Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/i6Ng_U9IqJfbg0tAJ-NyLPPczE0.roa
File: i6Ng_U9IqJfbg0tAJ-NyLPPczE0.roa (raw, json)
Hash identifier: bKz5+mloerDYWS9oJKEM50USktcTLyrS9zyh+FC4ngU=
Subject key identifier: 8B:A3:60:FD:4F:48:A8:97:DB:83:4B:40:27:E3:72:2C:F3:DC:CC:4D
Certificate issuer: /CN=1a1d2154b9324efb39ca38ba1931ba5dfb59e8fd
Certificate serial: 0182D533EC93493ACD49A593C4FAC774B1EA
Authority key identifier: 1A:1D:21:54:B9:32:4E:FB:39:CA:38:BA:19:31:BA:5D:FB:59:E8:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/i6Ng_U9IqJfbg0tAJ-NyLPPczE0.roa
Signing time: Thu 25 Aug 2022 13:32:06 +0000
ROA not before: Thu 25 Aug 2022 13:32:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46652
IP address blocks: 141.0.171.0/24 maxlen: 24
141.0.172.0/22 maxlen: 22
141.0.168.0/24 maxlen: 24
141.0.174.0/24 maxlen: 24
185.88.180.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:33:ec:93:49:3a:cd:49:a5:93:c4:fa:c7:74:b1:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a1d2154b9324efb39ca38ba1931ba5dfb59e8fd
Validity
Not Before: Aug 25 13:32:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ba360fd4f48a897db834b4027e3722cf3dccc4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:31:52:00:c8:6a:bc:c8:35:2c:0d:64:59:51:
48:da:40:5c:9e:57:d8:c2:a5:a5:4d:07:9e:09:4a:
b4:28:8e:30:2b:d9:8d:aa:e6:8a:71:74:44:2f:f1:
3e:87:f2:1a:c4:86:24:87:2e:eb:bc:d8:b2:20:b2:
d9:72:ba:67:a1:49:e1:d6:d2:c3:21:fe:4e:18:0d:
cb:44:53:99:76:22:2f:7c:4b:dd:09:6a:1c:41:82:
5a:8d:0f:ba:0d:24:11:7a:d7:a6:c0:60:52:ab:15:
4b:55:b0:9e:77:e3:b5:9f:07:8e:1f:0b:e3:80:fa:
c1:3c:38:ec:a8:93:1d:7c:a7:98:b5:1c:da:25:51:
39:fd:aa:65:eb:dc:32:31:29:10:99:17:10:05:6e:
15:6c:16:33:3f:f0:ef:81:84:8a:78:4b:c8:27:e4:
49:d5:17:b7:7a:fd:a6:33:35:7d:85:e5:0d:25:db:
c7:d2:d1:e7:e4:62:db:8b:cd:03:c7:31:95:19:98:
3f:71:8c:13:2e:88:6a:47:e6:16:87:31:3d:cc:78:
a8:b2:63:7a:2e:f9:26:09:49:6e:99:d3:0c:ba:89:
33:8d:f5:3c:e3:cc:ee:4f:d0:62:f5:7e:9d:8b:9e:
51:fd:35:8a:fc:75:79:5d:7d:bb:99:54:61:57:7e:
10:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A3:60:FD:4F:48:A8:97:DB:83:4B:40:27:E3:72:2C:F3:DC:CC:4D
X509v3 Authority Key Identifier:
keyid:1A:1D:21:54:B9:32:4E:FB:39:CA:38:BA:19:31:BA:5D:FB:59:E8:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gh0hVLkyTvs5yji6GTG6XftZ6P0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/i6Ng_U9IqJfbg0tAJ-NyLPPczE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/60f623-ed79-4030-8980-8901b052b86b/1/Gh0hVLkyTvs5yji6GTG6XftZ6P0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.0.168.0/24
141.0.171.0-141.0.175.255
