Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/e11ea3-8705-40ac-a68d-9ce27c12b2f4/1/R3YuTtVC-1mRhWkrtuqd407zKpg.roa
File: R3YuTtVC-1mRhWkrtuqd407zKpg.roa (raw, json)
Hash identifier: mjD8RoNwScb4Uonyz4VQ85ZkerMgJf6ACnzmW0g/Nys=
Subject key identifier: 47:76:2E:4E:D5:42:FB:59:91:85:69:2B:B6:EA:9D:E3:4E:F3:2A:98
Certificate issuer: /CN=4aa6917876fd78926c1927b9fdc79658d746c84c
Certificate serial: 03FAF78F
Authority key identifier: 4A:A6:91:78:76:FD:78:92:6C:19:27:B9:FD:C7:96:58:D7:46:C8:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SqaReHb9eJJsGSe5_ceWWNdGyEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/e11ea3-8705-40ac-a68d-9ce27c12b2f4/1/R3YuTtVC-1mRhWkrtuqd407zKpg.roa
Signing time: Sat 01 Jan 2022 15:58:49 +0000
ROA not before: Sat 01 Jan 2022 15:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202074
IP address blocks: 185.54.152.0/22 maxlen: 24
91.189.212.0/22 maxlen: 24
185.254.168.0/22 maxlen: 24
185.125.144.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66779023 (0x3faf78f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4aa6917876fd78926c1927b9fdc79658d746c84c
Validity
Not Before: Jan 1 15:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=47762e4ed542fb599185692bb6ea9de34ef32a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9b:a6:d3:94:0c:cf:01:55:84:ce:90:0a:bf:
4e:39:01:2d:c2:4a:b1:80:4a:86:99:3b:ed:f8:62:
8c:4d:a3:33:03:58:9a:67:21:fa:2e:07:a2:b8:3c:
bb:c0:c3:1f:b6:df:1e:a1:87:66:80:a8:3e:8e:e5:
b0:b3:e1:1a:40:2d:43:71:ab:cd:71:4b:44:f9:1c:
06:03:1c:f1:bf:2d:83:2f:bb:67:78:0c:56:ff:e6:
04:ed:c0:00:3a:63:36:a4:ff:c0:d0:f7:d9:c1:2d:
76:71:f2:d2:ff:b6:56:28:ca:44:e2:f1:0f:d1:0e:
be:fd:06:a4:56:c5:96:1d:07:01:20:0e:71:81:99:
30:00:a3:af:dd:bf:35:05:89:ef:2d:38:b6:9c:4a:
5f:d8:d5:52:04:5b:a5:2c:43:cb:e3:64:3c:36:a0:
a6:72:52:03:f6:65:05:05:62:08:c9:38:6a:bf:ca:
f8:96:41:67:13:80:5c:50:5f:b2:60:02:30:d9:91:
cd:71:4c:cb:f4:0f:59:de:c7:bc:b7:b0:7f:d3:6a:
53:fd:c0:f9:61:25:5c:8a:43:17:c0:37:9c:b6:89:
75:57:9e:2a:12:1d:4b:b3:61:e2:13:e3:87:44:9e:
73:02:e3:2a:91:c3:9a:34:44:0a:e4:9d:6e:21:22:
45:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:76:2E:4E:D5:42:FB:59:91:85:69:2B:B6:EA:9D:E3:4E:F3:2A:98
X509v3 Authority Key Identifier:
keyid:4A:A6:91:78:76:FD:78:92:6C:19:27:B9:FD:C7:96:58:D7:46:C8:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SqaReHb9eJJsGSe5_ceWWNdGyEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/e11ea3-8705-40ac-a68d-9ce27c12b2f4/1/R3YuTtVC-1mRhWkrtuqd407zKpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/e11ea3-8705-40ac-a68d-9ce27c12b2f4/1/SqaReHb9eJJsGSe5_ceWWNdGyEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.189.212.0/22
