Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/IwfXCRb7_DUUo_p3q08r3CN-t7Y.roa
File: IwfXCRb7_DUUo_p3q08r3CN-t7Y.roa (raw, json)
Hash identifier: hhrQaGFmm0CFc0TyyZqYudSVU1lHpEG6XE6BcZGH7b8=
Subject key identifier: 23:07:D7:09:16:FB:FC:35:14:A3:FA:77:AB:4F:2B:DC:23:7E:B7:B6
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0184B1511563FEAA0E93614CF1309A87999A
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/IwfXCRb7_DUUo_p3q08r3CN-t7Y.roa
Signing time: Sat 26 Nov 2022 00:23:11 +0000
ROA not before: Sat 26 Nov 2022 00:23:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21161
IP address blocks: 194.56.226.0/24 maxlen: 24
185.186.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b1:51:15:63:fe:aa:0e:93:61:4c:f1:30:9a:87:99:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Nov 26 00:23:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2307d70916fbfc3514a3fa77ab4f2bdc237eb7b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:8f:d3:45:ae:55:7f:37:b9:0c:0d:78:99:87:
7f:dc:08:05:55:ed:ad:ec:f4:5a:bf:03:ce:5c:5a:
55:5f:27:11:fb:5c:7c:c3:0c:c1:74:1a:cf:55:4c:
fc:a0:36:db:7f:eb:98:27:15:ae:b8:59:d6:b3:9e:
97:bd:c5:1c:5b:07:fe:81:a4:08:09:8a:21:ba:7d:
98:d3:07:10:83:0e:c0:ae:15:bd:9f:66:02:41:9d:
4b:28:70:9d:88:0b:05:25:a1:0f:bb:3c:8e:c3:84:
65:86:46:64:03:fc:47:f8:27:7e:0e:94:66:a8:55:
76:f2:4b:8c:f0:97:55:da:e0:fd:1c:7b:e8:45:0b:
4a:98:c8:f6:8f:5e:17:02:ba:8b:c0:d7:d1:e9:2c:
b7:f5:61:8a:00:fd:5b:b0:bc:60:e0:b3:71:59:29:
db:e0:04:d9:30:eb:d2:77:67:94:28:ce:0f:9a:64:
25:64:ee:94:b3:8a:bd:1a:68:30:ce:7b:36:f9:cc:
49:d7:dc:55:c3:e7:b1:5f:c1:aa:82:41:bb:6d:fa:
2b:14:3a:4c:76:cf:49:dc:97:f4:38:c5:73:69:90:
b0:bc:d5:de:52:40:af:10:6a:41:b1:56:c2:bb:94:
53:29:ac:bb:05:c5:54:87:9a:87:e6:01:25:e4:4e:
ac:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:07:D7:09:16:FB:FC:35:14:A3:FA:77:AB:4F:2B:DC:23:7E:B7:B6
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/IwfXCRb7_DUUo_p3q08r3CN-t7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.67.0/24
194.56.226.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:7f:af:62:4c:3b:1e:be:15:c8:bd:fa:3a:f3:56:98:d9:a4:
57:eb:fe:6c:d4:c1:ac:97:2b:04:50:46:bf:e3:e1:62:27:82:
a2:31:f1:5f:d7:59:a1:83:90:1c:d8:53:e5:09:fc:be:b4:d8:
3b:88:bd:c9:fc:7d:32:62:b3:1d:81:a7:f7:a6:26:5d:26:8d:
bb:d5:fd:63:c2:86:66:d9:74:32:f8:2c:b5:b6:da:57:ce:c0:
0e:7b:a6:da:18:61:fb:c9:46:c4:38:8d:9b:18:ff:e8:87:4d:
a3:e7:7b:b6:99:28:27:cb:04:ef:60:28:b4:19:43:1f:d6:70:
38:f5:3d:a4:3a:95:6c:cc:98:c7:64:48:bd:a3:8e:3d:2c:1f:
48:1c:a3:58:f0:d4:e5:85:4d:69:82:21:58:68:92:83:bf:c3:
3a:f5:26:be:91:6b:d4:da:c8:4b:46:40:1d:3c:b3:2b:9e:74:
d0:2d:e8:0f:e0:87:e7:f8:e1:0a:01:36:29:c8:5a:e3:e7:61:
ab:38:7d:42:8b:af:a2:74:b6:95:a0:f8:82:d1:67:ed:fb:8c:
e4:1b:42:74:ee:27:a4:22:fc:05:79:a4:39:a2:ac:4b:99:a3:
59:75:10:33:d0:ad:44:dc:b7:44:87:03:96:7d:1d:a4:8b:30:
a0:01:6e:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSxURVj/qoOk2FM8TCah5maMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjIxMTI2MDAyMzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA3ZDcwOTE2ZmJmYzM1MTRhM2ZhNzdhYjRmMmJkYzIzN2ViN2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoY/TRa5Vfze5DA14mYd/3AgFVe2t
7PRavwPOXFpVXycR+1x8wwzBdBrPVUz8oDbbf+uYJxWuuFnWs56XvcUcWwf+gaQI
CYohun2Y0wcQgw7ArhW9n2YCQZ1LKHCdiAsFJaEPuzyOw4RlhkZkA/xH+Cd+DpRm
qFV28kuM8JdV2uD9HHvoRQtKmMj2j14XArqLwNfR6Sy39WGKAP1bsLxg4LNxWSnb
4ATZMOvSd2eUKM4PmmQlZO6Us4q9Gmgwzns2+cxJ19xVw+exX8GqgkG7bforFDpM
ds9J3Jf0OMVzaZCwvNXeUkCvEGpBsVbCu5RTKay7BcVUh5qH5gEl5E6sywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCMH1wkW+/w1FKP6d6tPK9wjfre2MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvSXdmWENSYjdfRFVVb19wM3EwOHIzQ04tdDdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAubpDAwQA
wjjiMA0GCSqGSIb3DQEBCwUAA4IBAQAbf69iTDsevhXIvfo681aY2aRX6/5s1MGs
lysEUEa/4+FiJ4KiMfFf11mhg5Ac2FPlCfy+tNg7iL3J/H0yYrMdgaf3piZdJo27
1f1jwoZm2XQy+Cy1ttpXzsAOe6baGGH7yUbEOI2bGP/oh02j53u2mSgnywTvYCi0
GUMf1nA49T2kOpVszJjHZEi9o449LB9IHKNY8NTlhU1pgiFYaJKDv8M69Sa+kWvU
2shLRkAdPLMrnnTQLegP4Ifn+OEKATYpyFrj52GrOH1Ci6+idLaVoPiC0Wft+4zk
G0J07iekIvwFeaQ5oqxLmaNZdRAz0K1E3LdEhwOWfR2kizCgAW6N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:49 2024 by rpki-client on console-fra.rpki-client.org