Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/or1yA68RM2C6lMs4WmJFBwPnnVg.roa
File: or1yA68RM2C6lMs4WmJFBwPnnVg.roa (raw, json)
Hash identifier: T6Fl0VoU+oniWmPY5jEUwogOYXQmq8sdxo/hlbFHP5s=
Subject key identifier: A2:BD:72:03:AF:11:33:60:BA:94:CB:38:5A:62:45:07:03:E7:9D:58
Certificate issuer: /CN=8572d5acc25167699c7fcf3a1b804ea325ac4e5d
Certificate serial: 05583170
Authority key identifier: 85:72:D5:AC:C2:51:67:69:9C:7F:CF:3A:1B:80:4E:A3:25:AC:4E:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hXLVrMJRZ2mcf886G4BOoyWsTl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/or1yA68RM2C6lMs4WmJFBwPnnVg.roa
Signing time: Sat 01 Jan 2022 13:55:18 +0000
ROA not before: Sat 01 Jan 2022 13:55:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202746
IP address blocks: 185.43.52.0/22 maxlen: 24
2a04:94c0::/30 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89665904 (0x5583170)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8572d5acc25167699c7fcf3a1b804ea325ac4e5d
Validity
Not Before: Jan 1 13:55:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2bd7203af113360ba94cb385a62450703e79d58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7f:5b:f9:ab:8b:e8:39:c1:23:19:6c:96:44:
c4:e7:f9:1a:46:d3:ce:f5:7a:4d:d7:c5:61:3a:72:
ee:db:9f:71:f3:89:33:e8:b8:9d:45:b1:05:e3:a1:
8f:3b:70:3e:8d:04:e7:db:56:35:32:b2:21:0b:06:
db:eb:1b:e8:e0:77:bd:75:5f:19:72:29:a2:d7:75:
7d:56:ab:c3:2a:9e:91:73:2a:e6:46:e7:05:06:60:
32:ba:2e:f9:47:4c:00:1e:7f:7f:f7:5c:02:44:a1:
77:4a:84:19:ed:dc:e6:f8:d1:92:be:e0:f2:fe:d8:
8b:28:1b:f8:b0:57:3e:60:d9:76:57:40:a6:b7:d3:
01:be:57:7d:53:01:16:de:32:65:8f:d1:93:64:2f:
7f:f5:32:95:d2:63:7b:9c:c7:46:d7:e1:34:7a:2f:
57:4a:ef:e7:0b:5d:1e:3c:17:f9:b5:46:f8:5b:01:
31:db:9f:8d:e8:f3:f2:f9:f0:78:f3:83:1f:5f:cd:
58:30:e0:16:5e:85:2d:99:ff:92:e0:19:aa:af:51:
1a:6d:c4:d4:de:2e:db:23:49:43:44:51:b8:a6:fa:
c3:5c:94:06:55:01:24:1f:95:53:7e:71:ae:6c:02:
0a:77:05:8f:b9:75:51:c0:a7:b9:ae:38:7a:7c:9a:
99:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:BD:72:03:AF:11:33:60:BA:94:CB:38:5A:62:45:07:03:E7:9D:58
X509v3 Authority Key Identifier:
keyid:85:72:D5:AC:C2:51:67:69:9C:7F:CF:3A:1B:80:4E:A3:25:AC:4E:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hXLVrMJRZ2mcf886G4BOoyWsTl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/or1yA68RM2C6lMs4WmJFBwPnnVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/011234-cfb7-4275-9f79-40dc445c669a/1/hXLVrMJRZ2mcf886G4BOoyWsTl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.52.0/22
IPv6:
2a04:94c0::/30
Signature Algorithm: sha256WithRSAEncryption
