e4:7b:2c:a4:a8:
52:a0:e0:77:30:ef:4f:99:a0:b3:50:7c:8e:d7:bc:eb:64:c5:
40:dc:73:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEBe3uYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGEyMDg1YzdkZTNiNTk4MjE2Yjg5ZmIwZjJiMWQ5MzBkZTY2YzE5MB4XDTIyMDEy
ODEzMzg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ5Nzc4MDVlYzEy
MmM5OWE4ZjQ1YWY2OGQyOWQ2YmYzZTlhMzQ3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO4zosRpOsIPNM2yLaCF//gPjH0XGmG22REIyuyJJCzk8YOR
4gMrhzkpc4Z/ja6T7DadM4o6ChfzNJCz5cvBabnfKqM7XZcxzyLtyqU+Kj4Whr00
Cxnc+DEmkL+3y/A6WeSIUA8vY1MsGiMC5uf/CZOgVk0rVe0DUqr8azcjnG+1Idge
Mfy+qGNtBKmgVogKJWJWJv5zV8ji94En2+pLM/kew3+lanLoqj6ecEm47AsLCwNW
cZxptVkWM1TguNKdAqwgoC7Yk5asT26P5WTl00pNZ8nqOtknVg2nu0WVWr/jExyC
EMSxFmU8m6GqYFUNxo04hqj1XjgUewUA63zKiRECAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBR0l3gF7BIsmaj0WvaNKda/Ppo0fjAfBgNVHSMEGDAWgBS0oghcfeO1mCFr
ifsPKx2TDeZsGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RLSUlYSDNqdFpnaGE0bjdEeXNka3czbWJCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZDY1MTNkLTJkNTMtNDAyMi04MzYwLTMxMTc5ODk2MDFhZC8x
L2RKZDRCZXdTTEptbzlGcjJqU25Xdno2YU5INC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZDY1MTNkLTJkNTMtNDAyMi04MzYwLTMxMTc5ODk2MDFhZC8xL3RLSUlYSDNqdFpn
aGE0bjdEeXNka3czbWJCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wEgQCAAEwDAMEAbmBEAMEArnnbDAYBAIAAjASMBAD
BQYqD6rAAwcAKg+qwAACMA0GCSqGSIb3DQEBCwUAA4IBAQCScYkZ/ZSxGVPaP2WZ
vvr1oGSuU2NA6mv8Kamvd5yvw3IHQlFjIpGR97MTYVeZGS+H6HpLK0rAqgNG+cfi
k52G6EOaIBV/QR3vzPS8nvVhq0TvmAGWGH6ypeVEEk+UH9CsC+TgTbsiujoc+SVU
bw5AilpfWJbSPXEAvshSd8HZIiDYA6JjDqqrVbrvuK63QsyT+4a0ct75s+A1wQF1
z/K8pGK+2TvIqf9+BvwUpa8Q6DOZT9FzUCTZmq54McxA9+SWNGTcpcxZ4PuWrwAA
XfwQag5hwIvMyJhiOFYTwRSSuDV4ER8Q5HsspKhSoOB3MO9PmaCzUHyO17zrZMVA
3HNS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:53 2024 by rpki-client on console-ams.rpki-client.org