Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/ILpvXU4oWPGP_CAtua18EZWLQlM.roa
File: ILpvXU4oWPGP_CAtua18EZWLQlM.roa (raw, json)
Hash identifier: 0VIrwqaqAiXfSACQ6IHifyIR0vfAuXQ+ewZ56RKRSQ8=
Subject key identifier: 20:BA:6F:5D:4E:28:58:F1:8F:FC:20:2D:B9:AD:7C:11:95:8B:42:53
Certificate issuer: /CN=86a8ff4c9c56667d99025d7f01591cbf77ad2f09
Certificate serial: 08B54FB4
Authority key identifier: 86:A8:FF:4C:9C:56:66:7D:99:02:5D:7F:01:59:1C:BF:77:AD:2F:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hqj_TJxWZn2ZAl1_AVkcv3etLwk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/ILpvXU4oWPGP_CAtua18EZWLQlM.roa
Signing time: Thu 10 Feb 2022 14:12:52 +0000
ROA not before: Thu 10 Feb 2022 14:12:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209181
IP address blocks: 185.252.3.0/24 maxlen: 24
185.252.2.0/24 maxlen: 24
185.252.1.0/24 maxlen: 24
185.252.0.0/24 maxlen: 24
2.58.192.0/24 maxlen: 24
2.58.192.0/22 maxlen: 22
2.58.195.0/24 maxlen: 24
2.58.194.0/24 maxlen: 24
2.58.193.0/24 maxlen: 24
79.143.17.0/24 maxlen: 24
79.143.16.0/24 maxlen: 24
79.143.18.0/24 maxlen: 24
2a09:e9c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146100148 (0x8b54fb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86a8ff4c9c56667d99025d7f01591cbf77ad2f09
Validity
Not Before: Feb 10 14:12:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20ba6f5d4e2858f18ffc202db9ad7c11958b4253
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0f:af:75:eb:51:4b:db:a4:05:8b:08:6c:e4:
0a:0b:09:4a:07:dc:a5:a9:33:54:45:94:52:b5:e2:
f6:0a:15:27:2a:0f:40:cc:d5:27:f3:37:10:32:bd:
a7:22:b4:87:d1:21:3b:aa:10:5b:e1:06:ae:e4:c9:
2f:04:5a:d5:3c:b1:f5:3f:b1:eb:ae:68:da:ee:68:
03:a0:9a:43:02:bc:61:91:f8:c8:99:cd:94:fb:b3:
f2:19:2e:0b:46:64:dc:c9:1c:3a:3c:84:47:d1:3a:
97:cc:a2:8b:09:56:ea:cc:92:32:79:14:19:33:38:
e8:e6:63:95:83:91:b9:53:f2:45:0f:8e:07:45:b4:
51:85:00:27:d5:5f:a7:de:df:0a:6e:8d:e7:96:0f:
46:16:50:41:80:f1:0d:14:c0:55:9f:0b:5a:12:fc:
90:f4:e0:cb:02:8d:05:f0:c2:90:b1:72:f0:dd:42:
e7:65:fe:60:55:7b:6d:62:55:1f:2d:5f:0e:c1:c0:
49:e6:de:d6:c5:f9:57:49:77:2d:ea:5e:71:5d:8a:
26:fe:0c:7f:f1:26:eb:24:11:32:d4:e3:f1:66:00:
0c:08:07:a4:09:d1:f5:1f:7f:cb:9e:2c:9b:49:62:
93:26:48:5a:47:23:ef:a8:90:bc:41:bd:3b:07:e8:
4d:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:BA:6F:5D:4E:28:58:F1:8F:FC:20:2D:B9:AD:7C:11:95:8B:42:53
X509v3 Authority Key Identifier:
keyid:86:A8:FF:4C:9C:56:66:7D:99:02:5D:7F:01:59:1C:BF:77:AD:2F:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hqj_TJxWZn2ZAl1_AVkcv3etLwk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/ILpvXU4oWPGP_CAtua18EZWLQlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/c921e8-6c94-4cc2-b9fd-06a49968c2d3/1/hqj_TJxWZn2ZAl1_AVkcv3etLwk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.192.0/22
