Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/hTdc0wMrvX1RkCWw81vIbOXoXTs.roa
File: hTdc0wMrvX1RkCWw81vIbOXoXTs.roa (raw, json)
Hash identifier: gVv3r5wiuLxvTqtPmGJU3M7E7Ljv9BVixXbia9KenFo=
Subject key identifier: 85:37:5C:D3:03:2B:BD:7D:51:90:25:B0:F3:5B:C8:6C:E5:E8:5D:3B
Certificate issuer: /CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Certificate serial: 380E19FE
Authority key identifier: B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/hTdc0wMrvX1RkCWw81vIbOXoXTs.roa
Signing time: Wed 26 Jan 2022 06:27:39 +0000
ROA not before: Wed 26 Jan 2022 06:27:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15435
IP address blocks: 141.224.192.0/18 maxlen: 24
149.143.32.0/19 maxlen: 24
204.168.128.0/17 maxlen: 24
149.143.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 940448254 (0x380e19fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a4a601ca35c6c8376b89aaf443b63ea439cdb8
Validity
Not Before: Jan 26 06:27:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85375cd3032bbd7d519025b0f35bc86ce5e85d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:bc:79:96:99:ec:25:65:ed:7c:a7:f4:7a:33:
53:a3:40:e4:18:4d:c8:c4:5c:55:9e:03:f4:25:81:
a7:0c:f9:e2:6b:4f:76:2a:df:e9:c2:57:dd:38:ba:
1d:a0:86:82:3f:69:96:a6:6a:de:fd:52:57:5d:62:
c6:57:5c:9c:d0:75:0d:3d:d8:27:d3:19:6a:63:12:
67:f1:4a:cd:20:38:ec:4c:83:96:cc:3b:9a:ff:84:
3d:74:55:04:7e:28:0b:ff:df:0a:47:77:62:ef:42:
3a:ef:ac:77:0d:e0:18:90:78:ae:7c:b3:65:88:42:
99:4e:de:f9:05:27:63:bc:37:21:4e:87:8a:94:3b:
57:0c:6c:b5:d4:31:21:32:d2:43:67:10:27:59:60:
aa:34:0d:81:07:99:50:b4:d7:54:4a:42:6c:34:e6:
57:34:67:ba:2f:da:5a:6d:aa:16:94:43:eb:03:c8:
15:49:30:3e:70:ff:70:0d:70:49:bd:a9:95:a7:31:
2b:f1:a7:38:ce:81:cd:a4:44:89:db:29:3a:13:0f:
b1:38:b5:0b:6a:e1:bd:cd:8f:7f:e0:cd:6f:31:a3:
ae:a2:bf:b3:aa:49:50:55:c6:a8:f1:94:0d:77:ed:
90:3e:ad:5f:c5:69:43:76:60:90:b5:f2:17:73:04:
46:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:37:5C:D3:03:2B:BD:7D:51:90:25:B0:F3:5B:C8:6C:E5:E8:5D:3B
X509v3 Authority Key Identifier:
keyid:B1:A4:A6:01:CA:35:C6:C8:37:6B:89:AA:F4:43:B6:3E:A4:39:CD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saSmAco1xsg3a4mq9EO2PqQ5zbg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/hTdc0wMrvX1RkCWw81vIbOXoXTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/dfec40-b86e-494c-ba10-3a5628cc81d9/1/saSmAco1xsg3a4mq9EO2PqQ5zbg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.224.192.0/18
149.143.32.0-149.143.127.255
204.168.128.0/17
Signature Algorithm: sha256WithRSAEncryption
