Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/887620-f385-43f4-9be2-a99c39090db4/1/4NYbfrmB6-ewMvy8Erh-KyjJsac.roa
File: 4NYbfrmB6-ewMvy8Erh-KyjJsac.roa (raw, json)
Hash identifier: 5lAegSTSbzMbfLpG0jtN9ItnRd0hfZY6WTkEfaQnOL8=
Subject key identifier: E0:D6:1B:7E:B9:81:EB:E7:B0:32:FC:BC:12:B8:7E:2B:28:C9:B1:A7
Certificate issuer: /CN=1d28b18df244db89f2b97a6c72629733b388602f
Certificate serial: 09407B27
Authority key identifier: 1D:28:B1:8D:F2:44:DB:89:F2:B9:7A:6C:72:62:97:33:B3:88:60:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HSixjfJE24nyuXpscmKXM7OIYC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/887620-f385-43f4-9be2-a99c39090db4/1/4NYbfrmB6-ewMvy8Erh-KyjJsac.roa
Signing time: Sat 01 Jan 2022 01:01:55 +0000
ROA not before: Sat 01 Jan 2022 01:01:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33856
IP address blocks: 185.98.252.0/22 maxlen: 24
2a04:6600::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 155220775 (0x9407b27)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d28b18df244db89f2b97a6c72629733b388602f
Validity
Not Before: Jan 1 01:01:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0d61b7eb981ebe7b032fcbc12b87e2b28c9b1a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:16:c0:20:54:cd:22:ef:0b:3d:cb:44:36:37:
68:13:27:ea:a3:77:4f:f4:a4:df:df:f1:16:96:4f:
37:d1:13:36:ca:54:0a:14:c4:20:2b:5f:a4:6b:78:
96:e8:9f:33:fe:5c:1f:57:84:a5:de:3f:7d:6d:03:
42:f4:f7:9b:c9:28:c5:c7:98:74:4c:9f:78:66:00:
90:f5:88:a6:16:35:34:0c:40:d6:b4:a8:61:14:81:
9a:9a:56:4e:64:b2:7c:a5:ce:a0:40:f3:a9:9b:26:
e9:b8:e3:bf:ef:65:fe:0c:d5:49:29:2e:3e:99:2f:
a9:29:37:99:38:94:4c:d9:85:f3:7c:4a:69:74:e3:
cc:68:81:04:91:70:31:03:c6:8d:a9:30:69:5a:1d:
c6:75:22:59:ef:c7:3f:52:97:3b:cb:6a:96:91:5f:
7a:09:a8:6d:7c:65:5e:1f:6d:b6:19:dc:95:0e:9a:
d7:30:8d:aa:75:0c:1c:d4:9b:23:f6:00:92:95:8b:
b5:80:78:1c:58:06:e6:d9:4a:f0:95:ab:c1:ed:4d:
99:a1:35:8b:8f:04:30:62:23:da:8e:0a:2b:77:3e:
92:b9:6c:bb:63:75:57:e1:5f:e5:d2:4e:ea:c2:38:
d8:61:8f:17:23:4b:f6:4c:a1:94:c7:24:cf:fd:3d:
68:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D6:1B:7E:B9:81:EB:E7:B0:32:FC:BC:12:B8:7E:2B:28:C9:B1:A7
X509v3 Authority Key Identifier:
keyid:1D:28:B1:8D:F2:44:DB:89:F2:B9:7A:6C:72:62:97:33:B3:88:60:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HSixjfJE24nyuXpscmKXM7OIYC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/887620-f385-43f4-9be2-a99c39090db4/1/4NYbfrmB6-ewMvy8Erh-KyjJsac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/887620-f385-43f4-9be2-a99c39090db4/1/HSixjfJE24nyuXpscmKXM7OIYC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.252.0/22
