Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1lUzVUxcE7i2pdNptS6MLIyPlxY.roa
File: 1lUzVUxcE7i2pdNptS6MLIyPlxY.roa (raw, json)
Hash identifier: EXBFwOcdRUzMG/YQO8zShWu2dntXAvSVyoSwmVlPqLM=
Subject key identifier: D6:55:33:55:4C:5C:13:B8:B6:A5:D3:69:B5:2E:8C:2C:8C:8F:97:16
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0182018E297DCFE52C5D8578C2B0FAB1FBE2
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1lUzVUxcE7i2pdNptS6MLIyPlxY.roa
Signing time: Fri 15 Jul 2022 11:11:10 +0000
ROA not before: Fri 15 Jul 2022 11:11:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212017
IP address blocks: 185.128.52.0/22 maxlen: 22
185.121.12.0/22 maxlen: 22
185.227.172.0/22 maxlen: 22
194.48.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:01:8e:29:7d:cf:e5:2c:5d:85:78:c2:b0:fa:b1:fb:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 15 11:11:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d65533554c5c13b8b6a5d369b52e8c2c8c8f9716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6a:7f:ce:86:93:5b:da:4e:a2:ba:0f:f9:59:
1d:4f:7c:aa:fb:09:05:36:5e:0e:e8:f2:70:15:15:
3f:aa:bb:b1:e4:a7:bd:06:0a:bd:ae:b0:32:b0:74:
39:6d:94:6f:0f:e5:5e:b8:9d:50:14:41:03:3a:e0:
ad:27:2b:9f:4c:b3:c8:fd:78:1c:55:a3:d2:c0:0c:
8a:5e:93:8a:7f:66:4c:c4:10:d8:aa:4f:ae:b0:7e:
58:d9:a4:bf:4d:88:bd:78:4c:83:c6:2f:fe:98:5b:
46:48:c7:40:d6:7a:ea:7d:a5:31:a2:03:f9:2a:1f:
34:5b:4d:08:82:a8:04:c0:8a:e5:54:d6:3e:82:14:
fd:d2:81:12:c5:ba:4c:67:bb:24:92:a8:a0:f1:8c:
4a:27:1d:fc:03:3d:dd:07:4a:ff:62:45:27:07:eb:
cd:f2:ef:07:70:d0:79:2d:ae:0a:b7:01:4d:22:44:
c7:eb:78:6a:c8:0c:f6:2d:a3:4b:bf:57:d4:a4:b6:
b7:f1:fe:d0:3c:aa:69:65:31:9c:ef:16:db:a5:bb:
81:ff:70:40:52:86:02:8d:ed:38:c3:33:bf:39:0f:
e7:10:43:44:c4:43:92:53:c9:10:d9:7c:d4:79:27:
f1:35:86:db:61:58:c1:64:f0:9f:ef:85:d1:98:4d:
16:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:55:33:55:4C:5C:13:B8:B6:A5:D3:69:B5:2E:8C:2C:8C:8F:97:16
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1lUzVUxcE7i2pdNptS6MLIyPlxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.12.0/22
185.128.52.0/22
185.227.172.0/22
194.48.140.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:3a:53:86:c7:06:d5:8f:b3:b2:c6:05:47:91:ae:0a:0c:6c:
5b:61:5d:ca:97:b2:bc:2a:10:d1:80:b9:c2:5a:03:f3:b4:43:
6a:42:e5:10:ee:3b:8e:d4:b5:7c:b4:1e:fa:b5:7a:1a:86:fc:
9e:d4:88:21:4a:d2:11:66:69:d2:f0:f4:88:20:39:c0:5e:cb:
41:d8:2e:6d:e7:2b:1e:ff:4b:6f:f7:43:53:30:9a:93:c6:89:
c5:72:de:b1:77:02:e1:cc:4d:73:5f:93:91:a2:87:34:ce:b6:
be:6c:9c:49:dd:0b:e8:d2:04:77:42:64:92:eb:92:51:e9:4c:
17:06:7f:ac:87:c0:23:87:51:8d:a2:ed:48:b1:f1:6a:fd:81:
2e:73:f9:03:9f:1a:30:ef:f5:ed:42:f4:2c:17:6a:9e:be:f7:
dc:35:e3:3e:e0:3b:4f:57:20:1f:74:e7:16:a1:32:bb:93:88:
d4:99:fb:3a:60:fc:21:d8:9f:3b:84:80:4f:76:e8:11:7d:e1:
86:72:ae:d9:17:56:47:89:ca:46:d2:02:9e:ed:d4:97:5a:d6:
a9:f9:3b:02:3e:6f:f6:c6:58:75:6b:ac:39:5c:75:80:e4:15:
c3:79:cd:8e:24:74:08:97:40:b2:6b:93:cb:b8:f1:6c:69:15:
3e:fe:29:14
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYIBjil9z+UsXYV4wrD6sfviMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIwNzE1MTExMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjU1MzM1NTRjNWMxM2I4YjZhNWQzNjliNTJlOGMyYzhjOGY5NzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2p/zoaTW9pOoroP+VkdT3yq+wkF
Nl4O6PJwFRU/qrux5Ke9Bgq9rrAysHQ5bZRvD+VeuJ1QFEEDOuCtJyufTLPI/Xgc
VaPSwAyKXpOKf2ZMxBDYqk+usH5Y2aS/TYi9eEyDxi/+mFtGSMdA1nrqfaUxogP5
Kh80W00IgqgEwIrlVNY+ghT90oESxbpMZ7skkqig8YxKJx38Az3dB0r/YkUnB+vN
8u8HcNB5La4KtwFNIkTH63hqyAz2LaNLv1fUpLa38f7QPKppZTGc7xbbpbuB/3BA
UoYCje04wzO/OQ/nEENExEOSU8kQ2XzUeSfxNYbbYVjBZPCf74XRmE0WZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNZVM1VMXBO4tqXTabUujCyMj5cWMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMWxVelZVeGNFN2kycGROcHRTNk1MSXlQbHhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXkMAwQC
uYA0AwQCueOsAwQCwjCMMA0GCSqGSIb3DQEBCwUAA4IBAQAMOlOGxwbVj7OyxgVH
ka4KDGxbYV3Kl7K8KhDRgLnCWgPztENqQuUQ7juO1LV8tB76tXoahvye1IghStIR
ZmnS8PSIIDnAXstB2C5t5yse/0tv90NTMJqTxonFct6xdwLhzE1zX5ORooc0zra+
bJxJ3Qvo0gR3QmSS65JR6UwXBn+sh8Ajh1GNou1IsfFq/YEuc/kDnxow7/XtQvQs
F2qevvfcNeM+4DtPVyAfdOcWoTK7k4jUmfs6YPwh2J87hIBPdugRfeGGcq7ZF1ZH
icpG0gKe7dSXWtap+TsCPm/2xlh1a6w5XHWA5BXDec2OJHQIl0Cya5PLuPFsaRU+
/ikU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:40 2024 by rpki-client on console-fra.rpki-client.org