Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/ahzwnxXb_Zb73QXwKwKDGKGXRwk.roa
File: ahzwnxXb_Zb73QXwKwKDGKGXRwk.roa (raw, json)
Hash identifier: bkvq+iuAfOg57acEBGtyHefJb46cSALYfzBjEOV0hN4=
Subject key identifier: 6A:1C:F0:9F:15:DB:FD:96:FB:DD:05:F0:2B:02:83:18:A1:97:47:09
Certificate issuer: /CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
Certificate serial: 348699B0
Authority key identifier: F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/ahzwnxXb_Zb73QXwKwKDGKGXRwk.roa
Signing time: Sat 01 Jan 2022 04:55:43 +0000
ROA not before: Sat 01 Jan 2022 04:55:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60567
IP address blocks: 185.29.10.0/24 maxlen: 24
185.29.9.0/24 maxlen: 24
185.29.8.0/24 maxlen: 24
2a02:4840:200::/48 maxlen: 48
2a02:4840:201::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 881236400 (0x348699b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f764eed15c52b4c8110a222963dc7b7d4ba2d146
Validity
Not Before: Jan 1 04:55:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a1cf09f15dbfd96fbdd05f02b028318a1974709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e9:f6:b7:bb:86:d6:42:db:f9:ed:06:ed:29:
ad:ba:89:b3:75:48:3f:1e:43:c6:80:4a:f0:c5:e9:
23:d1:97:f6:73:f5:00:03:39:68:d9:eb:1a:0b:6b:
9f:3d:98:25:a5:18:64:44:59:91:d8:a6:17:60:ed:
de:c2:5e:73:eb:d1:78:6b:27:97:82:7f:2a:5b:2e:
f2:37:4c:b4:44:f5:2f:7a:a4:be:bd:da:b4:2e:14:
29:63:30:a4:b1:ac:df:df:f0:be:19:bc:43:04:67:
ab:1b:3e:d1:af:6e:22:33:d6:92:7e:4b:29:51:78:
32:bd:30:0a:7d:a2:d4:9c:de:64:f3:1a:bd:64:68:
65:2b:62:69:d9:14:62:05:86:56:01:d3:fa:66:e7:
18:98:f8:3f:3f:73:d1:b1:bc:2f:42:f9:d4:5f:06:
58:7f:d7:3f:46:35:d1:cd:e2:13:21:f0:9f:79:32:
07:fc:e5:ec:0f:47:c5:b4:03:20:78:6b:c7:ce:a5:
e5:ea:b7:34:4a:a9:1e:1b:aa:79:a2:2e:01:0a:32:
4c:c4:9a:fe:5a:0c:5e:6b:b8:7a:93:0d:4f:b5:2c:
31:c5:2a:67:07:e1:67:e2:5e:20:7d:99:b8:7d:14:
e6:96:b2:98:0d:aa:41:43:79:17:35:18:93:a5:50:
c7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:1C:F0:9F:15:DB:FD:96:FB:DD:05:F0:2B:02:83:18:A1:97:47:09
X509v3 Authority Key Identifier:
keyid:F7:64:EE:D1:5C:52:B4:C8:11:0A:22:29:63:DC:7B:7D:4B:A2:D1:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92Tu0VxStMgRCiIpY9x7fUui0UY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/ahzwnxXb_Zb73QXwKwKDGKGXRwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/741f06-c3d1-483b-b908-28a4953f0530/1/92Tu0VxStMgRCiIpY9x7fUui0UY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.29.8.0-185.29.10.255
IPv6:
2a02:4840:200::/47
Signature Algorithm: sha256WithRSAEncryption
