Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/I2IkuPP7S3VXZ7vHx6WnA6YOJD8.roa
File: I2IkuPP7S3VXZ7vHx6WnA6YOJD8.roa (raw, json)
Hash identifier: pDGqMEyvFyrchZr2zpfQdMk4778JkJPkTksbu9QAG6k=
Subject key identifier: 23:62:24:B8:F3:FB:4B:75:57:67:BB:C7:C7:A5:A7:03:A6:0E:24:3F
Certificate issuer: /CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Certificate serial: 0E0F482A
Authority key identifier: 30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/I2IkuPP7S3VXZ7vHx6WnA6YOJD8.roa
Signing time: Tue 19 Apr 2022 09:01:55 +0000
ROA not before: Tue 19 Apr 2022 09:01:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31167
IP address blocks: 109.74.80.0/20 maxlen: 20
109.74.90.0/24 maxlen: 24
85.14.153.0/24 maxlen: 24
217.171.16.0/20 maxlen: 20
217.119.176.0/20 maxlen: 20
217.171.27.0/24 maxlen: 24
85.14.128.0/18 maxlen: 18
2a00:1788::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 235882538 (0xe0f482a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=307d887c02e07c9e474d1f8e21049caa6ce3fbd3
Validity
Not Before: Apr 19 09:01:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=236224b8f3fb4b755767bbc7c7a5a703a60e243f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:8d:05:f6:31:84:77:65:b6:d3:26:46:2c:87:
96:ef:83:4e:63:dc:f5:67:48:aa:ec:27:70:06:83:
38:ce:28:5c:8b:55:d2:30:ac:d3:38:9e:aa:7f:ff:
a3:aa:52:cb:01:28:4d:2a:c5:3d:cf:4f:e8:fc:e7:
8c:f1:c2:94:07:00:ac:53:6c:78:ea:85:a4:20:ed:
b2:76:2c:3d:65:e8:57:37:97:ec:ca:4c:f3:76:86:
a6:42:62:af:35:82:b4:a3:0f:49:fb:bf:f5:ec:98:
05:6c:00:1a:e8:33:92:f0:b8:83:4c:67:e4:ff:11:
ad:4d:1a:f4:09:a5:dd:f7:22:f0:6a:ce:78:e7:f9:
f8:99:d7:cc:d8:62:37:ae:5d:09:e3:f7:85:f2:1c:
cb:4a:de:a1:c2:0a:3e:5c:cf:86:59:8a:b8:90:b5:
53:4f:c2:59:62:55:b0:cb:f9:c0:52:75:72:43:08:
f4:2f:86:f6:90:23:e8:52:b8:82:a9:9c:2b:ac:1a:
6e:5c:95:c2:f8:b4:12:1f:eb:dd:b7:41:4a:07:0f:
c6:72:77:1a:71:6a:f3:62:d1:a9:07:48:87:e5:58:
ff:9e:b3:f9:1f:f2:ed:52:b4:6a:07:16:23:7f:92:
fe:65:b8:89:6a:ff:3a:1d:48:4e:71:25:c8:57:d9:
e9:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:62:24:B8:F3:FB:4B:75:57:67:BB:C7:C7:A5:A7:03:A6:0E:24:3F
X509v3 Authority Key Identifier:
keyid:30:7D:88:7C:02:E0:7C:9E:47:4D:1F:8E:21:04:9C:AA:6C:E3:FB:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MH2IfALgfJ5HTR-OIQScqmzj-9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/I2IkuPP7S3VXZ7vHx6WnA6YOJD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/b20d83-612c-4b62-97a3-1a5e5f191bfa/1/MH2IfALgfJ5HTR-OIQScqmzj-9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.14.128.0/18
109.74.80.0/20
217.119.176.0/20
217.171.16.0/20
IPv6:
2a00:1788::/32
