Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/o6YodhuOkgrXKarFAgUgEOK4JVg.roa
File: o6YodhuOkgrXKarFAgUgEOK4JVg.roa (raw, json)
Hash identifier: V/WiPhkRr1lZTCa12VsiMTYHpW4wpbNBxgcGjVcco0I=
Subject key identifier: A3:A6:28:76:1B:8E:92:0A:D7:29:AA:C5:02:05:20:10:E2:B8:25:58
Certificate issuer: /CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Certificate serial: 33DDB792
Authority key identifier: AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/o6YodhuOkgrXKarFAgUgEOK4JVg.roa
Signing time: Sat 01 Jan 2022 04:52:52 +0000
ROA not before: Sat 01 Jan 2022 04:52:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20647
IP address blocks: 185.27.156.0/22 maxlen: 22
194.29.224.0/19 maxlen: 19
91.102.8.0/21 maxlen: 21
2a02:f28::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 870168466 (0x33ddb792)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa35f907ec7dbf9c65b815aa3d7202b6dfae3148
Validity
Not Before: Jan 1 04:52:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3a628761b8e920ad729aac502052010e2b82558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7a:f2:c3:34:66:f1:bb:bf:dc:a2:bb:aa:a5:
32:15:03:d0:31:7f:b4:88:74:c3:2f:bf:56:9b:63:
e1:b4:ab:aa:86:4e:6d:05:f6:d3:3a:22:6d:c9:24:
8e:ab:81:42:74:26:d2:85:b4:00:3e:f7:05:7d:2e:
4a:34:cf:a4:3f:45:25:b0:5f:e6:ad:a8:f2:c8:66:
b2:51:5e:71:5a:2c:b6:c3:0b:09:4e:a2:61:10:90:
fb:6d:38:5c:c8:14:81:90:52:6e:3c:ad:13:e1:32:
39:38:d6:23:03:3b:bd:9d:ab:a9:d5:bf:61:f9:70:
79:e7:98:2b:d0:10:6d:c4:6d:cd:fc:bc:52:c1:9c:
38:e0:e1:28:71:e7:7c:e8:60:21:a2:84:84:d7:2f:
b0:c3:3e:16:59:cb:e5:f7:bf:45:a7:99:e1:95:38:
a6:c7:c6:c0:1a:e4:cf:32:e5:e8:bc:cd:63:52:45:
8d:60:4f:1b:08:33:24:3a:4c:d9:82:44:b9:4b:09:
2a:7c:d7:b2:e3:bc:5a:06:86:ed:d2:d2:2a:09:69:
7b:d9:a6:52:db:d8:13:de:81:83:21:16:6c:ad:70:
ff:da:46:64:c8:52:1e:14:e4:d2:a0:2d:f1:08:d5:
fb:9c:8a:7f:ab:38:b9:6d:d9:43:ff:01:80:1d:b4:
dd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:A6:28:76:1B:8E:92:0A:D7:29:AA:C5:02:05:20:10:E2:B8:25:58
X509v3 Authority Key Identifier:
keyid:AA:35:F9:07:EC:7D:BF:9C:65:B8:15:AA:3D:72:02:B6:DF:AE:31:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjX5B-x9v5xluBWqPXICtt-uMUg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/o6YodhuOkgrXKarFAgUgEOK4JVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/b1c50e-af27-4a62-ae23-b6f1cfaa6985/1/qjX5B-x9v5xluBWqPXICtt-uMUg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.8.0/21
185.27.156.0/22
194.29.224.0/19
IPv6:
2a02:f28::/32
Signature Algorithm: sha256WithRSAEncryption
