Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/ig7bIhF-uTGa6s6wUGKGX29NkpI.roa
File: ig7bIhF-uTGa6s6wUGKGX29NkpI.roa (raw, json)
Hash identifier: JRMkPscnE6MB1awLjXLxRAMVVhQFIGEMU0mdOuWScf8=
Subject key identifier: 8A:0E:DB:22:11:7E:B9:31:9A:EA:CE:B0:50:62:86:5F:6F:4D:92:92
Certificate issuer: /CN=2fbd3c7e9c77f9a8894905650d7f5a439a07265d
Certificate serial: 022413
Authority key identifier: 2F:BD:3C:7E:9C:77:F9:A8:89:49:05:65:0D:7F:5A:43:9A:07:26:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L708fpx3-aiJSQVlDX9aQ5oHJl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/ig7bIhF-uTGa6s6wUGKGX29NkpI.roa
Signing time: Mon 13 Jun 2022 08:06:05 +0000
ROA not before: Mon 13 Jun 2022 08:06:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204581
IP address blocks: 194.59.157.0/24 maxlen: 24
194.59.168.0/24 maxlen: 24
185.239.228.0/22 maxlen: 24
194.59.176.0/24 maxlen: 24
194.59.181.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 140307 (0x22413)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fbd3c7e9c77f9a8894905650d7f5a439a07265d
Validity
Not Before: Jun 13 08:06:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a0edb22117eb9319aeaceb05062865f6f4d9292
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:2f:e6:7d:fb:06:19:14:1a:52:0a:48:b3:5d:
34:d7:b3:24:bf:d3:8d:db:de:c2:ed:05:20:a6:49:
62:63:b9:59:58:d2:19:70:18:f1:b4:6f:85:90:4a:
99:40:ba:1a:c0:47:ed:26:9b:40:c7:23:cb:f5:f6:
66:37:3a:35:08:5a:01:00:ce:1a:77:65:47:bc:f1:
a6:cb:9a:fd:dc:08:31:03:81:95:fb:a4:f7:9d:a7:
d8:26:87:e4:39:4f:5c:96:0c:b7:c6:c4:7d:74:d2:
b7:83:24:17:64:a7:a4:3f:1c:f7:b7:bd:da:a5:f3:
ec:8a:5f:bb:0a:f0:66:15:a5:25:d2:6d:ed:5d:39:
66:9d:66:c1:d1:8c:d7:7b:76:0d:13:a1:89:63:c6:
7e:2b:82:0e:c2:ac:f8:0d:dc:a1:34:ad:72:13:78:
34:f3:a9:63:df:d0:5d:24:9b:e2:28:58:3f:37:03:
68:2a:2d:ef:37:25:5b:8d:21:27:55:34:88:c4:44:
5e:5a:d6:ca:2d:4a:43:7b:2b:6b:6f:08:28:ce:42:
3b:71:bb:52:61:50:3b:c3:e8:c3:99:40:0d:2b:1d:
53:83:1e:17:d5:40:97:81:f5:e0:39:1b:38:49:09:
b0:40:4c:66:69:9b:84:10:86:a4:56:eb:01:c4:e9:
40:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0E:DB:22:11:7E:B9:31:9A:EA:CE:B0:50:62:86:5F:6F:4D:92:92
X509v3 Authority Key Identifier:
keyid:2F:BD:3C:7E:9C:77:F9:A8:89:49:05:65:0D:7F:5A:43:9A:07:26:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L708fpx3-aiJSQVlDX9aQ5oHJl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/ig7bIhF-uTGa6s6wUGKGX29NkpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/eebdcd-896f-4675-a246-5dcbbde35dcd/1/L708fpx3-aiJSQVlDX9aQ5oHJl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.228.0/22
194.59.157.0/24
194.59.168.0/24
194.59.176.0/24
194.59.181.0/24
