Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/cNF6UjzoWEXT4ZovM4ECKg1i25E.roa
File: cNF6UjzoWEXT4ZovM4ECKg1i25E.roa (raw, json)
Hash identifier: INlattjHOuNKU2R3m+ryGBt7epoeYy8f8ra1au3wD+k=
Subject key identifier: 70:D1:7A:52:3C:E8:58:45:D3:E1:9A:2F:33:81:02:2A:0D:62:DB:91
Certificate issuer: /CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Certificate serial: 0329FA61
Authority key identifier: 29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/cNF6UjzoWEXT4ZovM4ECKg1i25E.roa
Signing time: Sat 01 Jan 2022 13:07:47 +0000
ROA not before: Sat 01 Jan 2022 13:07:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12389
IP address blocks: 185.134.120.0/24 maxlen: 32
83.217.10.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53082721 (0x329fa61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2940b694bba095344e4bdb99f51e1f1023be57ce
Validity
Not Before: Jan 1 13:07:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70d17a523ce85845d3e19a2f3381022a0d62db91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:6f:48:f8:68:bf:9b:38:5e:11:15:17:d8:92:
ea:0a:c9:f8:e9:21:1d:5d:c1:73:bd:d1:65:15:91:
88:6b:3b:eb:5a:90:6a:11:78:d4:61:8f:69:a0:ba:
95:e2:42:26:ea:0d:9b:57:77:a2:79:ad:a0:e5:ed:
be:1e:54:6c:7e:12:16:db:2d:f4:99:d4:5c:61:ff:
48:52:c6:4c:75:bf:91:10:4c:04:2a:9a:0c:d6:02:
f6:9f:4f:01:d7:72:8e:3a:31:19:5a:8f:e4:7c:86:
4d:5f:34:d7:07:06:a5:28:d9:ff:bc:62:7f:18:0c:
c5:fe:d4:58:69:5d:a8:b4:9e:b3:62:06:4f:d5:59:
a0:a5:be:38:dd:7f:9e:66:7d:19:ec:1f:27:90:09:
a6:85:38:3a:70:9b:48:8d:c9:fe:9a:3a:f9:1f:c4:
d5:19:a8:75:06:10:84:b8:d2:68:e1:e8:9a:b6:2e:
9f:c0:79:8a:16:41:36:cc:fa:22:cb:ce:1b:8f:88:
79:6e:4c:f8:e0:13:18:ca:e5:6b:73:71:8f:8f:ea:
ce:af:a0:d6:f6:89:fb:2c:95:cd:fe:8e:fc:32:7e:
fe:ac:be:4c:e6:fd:6e:7f:cb:02:0e:9a:0b:dd:e6:
3a:c5:87:8f:98:13:ff:27:32:f0:6f:d6:d2:48:12:
2f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:D1:7A:52:3C:E8:58:45:D3:E1:9A:2F:33:81:02:2A:0D:62:DB:91
X509v3 Authority Key Identifier:
keyid:29:40:B6:94:BB:A0:95:34:4E:4B:DB:99:F5:1E:1F:10:23:BE:57:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUC2lLuglTROS9uZ9R4fECO-V84.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/cNF6UjzoWEXT4ZovM4ECKg1i25E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6107e4-4393-4cbe-a6c2-27c1a35976de/1/KUC2lLuglTROS9uZ9R4fECO-V84.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.217.10.0/24
185.134.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:fc:2a:f3:17:99:69:45:f3:08:40:3f:8f:ce:66:1a:c9:30:
b0:ad:ed:98:32:fa:95:55:c1:b0:e8:29:cd:2b:5c:31:83:c8:
b1:d3:a0:74:80:bd:85:a0:34:18:2d:42:41:83:b3:f4:75:bd:
9b:bd:27:43:2e:c5:a0:d9:50:b7:ff:a8:91:28:2e:1e:75:74:
cc:ce:8d:8e:9e:c5:0b:83:1c:b9:f0:48:5a:8c:3e:94:f0:b2:
68:b1:3a:df:26:ee:b7:11:91:05:0d:6e:a4:f5:39:88:f9:6f:
82:7f:e4:d3:f2:87:b2:45:c4:98:bd:da:51:33:fd:26:7a:a0:
22:fe:5d:66:db:3f:ca:e7:3b:e7:8b:c2:92:6f:42:5e:af:27:
0f:e5:9c:e0:14:ba:fd:4f:4d:a9:de:42:21:82:e8:1d:aa:bb:
66:34:6e:67:16:10:cb:0a:99:5a:55:d1:4d:f7:77:a6:67:3c:
0b:5d:76:85:7f:27:ac:1f:54:6e:1a:f2:52:24:6b:bf:69:7c:
9e:82:34:2f:10:33:db:a3:9d:42:6d:fe:61:66:c4:1e:0a:8f:
1c:d1:bc:c9:aa:a2:df:84:2f:fa:3c:40:9e:cb:f6:72:b8:98:
92:2d:c7:63:05:4e:de:f6:0a:bb:ec:d4:11:22:fd:90:ba:ed:
cc:d9:e2:29
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAyn6YTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTQwYjY5NGJiYTA5NTM0NGU0YmRiOTlmNTFlMWYxMDIzYmU1N2NlMB4XDTIyMDEw
MTEzMDc0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBkMTdhNTIzY2U4
NTg0NWQzZTE5YTJmMzM4MTAyMmEwZDYyZGI5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANxvSPhov5s4XhEVF9iS6grJ+OkhHV3Bc73RZRWRiGs761qQ
ahF41GGPaaC6leJCJuoNm1d3onmtoOXtvh5UbH4SFtst9JnUXGH/SFLGTHW/kRBM
BCqaDNYC9p9PAddyjjoxGVqP5HyGTV801wcGpSjZ/7xifxgMxf7UWGldqLSes2IG
T9VZoKW+ON1/nmZ9GewfJ5AJpoU4OnCbSI3J/po6+R/E1RmodQYQhLjSaOHomrYu
n8B5ihZBNsz6IsvOG4+IeW5M+OATGMrla3Nxj4/qzq+g1vaJ+yyVzf6O/DJ+/qy+
TOb9bn/LAg6aC93mOsWHj5gT/ycy8G/W0kgSLzkCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRw0XpSPOhYRdPhmi8zgQIqDWLbkTAfBgNVHSMEGDAWgBQpQLaUu6CVNE5L
25n1Hh8QI75XzjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tVQzJsTHVnbFRST1M5dVo5UjRmRUNPLVY4NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvNjEwN2U0LTQzOTMtNGNiZS1hNmMyLTI3YzFhMzU5NzZkZS8x
L2NORjZVanpvV0VYVDRab3ZNNEVDS2cxaTI1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
NjEwN2U0LTQzOTMtNGNiZS1hNmMyLTI3YzFhMzU5NzZkZS8xL0tVQzJsTHVnbFRS
T1M5dVo5UjRmRUNPLVY4NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFPZCgMEALmGeDANBgkqhkiG9w0B
AQsFAAOCAQEACvwq8xeZaUXzCEA/j85mGskwsK3tmDL6lVXBsOgpzStcMYPIsdOg
dIC9haA0GC1CQYOz9HW9m70nQy7FoNlQt/+okSguHnV0zM6Njp7FC4McufBIWow+
lPCyaLE63ybutxGRBQ1upPU5iPlvgn/k0/KHskXEmL3aUTP9JnqgIv5dZts/yuc7
54vCkm9CXq8nD+Wc4BS6/U9Nqd5CIYLoHaq7ZjRuZxYQywqZWlXRTfd3pmc8C112
hX8nrB9UbhryUiRrv2l8noI0LxAz26OdQm3+YWbEHgqPHNG8yaqi34Qv+jxAnsv2
criYki3HYwVO3vYKu+zUESL9kLrtzNniKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:58 2024 by rpki-client on console-fra.rpki-client.org