7b:2f:37:0e:c1:36:c5:65:6d:b2:5b:48:a1:b5:00:86:df:57:
dd:90:66:cd:b5:47:75:7a:57:26:fb:a1:1b:03:ce:f7:20:3a:
25:16:f6:ed:20:21:82:35:14:db:5c:68:c1:03:12:e0:f4:c4:
cf:99:64:7b:5f:05:0b:5f:98:59:0a:f2:1a:75:cd:65:2f:e2:
96:99:0c:8c:15:f2:4d:9b:7a:e4:d9:8e:57:8e:44:fb:a2:e9:
b8:11:aa:35:ff:8a:eb:cf:65:41:fa:f6:32:1a:33:ff:08:52:
7f:71:d1:84:5d:b5:cd:c1:83:d3:49:07:4a:c0:d9:2e:b3:89:
6d:37:65:9e:49:26:4c:71:53:29:85:16:6a:71:1d:c6:de:93:
9e:a3:ad:fb:1c:5b:f5:6e:4b:03:73:3a:3e:90:00:21:01:3c:
bd:26:6c:93:27:02:52:82:bf:9d:42:99:95:c5:51:aa:c1:16:
50:3a:8d:e7:a0:26:a6:27:13:b3:e5:39:44:9d:eb:65:ad:ba:
bd:30:5b:a1:31:74:97:67:cf:f3:4f:64:e4:f1:d7:15:55:39:
03:00:6b:7d:3d:47:fc:73:80:91:b6:aa:32:25:72:ef:d6:79:
d3:69:45:bf:13:ef:03:fd:43:7c:86:96:89:b7:6e:04:b4:3b:
0d:ee:5e:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEOA4Z/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWE0YTYwMWNhMzVjNmM4Mzc2Yjg5YWFmNDQzYjYzZWE0MzljZGI4MB4XDTIyMDEy
NjA2MjczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUzNzVjZDMwMzJi
YmQ3ZDUxOTAyNWIwZjM1YmM4NmNlNWU4NWQzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPq8eZaZ7CVl7Xyn9HozU6NA5BhNyMRcVZ4D9CWBpwz54mtP
dirf6cJX3Ti6HaCGgj9plqZq3v1SV11ixldcnNB1DT3YJ9MZamMSZ/FKzSA47EyD
lsw7mv+EPXRVBH4oC//fCkd3Yu9COu+sdw3gGJB4rnyzZYhCmU7e+QUnY7w3IU6H
ipQ7VwxstdQxITLSQ2cQJ1lgqjQNgQeZULTXVEpCbDTmVzRnui/aWm2qFpRD6wPI
FUkwPnD/cA1wSb2placxK/GnOM6BzaREidspOhMPsTi1C2rhvc2Pf+DNbzGjrqK/
s6pJUFXGqPGUDXftkD6tX8VpQ3ZgkLXyF3MERjcCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSFN1zTAyu9fVGQJbDzW8hs5ehdOzAfBgNVHSMEGDAWgBSxpKYByjXGyDdr
iar0Q7Y+pDnNuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhU21BY28xeHNnM2E0bXE5RU8yUHFRNXpiZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZGZlYzQwLWI4NmUtNDk0Yy1iYTEwLTNhNTYyOGNjODFkOS8x
L2hUZGMwd01ydlgxUmtDV3c4MXZJYk9Yb1hUcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZGZlYzQwLWI4NmUtNDk0Yy1iYTEwLTNhNTYyOGNjODFkOS8xL3NhU21BY28xeHNn
M2E0bXE5RU8yUHFRNXpiZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEBo3gwDAMAwQFlY8gAwQHlY8AAwQH
zKiAMA0GCSqGSIb3DQEBCwUAA4IBAQB7LzcOwTbFZW2yW0ihtQCG31fdkGbNtUd1
elcm+6EbA873IDolFvbtICGCNRTbXGjBAxLg9MTPmWR7XwULX5hZCvIadc1lL+KW
mQyMFfJNm3rk2Y5XjkT7oum4Eao1/4rrz2VB+vYyGjP/CFJ/cdGEXbXNwYPTSQdK
wNkus4ltN2WeSSZMcVMphRZqcR3G3pOeo637HFv1bksDczo+kAAhATy9JmyTJwJS
gr+dQpmVxVGqwRZQOo3noCamJxOz5TlEnetlrbq9MFuhMXSXZ8/zT2Tk8dcVVTkD
AGt9PUf8c4CRtqoyJXLv1nnTaUW/E+8D/UN8hpaJt24EtDsN7l7P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:54 2024 by rpki-client on console-ams.rpki-client.org