Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/p9oFPbBuYDAQGDKrZiKYR8fgQ5E.roa
File: p9oFPbBuYDAQGDKrZiKYR8fgQ5E.roa (raw, json)
Hash identifier: 8g+7BcN3p/AoZU4AMXNFcNHFKzf5Xb7qb5l5ixB7nOk=
Subject key identifier: A7:DA:05:3D:B0:6E:60:30:10:18:32:AB:66:22:98:47:C7:E0:43:91
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 17CCA77B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/p9oFPbBuYDAQGDKrZiKYR8fgQ5E.roa
Signing time: Sat 01 Jan 2022 04:54:29 +0000
ROA not before: Sat 01 Jan 2022 04:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134176
IP address blocks: 85.209.254.0/24 maxlen: 32
85.209.255.0/24 maxlen: 32
185.190.81.0/24 maxlen: 24
185.137.182.0/24 maxlen: 24
79.174.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 399288187 (0x17cca77b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 04:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a7da053db06e6030101832ab66229847c7e04391
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:41:89:6c:f9:89:ff:c0:9d:d3:e9:86:29:48:
3a:99:4b:cc:61:db:f8:88:ab:2e:5c:2d:2f:2d:a6:
bd:93:eb:e5:ec:c2:5f:18:03:70:05:38:bb:b4:7d:
d4:70:6d:39:1f:55:c7:bf:fc:97:42:70:59:35:55:
0d:cd:76:3a:64:de:68:f6:d9:f2:1d:f9:2c:e3:62:
96:2d:ae:d3:df:96:80:d1:c4:32:6a:27:84:5b:f4:
c9:13:13:a3:65:70:dd:75:59:36:91:1f:9e:27:e3:
c8:8f:f1:c0:cf:5a:43:cb:8a:5f:4c:57:b9:fc:73:
6b:c9:26:03:e8:9a:44:72:f9:0d:3d:14:bf:46:b8:
5e:a7:c8:5f:85:48:20:2a:7e:be:af:05:ec:ec:83:
79:75:8e:96:e1:5a:bc:fe:23:1a:59:91:eb:33:52:
ad:85:aa:b1:47:da:c9:b4:02:82:e5:10:bf:0e:44:
33:14:f6:28:60:e5:62:f8:5b:3f:f9:9a:da:90:8f:
d9:1e:ec:68:73:e5:f4:8f:75:9e:53:83:26:fe:b2:
e3:4f:c1:f0:55:d2:24:db:1f:61:d8:7a:f3:8f:d8:
7e:7d:4a:42:01:31:a7:c1:eb:59:ad:a2:56:c3:50:
1c:39:ce:f5:74:ed:27:16:d7:76:bd:36:3c:d4:d5:
99:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:DA:05:3D:B0:6E:60:30:10:18:32:AB:66:22:98:47:C7:E0:43:91
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/p9oFPbBuYDAQGDKrZiKYR8fgQ5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.20.0/24
85.209.254.0/23
185.137.182.0/24
185.190.81.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:b8:24:75:ab:33:1a:3f:31:15:ac:26:cc:0d:df:79:11:6a:
c3:74:a5:d9:2d:51:c9:f6:fc:6e:9e:38:24:19:90:65:dd:37:
d5:40:31:65:05:91:50:8c:44:eb:60:e9:2b:f0:f9:37:9b:51:
c7:41:28:03:16:54:8a:e5:1f:89:b3:bf:d0:41:81:0b:3c:55:
e4:39:39:44:2a:40:43:b6:29:5f:c0:4e:98:cd:25:22:68:82:
16:27:18:85:fa:14:aa:20:59:45:bc:7c:92:6d:73:08:13:93:
dd:42:f4:79:65:bf:5e:b1:97:95:70:0b:9a:16:f7:90:7c:09:
9b:c5:37:22:90:62:91:f6:9a:64:93:56:fa:ac:08:ee:45:43:
41:ec:8d:41:b7:01:7f:f7:f8:eb:16:e1:b9:ac:91:a9:b1:25:
b7:3d:a5:75:78:20:5a:78:59:2c:8f:9f:35:81:9f:75:57:8b:
99:39:f0:ce:74:41:08:b4:bc:aa:43:f9:13:f2:da:d5:e4:f6:
10:d8:43:45:c9:08:c5:15:d0:3b:b8:73:ba:13:a0:d0:e4:18:
a3:d3:f7:4f:59:e2:93:17:4a:75:60:94:52:5e:ab:30:31:da:
5a:0b:4b:dd:33:5a:5b:1a:55:52:12:ce:87:0a:d0:69:61:4e:
3d:7c:33:6a
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEF8ynezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTdkYTA1M2RiMDZl
NjAzMDEwMTgzMmFiNjYyMjk4NDdjN2UwNDM5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFBiWz5if/AndPphilIOplLzGHb+IirLlwtLy2mvZPr5ezC
XxgDcAU4u7R91HBtOR9Vx7/8l0JwWTVVDc12OmTeaPbZ8h35LONili2u09+WgNHE
MmonhFv0yRMTo2Vw3XVZNpEfnifjyI/xwM9aQ8uKX0xXufxza8kmA+iaRHL5DT0U
v0a4XqfIX4VIICp+vq8F7OyDeXWOluFavP4jGlmR6zNSrYWqsUfaybQCguUQvw5E
MxT2KGDlYvhbP/ma2pCP2R7saHPl9I91nlODJv6y40/B8FXSJNsfYdh684/Yfn1K
QgExp8HrWa2iVsNQHDnO9XTtJxbXdr02PNTVmQcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSn2gU9sG5gMBAYMqtmIphHx+BDkTAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3A5b0ZQYkJ1WURBUUdES3JaaUtZUjhmZ1E1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAE+uFAMEAVXR/gMEALmJtgMEALm+
UTANBgkqhkiG9w0BAQsFAAOCAQEAqrgkdaszGj8xFawmzA3feRFqw3Sl2S1Ryfb8
bp44JBmQZd031UAxZQWRUIxE62DpK/D5N5tRx0EoAxZUiuUfibO/0EGBCzxV5Dk5
RCpAQ7YpX8BOmM0lImiCFicYhfoUqiBZRbx8km1zCBOT3UL0eWW/XrGXlXALmhb3
kHwJm8U3IpBikfaaZJNW+qwI7kVDQeyNQbcBf/f46xbhuayRqbEltz2ldXggWnhZ
LI+fNYGfdVeLmTnwznRBCLS8qkP5E/La1eT2ENhDRckIxRXQO7hzuhOg0OQYo9P3
T1nikxdKdWCUUl6rMDHaWgtL3TNaWxpVUhLOhwrQaWFOPXwzag==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org