Signature Algorithm: sha256WithRSAEncryption
58:91:9e:6d:d7:53:14:12:ff:12:68:96:2b:e5:c0:f4:8b:a6:
9d:25:9e:eb:d8:f7:a6:28:65:01:39:4c:73:d6:26:86:b6:bc:
27:44:e4:1f:26:54:3c:68:dd:e9:12:66:5f:c8:8a:51:22:06:
75:34:e6:25:2a:e2:79:d7:d2:68:0d:e8:7d:c4:8f:71:8a:8e:
28:6c:46:ce:e7:16:70:40:96:8c:a6:46:b0:89:f9:d1:f9:cb:
5b:7d:2d:b1:12:3c:dd:ce:5a:5e:cc:d7:e6:fa:a2:04:07:25:
3a:0c:42:dd:d0:24:6e:79:88:11:54:e7:75:e7:69:53:b0:14:
fe:59:1e:02:f7:0b:b9:ca:a2:52:0a:10:81:c7:1f:56:37:d9:
3b:1f:34:01:dd:5f:33:f5:9b:25:06:a7:a6:42:0e:7e:fd:05:
b6:9c:4e:e5:65:bc:b1:9a:3d:85:02:af:98:57:23:9c:66:73:
05:21:c3:f9:6f:fc:31:13:2e:28:c1:e5:81:a4:13:e5:31:22:
19:d5:cd:c1:71:87:06:87:9a:80:1c:1e:98:ec:02:8a:0e:12:
e7:2c:3a:be:e8:f9:3b:70:08:6d:38:8b:93:51:65:7d:f4:6c:
b5:e5:85:20:64:44:25:d9:10:b0:ee:95:88:b3:50:5f:df:2f:
03:c7:f2:71
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIDAiQTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJm
YmQzYzdlOWM3N2Y5YTg4OTQ5MDU2NTBkN2Y1YTQzOWEwNzI2NWQwHhcNMjIwNjEz
MDgwNjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4YTBlZGIyMjExN2Vi
OTMxOWFlYWNlYjA1MDYyODY1ZjZmNGQ5MjkyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7C/mffsGGRQaUgpIs10017Mkv9ON297C7QUgpkliY7lZWNIZ
cBjxtG+FkEqZQLoawEftJptAxyPL9fZmNzo1CFoBAM4ad2VHvPGmy5r93AgxA4GV
+6T3nafYJofkOU9clgy3xsR9dNK3gyQXZKekPxz3t73apfPsil+7CvBmFaUl0m3t
XTlmnWbB0YzXe3YNE6GJY8Z+K4IOwqz4DdyhNK1yE3g086lj39BdJJviKFg/NwNo
Ki3vNyVbjSEnVTSIxEReWtbKLUpDeytrbwgozkI7cbtSYVA7w+jDmUANKx1Tgx4X
1UCXgfXgORs4SQmwQExmaZuEEIakVusBxOlAzQIDAQABo4ICITCCAh0wHQYDVR0O
BBYEFIoO2yIRfrkxmurOsFBihl9vTZKSMB8GA1UdIwQYMBaAFC+9PH6cd/moiUkF
ZQ1/WkOaByZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
TDcwOGZweDMtYWlKU1FWbERYOWFRNW9ISmwwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xNy9lZWJkY2QtODk2Zi00Njc1LWEyNDYtNWRjYmJkZTM1ZGNkLzEv
aWc3YkloRi11VEdhNnM2d1VHS0dYMjlOa3BJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9l
ZWJkY2QtODk2Zi00Njc1LWEyNDYtNWRjYmJkZTM1ZGNkLzEvTDcwOGZweDMtYWlK
U1FWbERYOWFRNW9ISmwwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDcG
CCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCue/kAwQAwjudAwQAwjuoAwQAwjuw
AwQAwju1MA0GCSqGSIb3DQEBCwUAA4IBAQBYkZ5t11MUEv8SaJYr5cD0i6adJZ7r
2PemKGUBOUxz1iaGtrwnROQfJlQ8aN3pEmZfyIpRIgZ1NOYlKuJ519JoDeh9xI9x
io4obEbO5xZwQJaMpkawifnR+ctbfS2xEjzdzlpezNfm+qIEByU6DELd0CRueYgR
VOd152lTsBT+WR4C9wu5yqJSChCBxx9WN9k7HzQB3V8z9ZslBqemQg5+/QW2nE7l
Zbyxmj2FAq+YVyOcZnMFIcP5b/wxEy4oweWBpBPlMSIZ1c3BcYcGh5qAHB6Y7AKK
DhLnLDq+6Pk7cAhtOIuTUWV99Gy15YUgZEQl2RCw7pWIs1Bf3y8Dx/Jx
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:39 2024 by rpki-client on console-ams.rpki-client.org