Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/601d6f-b31a-492e-8ef0-52bccb06af3c/1/AE8I5GuGdvvl_PuWcPodzstCul0.roa
File: AE8I5GuGdvvl_PuWcPodzstCul0.roa (raw, json)
Hash identifier: gEduQyOh3CdVyyVCYP+dy+2imr+wYn2NhQqAQgwJ75M=
Subject key identifier: 00:4F:08:E4:6B:86:76:FB:E5:FC:FB:96:70:FA:1D:CE:CB:42:BA:5D
Certificate issuer: /CN=5a8d389278485edd50d32cf5ca84ce2728c08cc6
Certificate serial: 04A5A0F7
Authority key identifier: 5A:8D:38:92:78:48:5E:DD:50:D3:2C:F5:CA:84:CE:27:28:C0:8C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wo04knhIXt1Q0yz1yoTOJyjAjMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/601d6f-b31a-492e-8ef0-52bccb06af3c/1/AE8I5GuGdvvl_PuWcPodzstCul0.roa
Signing time: Sat 01 Jan 2022 05:59:47 +0000
ROA not before: Sat 01 Jan 2022 05:59:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60516
IP address blocks: 185.30.4.0/22 maxlen: 22
185.30.4.0/23 maxlen: 23
185.30.6.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77963511 (0x4a5a0f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a8d389278485edd50d32cf5ca84ce2728c08cc6
Validity
Not Before: Jan 1 05:59:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=004f08e46b8676fbe5fcfb9670fa1dcecb42ba5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7d:ee:b2:18:1c:d5:78:35:39:24:c5:1b:af:
d5:a6:dd:2d:6d:b0:bc:74:24:98:46:fb:81:3b:3c:
ef:14:35:d6:3d:f4:1c:a4:10:a3:5c:36:4e:2b:cb:
b9:df:02:e4:ac:ad:c1:4c:88:e8:cd:8b:40:78:d8:
2d:e4:de:70:26:4d:a0:9a:d1:26:cd:24:0e:85:12:
d0:6f:3d:21:33:a2:f4:9a:72:6f:ab:1d:8f:9f:db:
71:06:e4:c6:bf:a6:8b:96:e3:06:30:38:bc:44:28:
96:5f:db:0d:6b:40:bc:74:f7:f9:58:26:57:74:14:
cd:2c:bd:de:0c:22:00:a4:bd:3b:4e:6e:47:ce:7e:
88:27:4d:5c:fd:a2:35:6d:d6:31:c2:15:37:de:31:
c0:59:1a:f2:3f:10:16:c1:5a:45:4d:e2:68:79:4a:
52:df:23:5d:f1:99:9b:e9:76:28:40:7f:24:52:73:
e3:b9:40:7b:89:0c:0c:d9:72:6b:f5:86:6b:ed:ed:
42:ba:95:67:9b:8b:53:60:91:61:63:19:59:6e:36:
b8:56:ac:0e:d3:12:cd:ae:86:49:0c:1d:3c:77:08:
2f:63:43:3b:18:14:5c:62:74:e7:54:6e:ef:b2:82:
6e:46:59:a4:c8:ee:cc:b5:07:14:d2:ae:0c:90:be:
97:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:4F:08:E4:6B:86:76:FB:E5:FC:FB:96:70:FA:1D:CE:CB:42:BA:5D
X509v3 Authority Key Identifier:
keyid:5A:8D:38:92:78:48:5E:DD:50:D3:2C:F5:CA:84:CE:27:28:C0:8C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wo04knhIXt1Q0yz1yoTOJyjAjMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/601d6f-b31a-492e-8ef0-52bccb06af3c/1/AE8I5GuGdvvl_PuWcPodzstCul0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/601d6f-b31a-492e-8ef0-52bccb06af3c/1/Wo04knhIXt1Q0yz1yoTOJyjAjMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.4.0/22