79.143.16.0-79.143.18.255
185.252.0.0/22
IPv6:
2a09:e9c0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:92:04:71:10:34:5e:06:ce:33:38:1f:53:1d:13:01:a9:ad:
c5:2f:f4:48:e6:bc:66:49:46:c3:52:2e:9b:11:7e:40:fd:7e:
88:fc:80:8f:3f:e4:a1:6a:5d:a6:b7:26:19:aa:bf:7c:b6:4d:
d9:53:c8:c3:07:ab:7d:cb:ae:b1:cc:db:f5:39:12:98:35:0b:
cc:12:c9:8f:a6:d1:dd:de:3f:22:22:9b:ea:98:18:c8:66:a7:
8f:bc:55:d0:52:7c:e3:7d:dc:94:a5:09:8c:a0:e4:74:9b:ec:
a4:91:f2:45:39:70:dd:7f:2f:cf:af:de:5e:c2:87:21:95:80:
c8:be:e2:b5:90:05:ba:20:3c:3a:33:14:9c:49:e3:69:33:56:
69:61:0e:20:a7:45:76:f0:01:1e:24:8c:e1:2d:bf:6e:14:04:
5d:96:cb:27:c5:89:02:c3:45:50:e4:4a:c5:2a:74:1e:99:f8:
13:1b:db:b0:bd:8c:d1:8f:91:44:f3:30:60:26:1c:39:60:55:
2e:5e:8e:d8:37:08:1b:cd:37:41:1d:45:cb:4a:e1:70:91:31:
7b:e4:77:34:a7:28:ae:98:9b:1a:17:a3:d4:a1:79:71:75:9b:
64:f1:22:c0:73:41:dc:76:c8:83:eb:27:75:d6:66:50:f1:3d:
4d:7a:30:56
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIECLVPtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmE4ZmY0YzljNTY2NjdkOTkwMjVkN2YwMTU5MWNiZjc3YWQyZjA5MB4XDTIyMDIx
MDE0MTI1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjBiYTZmNWQ0ZTI4
NThmMThmZmMyMDJkYjlhZDdjMTE5NThiNDI1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwPr3XrUUvbpAWLCGzkCgsJSgfcpakzVEWUUrXi9goVJyoP
QMzVJ/M3EDK9pyK0h9EhO6oQW+EGruTJLwRa1Tyx9T+x665o2u5oA6CaQwK8YZH4
yJnNlPuz8hkuC0Zk3MkcOjyER9E6l8yiiwlW6sySMnkUGTM46OZjlYORuVPyRQ+O
B0W0UYUAJ9Vfp97fCm6N55YPRhZQQYDxDRTAVZ8LWhL8kPTgywKNBfDCkLFy8N1C
52X+YFV7bWJVHy1fDsHASebe1sX5V0l3LepecV2KJv4Mf/Em6yQRMtTj8WYADAgH
pAnR9R9/y54sm0likyZIWkcj76iQvEG9OwfoTcECAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQgum9dTihY8Y/8IC25rXwRlYtCUzAfBgNVHSMEGDAWgBSGqP9MnFZmfZkC
XX8BWRy/d60vCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hxal9USnhXWm4yWkFsMV9BVmtjdjNldEx3ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYzkyMWU4LTZjOTQtNGNjMi1iOWZkLTA2YTQ5OTY4YzJkMy8x
L0lMcHZYVTRvV1BHUF9DQXR1YTE4RVpXTFFsTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YzkyMWU4LTZjOTQtNGNjMi1iOWZkLTA2YTQ5OTY4YzJkMy8xL2hxal9USnhXWm4y
WkFsMV9BVmtjdjNldEx3ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEAgI6wDAMAwQET48QAwQAT48SAwQC
ufwAMA0EAgACMAcDBQMqCenAMA0GCSqGSIb3DQEBCwUAA4IBAQCbkgRxEDReBs4z
OB9THRMBqa3FL/RI5rxmSUbDUi6bEX5A/X6I/ICPP+Shal2mtyYZqr98tk3ZU8jD
B6t9y66xzNv1ORKYNQvMEsmPptHd3j8iIpvqmBjIZqePvFXQUnzjfdyUpQmMoOR0
m+ykkfJFOXDdfy/Pr95ewochlYDIvuK1kAW6IDw6MxScSeNpM1ZpYQ4gp0V28AEe
JIzhLb9uFARdlssnxYkCw0VQ5ErFKnQemfgTG9uwvYzRj5FE8zBgJhw5YFUuXo7Y
NwgbzTdBHUXLSuFwkTF75Hc0pyiumJsaF6PUoXlxdZtk8SLAc0HcdsiD6yd11mZQ
8T1NejBW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:30 2023 by rpki-client on console-ams.rpki-client.org