Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/oTiIaq9Y957nvyilq-74YgolBIg.roa
File: oTiIaq9Y957nvyilq-74YgolBIg.roa (raw, json)
Hash identifier: BKnaii6IiUTQz8VuxHdwEnHEMt+ymhbXi1T4i002j0g=
Subject key identifier: A1:38:88:6A:AF:58:F7:9E:E7:BF:28:A5:AB:EE:F8:62:0A:25:04:88
Certificate issuer: /CN=7d4d1c8790a913e832c733dff778dee79129700a
Certificate serial: 246497F0
Authority key identifier: 7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/oTiIaq9Y957nvyilq-74YgolBIg.roa
Signing time: Sat 01 Jan 2022 07:00:59 +0000
ROA not before: Sat 01 Jan 2022 07:00:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.54.240.0/22 maxlen: 22
2001:780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 610572272 (0x246497f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d4d1c8790a913e832c733dff778dee79129700a
Validity
Not Before: Jan 1 07:00:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a138886aaf58f79ee7bf28a5abeef8620a250488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:39:46:3d:eb:70:85:2e:57:75:65:de:ab:56:
75:68:d7:05:61:2b:ec:8e:bb:36:68:be:e3:32:5a:
55:8c:af:4d:d6:dd:77:d4:a2:4c:12:78:22:86:c4:
7e:1b:d2:e6:b9:92:fa:ed:31:95:51:bd:46:d1:ae:
60:f9:da:fc:21:28:2c:f0:88:6a:bd:1b:99:d6:c5:
bb:70:0f:de:04:c7:95:23:62:11:a3:8e:64:bf:ea:
fd:2c:6d:4b:da:b7:63:1f:97:5b:f1:e3:30:b2:19:
e5:d6:cc:97:60:83:a4:6f:bd:cf:d4:35:11:f9:53:
e1:7c:7c:de:8a:ea:76:21:25:16:f2:b4:3e:cb:9b:
2b:6f:ab:3b:d3:c4:c3:a5:ba:1c:16:83:92:87:25:
28:53:bc:ff:fb:0b:66:fa:47:57:ea:db:5c:b0:9c:
68:f5:2a:38:3c:73:c8:2d:0c:04:df:75:25:ef:5c:
5d:c5:5c:18:6f:46:98:39:70:27:96:f3:f3:64:53:
da:a0:8b:be:a4:1f:4a:55:13:8c:51:4d:45:d9:41:
36:44:da:61:44:12:b0:7c:e8:02:7b:73:ff:ca:4f:
82:e0:67:fc:4a:86:10:2e:90:c0:73:f4:f0:5a:d1:
9c:02:fc:64:8a:0e:80:36:84:c0:02:49:f4:22:52:
b4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:38:88:6A:AF:58:F7:9E:E7:BF:28:A5:AB:EE:F8:62:0A:25:04:88
X509v3 Authority Key Identifier:
keyid:7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/oTiIaq9Y957nvyilq-74YgolBIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.54.240.0/22
IPv6:
2001:780::/29
Signature Algorithm: sha256WithRSAEncryption
49:33:93:8d:85:b6:50:4f:8e:f2:ef:ad:14:cc:25:38:98:0b:
b3:71:a6:30:12:3b:d4:37:0a:59:6a:9a:8d:38:f9:09:0e:16:
2c:34:2f:f8:b2:4c:d7:54:ba:aa:79:61:45:f9:71:8a:36:c0:
0c:07:06:7b:d9:86:0b:ca:2c:95:a8:03:a6:61:72:df:76:ba:
52:4c:37:df:9e:2a:a9:fc:d8:d7:1d:28:d8:ac:10:7f:6b:de:
8b:0d:61:e4:fe:1b:ca:0d:11:2a:cc:9f:10:51:c0:21:10:56:
c9:e1:f4:28:7c:0f:27:c3:f3:b7:60:69:3f:55:67:5a:a7:0b:
20:21:d4:7f:e4:1b:a1:ad:4b:bf:f6:67:b4:68:95:68:64:a6:
71:53:fa:2d:bd:2c:4e:38:1d:c5:7d:24:65:5c:59:fa:a3:14:
c4:cd:6d:6c:a9:44:44:b7:c8:32:5a:e0:d2:f2:71:5e:44:eb:
5c:d7:a6:d7:b5:21:71:44:2e:b1:58:08:42:44:d2:dc:75:b6:
e3:11:bc:fa:47:73:bb:9b:b7:4e:69:2f:e5:7b:5c:8f:bf:1c:
4c:4c:a9:b7:84:48:b4:54:60:b0:78:fd:a9:65:9a:7a:9c:c2:
bd:09:9c:ba:d7:97:7a:2f:06:4a:76:d3:3a:d8:d5:43:b9:70:
60:45:4e:2c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEJGSX8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDRkMWM4NzkwYTkxM2U4MzJjNzMzZGZmNzc4ZGVlNzkxMjk3MDBhMB4XDTIyMDEw
MTA3MDA1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTEzODg4NmFhZjU4
Zjc5ZWU3YmYyOGE1YWJlZWY4NjIwYTI1MDQ4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANg5Rj3rcIUuV3Vl3qtWdWjXBWEr7I67Nmi+4zJaVYyvTdbd
d9SiTBJ4IobEfhvS5rmS+u0xlVG9RtGuYPna/CEoLPCIar0bmdbFu3AP3gTHlSNi
EaOOZL/q/SxtS9q3Yx+XW/HjMLIZ5dbMl2CDpG+9z9Q1EflT4Xx83orqdiElFvK0
PsubK2+rO9PEw6W6HBaDkoclKFO8//sLZvpHV+rbXLCcaPUqODxzyC0MBN91Je9c
XcVcGG9GmDlwJ5bz82RT2qCLvqQfSlUTjFFNRdlBNkTaYUQSsHzoAntz/8pPguBn
/EqGEC6QwHP08FrRnAL8ZIoOgDaEwAJJ9CJStOUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBShOIhqr1j3nue/KKWr7vhiCiUEiDAfBgNVHSMEGDAWgBR9TRyHkKkT6DLH
M9/3eN7nkSlwCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZVMGNoNUNwRS1neXh6UGY5M2plNTVFcGNBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvMWM2MTgwLTk5NTAtNGNlOC04MTFlLWY4ZDY2MmI5NmRhYi8x
L29UaUlhcTlZOTU3bnZ5aWxxLTc0WWdvbEJJZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
MWM2MTgwLTk5NTAtNGNlOC04MTFlLWY4ZDY2MmI5NmRhYi8xL2ZVMGNoNUNwRS1n
eXh6UGY5M2plNTVFcGNBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArk28DANBAIAAjAHAwUDIAEHgDAN
BgkqhkiG9w0BAQsFAAOCAQEASTOTjYW2UE+O8u+tFMwlOJgLs3GmMBI71DcKWWqa
jTj5CQ4WLDQv+LJM11S6qnlhRflxijbADAcGe9mGC8oslagDpmFy33a6Ukw3354q
qfzY1x0o2KwQf2veiw1h5P4byg0RKsyfEFHAIRBWyeH0KHwPJ8Pzt2BpP1VnWqcL
ICHUf+Qboa1Lv/ZntGiVaGSmcVP6Lb0sTjgdxX0kZVxZ+qMUxM1tbKlERLfIMlrg
0vJxXkTrXNem17UhcUQusVgIQkTS3HW24xG8+kdzu5u3Tmkv5Xtcj78cTEypt4RI
tFRgsHj9qWWaepzCvQmcuteXei8GSnbTOtjVQ7lwYEVOLA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:23 2024 by rpki-client on console-ams.rpki-client.org