Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/iHqcgpsks3z8hH8QBbhlXjd007M.roa
File: iHqcgpsks3z8hH8QBbhlXjd007M.roa (raw, json)
Hash identifier: 5ev8DTjFGigm5/f6oW1YD6s9Kfh/h04aoMBUJwXtiWY=
Subject key identifier: 88:7A:9C:82:9B:24:B3:7C:FC:84:7F:10:05:B8:65:5E:37:74:D3:B3
Certificate issuer: /CN=03090fac3cc42f1997455a12e643064637c69dc3
Certificate serial: 01836A3344A3F15947B382CE3C0E257F2214
Authority key identifier: 03:09:0F:AC:3C:C4:2F:19:97:45:5A:12:E6:43:06:46:37:C6:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AwkPrDzELxmXRVoS5kMGRjfGncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/iHqcgpsks3z8hH8QBbhlXjd007M.roa
Signing time: Fri 23 Sep 2022 11:54:48 +0000
ROA not before: Fri 23 Sep 2022 11:54:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34593
IP address blocks: 185.96.112.0/24 maxlen: 24
185.96.114.0/24 maxlen: 24
185.96.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:33:44:a3:f1:59:47:b3:82:ce:3c:0e:25:7f:22:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03090fac3cc42f1997455a12e643064637c69dc3
Validity
Not Before: Sep 23 11:54:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=887a9c829b24b37cfc847f1005b8655e3774d3b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:c4:60:1a:0b:5d:5a:da:a8:f6:8d:60:c2:93:
46:7e:86:f4:04:89:7b:16:2c:f1:5e:51:da:10:61:
5d:72:1b:58:3e:dd:20:55:65:bb:46:c8:13:f5:32:
d1:1d:63:8a:60:4a:ca:a2:1a:af:8d:69:d3:74:a2:
4e:05:96:04:1e:3c:e3:b4:8d:6e:cc:a2:91:70:c1:
7e:25:19:60:5d:41:6d:ee:12:9e:ad:6e:e0:2d:02:
d3:80:28:1c:5a:f8:a2:dc:49:bb:47:e2:bd:e2:ab:
57:67:df:7c:2a:f3:19:18:65:18:b8:a8:93:0f:e5:
d2:e6:d8:96:98:60:ae:4a:a0:0d:45:cd:49:c1:77:
19:a5:7a:9b:36:43:68:94:a8:c8:7a:e3:02:25:92:
2b:76:56:1e:a8:b4:d4:fe:01:fb:7c:1d:33:2d:11:
42:d5:5b:d8:fa:5c:b9:86:67:dc:e4:8a:1d:7f:77:
31:35:e5:44:2d:7a:74:69:d0:4f:6e:92:80:35:95:
5d:03:82:78:db:ee:3b:7d:de:20:bc:5e:1c:47:9c:
76:17:8f:9a:46:15:23:ce:36:1d:d9:5b:08:4a:ec:
17:02:25:11:28:a0:6f:dd:da:00:fd:5a:ba:8e:cc:
77:0f:19:5d:5e:cf:d5:0f:71:ea:96:36:00:a6:98:
9e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:7A:9C:82:9B:24:B3:7C:FC:84:7F:10:05:B8:65:5E:37:74:D3:B3
X509v3 Authority Key Identifier:
keyid:03:09:0F:AC:3C:C4:2F:19:97:45:5A:12:E6:43:06:46:37:C6:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AwkPrDzELxmXRVoS5kMGRjfGncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/iHqcgpsks3z8hH8QBbhlXjd007M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/5c2868-3a27-4df4-8f00-fdd23b43c52e/1/AwkPrDzELxmXRVoS5kMGRjfGncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.112.0-185.96.114.255
