Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7NxdkSDIlHT_Uny18DAxLeJC9qw.roa
File: 7NxdkSDIlHT_Uny18DAxLeJC9qw.roa (raw, json)
Hash identifier: /Xj4SyIonHRCH6CxeRDBxjp1j87OR2Yn33xzkG1lkBI=
Subject key identifier: EC:DC:5D:91:20:C8:94:74:FF:52:7C:B5:F0:30:31:2D:E2:42:F6:AC
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018456D396BA97F30275C884BE5B688CAC26
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7NxdkSDIlHT_Uny18DAxLeJC9qw.roa
Signing time: Tue 08 Nov 2022 10:40:17 +0000
ROA not before: Tue 08 Nov 2022 10:40:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3170
IP address blocks: 185.133.73.0/24 maxlen: 32
185.137.181.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:56:d3:96:ba:97:f3:02:75:c8:84:be:5b:68:8c:ac:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Nov 8 10:40:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ecdc5d9120c89474ff527cb5f030312de242f6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:63:71:0c:8d:8f:59:ac:43:6a:81:f5:f3:51:
f8:1a:c5:52:8a:57:8f:2f:80:6a:c7:e0:a8:da:f5:
86:54:09:9b:1d:d1:3b:77:af:c2:e4:d6:24:63:36:
cb:32:e5:67:02:4c:ee:81:cf:eb:b9:e2:ae:bb:ee:
6d:b9:df:16:f5:cd:f1:38:7e:be:cf:fd:e7:ca:65:
fa:e7:88:85:21:b4:ac:37:96:9d:ff:7a:44:6a:22:
df:78:ff:e1:2c:67:37:7f:41:19:66:11:55:67:93:
1d:b1:dd:20:04:cb:bb:dc:32:d3:06:17:39:b5:0b:
61:12:63:2d:9c:48:fe:25:4e:dd:6d:14:3b:14:39:
2b:b3:a8:4e:8f:a4:6b:81:63:16:6f:47:b3:6b:ea:
6e:3b:20:b1:99:a6:9c:00:f9:f4:4c:72:85:dc:24:
fe:23:8e:35:69:67:0c:a0:f6:c5:2b:26:ab:c2:0c:
99:4a:82:19:0e:c2:13:41:18:47:7f:fd:4e:2a:d8:
f4:9e:eb:1c:0f:73:10:49:90:61:48:17:81:29:6d:
5b:9a:c2:29:67:e6:2c:82:41:bf:20:f4:e0:3d:92:
ab:85:71:b6:27:a2:0e:b4:f8:14:fe:bb:86:b6:a1:
ad:32:03:bf:2c:55:e5:57:4a:cd:46:55:9a:43:77:
79:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:DC:5D:91:20:C8:94:74:FF:52:7C:B5:F0:30:31:2D:E2:42:F6:AC
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/7NxdkSDIlHT_Uny18DAxLeJC9qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.73.0/24
185.137.181.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
d1:6c:f1:5c:84:36:08:38:8c:92:ad:a1:2b:b5:e9:75:e1:f4:
99:f4:fe:ad:54:ec:5e:9b:c7:41:e9:6a:32:d4:44:14:7e:c8:
be:73:bb:eb:50:66:37:80:f8:06:39:e0:fc:9c:6b:48:2a:6d:
af:26:32:90:ae:db:0d:3c:39:ee:42:77:06:c8:58:7d:3c:06:
54:04:b9:13:fe:21:d9:27:71:8d:1b:8b:66:64:4b:0d:49:c7:
70:19:c2:a1:09:b9:67:ce:f2:80:3c:df:db:7c:73:9f:74:de:
4a:f3:91:f9:86:9d:fd:5e:36:6f:96:7d:90:ad:db:cd:36:10:
75:97:42:08:88:26:db:7a:0c:14:6c:37:3f:2d:24:5e:f3:35:
53:d3:5e:7e:4f:2f:d8:25:8c:5e:bd:24:01:c8:4b:7a:d8:49:
9a:8f:1d:e1:a0:73:d6:db:97:4d:c3:bd:8c:40:aa:de:d9:a7:
01:a4:7c:5a:22:91:03:e1:d3:f4:db:ed:84:3a:e9:8f:cc:1c:
8f:1f:65:7e:3e:17:25:cc:47:60:cd:db:d4:54:36:44:0b:78:
da:51:44:11:7d:1e:fb:1c:07:90:53:be:d8:ca:7d:2c:d9:34:
d4:70:74:6c:75:3c:dd:53:59:8b:95:70:e8:6e:33:70:d4:f4:
46:40:79:7c
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYRW05a6l/MCdciEvltojKwmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjIxMTA4MTA0MDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2RjNWQ5MTIwYzg5NDc0ZmY1MjdjYjVmMDMwMzEyZGUyNDJmNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGNxDI2PWaxDaoH181H4GsVSileP
L4Bqx+Co2vWGVAmbHdE7d6/C5NYkYzbLMuVnAkzugc/rueKuu+5tud8W9c3xOH6+
z/3nymX654iFIbSsN5ad/3pEaiLfeP/hLGc3f0EZZhFVZ5Mdsd0gBMu73DLTBhc5
tQthEmMtnEj+JU7dbRQ7FDkrs6hOj6RrgWMWb0eza+puOyCxmaacAPn0THKF3CT+
I441aWcMoPbFKyarwgyZSoIZDsITQRhHf/1OKtj0nuscD3MQSZBhSBeBKW1bmsIp
Z+YsgkG/IPTgPZKrhXG2J6IOtPgU/ruGtqGtMgO/LFXlV0rNRlWaQ3d5JQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFOzcXZEgyJR0/1J8tfAwMS3iQvasMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvN054ZGtTRElsSFRfVW55MThEQXhMZUpDOXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuYVJAwQA
uYm1MA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBANFs8VyENgg4
jJKtoSu16XXh9Jn0/q1U7F6bx0HpajLURBR+yL5zu+tQZjeA+AY54Pyca0gqba8m
MpCu2w08Oe5CdwbIWH08BlQEuRP+IdkncY0bi2ZkSw1Jx3AZwqEJuWfO8oA839t8
c5903krzkfmGnf1eNm+WfZCt2802EHWXQgiIJtt6DBRsNz8tJF7zNVPTXn5PL9gl
jF69JAHIS3rYSZqPHeGgc9bbl03DvYxAqt7ZpwGkfFoikQPh0/Tb7YQ66Y/MHI8f
ZX4+FyXMR2DN29RUNkQLeNpRRBF9HvscB5BTvtjKfSzZNNRwdGx1PN1TWYuVcOhu
M3DU9EZAeXw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org