185.54.152.0/22
185.125.144.0/22
185.254.168.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:92:61:7f:8a:ce:9b:a0:41:0b:89:d7:0a:61:3d:9c:25:b6:
da:93:ee:6e:c7:da:ea:a5:a3:84:46:89:55:d5:45:f8:80:da:
82:d2:48:c6:80:a3:b4:03:36:1d:6c:98:03:94:9b:ab:dd:89:
bb:90:c2:cb:8c:d6:4e:6f:16:d1:31:b3:7e:03:f2:3e:c8:48:
db:e9:32:bf:d2:70:96:44:aa:59:38:1a:58:98:3c:d1:c5:f9:
51:87:8a:15:7a:91:85:1e:cc:81:a2:d1:97:b3:b7:92:5a:54:
c8:df:52:c4:85:a4:d1:86:5c:39:88:a5:93:51:58:dd:78:3c:
37:41:69:28:e2:88:ea:9c:f5:3b:8f:44:2d:22:a2:bc:0d:89:
c7:69:8d:f7:ad:d6:70:24:1c:31:71:f8:de:23:48:38:70:96:
8b:2c:dd:75:59:96:47:3d:b5:ec:8b:df:92:76:b6:c2:f1:69:
1c:fe:79:bc:c6:91:52:2a:27:cb:5c:10:7d:40:23:8d:3f:61:
16:13:97:23:46:c1:81:48:fd:ba:e0:e2:26:4d:44:77:d2:ee:
cb:11:cc:b8:b4:45:94:74:cb:be:11:8d:ff:a2:00:85:3c:6e:
b2:f8:e3:c8:19:e9:71:fd:86:a5:fe:da:d1:06:5d:c6:7f:bb:
f5:52:77:03
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEA/r3jzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YWE2OTE3ODc2ZmQ3ODkyNmMxOTI3YjlmZGM3OTY1OGQ3NDZjODRjMB4XDTIyMDEw
MTE1NTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDc3NjJlNGVkNTQy
ZmI1OTkxODU2OTJiYjZlYTlkZTM0ZWYzMmE5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSbptOUDM8BVYTOkAq/TjkBLcJKsYBKhpk77fhijE2jMwNY
mmch+i4Horg8u8DDH7bfHqGHZoCoPo7lsLPhGkAtQ3GrzXFLRPkcBgMc8b8tgy+7
Z3gMVv/mBO3AADpjNqT/wND32cEtdnHy0v+2VijKROLxD9EOvv0GpFbFlh0HASAO
cYGZMACjr92/NQWJ7y04tpxKX9jVUgRbpSxDy+NkPDagpnJSA/ZlBQViCMk4ar/K
+JZBZxOAXFBfsmACMNmRzXFMy/QPWd7HvLewf9NqU/3A+WElXIpDF8A3nLaJdVee
KhIdS7Nh4hPjh0SecwLjKpHDmjRECuSdbiEiRakCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRHdi5O1UL7WZGFaSu26p3jTvMqmDAfBgNVHSMEGDAWgBRKppF4dv14kmwZ
J7n9x5ZY10bITDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NxYVJlSGI5ZUpKc0dTZTVfY2VXV05kR3lFdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZTExZWEzLTg3MDUtNDBhYy1hNjhkLTljZTI3YzEyYjJmNC8x
L1IzWXVUdFZDLTFtUmhXa3J0dXFkNDA3ektwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
ZTExZWEzLTg3MDUtNDBhYy1hNjhkLTljZTI3YzEyYjJmNC8xL1NxYVJlSGI5ZUpK
c0dTZTVfY2VXV05kR3lFdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlu91AMEArk2mAMEArl9kAMEArn+
qDANBgkqhkiG9w0BAQsFAAOCAQEAi5Jhf4rOm6BBC4nXCmE9nCW22pPubsfa6qWj
hEaJVdVF+IDagtJIxoCjtAM2HWyYA5Sbq92Ju5DCy4zWTm8W0TGzfgPyPshI2+ky
v9JwlkSqWTgaWJg80cX5UYeKFXqRhR7MgaLRl7O3klpUyN9SxIWk0YZcOYilk1FY
3Xg8N0FpKOKI6pz1O49ELSKivA2Jx2mN963WcCQcMXH43iNIOHCWiyzddVmWRz21
7Ivfkna2wvFpHP55vMaRUiony1wQfUAjjT9hFhOXI0bBgUj9uuDiJk1Ed9LuyxHM
uLRFlHTLvhGN/6IAhTxusvjjyBnpcf2Gpf7a0QZdxn+79VJ3Aw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:23 2024 by rpki-client on console-fra.rpki-client.org