Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/iuI3BcV0EbOC1chkj90zsHHJjh8.roa
File: iuI3BcV0EbOC1chkj90zsHHJjh8.roa (raw, json)
Hash identifier: dSt0tKtUBYwbuU/SoJmrdVxQWEjxMohkK3ImFVwsL6U=
Subject key identifier: 8A:E2:37:05:C5:74:11:B3:82:D5:C8:64:8F:DD:33:B0:71:C9:8E:1F
Certificate issuer: /CN=81e34878f96b3997aa78f4c7fb695ef0dbc6d360
Certificate serial: 01843EEE85E7F8246BFFC15185D784C570B5
Authority key identifier: 81:E3:48:78:F9:6B:39:97:AA:78:F4:C7:FB:69:5E:F0:DB:C6:D3:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/geNIePlrOZeqePTH-2le8NvG02A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/iuI3BcV0EbOC1chkj90zsHHJjh8.roa
Signing time: Thu 03 Nov 2022 19:18:50 +0000
ROA not before: Thu 03 Nov 2022 19:18:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209281
IP address blocks: 185.20.108.0/22 maxlen: 22
2a00:4de0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:ee:85:e7:f8:24:6b:ff:c1:51:85:d7:84:c5:70:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81e34878f96b3997aa78f4c7fb695ef0dbc6d360
Validity
Not Before: Nov 3 19:18:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ae23705c57411b382d5c8648fdd33b071c98e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:07:d1:85:73:3f:bd:5e:08:05:a2:72:d0:f1:
3c:b4:53:9d:69:17:db:fe:5f:61:49:0b:f8:03:b6:
58:f8:04:cb:68:c3:5f:fc:65:f6:3a:d9:9d:45:d4:
c6:0b:f8:6d:77:2f:bf:fd:f6:d8:13:ad:47:39:47:
e8:18:d8:90:10:9a:02:9c:0b:bd:4e:9b:f7:ab:ed:
67:59:04:05:c4:5c:24:e1:f3:0d:22:9b:ed:b0:36:
3b:d3:f9:b7:3c:68:b1:e1:9d:f4:e0:7e:f2:75:eb:
26:84:c9:00:7c:3f:a7:18:9e:61:f2:5c:1c:6d:d2:
1a:91:ca:39:4e:18:59:34:da:44:8c:54:f0:1d:fa:
e0:10:e9:3f:9d:82:c0:9a:1c:b5:3c:93:c7:08:4e:
b6:c7:29:56:bc:51:59:53:3b:8d:8b:9b:bb:2b:69:
4a:42:58:03:2f:2b:db:5d:ee:dc:7a:25:ff:0a:ad:
0f:e9:1e:44:2e:3a:b1:6b:12:76:4a:66:fe:9b:56:
31:53:fd:7e:9f:6e:6d:7c:5f:ee:2f:31:c3:03:0d:
d6:61:f5:01:c1:ed:62:3d:f2:b7:1f:2a:71:5b:ff:
c7:e8:0a:46:a6:6f:25:b5:9b:87:f0:99:60:91:f5:
1d:41:a0:a8:5a:80:fb:9f:62:82:f8:16:09:f3:c8:
13:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E2:37:05:C5:74:11:B3:82:D5:C8:64:8F:DD:33:B0:71:C9:8E:1F
X509v3 Authority Key Identifier:
keyid:81:E3:48:78:F9:6B:39:97:AA:78:F4:C7:FB:69:5E:F0:DB:C6:D3:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/geNIePlrOZeqePTH-2le8NvG02A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/iuI3BcV0EbOC1chkj90zsHHJjh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/bebc33-e901-4559-bdd0-b53204d93c33/1/geNIePlrOZeqePTH-2le8NvG02A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.20.108.0/22
IPv6:
2a00:4de0::/29
