Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/IB6IXm8img-4uJlwfQCRdTSrX8s.roa
File: IB6IXm8img-4uJlwfQCRdTSrX8s.roa (raw, json)
Hash identifier: sx5NkxjOiYl2kTmthaoYKzetEfY1PiGl/oo9ydYURTE=
Subject key identifier: 20:1E:88:5E:6F:22:9A:0F:B8:B8:99:70:7D:00:91:75:34:AB:5F:CB
Certificate issuer: /CN=84184ce919023640bb9256c2d8d1a049fa102520
Certificate serial: 0BEA0D7B
Authority key identifier: 84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/IB6IXm8img-4uJlwfQCRdTSrX8s.roa
Signing time: Sat 01 Jan 2022 14:02:11 +0000
ROA not before: Sat 01 Jan 2022 14:02:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57357
IP address blocks: 185.11.68.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 199888251 (0xbea0d7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84184ce919023640bb9256c2d8d1a049fa102520
Validity
Not Before: Jan 1 14:02:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=201e885e6f229a0fb8b899707d00917534ab5fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6a:35:9b:9a:cf:9c:99:8c:f8:3b:10:92:16:
61:60:d8:09:06:7f:ef:57:10:ab:70:af:0c:ea:bb:
60:e1:f8:0e:fa:00:17:24:52:b8:97:cb:91:be:8c:
db:02:23:89:43:88:7d:1b:54:5a:82:4f:28:cb:1c:
44:1a:e0:8c:ce:cf:7d:39:b1:85:03:e5:30:d4:f8:
dd:1c:c8:98:46:20:da:b8:fe:a9:1f:0d:5a:a0:50:
1c:fa:71:1a:11:4c:eb:1d:d4:f7:20:68:e5:c0:1c:
b4:e9:05:87:eb:ae:95:16:1d:a9:91:70:89:af:3a:
3d:e6:cc:78:40:00:c7:b7:18:e5:6d:36:54:a3:51:
7c:8f:97:db:d5:8e:3a:c5:3e:c0:75:c5:09:fc:d5:
f1:dc:17:25:4a:3d:b3:32:41:1e:03:52:79:e8:6e:
c1:d0:b2:24:89:06:65:2e:d4:83:e7:cb:3d:12:79:
ac:db:99:48:95:b0:21:9d:c6:9b:4c:78:96:85:90:
c1:32:e7:da:c9:d1:3b:f7:31:e2:bb:3c:53:a0:08:
ff:21:24:db:20:38:8d:43:2c:84:aa:f8:47:e4:6c:
33:2c:9e:0f:51:92:be:54:67:8b:83:3d:cf:0b:f5:
15:a6:1c:31:9d:3f:7a:5e:04:f1:2c:c6:80:39:a1:
be:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:1E:88:5E:6F:22:9A:0F:B8:B8:99:70:7D:00:91:75:34:AB:5F:CB
X509v3 Authority Key Identifier:
keyid:84:18:4C:E9:19:02:36:40:BB:92:56:C2:D8:D1:A0:49:FA:10:25:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hBhM6RkCNkC7klbC2NGgSfoQJSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/IB6IXm8img-4uJlwfQCRdTSrX8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/2922cf-1861-419d-9eea-0a79d54965a9/1/hBhM6RkCNkC7klbC2NGgSfoQJSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.68.0/22
Signature Algorithm: sha256WithRSAEncryption
22:01:dc:c5:52:16:ac:28:9f:cd:3a:80:16:80:2d:c3:80:73:
85:02:a6:c9:bc:8e:70:39:f2:98:eb:fc:9d:1d:8d:fc:a8:85:
17:1b:27:82:9d:fb:5e:ce:03:db:cd:6d:2e:be:ec:70:00:57:
90:f7:f4:9d:dd:7c:16:6c:49:c3:5e:42:b3:08:44:3a:63:2a:
dc:06:fd:bf:71:d1:ec:41:d2:b3:29:03:bc:b4:74:71:e2:d6:
fe:36:a9:d9:32:9c:67:af:24:e4:e0:b7:29:63:2c:c3:62:04:
c5:4e:d0:be:e4:4c:72:e7:9c:9c:2e:73:d6:63:c1:9c:4d:d9:
48:35:58:d7:f4:1a:39:4b:3d:41:29:c5:67:57:42:61:d9:b2:
4b:51:67:7d:7b:4e:8d:37:04:1f:c6:ec:17:f1:cc:31:7b:41:
51:b5:85:e1:ab:9d:c2:42:20:9a:70:86:4d:72:75:11:77:a0:
48:31:c5:0f:fa:d1:d0:ce:0f:43:08:cc:fe:95:f5:2e:55:07:
d2:65:81:c5:fc:79:e4:b7:c7:0f:b3:d8:13:94:28:35:d6:80:
fe:38:53:ca:ac:5f:55:c3:86:e2:af:b3:87:05:84:4e:5e:a5:
0f:be:5f:bd:df:33:2e:c2:89:d3:cd:ea:47:38:30:f5:fb:1d:
c4:f1:9e:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC+oNezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDE4NGNlOTE5MDIzNjQwYmI5MjU2YzJkOGQxYTA0OWZhMTAyNTIwMB4XDTIyMDEw
MTE0MDIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjAxZTg4NWU2ZjIy
OWEwZmI4Yjg5OTcwN2QwMDkxNzUzNGFiNWZjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNqNZuaz5yZjPg7EJIWYWDYCQZ/71cQq3CvDOq7YOH4DvoA
FyRSuJfLkb6M2wIjiUOIfRtUWoJPKMscRBrgjM7PfTmxhQPlMNT43RzImEYg2rj+
qR8NWqBQHPpxGhFM6x3U9yBo5cActOkFh+uulRYdqZFwia86PebMeEAAx7cY5W02
VKNRfI+X29WOOsU+wHXFCfzV8dwXJUo9szJBHgNSeehuwdCyJIkGZS7Ug+fLPRJ5
rNuZSJWwIZ3Gm0x4loWQwTLn2snRO/cx4rs8U6AI/yEk2yA4jUMshKr4R+RsMyye
D1GSvlRni4M9zwv1FaYcMZ0/el4E8SzGgDmhvukCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQgHohebyKaD7i4mXB9AJF1NKtfyzAfBgNVHSMEGDAWgBSEGEzpGQI2QLuS
VsLY0aBJ+hAlIDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hCaE02UmtDTmtDN2tsYkMyTkdnU2ZvUUpTQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvMjkyMmNmLTE4NjEtNDE5ZC05ZWVhLTBhNzlkNTQ5NjVhOS8x
L0lCNklYbThpbWctNHVKbHdmUUNSZFRTclg4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
MjkyMmNmLTE4NjEtNDE5ZC05ZWVhLTBhNzlkNTQ5NjVhOS8xL2hCaE02UmtDTmtD
N2tsYkMyTkdnU2ZvUUpTQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkLRDANBgkqhkiG9w0BAQsFAAOC
AQEAIgHcxVIWrCifzTqAFoAtw4BzhQKmybyOcDnymOv8nR2N/KiFFxsngp37Xs4D
281tLr7scABXkPf0nd18FmxJw15CswhEOmMq3Ab9v3HR7EHSsykDvLR0ceLW/jap
2TKcZ68k5OC3KWMsw2IExU7QvuRMcuecnC5z1mPBnE3ZSDVY1/QaOUs9QSnFZ1dC
YdmyS1FnfXtOjTcEH8bsF/HMMXtBUbWF4audwkIgmnCGTXJ1EXegSDHFD/rR0M4P
QwjM/pX1LlUH0mWBxfx55LfHD7PYE5QoNdaA/jhTyqxfVcOG4q+zhwWETl6lD75f
vd8zLsKJ083qRzgw9fsdxPGezw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:52 2024 by rpki-client on console-ams.rpki-client.org