Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/RLQobkKYEUbyjkvC0zf3mglQSdc.roa
File: RLQobkKYEUbyjkvC0zf3mglQSdc.roa (raw, json)
Hash identifier: qdKMja0eKBGkpHZOsVwNuSXU28oS9uXsUpUiqgqJSW0=
Subject key identifier: 44:B4:28:6E:42:98:11:46:F2:8E:4B:C2:D3:37:F7:9A:09:50:49:D7
Certificate issuer: /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial: 117D448C
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/RLQobkKYEUbyjkvC0zf3mglQSdc.roa
Signing time: Sat 01 Jan 2022 14:58:39 +0000
ROA not before: Sat 01 Jan 2022 14:58:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60042
IP address blocks: 185.42.228.0/22 maxlen: 22
176.118.208.0/22 maxlen: 22
176.118.213.0/24 maxlen: 24
176.118.214.0/23 maxlen: 23
176.118.216.0/22 maxlen: 22
176.118.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 293422220 (0x117d448c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
Validity
Not Before: Jan 1 14:58:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44b4286e42981146f28e4bc2d337f79a095049d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:11:33:06:3e:a4:9a:1f:03:07:8c:94:55:46:
12:1c:86:71:86:ff:d9:b4:de:d5:8c:49:25:12:3e:
d6:a6:78:8b:d3:19:66:4b:d5:31:d4:87:f8:4a:1e:
ba:4a:71:92:6c:bd:00:9e:b3:ef:d3:bd:d6:76:3d:
c3:89:a5:8c:8b:48:a6:3c:9e:99:b0:50:2c:a8:e1:
ab:f9:73:96:dc:a1:6e:72:9f:02:75:8f:1e:e5:2f:
9d:ec:d7:ea:db:ee:e4:fc:31:16:f8:cc:e9:8e:17:
af:b2:7a:67:67:f4:9f:00:0e:24:ce:bc:97:41:cc:
20:b0:c8:3f:00:73:2c:d7:ef:ac:ba:7b:b7:60:37:
41:80:19:40:17:52:9a:da:38:5c:c7:e0:f8:6e:de:
67:83:05:00:5e:81:c8:94:c6:75:10:1f:f8:4d:ae:
f5:e7:50:b0:68:e6:51:4a:a4:44:61:c1:e8:60:52:
ee:d7:a8:49:84:07:f4:11:d2:26:65:9e:c3:96:63:
1e:16:a7:15:d2:78:ac:d1:3a:18:9a:3e:cc:30:c0:
cc:63:30:33:fc:a2:51:69:44:70:78:f9:b2:7a:01:
76:27:c6:29:5d:de:04:2e:71:0a:74:bf:b9:b1:34:
d1:85:ee:bb:23:7f:b6:45:a4:1a:1e:bd:ea:1c:b9:
1b:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:B4:28:6E:42:98:11:46:F2:8E:4B:C2:D3:37:F7:9A:09:50:49:D7
X509v3 Authority Key Identifier:
keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/RLQobkKYEUbyjkvC0zf3mglQSdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.208.0/22
176.118.213.0-176.118.223.255
185.42.228.0/22
Signature Algorithm: sha256WithRSAEncryption
93:bc:77:80:26:87:f8:0d:f7:38:ba:f9:15:8c:91:33:90:3f:
03:44:4c:76:5f:51:73:ce:61:fd:74:8c:81:7a:b8:30:d9:02:
ff:a0:c0:f1:c2:32:a7:d8:34:69:2d:b2:b7:23:42:78:b5:93:
3b:b5:19:f2:69:59:6f:3a:92:49:03:e9:4d:ed:8a:ec:7e:33:
da:c1:ef:5e:d9:22:9a:e0:68:29:61:2a:e5:4f:1c:9e:57:18:
09:bf:e0:d4:1f:9e:9d:3f:b8:32:4d:98:de:ad:56:b3:72:09:
d4:1c:95:bb:cf:b7:04:61:b5:4b:a9:5a:be:7e:05:2c:86:e4:
ec:c4:a7:21:e2:92:db:bd:d3:89:85:9c:5c:7b:44:9d:0e:7a:
a5:f3:dc:fd:a5:0e:32:85:d4:31:e1:74:81:ec:29:67:06:2e:
4d:56:d6:fd:5f:c6:c4:d7:22:ab:f0:90:5b:92:71:6c:25:3c:
4b:5d:83:79:49:40:6f:59:d1:1c:ab:75:91:7a:44:eb:7f:49:
10:c7:1f:43:76:70:ee:80:65:31:72:cf:58:ce:3b:b6:79:bf:
41:63:e3:83:47:6a:38:be:ad:7c:93:32:2a:bd:b5:89:a6:03:
61:e6:38:80:aa:c1:1d:ce:d1:e5:ea:a6:60:30:cc:c0:28:eb:
f8:97:c2:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEEX1EjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjA4ZGI0Mzk2NGI2OTg2ZWM3NDBmMGI1ZTMzZjYyNzU4OWFjNTYwMB4XDTIyMDEw
MTE0NTgzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRiNDI4NmU0Mjk4
MTE0NmYyOGU0YmMyZDMzN2Y3OWEwOTUwNDlkNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIRMwY+pJofAweMlFVGEhyGcYb/2bTe1YxJJRI+1qZ4i9MZ
ZkvVMdSH+Eoeukpxkmy9AJ6z79O91nY9w4mljItIpjyembBQLKjhq/lzltyhbnKf
AnWPHuUvnezX6tvu5PwxFvjM6Y4Xr7J6Z2f0nwAOJM68l0HMILDIPwBzLNfvrLp7
t2A3QYAZQBdSmto4XMfg+G7eZ4MFAF6ByJTGdRAf+E2u9edQsGjmUUqkRGHB6GBS
7teoSYQH9BHSJmWew5ZjHhanFdJ4rNE6GJo+zDDAzGMwM/yiUWlEcHj5snoBdifG
KV3eBC5xCnS/ubE00YXuuyN/tkWkGh696hy5G7UCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBREtChuQpgRRvKOS8LTN/eaCVBJ1zAfBgNVHSMEGDAWgBSmCNtDlktphux0
DwteM/YnWJrFYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BnamJRNVpMYVlic2RBOExYalAySjFpYXhXQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvNTAwMTUwLTE1NTEtNDdkZS1iNTA0LWQ2NDY4M2NlZTE2Zi8x
L1JMUW9ia0tZRVVieWprdkMwemYzbWdsUVNkYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
NTAwMTUwLTE1NTEtNDdkZS1iNTA0LWQ2NDY4M2NlZTE2Zi8xL3BnamJRNVpMYVli
c2RBOExYalAySjFpYXhXQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEArB20DAMAwQAsHbVAwQFsHbAAwQC
uSrkMA0GCSqGSIb3DQEBCwUAA4IBAQCTvHeAJof4Dfc4uvkVjJEzkD8DREx2X1Fz
zmH9dIyBergw2QL/oMDxwjKn2DRpLbK3I0J4tZM7tRnyaVlvOpJJA+lN7YrsfjPa
we9e2SKa4GgpYSrlTxyeVxgJv+DUH56dP7gyTZjerVazcgnUHJW7z7cEYbVLqVq+
fgUshuTsxKch4pLbvdOJhZxce0SdDnql89z9pQ4yhdQx4XSB7ClnBi5NVtb9X8bE
1yKr8JBbknFsJTxLXYN5SUBvWdEcq3WRekTrf0kQxx9DdnDugGUxcs9Yzju2eb9B
Y+ODR2o4vq18kzIqvbWJpgNh5jiAqsEdztHl6qZgMMzAKOv4l8Ib
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:54 2024 by rpki-client on console-ams.rpki-client.org