Signature Algorithm: sha256WithRSAEncryption
76:d3:0c:27:00:5a:df:d8:07:c1:ef:bc:66:b1:37:46:29:df:
ba:cd:44:d2:a1:3a:4e:9d:2c:c6:d0:07:89:00:c1:5a:ae:df:
ff:37:12:e6:08:6d:bf:b9:95:aa:f7:f2:fa:3e:8e:f3:b8:06:
f4:2e:65:51:ad:16:44:25:9e:66:ab:c4:2a:38:77:6c:fb:0b:
69:27:2a:ce:2e:c3:9f:87:0e:23:ff:b4:ea:1a:9f:09:76:0c:
b0:a0:56:bd:a5:0d:1d:74:a1:4c:a2:a1:a1:06:e9:f7:16:be:
99:0f:3e:e4:23:1f:eb:66:cb:af:81:4f:c7:61:fb:d5:53:cf:
7c:4b:fc:cf:b5:20:4f:7c:e0:5a:8d:cd:24:dc:40:25:e9:09:
0f:cb:18:35:12:f7:9b:9d:02:fb:1b:2d:e9:cf:56:f9:89:56:
75:34:b3:04:d4:fc:1b:a4:fe:f4:d0:f9:4b:11:5f:6a:d7:a2:
d7:e1:42:38:d2:33:8a:5a:e8:a2:1c:dc:85:b0:3c:a3:af:f9:
b9:45:1e:37:c8:3b:16:80:b1:63:a3:23:db:9a:8d:c5:53:8a:
b1:c4:69:db:64:9f:39:83:33:9e:1b:9e:97:e9:e6:bb:53:7b:
65:33:59:c5:ab:33:c3:79:34:6e:81:55:00:3e:2f:80:fb:6b:
3f:d1:f1:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQ+7oXn+CRr/8FRhdeExXC1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZTM0ODc4Zjk2YjM5OTdhYTc4ZjRjN2ZiNjk1ZWYwZGJj
NmQzNjAwHhcNMjIxMTAzMTkxODUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWUyMzcwNWM1NzQxMWIzODJkNWM4NjQ4ZmRkMzNiMDcxYzk4ZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAfRhXM/vV4IBaJy0PE8tFOdaRfb
/l9hSQv4A7ZY+ATLaMNf/GX2OtmdRdTGC/htdy+//fbYE61HOUfoGNiQEJoCnAu9
Tpv3q+1nWQQFxFwk4fMNIpvtsDY70/m3PGix4Z304H7ydesmhMkAfD+nGJ5h8lwc
bdIakco5ThhZNNpEjFTwHfrgEOk/nYLAmhy1PJPHCE62xylWvFFZUzuNi5u7K2lK
QlgDLyvbXe7ceiX/Cq0P6R5ELjqxaxJ2Smb+m1YxU/1+n25tfF/uLzHDAw3WYfUB
we1iPfK3HypxW//H6ApGpm8ltZuH8JlgkfUdQaCoWoD7n2KC+BYJ88gTmQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIriNwXFdBGzgtXIZI/dM7BxyY4fMB8GA1UdIwQY
MBaAFIHjSHj5azmXqnj0x/tpXvDbxtNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2VOSWVQbHJPWmVxZVBUSC0ybGU4TnZHMDJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iZWJjMzMtZTkwMS00NTU5LWJkZDAt
YjUzMjA0ZDkzYzMzLzEvaXVJM0JjVjBFYk9DMWNoa2o5MHpzSEhKamg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iZWJjMzMtZTkwMS00NTU5LWJkZDAtYjUzMjA0ZDkzYzMz
LzEvZ2VOSWVQbHJPWmVxZVBUSC0ybGU4TnZHMDJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRRsMA0E
AgACMAcDBQMqAE3gMA0GCSqGSIb3DQEBCwUAA4IBAQB20wwnAFrf2AfB77xmsTdG
Kd+6zUTSoTpOnSzG0AeJAMFart//NxLmCG2/uZWq9/L6Po7zuAb0LmVRrRZEJZ5m
q8QqOHds+wtpJyrOLsOfhw4j/7TqGp8JdgywoFa9pQ0ddKFMoqGhBun3Fr6ZDz7k
Ix/rZsuvgU/HYfvVU898S/zPtSBPfOBajc0k3EAl6QkPyxg1EvebnQL7Gy3pz1b5
iVZ1NLME1PwbpP700PlLEV9q16LX4UI40jOKWuiiHNyFsDyjr/m5RR43yDsWgLFj
oyPbmo3FU4qxxGnbZJ85gzOeG56X6ea7U3tlM1nFqzPDeTRugVUAPi+A+2s/0fGP
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:39 2024 by rpki-client on console-ams.rpki-client.org