Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/M9HohLyWkbeQfZHlwW4FPVfeMZs.roa
File: M9HohLyWkbeQfZHlwW4FPVfeMZs.roa (raw, json)
Hash identifier: /E9nECkXbx53bxgDC13xFR2m6iXZSI+UXuBzXLH7Z0o=
Subject key identifier: 33:D1:E8:84:BC:96:91:B7:90:7D:91:E5:C1:6E:05:3D:57:DE:31:9B
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 0502BAC4
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/M9HohLyWkbeQfZHlwW4FPVfeMZs.roa
Signing time: Sat 01 Jan 2022 11:56:11 +0000
ROA not before: Sat 01 Jan 2022 11:56:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60695
IP address blocks: 185.228.108.0/22 maxlen: 22
155.133.33.0/24 maxlen: 24
185.225.100.0/22 maxlen: 22
2a06:1e00::/29 maxlen: 48
2a0d:b400::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84064964 (0x502bac4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Jan 1 11:56:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33d1e884bc9691b7907d91e5c16e053d57de319b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:dd:01:22:55:7f:cd:c9:bb:37:82:74:a3:34:
eb:06:a9:be:1a:81:7b:71:d6:7b:c0:c0:5a:d0:04:
82:c9:6b:9d:02:d4:ab:9d:e6:18:56:e3:b4:40:c3:
9e:b6:01:b6:21:c3:5d:48:d0:83:7f:a1:a8:c5:e5:
d1:55:55:0e:5c:ba:39:9b:4c:18:d5:6e:12:e6:ac:
ce:17:ea:af:06:bb:ac:86:fd:23:f2:c8:06:c0:26:
aa:45:10:0d:d4:90:f6:aa:37:cd:1a:c2:01:a6:31:
a9:dc:a5:3b:0a:ca:17:5a:39:eb:59:69:c4:23:75:
21:49:b6:6c:08:2d:75:b0:e9:1c:22:66:7f:32:3e:
9e:e3:44:0b:ed:6b:83:ba:74:02:fc:d7:16:7c:19:
63:bb:9e:71:58:48:d2:6a:f6:2b:2a:cb:1f:9d:f6:
e4:9e:4b:28:0f:b5:e7:68:01:76:62:bf:50:84:ef:
06:a9:73:99:48:70:59:ec:c6:e7:31:48:72:04:05:
55:b8:99:a8:59:8f:f0:3e:73:9c:53:85:73:e8:da:
c4:d0:82:1e:f2:37:45:63:d7:28:c6:ab:ca:2e:d1:
19:41:f6:17:88:e1:98:a4:09:ba:30:b2:b1:d2:ae:
2c:58:7c:24:d1:8c:c2:4e:65:da:6b:df:8b:77:52:
03:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D1:E8:84:BC:96:91:B7:90:7D:91:E5:C1:6E:05:3D:57:DE:31:9B
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/M9HohLyWkbeQfZHlwW4FPVfeMZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.33.0/24
185.225.100.0/22
185.228.108.0/22
IPv6:
2a06:1e00::/29
2a0d:b400::/29
Signature Algorithm: sha256WithRSAEncryption
4a:c7:05:73:d1:2a:12:4c:ac:f4:8d:e2:f9:f6:d5:f3:e6:3b:
95:d9:db:03:27:f4:9b:e3:d5:46:8b:3d:1f:fb:5a:b1:98:32:
e4:fa:f1:af:f2:87:52:c3:08:26:19:49:a7:67:15:39:90:c4:
6d:7e:39:4e:e4:ee:4f:b0:8a:74:37:1f:bc:c7:93:0c:e0:22:
8c:f6:1b:80:eb:9c:58:3c:33:02:54:e2:35:3c:35:99:99:14:
1d:09:74:ca:1b:0a:9b:ed:75:60:85:38:95:68:db:c8:fd:0a:
13:c9:b3:c8:ef:c4:78:00:0a:a9:67:7d:56:86:cb:99:90:03:
62:c1:ee:8d:76:b1:65:3a:84:5f:c0:f7:0f:bb:3e:94:45:b6:
a8:6e:36:b3:42:c6:53:23:7b:62:7f:de:22:f2:c8:1f:fd:e1:
f8:64:18:36:91:3a:d8:6a:ab:53:86:62:0b:9e:4d:17:2e:a8:
42:0f:57:c7:f3:2e:d2:63:df:91:f7:e2:31:03:cf:d9:48:4f:
44:a2:7d:95:63:1f:2d:72:3e:1c:fc:9e:4d:df:8d:c5:2f:91:
37:02:19:af:09:12:80:6b:56:88:e3:6d:d8:ef:76:6a:d6:00:
c6:91:9a:b3:65:a9:00:d4:94:28:23:0c:cb:66:72:d8:f3:03:
37:5e:95:e6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBQK6xDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MTFkNjgxNDM3NTI3MWQxYTNjYmQxMjE1NWRiMTFkMmJkNDFhOGQzMB4XDTIyMDEw
MTExNTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzNkMWU4ODRiYzk2
OTFiNzkwN2Q5MWU1YzE2ZTA1M2Q1N2RlMzE5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHdASJVf83JuzeCdKM06wapvhqBe3HWe8DAWtAEgslrnQLU
q53mGFbjtEDDnrYBtiHDXUjQg3+hqMXl0VVVDly6OZtMGNVuEuaszhfqrwa7rIb9
I/LIBsAmqkUQDdSQ9qo3zRrCAaYxqdylOwrKF1o561lpxCN1IUm2bAgtdbDpHCJm
fzI+nuNEC+1rg7p0AvzXFnwZY7uecVhI0mr2KyrLH5325J5LKA+152gBdmK/UITv
BqlzmUhwWezG5zFIcgQFVbiZqFmP8D5znFOFc+jaxNCCHvI3RWPXKMaryi7RGUH2
F4jhmKQJujCysdKuLFh8JNGMwk5l2mvfi3dSAz0CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQz0eiEvJaRt5B9keXBbgU9V94xmzAfBgNVHSMEGDAWgBQRHWgUN1Jx0aPL
0SFV2xHSvUGo0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VSMW9GRGRTY2RHank5RWhWZHNSMHIxQnFOTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvYThiMTRiLWZiMjUtNDdmOC04YjBkLTI3MWQyNWUyMDU3NC8x
L005SG9oTHlXa2JlUWZaSGx3VzRGUFZmZU1acy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
YThiMTRiLWZiMjUtNDdmOC04YjBkLTI3MWQyNWUyMDU3NC8xL0VSMW9GRGRTY2RH
ank5RWhWZHNSMHIxQnFOTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAJuFIQMEArnhZAMEArnkbDAUBAIA
AjAOAwUDKgYeAAMFAyoNtAAwDQYJKoZIhvcNAQELBQADggEBAErHBXPRKhJMrPSN
4vn21fPmO5XZ2wMn9Jvj1UaLPR/7WrGYMuT68a/yh1LDCCYZSadnFTmQxG1+OU7k
7k+winQ3H7zHkwzgIoz2G4DrnFg8MwJU4jU8NZmZFB0JdMobCpvtdWCFOJVo28j9
ChPJs8jvxHgACqlnfVaGy5mQA2LB7o12sWU6hF/A9w+7PpRFtqhuNrNCxlMje2J/
3iLyyB/94fhkGDaROthqq1OGYgueTRcuqEIPV8fzLtJj35H34jEDz9lIT0SifZVj
Hy1yPhz8nk3fjcUvkTcCGa8JEoBrVojjbdjvdmrWAMaRmrNlqQDUlCgjDMtmctjz
AzdeleY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:12 2023 by rpki-client on console-ams.rpki-client.org