67:de:8d:08:6c:e1:32:b7:f0:d6:02:9f:3c:24:0a:9c:38:a3:
2b:4c:56:bf:09:e5:f8:96:2e:83:11:e6:b6:16:04:06:27:2c:
ae:1c:ab:17:c8:e2:71:f2:99:60:75:c9:e0:25:0c:80:a8:0e:
10:93:e1:12:98:21:91:24:f6:c8:9b:8e:fb:68:df:d9:fd:c6:
b3:7c:d1:11:0a:3d:36:ca:a6:76:d5:ba:b4:92:64:98:3f:d5:
bf:02:b3:4f:2d:69:7e:23:05:ca:96:ed:60:22:1b:44:a6:30:
0b:52:3e:3e:47:91:4c:74:6c:d3:c4:c5:2b:a4:d0:3c:71:71:
3a:4e:e8:11:fd:5f:56:fe:75:da:da:2b:d0:e1:9c:8c:1f:28:
35:c4:93:87:07:4e:e2:24:c0:a3:c6:b7:89:f8:5e:a3:27:51:
3e:1d:81:64:04:a2:af:22:58:24:ab:93:0a:ba:b3:24:ab:3b:
65:2a:94:06:4a:66:ae:37:c4:2b:09:c1:cf:0f:d7:14:e5:98:
8f:12:02:63:b2:72:19:bf:52:27:6c:2e:4c:40:51:b1:83:0b:
d9:41:6a:02:bf:36:43:cd:4d:d6:5e:cb:18:9f:f0:0c:19:ec:
67:3f:74:21:03:59:fd:fb:56:55:28:05:f3:38:2e:d1:aa:66:
6b:e0:7f:37
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBVgxcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTcyZDVhY2MyNTE2NzY5OWM3ZmNmM2ExYjgwNGVhMzI1YWM0ZTVkMB4XDTIyMDEw
MTEzNTUxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJiZDcyMDNhZjEx
MzM2MGJhOTRjYjM4NWE2MjQ1MDcwM2U3OWQ1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIl/W/mri+g5wSMZbJZExOf5GkbTzvV6TdfFYTpy7tufcfOJ
M+i4nUWxBeOhjztwPo0E59tWNTKyIQsG2+sb6OB3vXVfGXIpotd1fVarwyqekXMq
5kbnBQZgMrou+UdMAB5/f/dcAkShd0qEGe3c5vjRkr7g8v7Yiygb+LBXPmDZdldA
prfTAb5XfVMBFt4yZY/Rk2Qvf/UyldJje5zHRtfhNHovV0rv5wtdHjwX+bVG+FsB
Mdufjejz8vnwePODH1/NWDDgFl6FLZn/kuAZqq9RGm3E1N4u2yNJQ0RRuKb6w1yU
BlUBJB+VU35xrmwCCncFj7l1UcCnua44enyamSUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSivXIDrxEzYLqUyzhaYkUHA+edWDAfBgNVHSMEGDAWgBSFctWswlFnaZx/
zzobgE6jJaxOXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hYTFZyTUpSWjJtY2Y4ODZHNEJPb3lXc1RsMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvMDExMjM0LWNmYjctNDI3NS05Zjc5LTQwZGM0NDVjNjY5YS8x
L29yMXlBNjhSTTJDNmxNczRXbUpGQndQbm5WZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
MDExMjM0LWNmYjctNDI3NS05Zjc5LTQwZGM0NDVjNjY5YS8xL2hYTFZyTUpSWjJt
Y2Y4ODZHNEJPb3lXc1RsMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkrNDANBAIAAjAHAwUCKgSUwDAN
BgkqhkiG9w0BAQsFAAOCAQEAZ96NCGzhMrfw1gKfPCQKnDijK0xWvwnl+JYugxHm
thYEBicsrhyrF8jicfKZYHXJ4CUMgKgOEJPhEpghkST2yJuO+2jf2f3Gs3zREQo9
NsqmdtW6tJJkmD/VvwKzTy1pfiMFypbtYCIbRKYwC1I+PkeRTHRs08TFK6TQPHFx
Ok7oEf1fVv512tor0OGcjB8oNcSThwdO4iTAo8a3ifheoydRPh2BZASiryJYJKuT
CrqzJKs7ZSqUBkpmrjfEKwnBzw/XFOWYjxICY7JyGb9SJ2wuTEBRsYML2UFqAr82
Q81N1l7LGJ/wDBnsZz90IQNZ/ftWVSgF8zgu0apma+B/Nw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:20 2024 by rpki-client on console-ams.rpki-client.org