Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/5nLJ3Pj7wT-MBl4v3QcZkETqs_M.roa
File: 5nLJ3Pj7wT-MBl4v3QcZkETqs_M.roa (raw, json)
Hash identifier: edGfEqb/IPYCuyY1eOOb5oZVxqAD4k1pZaJv6hLO/HM=
Subject key identifier: E6:72:C9:DC:F8:FB:C1:3F:8C:06:5E:2F:DD:07:19:90:44:EA:B3:F3
Certificate issuer: /CN=7171d8b4cf6773b59f0732e0e9e8d25a9b773fae
Certificate serial: 0E00AD25
Authority key identifier: 71:71:D8:B4:CF:67:73:B5:9F:07:32:E0:E9:E8:D2:5A:9B:77:3F:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cXHYtM9nc7WfBzLg6ejSWpt3P64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/5nLJ3Pj7wT-MBl4v3QcZkETqs_M.roa
Signing time: Sat 01 Jan 2022 10:00:56 +0000
ROA not before: Sat 01 Jan 2022 10:00:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42567
IP address blocks: 185.7.96.0/22 maxlen: 22
217.22.16.0/21 maxlen: 21
217.22.24.0/22 maxlen: 22
185.94.236.0/22 maxlen: 22
2a05:22c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234925349 (0xe00ad25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7171d8b4cf6773b59f0732e0e9e8d25a9b773fae
Validity
Not Before: Jan 1 10:00:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e672c9dcf8fbc13f8c065e2fdd07199044eab3f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d6:13:85:77:4c:1e:4b:59:0b:2b:71:03:c4:
3a:34:86:8e:f2:ff:e2:00:fa:9d:2b:61:ed:91:6b:
48:40:86:0f:37:c1:94:cd:69:07:bf:39:fd:9b:1b:
1d:38:66:ac:d3:d6:df:68:a4:e3:b1:a3:f0:89:b0:
4b:ef:08:f7:f1:00:51:05:00:57:a1:31:67:03:c5:
c7:ea:70:c9:f7:63:5a:7a:28:16:6a:19:23:06:6f:
34:09:3e:14:fd:0d:4e:18:f2:e5:d0:bc:f4:8b:64:
0a:d7:24:b1:ae:a1:15:28:0d:e9:7a:2c:fd:b6:d4:
31:f7:cc:a8:0b:f5:bd:39:61:67:31:58:44:10:06:
d3:7f:87:03:0a:1d:99:19:61:4d:99:aa:89:a4:a8:
59:45:e9:63:40:a4:46:14:36:f1:6a:57:e1:e0:bb:
9e:2a:22:a4:4b:c1:dc:61:4e:63:76:3e:9d:52:ec:
91:d8:a8:7e:55:15:01:fb:55:d0:e5:d7:85:a8:8e:
f1:ff:f7:9d:57:8c:d5:cd:de:e7:9f:97:1b:65:30:
be:3d:40:60:60:53:7e:78:e1:b6:56:84:16:fb:c0:
d6:b8:12:a4:44:7a:e4:cc:73:34:73:c5:53:4a:2d:
93:f4:5e:49:fe:87:48:b3:05:e4:0f:da:de:4b:0a:
53:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:72:C9:DC:F8:FB:C1:3F:8C:06:5E:2F:DD:07:19:90:44:EA:B3:F3
X509v3 Authority Key Identifier:
keyid:71:71:D8:B4:CF:67:73:B5:9F:07:32:E0:E9:E8:D2:5A:9B:77:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cXHYtM9nc7WfBzLg6ejSWpt3P64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/5nLJ3Pj7wT-MBl4v3QcZkETqs_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/9778b6-dc2b-4586-91de-53a07368b9ea/1/cXHYtM9nc7WfBzLg6ejSWpt3P64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.96.0/22
185.94.236.0/22
217.22.16.0-217.22.27.255
IPv6:
2a05:22c0::/29
Signature Algorithm: sha256WithRSAEncryption
be:44:f8:53:cb:15:64:2f:a0:25:4f:1f:c7:f5:52:99:73:1b:
28:db:53:51:3f:86:33:16:50:eb:57:0e:eb:17:d5:e7:b5:58:
c9:83:0c:17:e6:f0:11:db:50:32:ac:ca:b1:93:a5:0c:91:bb:
d1:3f:9b:53:f2:b4:ba:83:78:46:3e:63:2f:9e:bf:62:34:c9:
0a:71:fd:97:fd:e2:ce:05:bc:36:2e:d7:90:fd:ea:a4:9f:78:
35:1b:c9:4b:90:08:97:90:c1:c3:d1:34:46:dc:a3:0f:ba:79:
fc:62:80:1d:b4:5e:d6:38:b3:b4:e7:84:50:ef:0b:8b:a5:39:
82:ff:16:5f:f0:a6:aa:5a:bc:9c:9d:2b:05:dd:10:bd:ea:56:
0c:9a:41:31:c0:ed:ba:06:78:5b:17:ab:87:fb:6f:dd:64:36:
f8:f6:2c:dd:1e:bb:fc:4a:a5:43:25:be:19:b2:e3:51:2a:19:
71:2d:50:d1:77:47:96:2a:5c:5a:2e:45:70:2c:88:2c:52:0f:
8b:a4:bf:50:66:7e:82:88:c0:3c:7e:9d:c9:4a:66:59:d2:96:
b4:fa:6a:16:62:da:ee:aa:29:23:77:2c:e9:d5:b8:35:99:03:
b9:fa:42:e8:54:21:4d:b8:06:3e:28:0e:38:85:a9:f0:1f:c0:
50:ff:77:bd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEDgCtJTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MTcxZDhiNGNmNjc3M2I1OWYwNzMyZTBlOWU4ZDI1YTliNzczZmFlMB4XDTIyMDEw
MTEwMDA1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTY3MmM5ZGNmOGZi
YzEzZjhjMDY1ZTJmZGQwNzE5OTA0NGVhYjNmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7WE4V3TB5LWQsrcQPEOjSGjvL/4gD6nSth7ZFrSECGDzfB
lM1pB785/ZsbHThmrNPW32ik47Gj8ImwS+8I9/EAUQUAV6ExZwPFx+pwyfdjWnoo
FmoZIwZvNAk+FP0NThjy5dC89ItkCtcksa6hFSgN6Xos/bbUMffMqAv1vTlhZzFY
RBAG03+HAwodmRlhTZmqiaSoWUXpY0CkRhQ28WpX4eC7nioipEvB3GFOY3Y+nVLs
kdioflUVAftV0OXXhaiO8f/3nVeM1c3e55+XG2Uwvj1AYGBTfnjhtlaEFvvA1rgS
pER65MxzNHPFU0otk/ReSf6HSLMF5A/a3ksKU7kCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBTmcsnc+PvBP4wGXi/dBxmQROqz8zAfBgNVHSMEGDAWgBRxcdi0z2dztZ8H
MuDp6NJam3c/rjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NYSFl0TTluYzdXZkJ6TGc2ZWpTV3B0M1A2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvOTc3OGI2LWRjMmItNDU4Ni05MWRlLTUzYTA3MzY4YjllYS8x
LzVuTEozUGo3d1QtTUJsNHYzUWNaa0VUcXNfTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
OTc3OGI2LWRjMmItNDU4Ni05MWRlLTUzYTA3MzY4YjllYS8xL2NYSFl0TTluYzdX
ZkJ6TGc2ZWpTV3B0M1A2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEArkHYAMEArle7DAMAwQE2RYQAwQC
2RYYMA0EAgACMAcDBQMqBSLAMA0GCSqGSIb3DQEBCwUAA4IBAQC+RPhTyxVkL6Al
Tx/H9VKZcxso21NRP4YzFlDrVw7rF9XntVjJgwwX5vAR21AyrMqxk6UMkbvRP5tT
8rS6g3hGPmMvnr9iNMkKcf2X/eLOBbw2LteQ/eqkn3g1G8lLkAiXkMHD0TRG3KMP
unn8YoAdtF7WOLO054RQ7wuLpTmC/xZf8KaqWrycnSsF3RC96lYMmkExwO26Bnhb
F6uH+2/dZDb49izdHrv8SqVDJb4ZsuNRKhlxLVDRd0eWKlxaLkVwLIgsUg+LpL9Q
Zn6CiMA8fp3JSmZZ0pa0+moWYtruqikjdyzp1bg1mQO5+kLoVCFNuAY+KA44hanw
H8BQ/3e9
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:47 2024 by rpki-client on console-ams.rpki-client.org