Signature Algorithm: sha256WithRSAEncryption
14:d8:89:4b:62:2e:c6:8d:d1:3c:85:8d:e9:18:7c:0f:57:cd:
3a:9a:c4:85:f2:f6:2a:13:98:cd:46:48:d4:17:69:08:63:cf:
55:f4:8d:15:82:68:76:b8:51:0d:3a:c2:69:1a:e3:7c:28:ec:
43:c7:09:92:fc:e6:29:dc:34:8d:59:5a:9b:1a:77:fb:3b:c7:
5e:c9:33:91:d3:fb:1e:81:11:5a:f2:5e:de:ce:76:44:fb:3f:
3a:27:bd:f8:7f:5b:f3:e3:2c:8c:89:08:d4:ff:27:83:65:bd:
09:5c:78:2a:02:0f:64:4f:e5:e6:de:37:ac:04:a3:18:5a:df:
5d:9e:01:5e:29:a1:71:c3:43:2f:8e:e0:65:50:74:89:dd:8c:
d5:c5:9d:f1:aa:1f:a6:1a:e2:3f:4d:89:73:1d:8f:b7:e3:69:
52:81:b7:50:61:4f:4e:ec:f4:97:fc:1d:b7:0f:ee:e0:d2:1a:
4a:f3:91:0b:0c:51:3c:9c:60:75:0b:40:27:b0:e1:a4:47:25:
e6:70:27:c3:20:c2:d9:2c:27:d0:19:43:8f:35:c7:01:b6:72:
0d:0a:75:b3:f1:61:19:60:49:b0:95:ff:e5:c6:b2:e3:02:27:
24:19:a3:be:78:76:0c:c8:8a:8e:4c:ea:fd:41:ed:4f:6d:e1:
96:62:3e:b0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBKWg9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YThkMzg5Mjc4NDg1ZWRkNTBkMzJjZjVjYTg0Y2UyNzI4YzA4Y2M2MB4XDTIyMDEw
MTA1NTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA0ZjA4ZTQ2Yjg2
NzZmYmU1ZmNmYjk2NzBmYTFkY2VjYjQyYmE1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKd97rIYHNV4NTkkxRuv1abdLW2wvHQkmEb7gTs87xQ11j30
HKQQo1w2TivLud8C5KytwUyI6M2LQHjYLeTecCZNoJrRJs0kDoUS0G89ITOi9Jpy
b6sdj5/bcQbkxr+mi5bjBjA4vEQoll/bDWtAvHT3+VgmV3QUzSy93gwiAKS9O05u
R85+iCdNXP2iNW3WMcIVN94xwFka8j8QFsFaRU3iaHlKUt8jXfGZm+l2KEB/JFJz
47lAe4kMDNlya/WGa+3tQrqVZ5uLU2CRYWMZWW42uFasDtMSza6GSQwdPHcIL2ND
OxgUXGJ051Ru77KCbkZZpMjuzLUHFNKuDJC+l8sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQATwjka4Z2++X8+5Zw+h3Oy0K6XTAfBgNVHSMEGDAWgBRajTiSeEhe3VDT
LPXKhM4nKMCMxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dvMDRrbmhJWHQxUTB5ejF5b1RPSnlqQWpNWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvNjAxZDZmLWIzMWEtNDkyZS04ZWYwLTUyYmNjYjA2YWYzYy8x
L0FFOEk1R3VHZHZ2bF9QdVdjUG9kenN0Q3VsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
NjAxZDZmLWIzMWEtNDkyZS04ZWYwLTUyYmNjYjA2YWYzYy8xL1dvMDRrbmhJWHQx
UTB5ejF5b1RPSnlqQWpNWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkeBDANBgkqhkiG9w0BAQsFAAOC
AQEAFNiJS2Iuxo3RPIWN6Rh8D1fNOprEhfL2KhOYzUZI1BdpCGPPVfSNFYJodrhR
DTrCaRrjfCjsQ8cJkvzmKdw0jVlamxp3+zvHXskzkdP7HoERWvJe3s52RPs/Oie9
+H9b8+MsjIkI1P8ng2W9CVx4KgIPZE/l5t43rASjGFrfXZ4BXimhccNDL47gZVB0
id2M1cWd8aofphriP02Jcx2Pt+NpUoG3UGFPTuz0l/wdtw/u4NIaSvORCwxRPJxg
dQtAJ7DhpEcl5nAnwyDC2Swn0BlDjzXHAbZyDQp1s/FhGWBJsJX/5cay4wInJBmj
vnh2DMiKjkzq/UHtT23hlmI+sA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:42 2025 by rpki-client