185.88.180.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:85:6a:f2:a8:de:b2:07:6b:f6:ae:a2:b1:ba:01:ea:3c:64:
ba:1f:a5:44:71:c5:d3:37:d6:21:35:c4:48:e6:2e:10:74:97:
80:88:f5:b8:21:76:3f:d0:ac:b7:04:f5:0b:61:84:fb:54:35:
16:fd:61:aa:07:1f:1f:1b:ed:7c:d5:ab:79:33:12:a7:20:08:
f4:aa:32:69:b6:cc:04:a8:c4:6b:26:84:5a:3d:f6:6b:3d:a8:
bd:d0:8f:b9:d6:1a:10:4b:52:2c:06:bf:c6:82:94:f2:ee:29:
7a:b5:bd:92:3b:b5:60:40:f6:64:cc:ec:61:47:8d:0f:f4:4e:
55:a9:38:94:f4:df:03:f8:ed:7d:15:49:b5:9d:9c:ad:1f:bb:
fc:3f:ce:2c:06:20:12:b5:fd:d9:dd:60:3a:95:3d:ad:ac:60:
01:4d:a9:f8:6a:c8:59:91:66:0b:99:c4:26:dd:2e:90:38:13:
01:20:06:b8:e6:04:01:82:60:7e:6c:77:c9:56:93:97:2e:ef:
1e:b7:9b:ee:19:c8:0b:f2:85:4e:ba:08:9a:87:7d:2c:b6:e4:
8e:94:b5:ca:59:ad:67:cd:f1:16:5a:f3:7c:2a:6a:ea:2f:f8:
cf:c9:18:7c:3b:3a:11:8b:b3:d1:12:ce:45:97:0a:bc:eb:00:
fa:44:2b:5a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYLVM+yTSTrNSaWTxPrHdLHqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMWQyMTU0YjkzMjRlZmIzOWNhMzhiYTE5MzFiYTVkZmI1
OWU4ZmQwHhcNMjIwODI1MTMzMjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmEzNjBmZDRmNDhhODk3ZGI4MzRiNDAyN2UzNzIyY2YzZGNjYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDFSAMhqvMg1LA1kWVFI2kBcnlfY
wqWlTQeeCUq0KI4wK9mNquaKcXREL/E+h/IaxIYkhy7rvNiyILLZcrpnoUnh1tLD
If5OGA3LRFOZdiIvfEvdCWocQYJajQ+6DSQRetemwGBSqxVLVbCed+O1nweOHwvj
gPrBPDjsqJMdfKeYtRzaJVE5/apl69wyMSkQmRcQBW4VbBYzP/DvgYSKeEvIJ+RJ
1Re3ev2mMzV9heUNJdvH0tHn5GLbi80DxzGVGZg/cYwTLohqR+YWhzE9zHiosmN6
LvkmCUlumdMMuokzjfU848zuT9Bi9X6di55R/TWK/HV5XX27mVRhV34QOQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIujYP1PSKiX24NLQCfjcizz3MxNMB8GA1UdIwQY
MBaAFBodIVS5Mk77Oco4uhkxul37Wej9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2gwaFZMa3lUdnM1eWppNkdURzZYZnRaNlAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC82MGY2MjMtZWQ3OS00MDMwLTg5ODAt
ODkwMWIwNTJiODZiLzEvaTZOZ19VOUlxSmZiZzB0QUotTnlMUFBjekUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC82MGY2MjMtZWQ3OS00MDMwLTg5ODAtODkwMWIwNTJiODZi
LzEvR2gwaFZMa3lUdnM1eWppNkdURzZYZnRaNlAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAjQCoMAwD
BACNAKsDBASNAKADBAK5WLQwDQYJKoZIhvcNAQELBQADggEBAEqFavKo3rIHa/au
orG6Aeo8ZLofpURxxdM31iE1xEjmLhB0l4CI9bghdj/QrLcE9QthhPtUNRb9YaoH
Hx8b7XzVq3kzEqcgCPSqMmm2zASoxGsmhFo99ms9qL3Qj7nWGhBLUiwGv8aClPLu
KXq1vZI7tWBA9mTM7GFHjQ/0TlWpOJT03wP47X0VSbWdnK0fu/w/ziwGIBK1/dnd
YDqVPa2sYAFNqfhqyFmRZguZxCbdLpA4EwEgBrjmBAGCYH5sd8lWk5cu7x63m+4Z
yAvyhU66CJqHfSy25I6UtcpZrWfN8RZa83wqauov+M/JGHw7OhGLs9ESzkWXCrzr
APpEK1o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:45 2024 by rpki-client on console-fra.rpki-client.org