55:88:22:ce:82:96:18:3c:88:b3:37:9b:16:80:d7:6f:2c:ce:
25:63:3d:0e:bb:e2:c3:7a:b0:a6:3f:24:51:ac:53:a8:99:85:
1c:70:ff:ed:d9:0d:84:d6:2a:14:fb:03:76:ee:ea:4f:70:40:
90:5f:01:26:93:40:2a:88:f6:9e:1d:79:03:57:74:53:d2:41:
4b:76:47:7d:60:4d:8e:e9:55:79:5e:61:60:5a:88:93:d1:f3:
08:e0:e7:4f:05:94:26:4a:60:3c:39:25:ca:6b:a2:80:a4:80:
54:5e:f1:59:66:16:a7:61:01:d8:ee:41:7c:47:bd:6a:6d:25:
e2:d0:75:bc:c5:ab:e2:2b:db:9c:a3:2c:60:f6:d0:d7:3f:53:
0a:b3:c0:24:9d:ff:fb:61:0f:dc:75:67:18:e2:6a:90:97:d4:
b8:d3:84:aa:80:da:23:4b:e5:c5:d4:a2:31:2d:48:78:af:4a:
4a:ab:c3:0e:8e:af:38:a5:2c:12:21:bf:1c:3a:1b:69:af:80:
53:b0:db:7d:52:b6:24:bf:5d:ed:d0:35:6b:c8:80:6e:4c:2c:
83:7d:68:4c:8d:f7:26:54:74:10:d3:74:d3:ff:54:1b:95:9f:
e1:34:6f:6f:bd:f0:8b:70:d0:e0:50:a4:8e:d3:fc:17:94:e8:
eb:cd:47:30
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEM923kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTM1ZjkwN2VjN2RiZjljNjViODE1YWEzZDcyMDJiNmRmYWUzMTQ4MB4XDTIyMDEw
MTA0NTI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNhNjI4NzYxYjhl
OTIwYWQ3MjlhYWM1MDIwNTIwMTBlMmI4MjU1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALR68sM0ZvG7v9yiu6qlMhUD0DF/tIh0wy+/Vptj4bSrqoZO
bQX20zoibckkjquBQnQm0oW0AD73BX0uSjTPpD9FJbBf5q2o8shmslFecVostsML
CU6iYRCQ+204XMgUgZBSbjytE+EyOTjWIwM7vZ2rqdW/YflweeeYK9AQbcRtzfy8
UsGcOODhKHHnfOhgIaKEhNcvsMM+FlnL5fe/RaeZ4ZU4psfGwBrkzzLl6LzNY1JF
jWBPGwgzJDpM2YJEuUsJKnzXsuO8WgaG7dLSKglpe9mmUtvYE96BgyEWbK1w/9pG
ZMhSHhTk0qAt8QjV+5yKf6s4uW3ZQ/8BgB203T8CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSjpih2G46SCtcpqsUCBSAQ4rglWDAfBgNVHSMEGDAWgBSqNfkH7H2/nGW4
Fao9cgK2364xSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FqWDVCLXg5djV4bHVCV3FQWElDdHQtdU1VZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvYjFjNTBlLWFmMjctNGE2Mi1hZTIzLWI2ZjFjZmFhNjk4NS8x
L282WW9kaHVPa2dyWEthckZBZ1VnRU9LNEpWZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
YjFjNTBlLWFmMjctNGE2Mi1hZTIzLWI2ZjFjZmFhNjk4NS8xL3FqWDVCLXg5djV4
bHVCV3FQWElDdHQtdU1VZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1tmCAMEArkbnAMEBcId4DANBAIA
AjAHAwUAKgIPKDANBgkqhkiG9w0BAQsFAAOCAQEAVYgizoKWGDyIszebFoDXbyzO
JWM9Drviw3qwpj8kUaxTqJmFHHD/7dkNhNYqFPsDdu7qT3BAkF8BJpNAKoj2nh15
A1d0U9JBS3ZHfWBNjulVeV5hYFqIk9HzCODnTwWUJkpgPDklymuigKSAVF7xWWYW
p2EB2O5BfEe9am0l4tB1vMWr4ivbnKMsYPbQ1z9TCrPAJJ3/+2EP3HVnGOJqkJfU
uNOEqoDaI0vlxdSiMS1IeK9KSqvDDo6vOKUsEiG/HDobaa+AU7DbfVK2JL9d7dA1
a8iAbkwsg31oTI33JlR0ENN00/9UG5Wf4TRvb73wi3DQ4FCkjtP8F5To681HMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:40 2024 by rpki-client on console-ams.rpki-client.org