IPv6:
2a04:6600::/29
Signature Algorithm: sha256WithRSAEncryption
55:63:27:93:a2:1a:3b:fb:9a:cc:29:38:e5:05:47:ee:73:a2:
37:62:af:c1:87:8e:f7:63:4d:2e:f4:57:5d:28:4b:51:82:30:
87:4a:42:11:44:85:2b:f6:41:93:14:f8:46:7f:49:86:d7:b6:
7b:eb:bc:6b:4c:41:90:00:6b:91:b8:0b:67:c6:82:9f:0c:fe:
ca:b2:93:9f:7a:8e:f6:e4:3a:f1:8f:e4:9c:4e:bd:ea:05:19:
64:b9:7b:ee:61:f1:1e:46:b4:19:44:c7:a5:78:c4:10:a0:8e:
36:fa:8e:c4:fd:8c:99:b1:a3:ab:be:49:3b:1d:38:c1:a4:36:
d7:af:8a:d5:e6:6c:01:23:7f:9c:d1:47:30:c9:3e:86:70:f7:
52:d9:73:47:b2:88:a3:8a:68:d9:27:c4:a7:55:71:e0:6c:de:
1d:31:b9:6a:71:9b:38:a8:f2:3e:1c:24:88:c8:d0:3d:b6:68:
9e:3d:03:b7:d8:14:d1:79:54:47:a3:36:7a:47:8c:61:a1:c4:
bc:5f:46:64:c4:86:e7:33:cc:96:49:e7:97:9b:72:65:e8:1e:
96:9c:bb:ec:25:4b:3a:0c:1f:eb:f7:b0:6d:37:55:bf:49:36:
5f:c9:e0:f1:79:f0:22:24:53:63:88:4f:3f:b3:e5:81:d7:19:
51:32:ab:bd
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECUB7JzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZDI4YjE4ZGYyNDRkYjg5ZjJiOTdhNmM3MjYyOTczM2IzODg2MDJmMB4XDTIyMDEw
MTAxMDE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTBkNjFiN2ViOTgx
ZWJlN2IwMzJmY2JjMTJiODdlMmIyOGM5YjFhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwWwCBUzSLvCz3LRDY3aBMn6qN3T/Sk39/xFpZPN9ETNspU
ChTEICtfpGt4luifM/5cH1eEpd4/fW0DQvT3m8koxceYdEyfeGYAkPWIphY1NAxA
1rSoYRSBmppWTmSyfKXOoEDzqZsm6bjjv+9l/gzVSSkuPpkvqSk3mTiUTNmF83xK
aXTjzGiBBJFwMQPGjakwaVodxnUiWe/HP1KXO8tqlpFfegmobXxlXh9tthnclQ6a
1zCNqnUMHNSbI/YAkpWLtYB4HFgG5tlK8JWrwe1NmaE1i48EMGIj2o4KK3c+krls
u2N1V+Ff5dJO6sI42GGPFyNL9kyhlMckz/09aNsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTg1ht+uYHr57Ay/LwSuH4rKMmxpzAfBgNVHSMEGDAWgBQdKLGN8kTbifK5
emxyYpczs4hgLzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hTaXhqZkpFMjRueXVYcHNjbUtYTTdPSVlDOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvODg3NjIwLWYzODUtNDNmNC05YmUyLWE5OWMzOTA5MGRiNC8x
LzROWWJmcm1CNi1ld012eThFcmgtS3lqSnNhYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
ODg3NjIwLWYzODUtNDNmNC05YmUyLWE5OWMzOTA5MGRiNC8xL0hTaXhqZkpFMjRu
eXVYcHNjbUtYTTdPSVlDOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArli/DANBAIAAjAHAwUDKgRmADAN
BgkqhkiG9w0BAQsFAAOCAQEAVWMnk6IaO/uazCk45QVH7nOiN2KvwYeO92NNLvRX
XShLUYIwh0pCEUSFK/ZBkxT4Rn9Jhte2e+u8a0xBkABrkbgLZ8aCnwz+yrKTn3qO
9uQ68Y/knE696gUZZLl77mHxHka0GUTHpXjEEKCONvqOxP2MmbGjq75JOx04waQ2
16+K1eZsASN/nNFHMMk+hnD3UtlzR7KIo4po2SfEp1Vx4GzeHTG5anGbOKjyPhwk
iMjQPbZonj0Dt9gU0XlUR6M2ekeMYaHEvF9GZMSG5zPMlknnl5tyZegelpy77CVL
Ogwf6/ewbTdVv0k2X8ng8XnwIiRTY4hPP7PlgdcZUTKrvQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:39 2023 by rpki-client on console-ams.rpki-client.org