Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/iWhJqeRdNTkacSiAtZ0G1ykaNyM.roa
File: iWhJqeRdNTkacSiAtZ0G1ykaNyM.roa (raw, json)
Hash identifier: NdH4NSnsRg5T/JQs0CDvGmdW+GiLGWpNfATY3/FXI+A=
Subject key identifier: 89:68:49:A9:E4:5D:35:39:1A:71:28:80:B5:9D:06:D7:29:1A:37:23
Certificate issuer: /CN=c2ce0814167eaa8189fd84d390270eadf29482cb
Certificate serial: 01849C21918A0B1B0BA0B84F91182EBABCEB
Authority key identifier: C2:CE:08:14:16:7E:AA:81:89:FD:84:D3:90:27:0E:AD:F2:94:82:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/iWhJqeRdNTkacSiAtZ0G1ykaNyM.roa
Signing time: Mon 21 Nov 2022 21:39:16 +0000
ROA not before: Mon 21 Nov 2022 21:39:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210220
IP address blocks: 178.218.244.0/22 maxlen: 22
2a0d:bfc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9c:21:91:8a:0b:1b:0b:a0:b8:4f:91:18:2e:ba:bc:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ce0814167eaa8189fd84d390270eadf29482cb
Validity
Not Before: Nov 21 21:39:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=896849a9e45d35391a712880b59d06d7291a3723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:fc:8f:65:e7:22:bf:e5:c0:6b:27:8b:fa:4e:
21:82:41:bf:6c:70:d1:96:89:4b:7f:45:59:9f:9c:
96:63:21:87:38:9c:d3:39:2b:30:18:0a:12:f3:b8:
4b:70:3e:16:a4:5f:10:9d:67:af:0d:9c:88:b4:0a:
f9:35:de:42:b9:59:03:1e:a1:4d:20:cc:56:e4:f7:
ae:ca:c8:96:df:12:8b:ad:f5:cc:78:1c:5c:f5:09:
70:e9:2d:46:53:9f:97:d7:25:29:ce:4a:b9:74:53:
c4:5b:ae:ff:14:52:ca:61:71:00:ea:1c:26:0b:12:
f6:65:4b:50:ab:f4:16:af:cf:5a:67:ce:7a:16:e2:
72:d9:e5:81:35:90:11:f4:82:0c:bc:7e:55:ea:c7:
4d:e2:86:81:37:98:a0:a6:b8:30:bd:6b:33:b2:eb:
b3:cb:32:3d:c4:ed:9d:91:a3:f1:f0:59:ac:0f:c3:
fb:15:d1:8d:81:68:d0:66:34:03:42:4d:d8:24:be:
da:fc:36:d4:15:0c:a2:c3:e5:31:dc:13:e2:d3:bb:
fe:88:62:76:82:81:10:4b:77:40:eb:a5:82:92:fd:
0e:e2:61:45:77:4b:ba:ac:e2:d9:3a:60:a4:9d:c3:
c6:09:6a:8d:c0:79:a6:d9:6b:0c:2a:24:d6:60:22:
8b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:68:49:A9:E4:5D:35:39:1A:71:28:80:B5:9D:06:D7:29:1A:37:23
X509v3 Authority Key Identifier:
keyid:C2:CE:08:14:16:7E:AA:81:89:FD:84:D3:90:27:0E:AD:F2:94:82:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/iWhJqeRdNTkacSiAtZ0G1ykaNyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/e95e79-2702-40e0-9b8a-e7717b287066/1/ws4IFBZ-qoGJ_YTTkCcOrfKUgss.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.218.244.0/22
IPv6:
2a0d:bfc0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:8f:50:1e:c4:08:0f:4b:47:12:7d:90:37:80:55:28:14:7b:
f1:27:0e:3d:e5:85:e2:87:d7:4e:c2:e9:b2:74:2b:af:98:b7:
df:f9:12:91:3b:d0:37:52:bb:dd:33:92:13:9d:4a:b1:fb:36:
7b:60:8c:2f:a1:11:09:02:29:04:f7:b4:6a:36:fe:bb:07:08:
8d:18:12:a7:4c:58:c3:8d:63:79:b4:0f:62:d6:6a:01:fd:b2:
03:f6:e2:a5:68:be:65:cb:a6:b8:75:d6:34:0e:86:22:ec:25:
6a:a4:5f:1d:0a:7f:40:ed:31:79:20:5e:79:57:a5:cc:75:80:
81:d5:1e:71:38:ba:0d:c0:3f:99:8e:b1:5c:97:fb:24:49:79:
ff:12:0a:d7:fa:97:83:ff:a9:f2:6c:c5:e3:f7:6a:7b:ad:5f:
8d:02:01:6e:66:b4:f9:5c:0e:60:bb:52:bd:d1:0a:fc:1d:e6:
95:2d:03:18:cd:81:ca:47:b8:6b:3a:4c:7e:9a:d4:7c:f1:7b:
63:e6:5e:cd:1f:e3:56:0f:38:82:f4:9a:d5:23:89:7c:8a:00:
0b:ee:3a:7e:b0:7b:b6:92:12:27:52:92:73:1f:15:28:de:bc:
28:04:60:0a:5c:95:35:25:6e:b1:f2:2f:cd:da:49:6d:28:a3:
50:aa:98:71
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYScIZGKCxsLoLhPkRguurzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyY2UwODE0MTY3ZWFhODE4OWZkODRkMzkwMjcwZWFkZjI5
NDgyY2IwHhcNMjIxMTIxMjEzOTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTY4NDlhOWU0NWQzNTM5MWE3MTI4ODBiNTlkMDZkNzI5MWEzNzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3/yPZeciv+XAayeL+k4hgkG/bHDR
lolLf0VZn5yWYyGHOJzTOSswGAoS87hLcD4WpF8QnWevDZyItAr5Nd5CuVkDHqFN
IMxW5PeuysiW3xKLrfXMeBxc9Qlw6S1GU5+X1yUpzkq5dFPEW67/FFLKYXEA6hwm
CxL2ZUtQq/QWr89aZ856FuJy2eWBNZAR9IIMvH5V6sdN4oaBN5igprgwvWszsuuz
yzI9xO2dkaPx8FmsD8P7FdGNgWjQZjQDQk3YJL7a/DbUFQyiw+Ux3BPi07v+iGJ2
goEQS3dA66WCkv0O4mFFd0u6rOLZOmCkncPGCWqNwHmm2WsMKiTWYCKLNwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIloSankXTU5GnEogLWdBtcpGjcjMB8GA1UdIwQY
MBaAFMLOCBQWfqqBif2E05AnDq3ylILLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3M0SUZCWi1xb0dKX1lUVGtDY09yZktVZ3NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9lOTVlNzktMjcwMi00MGUwLTliOGEt
ZTc3MTdiMjg3MDY2LzEvaVdoSnFlUmROVGthY1NpQXRaMEcxeWthTnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9lOTVlNzktMjcwMi00MGUwLTliOGEtZTc3MTdiMjg3MDY2
LzEvd3M0SUZCWi1xb0dKX1lUVGtDY09yZktVZ3NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCstr0MA0E
AgACMAcDBQAqDb/AMA0GCSqGSIb3DQEBCwUAA4IBAQBOj1AexAgPS0cSfZA3gFUo
FHvxJw495YXih9dOwumydCuvmLff+RKRO9A3UrvdM5ITnUqx+zZ7YIwvoREJAikE
97RqNv67BwiNGBKnTFjDjWN5tA9i1moB/bID9uKlaL5ly6a4ddY0DoYi7CVqpF8d
Cn9A7TF5IF55V6XMdYCB1R5xOLoNwD+ZjrFcl/skSXn/EgrX+peD/6nybMXj92p7
rV+NAgFuZrT5XA5gu1K90Qr8HeaVLQMYzYHKR7hrOkx+mtR88Xtj5l7NH+NWDziC
9JrVI4l8igAL7jp+sHu2khInUpJzHxUo3rwoBGAKXJU1JW6x8i/N2kltKKNQqphx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:55 2024 by rpki-client on console-ams.rpki-client.org