Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/4S7AkGyWGV0gDoc2Ld5up1yZnWM.roa
File: 4S7AkGyWGV0gDoc2Ld5up1yZnWM.roa (raw, json)
Hash identifier: W8ZJhMV6sBFPJJqJ3ncF0XdXmUsJOHXb5BRP7g0M/CQ=
Subject key identifier: E1:2E:C0:90:6C:96:19:5D:20:0E:87:36:2D:DE:6E:A7:5C:99:9D:63
Certificate issuer: /CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Certificate serial: BB0E22
Authority key identifier: 5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/4S7AkGyWGV0gDoc2Ld5up1yZnWM.roa
Signing time: Sat 01 Jan 2022 13:02:15 +0000
ROA not before: Sat 01 Jan 2022 13:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44700
IP address blocks: 185.6.68.0/22 maxlen: 24
88.151.64.0/21 maxlen: 24
185.59.12.0/22 maxlen: 24
95.129.208.0/21 maxlen: 24
93.89.2.0/24 maxlen: 24
2a02:21e0::/32 maxlen: 48
2a02:17f8::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12258850 (0xbb0e22)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ceb0ebd878b77d42f2ca9dd08f70c323c5d03db
Validity
Not Before: Jan 1 13:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e12ec0906c96195d200e87362dde6ea75c999d63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a9:ac:10:dc:11:3b:60:7b:7e:eb:1c:80:56:
1a:4f:f5:73:3c:43:32:26:36:00:42:bc:19:1d:c8:
16:40:e8:9c:bd:59:7f:1b:26:69:bc:72:72:3f:4f:
c6:63:46:61:5e:55:f7:a3:02:2c:d2:ca:03:b4:29:
86:b9:40:ca:a0:3c:2e:fa:32:5a:9b:7d:4e:ef:1c:
c5:77:26:c9:32:fc:f2:fc:06:c9:db:72:48:a3:ac:
ea:c3:7c:13:fc:1c:e4:e3:06:92:24:9d:c1:34:b8:
fd:a1:68:a8:6a:d5:9b:96:95:1c:5b:ad:02:4a:89:
3a:ab:0f:8d:b0:05:ce:18:3c:de:2a:88:81:a5:5c:
c3:cb:80:53:82:21:d6:ae:1d:ad:5e:73:17:22:98:
e4:3b:b0:15:b8:23:c5:6d:2c:35:7b:c9:b1:64:33:
eb:ee:dd:e8:51:fc:6f:33:23:74:85:88:cc:ea:5b:
a5:48:a7:62:fb:a1:cc:82:77:d4:cd:e3:08:3a:ed:
91:32:66:df:dd:d4:59:0a:e9:8c:21:10:e5:b0:62:
4e:01:31:37:55:1c:c0:9d:d3:d8:03:43:97:23:df:
7c:bb:d4:02:4e:41:18:d0:f1:05:e7:b6:d3:26:f3:
4b:fb:21:7a:4f:ab:92:3e:31:02:15:86:d9:ee:78:
17:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:2E:C0:90:6C:96:19:5D:20:0E:87:36:2D:DE:6E:A7:5C:99:9D:63
X509v3 Authority Key Identifier:
keyid:5C:EB:0E:BD:87:8B:77:D4:2F:2C:A9:DD:08:F7:0C:32:3C:5D:03:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOsOvYeLd9QvLKndCPcMMjxdA9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/4S7AkGyWGV0gDoc2Ld5up1yZnWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/3e72ed-1d65-4982-ad9a-9c37478a593f/1/XOsOvYeLd9QvLKndCPcMMjxdA9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.64.0/21
93.89.2.0/24
95.129.208.0/21
185.6.68.0/22
185.59.12.0/22
IPv6:
2a02:17f8::/32
2a02:21e0::/32
