Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/724328-09d3-4964-acc4-b96d2fbefebd/1/sRAf-GOlfHCIjtt7EF00ND7JQqo.roa
File: sRAf-GOlfHCIjtt7EF00ND7JQqo.roa (raw, json)
Hash identifier: 6IfPrDEklzm3rSViNPYFvdJUzzHqNSKqudacvwY/4Xw=
Subject key identifier: B1:10:1F:F8:63:A5:7C:70:88:8E:DB:7B:10:5D:34:34:3E:C9:42:AA
Certificate issuer: /CN=9ffc98428c2451c1aedf8affc072a95868ecee8b
Certificate serial: 0213A8
Authority key identifier: 9F:FC:98:42:8C:24:51:C1:AE:DF:8A:FF:C0:72:A9:58:68:EC:EE:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_yYQowkUcGu34r_wHKpWGjs7os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/724328-09d3-4964-acc4-b96d2fbefebd/1/sRAf-GOlfHCIjtt7EF00ND7JQqo.roa
Signing time: Tue 04 Jan 2022 10:44:16 +0000
ROA not before: Tue 04 Jan 2022 10:44:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39791
IP address blocks: 193.109.176.0/21 maxlen: 21
89.111.64.0/18 maxlen: 18
89.111.72.0/22 maxlen: 22
89.111.76.0/22 maxlen: 22
2a01:a040::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136104 (0x213a8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ffc98428c2451c1aedf8affc072a95868ecee8b
Validity
Not Before: Jan 4 10:44:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1101ff863a57c70888edb7b105d34343ec942aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:db:9c:6d:8e:8a:7d:47:68:12:fc:2a:42:05:
9d:49:76:4f:e0:df:54:ac:d8:a8:00:b9:a9:42:b3:
a7:c9:a6:90:d2:d7:18:76:78:1b:55:dc:e5:e4:83:
d8:32:1a:76:28:18:fe:54:d6:fe:b2:51:73:fb:02:
70:ba:63:19:ea:41:2d:c0:7c:e2:ad:56:0d:fa:7f:
44:d8:27:81:9e:d7:91:3a:11:d2:b1:4a:9e:0d:93:
c1:53:74:10:6d:d1:64:24:ca:fe:1a:64:eb:aa:e9:
ae:76:dd:8f:86:e1:6b:a5:a9:15:ab:a5:8b:a8:e9:
e0:d6:ac:88:c7:67:8d:c2:a7:ab:d2:ef:cd:50:e6:
ea:8d:3e:e6:89:34:aa:99:aa:3a:99:e2:aa:c8:f0:
1c:b2:db:75:a3:eb:90:80:6e:3c:d7:5a:62:52:49:
3e:60:53:11:e6:69:5f:9b:34:e7:cd:58:93:e0:ca:
33:09:ef:d2:43:04:9f:e1:2a:9f:aa:48:46:56:90:
24:af:f9:6f:1b:e5:33:31:78:29:c1:a6:8b:92:8a:
98:d7:ef:33:30:8b:17:50:48:6e:9b:df:67:d2:d0:
3e:90:1b:02:f8:34:a7:dd:f6:5c:5d:a9:76:5c:0c:
c3:60:c7:51:69:ce:20:12:ab:2f:6d:7f:0e:c1:d4:
70:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:10:1F:F8:63:A5:7C:70:88:8E:DB:7B:10:5D:34:34:3E:C9:42:AA
X509v3 Authority Key Identifier:
keyid:9F:FC:98:42:8C:24:51:C1:AE:DF:8A:FF:C0:72:A9:58:68:EC:EE:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_yYQowkUcGu34r_wHKpWGjs7os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/724328-09d3-4964-acc4-b96d2fbefebd/1/sRAf-GOlfHCIjtt7EF00ND7JQqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/724328-09d3-4964-acc4-b96d2fbefebd/1/n_yYQowkUcGu34r_wHKpWGjs7os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.111.64.0/18
