Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/iSXmn3-ZZjWhdoQhDQvGmEe1eTI.roa
File: iSXmn3-ZZjWhdoQhDQvGmEe1eTI.roa (raw, json)
Hash identifier: LIBSP5Ds8VJXQB70TX8rgBoyFbAGr86nOxggjk4oYas=
Subject key identifier: 89:25:E6:9F:7F:99:66:35:A1:76:84:21:0D:0B:C6:98:47:B5:79:32
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0548A7F7
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/iSXmn3-ZZjWhdoQhDQvGmEe1eTI.roa
Signing time: Fri 20 May 2022 07:59:29 +0000
ROA not before: Fri 20 May 2022 07:59:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211396
IP address blocks: 85.239.148.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
85.239.149.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88647671 (0x548a7f7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: May 20 07:59:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8925e69f7f996635a17684210d0bc69847b57932
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e5:cb:89:74:a8:68:1e:e1:62:42:1c:cd:6e:
ee:3a:ed:f2:8e:76:a1:2b:55:a9:f2:81:82:74:e8:
ec:39:71:b3:17:8b:18:8f:99:d5:dc:f5:2e:7a:00:
0d:0f:52:8e:51:01:af:c0:13:a8:24:c9:60:c6:a4:
1d:d3:b8:fe:1d:d4:d8:ce:3b:37:1a:1c:83:27:9b:
dd:10:e4:c5:ba:d3:b5:c5:f5:2c:67:73:b1:08:23:
e5:1b:48:17:b5:fb:d2:9c:ba:08:6c:68:41:a5:39:
b3:cd:48:86:11:fb:39:68:98:56:1b:a1:58:58:6e:
69:a3:2d:a1:1a:b4:59:61:2f:0e:96:85:f4:38:70:
39:6c:4f:c6:b3:d9:84:88:41:3f:2c:43:39:dd:e8:
77:fd:f3:40:7b:11:04:c3:10:fa:c0:9d:63:82:e5:
66:15:b1:c6:8a:fa:c1:34:07:4f:99:47:aa:8b:7d:
00:02:eb:3e:15:98:cf:f8:cd:fc:ad:ba:bb:34:43:
62:4c:78:ba:d2:cd:0b:30:64:89:9f:57:32:29:fd:
0b:1b:6f:41:23:f2:45:80:28:33:c6:cc:00:4a:c8:
c6:00:31:d1:34:78:ea:f3:b0:e5:69:ca:12:5a:a0:
ea:bf:82:6d:1f:12:c2:eb:52:d5:df:ac:9a:a8:16:
ba:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:25:E6:9F:7F:99:66:35:A1:76:84:21:0D:0B:C6:98:47:B5:79:32
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/iSXmn3-ZZjWhdoQhDQvGmEe1eTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.148.0/23
85.239.151.0/24
185.95.156.0/23
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:e5:e2:7a:84:13:f4:0e:cc:0a:8b:bb:d6:6f:6e:64:5d:98:
31:bf:5e:70:3e:9b:94:b8:13:bc:86:d1:5f:54:e1:3d:a9:3e:
65:56:ee:d4:87:ff:5f:8d:50:fc:50:89:fa:64:ce:45:ca:72:
83:55:8a:c7:42:5b:b5:a6:6d:f2:b9:c5:15:2e:87:a4:ff:c4:
f4:f1:d7:36:d0:52:71:4c:d5:84:0d:80:81:7d:55:27:b5:95:
4b:2c:d5:10:fd:c3:98:0e:de:2c:33:ef:7c:b0:c1:32:1a:47:
dc:75:a9:97:45:2c:1f:a2:46:31:a9:8a:e2:cf:ba:80:0c:85:
73:7f:6d:3d:18:5b:51:33:11:09:41:48:8f:df:5e:a9:f3:74:
3e:08:53:a6:58:a1:1c:e3:90:9d:d8:61:91:2f:e2:63:ac:c3:
40:4d:84:b4:75:c7:d1:49:bf:7d:94:be:09:97:71:12:30:8a:
d7:53:95:91:fd:fa:94:8a:28:a0:97:9f:10:a7:c8:88:4a:c3:
ea:09:28:76:ad:b1:ba:a7:4b:bc:12:63:6b:2a:7d:f6:6c:80:
f8:b5:9d:80:3f:fe:56:d6:c1:d0:7e:46:6d:98:f9:cb:8b:17:
d1:ac:9e:0b:e1:a3:ec:6a:9c:94:94:cf:12:19:8b:9a:29:a5:
3a:1e:27:36
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBUin9zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDUy
MDA3NTkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODkyNWU2OWY3Zjk5
NjYzNWExNzY4NDIxMGQwYmM2OTg0N2I1NzkzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjly4l0qGge4WJCHM1u7jrt8o52oStVqfKBgnTo7DlxsxeL
GI+Z1dz1LnoADQ9SjlEBr8ATqCTJYMakHdO4/h3U2M47Nxocgyeb3RDkxbrTtcX1
LGdzsQgj5RtIF7X70py6CGxoQaU5s81IhhH7OWiYVhuhWFhuaaMtoRq0WWEvDpaF
9DhwOWxPxrPZhIhBPyxDOd3od/3zQHsRBMMQ+sCdY4LlZhWxxor6wTQHT5lHqot9
AALrPhWYz/jN/K26uzRDYkx4utLNCzBkiZ9XMin9CxtvQSPyRYAoM8bMAErIxgAx
0TR46vOw5WnKElqg6r+CbR8SwutS1d+smqgWuk0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSJJeaff5lmNaF2hCENC8aYR7V5MjAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
L2lTWG1uMy1aWmpXaGRvUWhEUXZHbUVlMWVUSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVXvlAMEAFXvlwMEAblfnAMEALlf
nzANBgkqhkiG9w0BAQsFAAOCAQEAHuXieoQT9A7MCou71m9uZF2YMb9ecD6blLgT
vIbRX1ThPak+ZVbu1If/X41Q/FCJ+mTORcpyg1WKx0JbtaZt8rnFFS6HpP/E9PHX
NtBScUzVhA2AgX1VJ7WVSyzVEP3DmA7eLDPvfLDBMhpH3HWpl0UsH6JGMamK4s+6
gAyFc39tPRhbUTMRCUFIj99eqfN0PghTplihHOOQndhhkS/iY6zDQE2EtHXH0Um/
fZS+CZdxEjCK11OVkf36lIoooJefEKfIiErD6gkodq2xuqdLvBJjayp99myA+LWd
gD/+VtbB0H5GbZj5y4sX0ayeC+Gj7GqclJTPEhmLmimlOh4nNg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org