3d:bc:ef:85:39:c4:b1:43:a5:1b:13:cc:34:10:a6:ef:46:db:
f0:01:c9:56:24:0f:a3:0e:24:a5:a4:d6:f3:16:68:7b:79:4e:
a0:66:02:0f:de:99:89:ee:16:de:7b:d6:d5:43:09:93:40:b6:
0d:61:8d:fa:4d:f4:6d:1b:12:25:4e:1a:62:37:91:81:a3:d2:
82:06:c4:bf:a7:15:ab:d5:78:fe:58:10:ea:5a:3f:2b:c3:28:
fa:70:99:de:26:ea:33:d6:fb:d0:25:46:4f:65:73:b1:17:ca:
bf:33:9e:46:70:01:4c:1c:12:6e:7a:18:5b:cc:6b:dd:81:03:
49:a9:a4:ae:f8:f2:4a:39:b7:91:f4:41:86:52:de:a3:8e:dc:
f2:51:8b:3f:1c:6e:0a:9c:3c:15:6c:bc:98:73:3b:32:fb:f7:
09:87:7a:6e:c3:86:19:bd:cb:e0:48:1e:86:ec:bc:00:99:5c:
ee:6d:a4:dd:18:e1:85:c6:4a:f3:04:9d:8f:c3:74:f4:78:73:
43:15:db:39:83:07:3a:5d:f9:81:90:37:53:1e:5e:39:1a:55:
12:86:b3:ce:48:44:0a:ab:64:4b:99:55:9c:81:a8:c2:35:c0:
55:51:23:58:08:24:f3:59:03:d6:0b:b8:46:a8:59:11:4e:1e:
04:9e:94:29
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIENIaZsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NzY0ZWVkMTVjNTJiNGM4MTEwYTIyMjk2M2RjN2I3ZDRiYTJkMTQ2MB4XDTIyMDEw
MTA0NTU0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmExY2YwOWYxNWRi
ZmQ5NmZiZGQwNWYwMmIwMjgzMThhMTk3NDcwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3p9re7htZC2/ntBu0prbqJs3VIPx5DxoBK8MXpI9GX9nP1
AAM5aNnrGgtrnz2YJaUYZERZkdimF2Dt3sJec+vReGsnl4J/Klsu8jdMtET1L3qk
vr3atC4UKWMwpLGs39/wvhm8QwRnqxs+0a9uIjPWkn5LKVF4Mr0wCn2i1JzeZPMa
vWRoZStiadkUYgWGVgHT+mbnGJj4Pz9z0bG8L0L51F8GWH/XP0Y10c3iEyHwn3ky
B/zl7A9HxbQDIHhrx86l5eq3NEqpHhuqeaIuAQoyTMSa/loMXmu4epMNT7UsMcUq
ZwfhZ+JeIH2ZuH0U5paymA2qQUN5FzUYk6VQx7MCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBRqHPCfFdv9lvvdBfArAoMYoZdHCTAfBgNVHSMEGDAWgBT3ZO7RXFK0yBEK
Iilj3Ht9S6LRRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzkyVHUwVnhTdE1nUkNpSXBZOXg3ZlV1aTBVWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvNzQxZjA2LWMzZDEtNDgzYi1iOTA4LTI4YTQ5NTNmMDUzMC8x
L2FoendueFhiX1piNzNRWHdLd0tER0tHWFJ3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
NzQxZjA2LWMzZDEtNDgzYi1iOTA4LTI4YTQ5NTNmMDUzMC8xLzkyVHUwVnhTdE1n
UkNpSXBZOXg3ZlV1aTBVWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwFAQCAAEwDjAMAwQDuR0IAwQAuR0KMA8EAgACMAkD
BwEqAkhAAgAwDQYJKoZIhvcNAQELBQADggEBAD2874U5xLFDpRsTzDQQpu9G2/AB
yVYkD6MOJKWk1vMWaHt5TqBmAg/emYnuFt571tVDCZNAtg1hjfpN9G0bEiVOGmI3
kYGj0oIGxL+nFavVeP5YEOpaPyvDKPpwmd4m6jPW+9AlRk9lc7EXyr8znkZwAUwc
Em56GFvMa92BA0mppK748ko5t5H0QYZS3qOO3PJRiz8cbgqcPBVsvJhzOzL79wmH
em7Dhhm9y+BIHobsvACZXO5tpN0Y4YXGSvMEnY/DdPR4c0MV2zmDBzpd+YGQN1Me
XjkaVRKGs85IRAqrZEuZVZyBqMI1wFVRI1gIJPNZA9YLuEaoWRFOHgSelCk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:58 2024 by rpki-client on console-ams.rpki-client.org