193.109.176.0/21
IPv6:
2a01:a040::/32
Signature Algorithm: sha256WithRSAEncryption
59:10:5b:65:47:da:cd:59:aa:f2:c3:29:5b:f8:4d:f9:c8:eb:
a4:22:5d:a7:76:ca:2b:42:8c:9e:41:60:c0:b0:4d:05:7a:d8:
5b:12:30:67:94:b0:8d:b7:eb:a3:d4:e0:02:ef:a0:53:39:e9:
5e:a1:40:c5:34:41:a0:84:d1:ef:57:3d:26:ac:4c:83:c6:dd:
45:41:0e:8c:ac:3e:d0:5f:95:4f:40:ab:fb:5c:2e:d2:40:19:
d6:04:2e:3c:66:9c:5f:e5:e5:fe:f6:ed:3d:ce:d0:5d:04:dc:
0a:77:7b:7e:53:3f:15:42:93:fd:de:7d:2a:c5:15:7e:2b:e7:
c2:8f:47:3f:74:dc:a6:9e:9f:db:58:fe:ca:4c:03:4d:46:72:
cb:7d:92:bd:4d:02:13:fb:8f:53:9e:a0:55:64:7c:f6:55:32:
30:f2:66:08:21:b3:10:76:41:53:8a:91:7d:c8:af:7e:1d:c6:
d8:4f:82:80:f0:e6:e0:0c:3e:de:89:e0:11:f7:aa:75:aa:b5:
16:a7:e0:e3:1f:ab:e5:1c:48:10:4d:fc:6b:4a:85:fa:39:2f:
39:16:7e:82:d1:7f:52:55:36:48:94:ff:20:ee:c1:d8:b7:e2:
46:a4:79:30:64:16:98:62:4a:2a:57:0c:9c:61:d8:72:bf:f2:
b9:98:72:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIDAhOoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlm
ZmM5ODQyOGMyNDUxYzFhZWRmOGFmZmMwNzJhOTU4NjhlY2VlOGIwHhcNMjIwMTA0
MTA0NDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiMTEwMWZmODYzYTU3
YzcwODg4ZWRiN2IxMDVkMzQzNDNlYzk0MmFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqtucbY6KfUdoEvwqQgWdSXZP4N9UrNioALmpQrOnyaaQ0tcY
dngbVdzl5IPYMhp2KBj+VNb+slFz+wJwumMZ6kEtwHzirVYN+n9E2CeBnteROhHS
sUqeDZPBU3QQbdFkJMr+GmTrqumudt2PhuFrpakVq6WLqOng1qyIx2eNwqer0u/N
UObqjT7miTSqmao6meKqyPAcstt1o+uQgG4811piUkk+YFMR5mlfmzTnzViT4Moz
Ce/SQwSf4SqfqkhGVpAkr/lvG+UzMXgpwaaLkoqY1+8zMIsXUEhum99n0tA+kBsC
+DSn3fZcXal2XAzDYMdRac4gEqsvbX8OwdRw5wIDAQABo4ICHjCCAhowHQYDVR0O
BBYEFLEQH/hjpXxwiI7bexBdNDQ+yUKqMB8GA1UdIwQYMBaAFJ/8mEKMJFHBrt+K
/8ByqVho7O6LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bl95WVFvd2tVY0d1MzRyX3dIS3BXR2pzN29zLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kZS83MjQzMjgtMDlkMy00OTY0LWFjYzQtYjk2ZDJmYmVmZWJkLzEv
c1JBZi1HT2xmSENJanR0N0VGMDBORDdKUXFvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS83
MjQzMjgtMDlkMy00OTY0LWFjYzQtYjk2ZDJmYmVmZWJkLzEvbl95WVFvd2tVY0d1
MzRyX3dIS3BXR2pzN29zLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQG
CCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGWW9AAwQDwW2wMA0EAgACMAcDBQAq
AaBAMA0GCSqGSIb3DQEBCwUAA4IBAQBZEFtlR9rNWarywylb+E35yOukIl2ndsor
QoyeQWDAsE0FethbEjBnlLCNt+uj1OAC76BTOeleoUDFNEGghNHvVz0mrEyDxt1F
QQ6MrD7QX5VPQKv7XC7SQBnWBC48Zpxf5eX+9u09ztBdBNwKd3t+Uz8VQpP93n0q
xRV+K+fCj0c/dNymnp/bWP7KTANNRnLLfZK9TQIT+49TnqBVZHz2VTIw8mYIIbMQ
dkFTipF9yK9+HcbYT4KA8ObgDD7eieAR96p1qrUWp+DjH6vlHEgQTfxrSoX6OS85
Fn6C0X9SVTZIlP8g7sHYt+JGpHkwZBaYYkoqVwycYdhyv/K5mHJU
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:35 2024 by rpki-client on console-fra.rpki-client.org