Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/I1RMteXgOJDz9jSMN_iSWAaAhB0.roa
File: I1RMteXgOJDz9jSMN_iSWAaAhB0.roa (raw, json)
Hash identifier: CLnUUSgKxv1QarDuYXBao+EKTnKhAms4U72r45dfEqw=
Subject key identifier: 23:54:4C:B5:E5:E0:38:90:F3:F6:34:8C:37:F8:92:58:06:80:84:1D
Certificate issuer: /CN=e97656f22015589ff7cc66056867f605d81449bc
Certificate serial: 195D5BAB
Authority key identifier: E9:76:56:F2:20:15:58:9F:F7:CC:66:05:68:67:F6:05:D8:14:49:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/I1RMteXgOJDz9jSMN_iSWAaAhB0.roa
Signing time: Sat 01 Jan 2022 14:08:50 +0000
ROA not before: Sat 01 Jan 2022 14:08:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204249
IP address blocks: 185.54.164.0/24 maxlen: 24
185.54.165.0/24 maxlen: 24
185.54.166.0/24 maxlen: 24
185.54.167.0/24 maxlen: 24
185.37.162.0/24 maxlen: 24
2a00:f7a0:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 425548715 (0x195d5bab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e97656f22015589ff7cc66056867f605d81449bc
Validity
Not Before: Jan 1 14:08:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23544cb5e5e03890f3f6348c37f892580680841d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:9a:f7:3a:f7:7a:18:d9:44:26:a3:5c:d7:97:
c1:94:85:8e:f7:ab:4f:a9:d2:e1:d7:33:eb:f4:14:
a9:30:b6:95:46:e8:b7:c3:53:28:35:8b:17:89:e8:
96:b1:49:5d:8c:13:44:ca:57:17:e5:89:9b:c3:0c:
2b:b1:36:c1:8c:24:59:74:f8:cb:cb:dc:bf:45:c4:
f0:b0:c2:d4:45:01:7e:07:f3:b7:13:d4:a4:a8:60:
a5:e0:67:15:b4:9f:d2:bb:10:03:9a:d5:14:04:d0:
25:31:e4:bc:85:19:de:d2:bb:e7:05:f5:5a:0f:cf:
2d:b9:ed:4b:c3:95:17:d4:11:58:2e:88:03:55:29:
bb:68:45:27:ab:bf:1b:4f:26:66:e6:fe:8c:57:18:
ec:63:4d:a3:d3:92:0f:f6:dd:ec:81:3f:e5:6a:5f:
f7:96:51:f7:86:73:a8:d6:81:d9:54:5d:6c:97:77:
54:76:41:57:58:75:c1:70:3e:56:72:2d:f2:5a:b4:
89:32:9c:7a:b8:e2:ea:f4:bb:6c:22:f8:08:2e:c4:
fe:57:dd:e5:e2:4f:9f:04:05:92:b7:80:58:ec:1e:
69:36:b8:b6:32:88:76:a7:3b:e4:1c:33:ae:ee:aa:
17:25:9c:74:1a:d4:56:38:88:f2:5c:13:91:d5:a4:
77:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:54:4C:B5:E5:E0:38:90:F3:F6:34:8C:37:F8:92:58:06:80:84:1D
X509v3 Authority Key Identifier:
keyid:E9:76:56:F2:20:15:58:9F:F7:CC:66:05:68:67:F6:05:D8:14:49:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/I1RMteXgOJDz9jSMN_iSWAaAhB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8fa051-4357-4d31-8537-6812babc5a8b/1/6XZW8iAVWJ_3zGYFaGf2BdgUSbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.162.0/24
185.54.164.0/22
IPv6:
2a00:f7a0:100::/48
Signature Algorithm: sha256WithRSAEncryption
