Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/ih5GunlY6726rBQ6vFOcASlQAis.roa
File: ih5GunlY6726rBQ6vFOcASlQAis.roa (raw, json)
Hash identifier: 92caYbr95qPKtaqgWmoiD0ue0DWvP8rm38MbYpHyTjc=
Subject key identifier: 8A:1E:46:BA:79:58:EB:BD:BA:AC:14:3A:BC:53:9C:01:29:50:02:2B
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 0184F17227D1664440206688F15C83965FEE
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/ih5GunlY6726rBQ6vFOcASlQAis.roa
Signing time: Thu 08 Dec 2022 11:15:01 +0000
ROA not before: Thu 08 Dec 2022 11:15:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34535
IP address blocks: 178.250.188.0/23 maxlen: 23
193.0.229.0/24 maxlen: 24
193.0.227.0/24 maxlen: 24
193.0.230.0/24 maxlen: 24
178.250.184.0/22 maxlen: 22
2a0f:cdc0::/32 maxlen: 32
2a0f:cdc1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:72:27:d1:66:44:40:20:66:88:f1:5c:83:96:5f:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Dec 8 11:15:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a1e46ba7958ebbdbaac143abc539c012950022b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:fb:52:23:01:0b:6e:f5:7e:95:b4:ef:dd:a8:
03:fa:9e:10:4b:20:08:81:3b:39:0f:0c:32:6e:2f:
3b:b8:f4:37:0b:49:2e:0d:2f:66:38:ff:01:b5:5a:
e7:cf:de:cb:55:e9:36:99:95:d6:14:38:c1:cf:b3:
0b:a8:0e:96:3e:60:81:a6:5c:24:91:22:18:79:c7:
3f:26:b5:f3:64:b4:9d:c8:36:34:82:1e:97:dc:9f:
2a:1e:ef:49:73:8d:c2:b7:04:b8:3c:d5:60:ea:e1:
b2:b6:9d:a5:67:cf:77:a6:1b:71:7a:48:fa:99:b3:
f5:fc:85:9f:43:c0:9a:72:1c:d9:9a:28:ca:a4:60:
7a:66:bf:c5:23:17:d4:05:09:ec:de:f2:1e:1b:e4:
4f:cf:b0:44:5d:55:44:82:5d:06:fc:a0:e8:65:a7:
08:da:a8:ae:f2:e7:a0:26:4b:df:64:b4:19:b7:e7:
bc:02:e8:3b:a4:7c:9c:fa:17:a5:7f:41:f5:01:3d:
90:61:03:be:1c:7a:f5:71:4d:39:22:49:84:3b:5e:
57:90:52:6d:62:c1:f1:89:78:5b:5f:dd:a4:aa:15:
c8:21:f9:a8:7c:69:59:db:9d:ab:ec:2a:3b:96:25:
38:83:37:98:96:92:ee:79:d4:99:45:64:5f:d2:10:
36:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1E:46:BA:79:58:EB:BD:BA:AC:14:3A:BC:53:9C:01:29:50:02:2B
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/ih5GunlY6726rBQ6vFOcASlQAis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.184.0-178.250.189.255
193.0.227.0/24
193.0.229.0-193.0.230.255
IPv6:
2a0f:cdc0::/31
Signature Algorithm: sha256WithRSAEncryption
22:eb:ce:43:76:ab:b8:8d:2a:e3:dc:df:41:8d:84:d9:ee:88:
11:b8:42:21:af:2c:d2:01:c9:d9:13:4f:14:6d:89:ab:7e:6c:
27:32:95:dc:29:50:37:e9:1b:8a:2d:4d:d2:67:e6:6b:72:42:
53:44:79:3d:a5:01:e8:dd:45:d9:d4:82:71:10:78:14:b2:80:
2f:f0:c9:ac:ce:e1:e3:a0:33:1e:5b:fb:a3:de:28:45:4e:ed:
72:0b:dd:c9:f2:70:71:2b:97:24:a5:17:96:ea:21:dd:74:b8:
7a:54:40:3e:89:ee:6d:29:39:c7:4c:a8:a6:95:67:a3:18:86:
6d:39:ad:0c:92:23:bd:11:46:af:0a:24:ba:88:bd:95:9b:74:
23:24:89:e9:1c:7e:75:5f:e2:c1:8e:c3:3d:cc:1d:50:6d:e4:
3d:62:f0:a6:df:c8:0e:ef:7c:d2:d3:c5:a5:c6:3e:9c:3a:d5:
b5:49:ea:c8:63:49:f6:e3:68:cf:24:31:ec:4d:e8:0a:6d:4d:
9a:3c:8f:a6:a4:bf:69:9d:b0:94:2d:2c:44:6a:c3:4c:7e:8e:
5d:95:f3:f1:ef:1d:35:d2:61:78:e3:53:96:23:05:77:0f:f1:
d4:fa:97:a6:58:5d:75:0a:ca:b4:4f:5c:20:77:f4:e8:69:3b:
fe:87:97:b1
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYTxcifRZkRAIGaI8VyDll/uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjIxMjA4MTExNTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTFlNDZiYTc5NThlYmJkYmFhYzE0M2FiYzUzOWMwMTI5NTAwMjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPtSIwELbvV+lbTv3agD+p4QSyAI
gTs5Dwwybi87uPQ3C0kuDS9mOP8BtVrnz97LVek2mZXWFDjBz7MLqA6WPmCBplwk
kSIYecc/JrXzZLSdyDY0gh6X3J8qHu9Jc43CtwS4PNVg6uGytp2lZ893phtxekj6
mbP1/IWfQ8CachzZmijKpGB6Zr/FIxfUBQns3vIeG+RPz7BEXVVEgl0G/KDoZacI
2qiu8uegJkvfZLQZt+e8Aug7pHyc+helf0H1AT2QYQO+HHr1cU05IkmEO15XkFJt
YsHxiXhbX92kqhXIIfmofGlZ252r7Co7liU4gzeYlpLuedSZRWRf0hA2sQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIoeRrp5WOu9uqwUOrxTnAEpUAIrMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvaWg1R3VubFk2NzI2ckJRNnZGT2NBU2xRQWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAOy+rgD
BAGy+rwDBADBAOMwDAMEAMEA5QMEAMEA5jANBAIAAjAHAwUBKg/NwDANBgkqhkiG
9w0BAQsFAAOCAQEAIuvOQ3aruI0q49zfQY2E2e6IEbhCIa8s0gHJ2RNPFG2Jq35s
JzKV3ClQN+kbii1N0mfma3JCU0R5PaUB6N1F2dSCcRB4FLKAL/DJrM7h46AzHlv7
o94oRU7tcgvdyfJwcSuXJKUXluoh3XS4elRAPonubSk5x0yoppVnoxiGbTmtDJIj
vRFGrwokuoi9lZt0IySJ6Rx+dV/iwY7DPcwdUG3kPWLwpt/IDu980tPFpcY+nDrV
tUnqyGNJ9uNozyQx7E3oCm1NmjyPpqS/aZ2wlC0sRGrDTH6OXZXz8e8dNdJheONT
liMFdw/x1PqXplhddQrKtE9cIHf06Gk7/oeXsQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:53 2024 by rpki-client on console-ams.rpki-client.org