Signature Algorithm: sha256WithRSAEncryption
7b:c7:38:11:ce:ac:e2:43:aa:db:9a:13:c4:a0:b8:5f:22:fd:
f5:79:8b:00:42:e6:5e:5b:24:13:a6:46:07:3f:5f:86:c9:ea:
ca:c6:89:8a:cb:f6:22:aa:78:9c:4a:d6:43:d1:9e:2b:5b:00:
4e:52:43:d3:94:e4:87:cd:8e:82:91:ad:68:99:8c:2e:5e:1a:
d0:0f:5e:8b:04:b3:80:d1:b6:f8:d3:bb:91:fa:a9:de:e0:89:
00:1f:1a:4c:cb:78:0c:ea:8c:a1:73:ef:83:e6:40:b6:42:01:
8f:1d:d0:2e:e9:48:4d:79:fd:ae:0d:d7:a7:4f:29:92:a7:05:
6b:d0:cd:bf:b9:62:6f:2d:55:57:4d:24:dd:f2:eb:e3:52:7e:
d7:76:2a:c5:7a:cd:7a:91:47:c5:19:99:e2:4d:8f:a2:70:97:
9f:7c:19:f5:b0:df:b4:9b:97:ba:18:aa:c8:8d:3b:f0:87:95:
de:87:0c:d3:0e:c3:38:db:a8:ae:85:c5:76:d8:48:5b:b9:e4:
7a:2b:f1:25:c7:61:fa:d3:e4:c5:56:1d:80:16:fe:67:f6:54:
b4:32:e9:99:55:38:c6:31:9a:e0:10:22:1f:17:f1:e7:97:3c:
25:ca:02:0b:da:47:93:b4:76:4b:ea:c3:20:e2:4b:d1:9f:79:
7a:22:62:f8
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDg9IKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDdkODg3YzAyZTA3YzllNDc0ZDFmOGUyMTA0OWNhYTZjZTNmYmQzMB4XDTIyMDQx
OTA5MDE1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM2MjI0YjhmM2Zi
NGI3NTU3NjdiYmM3YzdhNWE3MDNhNjBlMjQzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJiNBfYxhHdlttMmRiyHlu+DTmPc9WdIquwncAaDOM4oXItV
0jCs0zieqn//o6pSywEoTSrFPc9P6PznjPHClAcArFNseOqFpCDtsnYsPWXoVzeX
7MpM83aGpkJirzWCtKMPSfu/9eyYBWwAGugzkvC4g0xn5P8RrU0a9Aml3fci8GrO
eOf5+JnXzNhiN65dCeP3hfIcy0reocIKPlzPhlmKuJC1U0/CWWJVsMv5wFJ1ckMI
9C+G9pAj6FK4gqmcK6wablyVwvi0Eh/r3bdBSgcPxnJ3GnFq82LRqQdIh+VY/56z
+R/y7VK0agcWI3+S/mW4iWr/Oh1ITnElyFfZ6YcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQjYiS48/tLdVdnu8fHpacDpg4kPzAfBgNVHSMEGDAWgBQwfYh8AuB8nkdN
H44hBJyqbOP70zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01IMklmQUxnZko1SFRSLU9JUVNjcW16ai05TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvYjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJmYS8x
L0kySWt1UFA3UzNWWFo3dkh4NlduQTZZT0pEOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
YjIwZDgzLTYxMmMtNGI2Mi05N2EzLTFhNWU1ZjE5MWJmYS8xL01IMklmQUxnZko1
SFRSLU9JUVNjcW16ai05TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBlUOgAMEBG1KUAMEBNl3sAMEBNmr
EDANBAIAAjAHAwUAKgAXiDANBgkqhkiG9w0BAQsFAAOCAQEAe8c4Ec6s4kOq25oT
xKC4XyL99XmLAELmXlskE6ZGBz9fhsnqysaJisv2Iqp4nErWQ9GeK1sATlJD05Tk
h82OgpGtaJmMLl4a0A9eiwSzgNG2+NO7kfqp3uCJAB8aTMt4DOqMoXPvg+ZAtkIB
jx3QLulITXn9rg3Xp08pkqcFa9DNv7liby1VV00k3fLr41J+13YqxXrNepFHxRmZ
4k2PonCXn3wZ9bDftJuXuhiqyI078IeV3ocM0w7DONuoroXFdthIW7nkeivxJcdh
+tPkxVYdgBb+Z/ZUtDLpmVU4xjGa4BAiHxfx55c8JcoCC9pHk7R2S+rDIOJL0Z95
eiJi+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:04 2024 by rpki-client on console-ams.rpki-client.org