4c:c5:86:07:e8:6e:f9:48:61:39:26:75:e7:f8:24:3c:be:ae:
e1:25:4b:4c:48:09:57:53:e7:f0:50:8f:b1:d9:c5:af:c7:b8:
7d:a3:4f:4a:29:16:f8:bc:80:d5:43:c4:89:ed:b9:e3:f3:05:
22:e9:1f:4c:62:74:5b:c7:29:6c:a9:dd:75:ac:6c:e1:38:ad:
31:3d:82:02:d9:72:43:0a:d3:55:72:e7:63:35:3b:e2:0c:63:
be:2e:9e:49:a3:16:cb:79:fc:6b:b3:7f:2a:2b:a0:29:b7:26:
ba:a6:be:a1:0b:61:b1:d0:c3:51:71:ee:1c:48:91:dc:ef:3d:
d2:35:5c:3a:00:0d:2b:f9:1a:4a:0a:c8:8e:a1:3b:cb:35:8e:
8f:a9:4d:9a:18:d3:ab:d9:61:11:dc:9d:ab:f9:00:bc:45:2a:
97:70:6a:d3:b7:d8:63:f8:ae:c7:ce:35:6e:c2:04:e9:22:5d:
55:ab:0b:b5:c7:8b:80:15:10:ec:42:eb:fb:ce:ea:93:fe:e5:
60:16:a9:cd:3e:93:39:ce:88:72:0e:f9:48:b7:fa:eb:ad:7c:
5c:a1:f2:f2:cf:43:8c:6f:eb:c2:06:ee:55:61:6b:22:b8:65:
47:95:70:c2:57:cc:fb:67:c2:5c:24:fe:2a:97:65:35:fb:78:
b5:24:70:cd
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEGV1bqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OTc2NTZmMjIwMTU1ODlmZjdjYzY2MDU2ODY3ZjYwNWQ4MTQ0OWJjMB4XDTIyMDEw
MTE0MDg1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM1NDRjYjVlNWUw
Mzg5MGYzZjYzNDhjMzdmODkyNTgwNjgwODQxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2a9zr3ehjZRCajXNeXwZSFjverT6nS4dcz6/QUqTC2lUbo
t8NTKDWLF4nolrFJXYwTRMpXF+WJm8MMK7E2wYwkWXT4y8vcv0XE8LDC1EUBfgfz
txPUpKhgpeBnFbSf0rsQA5rVFATQJTHkvIUZ3tK75wX1Wg/PLbntS8OVF9QRWC6I
A1Upu2hFJ6u/G08mZub+jFcY7GNNo9OSD/bd7IE/5Wpf95ZR94ZzqNaB2VRdbJd3
VHZBV1h1wXA+VnIt8lq0iTKcerji6vS7bCL4CC7E/lfd5eJPnwQFkreAWOweaTa4
tjKIdqc75Bwzru6qFyWcdBrUVjiI8lwTkdWkd0UCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBQjVEy15eA4kPP2NIw3+JJYBoCEHTAfBgNVHSMEGDAWgBTpdlbyIBVYn/fM
ZgVoZ/YF2BRJvDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZYWlc4aUFWV0pfM3pHWUZhR2YyQmRnVVNidy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvOGZhMDUxLTQzNTctNGQzMS04NTM3LTY4MTJiYWJjNWE4Yi8x
L0kxUk10ZVhnT0pEejlqU01OX2lTV0FhQWhCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
OGZhMDUxLTQzNTctNGQzMS04NTM3LTY4MTJiYWJjNWE4Yi8xLzZYWlc4aUFWV0pf
M3pHWUZhR2YyQmRnVVNidy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEALklogMEArk2pDAPBAIAAjAJAwcA
KgD3oAEAMA0GCSqGSIb3DQEBCwUAA4IBAQBMxYYH6G75SGE5JnXn+CQ8vq7hJUtM
SAlXU+fwUI+x2cWvx7h9o09KKRb4vIDVQ8SJ7bnj8wUi6R9MYnRbxylsqd11rGzh
OK0xPYIC2XJDCtNVcudjNTviDGO+Lp5JoxbLefxrs38qK6Aptya6pr6hC2Gx0MNR
ce4cSJHc7z3SNVw6AA0r+RpKCsiOoTvLNY6PqU2aGNOr2WER3J2r+QC8RSqXcGrT
t9hj+K7HzjVuwgTpIl1Vqwu1x4uAFRDsQuv7zuqT/uVgFqnNPpM5zohyDvlIt/rr
rXxcofLyz0OMb+vCBu5VYWsiuGVHlXDCV8z7Z8JcJP4ql2U1+3i1JHDN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:52 2023 by rpki-client on console-ams.rpki-client.org