Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/IXIS2dTAn5gklYhbv9W3T2KbXuc.roa
File: IXIS2dTAn5gklYhbv9W3T2KbXuc.roa (raw, json)
Hash identifier: wl/tfJaTCmbNh9iJ6P/CU6n5pQcB4SnA5ctRxo0BdH8=
Subject key identifier: 21:72:12:D9:D4:C0:9F:98:24:95:88:5B:BF:D5:B7:4F:62:9B:5E:E7
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0182932EEB0420245D0BAFF981A1698F6600
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/IXIS2dTAn5gklYhbv9W3T2KbXuc.roa
Signing time: Fri 12 Aug 2022 17:51:41 +0000
ROA not before: Fri 12 Aug 2022 17:51:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58212
IP address blocks: 185.236.8.0/24 maxlen: 24
185.236.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:93:2e:eb:04:20:24:5d:0b:af:f9:81:a1:69:8f:66:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Aug 12 17:51:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=217212d9d4c09f982495885bbfd5b74f629b5ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dc:55:09:dc:ce:9c:24:64:13:8f:83:32:ec:
96:fa:92:74:5e:b3:e1:94:10:1f:0d:9c:f0:69:aa:
c8:60:db:c7:96:c4:e7:10:2d:23:cf:66:ac:f3:42:
d2:90:e8:f9:4e:8e:6d:76:46:4a:c5:f4:b2:12:19:
08:69:8f:42:d6:db:7f:4d:92:1e:b0:a1:59:4a:d2:
48:a7:2c:af:7e:f3:a0:57:86:c1:41:59:fb:92:2a:
99:ac:6d:44:a6:ba:47:a5:0e:45:ac:f5:76:28:cd:
2c:65:99:bc:ef:49:16:9e:bd:2a:8c:1b:61:28:64:
56:34:20:a9:c7:dc:46:6e:9b:b8:34:a7:a7:7f:79:
4d:10:8f:e5:18:3b:1d:b4:18:32:d9:ff:b4:e6:c8:
5d:8c:1b:b2:c2:89:4c:ed:ac:de:b2:9a:ba:0e:0a:
aa:50:d8:46:06:2e:c3:94:dd:8b:93:1d:f2:13:fe:
dc:d3:12:71:87:13:8d:51:2b:2f:f7:e1:b6:f3:0e:
66:03:80:b6:d0:8c:07:cd:12:3a:00:c1:dc:86:30:
63:60:0c:ef:ad:a6:37:6f:24:df:80:87:92:ba:7d:
36:f2:1f:da:21:6b:19:37:43:06:4b:af:a7:f8:de:
ca:ec:d1:7d:40:eb:df:5e:da:7f:61:00:15:43:82:
39:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:72:12:D9:D4:C0:9F:98:24:95:88:5B:BF:D5:B7:4F:62:9B:5E:E7
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/IXIS2dTAn5gklYhbv9W3T2KbXuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.8.0/24
185.236.11.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:62:e8:55:52:3b:38:2a:f8:76:f0:63:67:16:7c:2b:cd:56:
00:48:e4:a6:98:1c:83:c4:37:ff:e3:8c:da:8f:34:ad:dd:e4:
d2:f0:83:df:37:6c:53:77:6b:8c:56:17:db:ee:c3:11:b9:76:
6b:fe:ac:dd:b3:4e:f0:33:ba:21:ce:67:a9:ac:bb:e7:84:aa:
1d:61:a6:b8:b0:44:db:31:8a:14:78:b2:6b:4f:94:14:7b:8c:
38:6e:1a:03:86:af:53:f1:10:e3:3f:e1:b0:05:d5:f4:76:6a:
49:39:46:90:e0:d7:89:25:30:b4:3a:76:81:95:90:59:e0:00:
5a:99:6a:d1:5f:79:e3:ba:69:04:33:97:db:14:e0:fa:8d:c5:
a0:79:1c:94:44:b7:14:ad:4a:89:7a:ea:b6:28:e5:36:ff:4f:
dc:75:59:10:ce:96:47:9f:77:a3:b5:0a:7a:f0:18:b6:ec:cb:
f9:7d:7f:07:18:34:8f:85:98:74:7e:df:b6:7d:3b:db:39:de:
18:7a:84:ff:d5:91:6b:42:dd:a2:ed:4e:c7:b2:bd:cb:3f:24:
e4:02:fb:94:5c:8b:58:27:03:b9:c2:7f:30:9a:68:60:be:4b:
50:ca:61:19:33:43:de:07:d1:6c:a2:ea:37:b7:34:84:84:d2:
f7:51:3c:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKTLusEICRdC6/5gaFpj2YAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjIwODEyMTc1MTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTcyMTJkOWQ0YzA5Zjk4MjQ5NTg4NWJiZmQ1Yjc0ZjYyOWI1ZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdxVCdzOnCRkE4+DMuyW+pJ0XrPh
lBAfDZzwaarIYNvHlsTnEC0jz2as80LSkOj5To5tdkZKxfSyEhkIaY9C1tt/TZIe
sKFZStJIpyyvfvOgV4bBQVn7kiqZrG1EprpHpQ5FrPV2KM0sZZm870kWnr0qjBth
KGRWNCCpx9xGbpu4NKenf3lNEI/lGDsdtBgy2f+05shdjBuywolM7azespq6Dgqq
UNhGBi7DlN2Lkx3yE/7c0xJxhxONUSsv9+G28w5mA4C20IwHzRI6AMHchjBjYAzv
raY3byTfgIeSun028h/aIWsZN0MGS6+n+N7K7NF9QOvfXtp/YQAVQ4I5OQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCFyEtnUwJ+YJJWIW7/Vt09im17nMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvSVhJUzJkVEFuNWdrbFloYnY5VzNUMktiWHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuewIAwQA
uewLMA0GCSqGSIb3DQEBCwUAA4IBAQBOYuhVUjs4Kvh28GNnFnwrzVYASOSmmByD
xDf/44zajzSt3eTS8IPfN2xTd2uMVhfb7sMRuXZr/qzds07wM7ohzmeprLvnhKod
Yaa4sETbMYoUeLJrT5QUe4w4bhoDhq9T8RDjP+GwBdX0dmpJOUaQ4NeJJTC0OnaB
lZBZ4ABamWrRX3njumkEM5fbFOD6jcWgeRyURLcUrUqJeuq2KOU2/0/cdVkQzpZH
n3ejtQp68Bi27Mv5fX8HGDSPhZh0ft+2fTvbOd4YeoT/1ZFrQt2i7U7Hsr3LPyTk
AvuUXItYJwO5wn8wmmhgvktQymEZM0PeB9Fsouo3tzSEhNL3UTwY
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:27 2023 by rpki-client on console-ams.rpki-client.org