Signature Algorithm: sha256WithRSAEncryption
07:6d:22:9c:37:62:b4:5e:f5:43:ba:eb:29:73:8f:b9:83:61:
c0:4e:b5:ac:b3:db:bb:81:c6:92:03:a5:5b:0a:7f:5c:c6:93:
34:96:9f:76:91:15:07:1f:f2:d2:01:24:e3:15:60:61:83:d4:
cf:a3:f1:30:80:21:ef:7c:bb:d9:62:f0:36:ea:68:ff:02:72:
54:64:ff:89:f0:7f:7a:07:0d:3f:09:a1:8a:f1:c9:ba:33:64:
bd:d8:88:47:cc:56:09:d5:2f:59:f0:3b:3a:1d:ed:e1:49:ae:
fa:b3:f6:b8:14:86:06:b9:96:34:fb:a0:18:74:e9:61:3d:ef:
aa:42:5b:87:c2:ab:8e:2e:35:ea:42:42:a8:58:8d:79:be:a4:
06:a5:38:81:b7:bc:53:56:4b:85:b6:cf:16:50:4a:f3:1b:4f:
f3:7c:2d:08:dc:f0:85:a2:60:b9:42:51:78:7f:b2:bc:74:a0:
78:c9:79:43:b2:1b:f8:fa:8a:0a:c1:07:be:1e:fc:62:ee:b1:
f0:54:2d:0b:37:59:9c:a2:73:10:86:f4:ea:b1:1f:64:8d:8b:
ff:66:e3:1a:fe:31:5e:de:80:59:0e:06:ab:ed:17:07:da:10:
87:8a:2b:ae:7b:da:46:a8:9b:1d:60:15:86:be:f7:ee:20:08:
89:f6:41:fd
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEALsOIjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Y2ViMGViZDg3OGI3N2Q0MmYyY2E5ZGQwOGY3MGMzMjNjNWQwM2RiMB4XDTIyMDEw
MTEzMDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTEyZWMwOTA2Yzk2
MTk1ZDIwMGU4NzM2MmRkZTZlYTc1Yzk5OWQ2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyprBDcETtge37rHIBWGk/1czxDMiY2AEK8GR3IFkDonL1Z
fxsmabxycj9PxmNGYV5V96MCLNLKA7QphrlAyqA8LvoyWpt9Tu8cxXcmyTL88vwG
ydtySKOs6sN8E/wc5OMGkiSdwTS4/aFoqGrVm5aVHFutAkqJOqsPjbAFzhg83iqI
gaVcw8uAU4Ih1q4drV5zFyKY5DuwFbgjxW0sNXvJsWQz6+7d6FH8bzMjdIWIzOpb
pUinYvuhzIJ31M3jCDrtkTJm393UWQrpjCEQ5bBiTgExN1UcwJ3T2ANDlyPffLvU
Ak5BGNDxBee20ybzS/shek+rkj4xAhWG2e54F2sCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBThLsCQbJYZXSAOhzYt3m6nXJmdYzAfBgNVHSMEGDAWgBRc6w69h4t31C8s
qd0I9wwyPF0D2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hPc092WWVMZDlRdkxLbmRDUGNNTWp4ZEE5cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvM2U3MmVkLTFkNjUtNDk4Mi1hZDlhLTljMzc0NzhhNTkzZi8x
LzRTN0FrR3lXR1YwZ0RvYzJMZDV1cDF5Wm5XTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
M2U3MmVkLTFkNjUtNDk4Mi1hZDlhLTljMzc0NzhhNTkzZi8xL1hPc092WWVMZDlR
dkxLbmRDUGNNTWp4ZEE5cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEA1iXQAMEAF1ZAgMEA1+B0AMEArkG
RAMEArk7DDAUBAIAAjAOAwUAKgIX+AMFACoCIeAwDQYJKoZIhvcNAQELBQADggEB
AAdtIpw3YrRe9UO66ylzj7mDYcBOtayz27uBxpIDpVsKf1zGkzSWn3aRFQcf8tIB
JOMVYGGD1M+j8TCAIe98u9li8DbqaP8CclRk/4nwf3oHDT8JoYrxybozZL3YiEfM
VgnVL1nwOzod7eFJrvqz9rgUhga5ljT7oBh06WE976pCW4fCq44uNepCQqhYjXm+
pAalOIG3vFNWS4W2zxZQSvMbT/N8LQjc8IWiYLlCUXh/srx0oHjJeUOyG/j6igrB
B74e/GLusfBULQs3WZyicxCG9OqxH2SNi/9m4xr+MV7egFkOBqvtFwfaEIeKK657
2kaomx1gFYa+9+4gCIn2Qf0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:24 2024 by rpki-client on console-ams.rpki-client.org