Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/I-zxNIUZTdcqJbBX5r-3twfgCdI.roa
File: I-zxNIUZTdcqJbBX5r-3twfgCdI.roa (raw, json)
Hash identifier: V+QCTKf6bH9KDTALoGe3iadZzhoo0IkPASggFtLzn7M=
Subject key identifier: 23:EC:F1:34:85:19:4D:D7:2A:25:B0:57:E6:BF:B7:B7:07:E0:09:D2
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 0182F59ADA3E6F57C0671FC4D5DC63DA15B6
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/I-zxNIUZTdcqJbBX5r-3twfgCdI.roa
Signing time: Wed 31 Aug 2022 20:32:22 +0000
ROA not before: Wed 31 Aug 2022 20:32:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41075
IP address blocks: 185.6.136.0/22 maxlen: 22
94.199.176.0/23 maxlen: 24
185.234.180.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f5:9a:da:3e:6f:57:c0:67:1f:c4:d5:dc:63:da:15:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Aug 31 20:32:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23ecf13485194dd72a25b057e6bfb7b707e009d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:59:fa:8c:a9:fa:7e:d3:b3:b6:6e:c9:68:52:
61:e4:11:71:54:33:cd:af:0b:cd:91:58:5b:51:bd:
2a:36:91:3b:b7:72:70:af:57:f9:5d:6e:d9:61:87:
79:35:44:bf:fb:0d:b3:29:94:55:d9:2c:bb:3b:f4:
58:ab:f1:34:4c:51:d5:7d:7e:01:b8:62:90:79:3a:
e4:37:2d:f5:1f:5d:22:1a:64:18:36:d7:3d:01:e4:
5c:3e:4a:e0:7d:a1:0d:32:90:d9:7c:1c:07:0b:b7:
8b:7b:5d:1b:99:b5:90:66:c7:10:13:ec:85:56:10:
36:8b:26:24:b0:da:4b:3b:8e:0a:2d:b3:3b:e4:ce:
42:77:14:21:05:49:e8:84:2b:82:d5:a8:ce:4d:fd:
78:36:0d:88:55:3f:75:cb:d1:64:d1:db:71:d5:56:
78:b6:67:ef:f2:cd:44:33:60:00:b3:c0:43:ce:a6:
03:7f:61:61:4a:47:f5:16:75:6a:6a:40:da:93:01:
4a:4c:18:2f:b1:5d:7f:3d:9a:c4:85:80:15:84:93:
98:1e:c0:d9:1a:15:04:c0:76:d0:f5:71:85:01:bb:
84:b7:75:dc:2b:67:10:7a:24:f2:b4:00:57:08:b8:
e3:bb:ba:2c:92:1f:13:8a:92:9e:8c:98:0b:aa:ef:
8c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:EC:F1:34:85:19:4D:D7:2A:25:B0:57:E6:BF:B7:B7:07:E0:09:D2
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/I-zxNIUZTdcqJbBX5r-3twfgCdI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.176.0/23
185.6.136.0/22
185.234.180.0/22
Signature Algorithm: sha256WithRSAEncryption
19:e8:e1:79:8a:8c:f5:52:b0:dd:71:0c:fe:d3:d5:be:35:99:
67:1e:b9:93:a5:f5:35:df:76:28:16:7d:ed:61:54:75:98:b9:
24:4c:8e:fb:29:71:ee:75:77:e6:a3:60:7f:cc:aa:af:5d:44:
6d:8b:4b:f3:22:5d:3b:14:c0:4e:c2:e7:c2:8d:a9:c7:b4:c1:
83:66:4a:f1:ce:1f:0e:c6:05:95:1c:2e:c1:ac:2f:67:6c:46:
e1:49:55:85:4e:c7:b4:0a:a1:52:88:43:e2:c9:c8:ff:9a:81:
4d:db:f7:41:b8:83:d6:4d:ee:1c:5f:a3:33:d4:ae:cc:bf:a5:
50:87:f3:2e:a1:33:84:38:69:2c:66:35:72:78:db:74:a8:1c:
be:2d:14:b2:74:f8:dd:80:3a:db:f0:29:eb:0e:33:9d:7a:e4:
c4:8a:8d:97:b2:ea:40:57:2f:c5:9b:3f:87:6a:64:71:a2:ee:
6e:53:36:3d:ba:8a:8f:13:09:9f:65:34:ae:96:97:ff:0a:34:
ac:ef:32:f9:7a:77:c1:09:33:b9:c4:66:f2:b6:02:79:ea:a0:
bb:a0:d8:2f:c5:91:5e:7d:da:11:c4:fa:ea:22:ae:cc:04:be:
fb:70:6d:6b:95:19:30:c5:f7:c7:b8:d8:7e:f5:01:09:01:6c:
bd:e8:be:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYL1mto+b1fAZx/E1dxj2hW2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjIwODMxMjAzMjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2VjZjEzNDg1MTk0ZGQ3MmEyNWIwNTdlNmJmYjdiNzA3ZTAwOWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsln6jKn6ftOztm7JaFJh5BFxVDPN
rwvNkVhbUb0qNpE7t3Jwr1f5XW7ZYYd5NUS/+w2zKZRV2Sy7O/RYq/E0TFHVfX4B
uGKQeTrkNy31H10iGmQYNtc9AeRcPkrgfaENMpDZfBwHC7eLe10bmbWQZscQE+yF
VhA2iyYksNpLO44KLbM75M5CdxQhBUnohCuC1ajOTf14Ng2IVT91y9Fk0dtx1VZ4
tmfv8s1EM2AAs8BDzqYDf2FhSkf1FnVqakDakwFKTBgvsV1/PZrEhYAVhJOYHsDZ
GhUEwHbQ9XGFAbuEt3XcK2cQeiTytABXCLjju7oskh8TipKejJgLqu+MXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCPs8TSFGU3XKiWwV+a/t7cH4AnSMB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvSS16eE5JVVpUZGNxSmJCWDVyLTN0d2ZnQ2RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXsewAwQC
uQaIAwQCueq0MA0GCSqGSIb3DQEBCwUAA4IBAQAZ6OF5ioz1UrDdcQz+09W+NZln
HrmTpfU133YoFn3tYVR1mLkkTI77KXHudXfmo2B/zKqvXURti0vzIl07FMBOwufC
janHtMGDZkrxzh8OxgWVHC7BrC9nbEbhSVWFTse0CqFSiEPiycj/moFN2/dBuIPW
Te4cX6Mz1K7Mv6VQh/MuoTOEOGksZjVyeNt0qBy+LRSydPjdgDrb8CnrDjOdeuTE
io2XsupAVy/Fmz+HamRxou5uUzY9uoqPEwmfZTSulpf/CjSs7zL5enfBCTO5xGby
tgJ56qC7oNgvxZFefdoRxPrqIq7MBL77cG1rlRkwxffHuNh+9QEJAWy96L6v
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:22 2024 by rpki-client on console-ams.rpki-client.org