Signature Algorithm: sha256WithRSAEncryption
9e:48:5e:b5:fb:98:51:ce:45:cc:30:9c:5e:a4:50:68:65:60:
19:25:9d:3a:fc:ba:86:34:35:f1:9f:4e:5f:b5:49:69:a3:c1:
73:dc:3f:95:aa:e5:be:44:e4:b1:dc:d6:58:20:a6:5e:6c:88:
99:14:04:9a:58:55:8a:1b:35:9b:14:97:ff:b1:47:da:b3:ad:
f5:21:75:ce:6f:ee:07:cf:e7:2a:7e:a7:58:cb:1d:ab:39:05:
23:f0:c5:00:17:38:bc:d7:b2:58:90:01:62:42:8a:1d:db:16:
db:2e:d4:8d:ee:b1:e1:39:ee:d1:92:c4:51:89:bd:df:20:5c:
cc:83:a4:e0:5d:f9:6d:0b:03:b6:50:6d:ed:31:4e:21:0b:07:
b9:81:ab:f6:84:17:04:ca:05:f3:ae:58:56:83:0f:c3:68:41:
38:a9:d8:a6:2a:86:d5:6f:17:21:80:66:83:87:c3:8d:70:f6:
41:cf:b3:bc:64:9d:7a:10:ac:21:1a:c2:59:8d:75:57:b6:a1:
90:4b:95:fd:e5:92:17:10:df:92:4a:4a:34:ff:f2:b6:e4:5c:
79:a2:38:7c:97:a2:4f:9e:7f:b9:bb:34:ac:89:5e:1b:3c:59:
3b:fb:d7:bd:67:24:a8:a5:30:3c:13:a8:da:b1:64:ca:ce:b3:
c9:a9:14:cc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYNqM0Sj8VlHs4LOPA4lfyIUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMDkwZmFjM2NjNDJmMTk5NzQ1NWExMmU2NDMwNjQ2Mzdj
NjlkYzMwHhcNMjIwOTIzMTE1NDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODdhOWM4MjliMjRiMzdjZmM4NDdmMTAwNWI4NjU1ZTM3NzRkM2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk8RgGgtdWtqo9o1gwpNGfob0BIl7
FizxXlHaEGFdchtYPt0gVWW7RsgT9TLRHWOKYErKohqvjWnTdKJOBZYEHjzjtI1u
zKKRcMF+JRlgXUFt7hKerW7gLQLTgCgcWvii3Em7R+K94qtXZ998KvMZGGUYuKiT
D+XS5tiWmGCuSqANRc1JwXcZpXqbNkNolKjIeuMCJZIrdlYeqLTU/gH7fB0zLRFC
1VvY+ly5hmfc5Iodf3cxNeVELXp0adBPbpKANZVdA4J42+47fd4gvF4cR5x2F4+a
RhUjzjYd2VsISuwXAiURKKBv3doA/Vq6jsx3DxldXs/VD3HqljYAppiehQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIh6nIKbJLN8/IR/EAW4ZV43dNOzMB8GA1UdIwQY
MBaAFAMJD6w8xC8Zl0VaEuZDBkY3xp3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXdrUHJEekVMeG1YUlZvUzVrTUdSamZHbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81YzI4NjgtM2EyNy00ZGY0LThmMDAt
ZmRkMjNiNDNjNTJlLzEvaUhxY2dwc2tzM3o4aEg4UUJiaGxYamQwMDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81YzI4NjgtM2EyNy00ZGY0LThmMDAtZmRkMjNiNDNjNTJl
LzEvQXdrUHJEekVMeG1YUlZvUzVrTUdSamZHbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAS5YHAD
BAC5YHIwDQYJKoZIhvcNAQELBQADggEBAJ5IXrX7mFHORcwwnF6kUGhlYBklnTr8
uoY0NfGfTl+1SWmjwXPcP5Wq5b5E5LHc1lggpl5siJkUBJpYVYobNZsUl/+xR9qz
rfUhdc5v7gfP5yp+p1jLHas5BSPwxQAXOLzXsliQAWJCih3bFtsu1I3useE57tGS
xFGJvd8gXMyDpOBd+W0LA7ZQbe0xTiELB7mBq/aEFwTKBfOuWFaDD8NoQTip2KYq
htVvFyGAZoOHw41w9kHPs7xknXoQrCEawlmNdVe2oZBLlf3lkhcQ35JKSjT/8rbk
XHmiOHyXok+ef7m7NKyJXhs8WTv7171nJKilMDwTqNqxZMrOs8mpFMw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:51 2023 by rpki-client on console-fra.rpki-client.org