Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/izgTOCMikXX3aodMX4wbEXZAwBU.roa
File: izgTOCMikXX3aodMX4wbEXZAwBU.roa (raw, json)
Hash identifier: IuITsW+2sTMdhXs4Th4yv9mhrhKA3pF6cX2T+mIuMEA=
Subject key identifier: 8B:38:13:38:23:22:91:75:F7:6A:87:4C:5F:8C:1B:11:76:40:C0:15
Certificate issuer: /CN=366a9d542297577b37aa0c423195afe2a98e135d
Certificate serial: 0ADC63DC
Authority key identifier: 36:6A:9D:54:22:97:57:7B:37:AA:0C:42:31:95:AF:E2:A9:8E:13:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NmqdVCKXV3s3qgxCMZWv4qmOE10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/izgTOCMikXX3aodMX4wbEXZAwBU.roa
Signing time: Sat 01 Jan 2022 12:59:20 +0000
ROA not before: Sat 01 Jan 2022 12:59:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52129
IP address blocks: 91.207.212.0/23 maxlen: 23
185.183.28.0/22 maxlen: 22
185.183.29.0/24 maxlen: 24
185.183.30.0/24 maxlen: 24
185.183.31.0/24 maxlen: 24
185.183.28.0/24 maxlen: 24
143.55.144.0/21 maxlen: 24
91.209.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 182215644 (0xadc63dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=366a9d542297577b37aa0c423195afe2a98e135d
Validity
Not Before: Jan 1 12:59:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b38133823229175f76a874c5f8c1b117640c015
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:81:b4:5d:77:65:aa:e4:b9:2b:57:03:3b:1a:
8a:c6:0e:cd:c3:0b:97:bb:e6:61:10:0c:e9:6b:53:
36:a9:c4:c7:13:14:3e:4b:c3:eb:cc:da:6c:2f:52:
c7:45:ae:cc:b4:d8:4c:5a:b7:36:33:cd:bc:5c:47:
06:04:ac:00:e2:ca:aa:9a:cc:d1:79:03:35:7d:80:
be:cf:61:cf:70:75:d8:92:17:a5:a5:61:ec:8c:2d:
fd:2e:57:4f:2f:52:7b:d0:d7:fe:56:0a:7a:b9:6f:
a5:36:fe:16:f5:31:80:02:f1:a7:f2:b5:93:40:25:
7d:5d:4f:62:69:c6:14:11:d6:b7:2d:02:54:8a:12:
77:5b:2b:62:11:00:9f:1a:43:8a:95:6e:19:36:90:
a7:ba:d5:17:54:fe:1e:f1:59:8f:c5:6c:be:df:47:
58:53:c9:28:70:dc:21:0a:97:43:55:42:2a:e8:87:
3e:0d:37:ed:5e:e3:71:0d:48:32:e0:56:35:59:4b:
a8:be:db:7c:c3:f5:5d:04:42:7c:c7:af:b2:2b:de:
48:1f:a7:95:ca:5e:aa:89:4b:6c:dc:14:20:72:7e:
aa:54:84:38:ea:75:11:6c:40:a3:c9:0f:6e:78:e2:
fa:65:50:f3:fb:0f:dd:12:74:b0:3b:d6:12:bd:2e:
23:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:38:13:38:23:22:91:75:F7:6A:87:4C:5F:8C:1B:11:76:40:C0:15
X509v3 Authority Key Identifier:
keyid:36:6A:9D:54:22:97:57:7B:37:AA:0C:42:31:95:AF:E2:A9:8E:13:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NmqdVCKXV3s3qgxCMZWv4qmOE10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/izgTOCMikXX3aodMX4wbEXZAwBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/fc7545-c5fa-43bd-8839-d185dec06012/1/NmqdVCKXV3s3qgxCMZWv4qmOE10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.212.0/23
91.209.104.0/24
143.55.144.0/21
185.183.28.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:df:a3:8c:46:a6:cd:96:a2:34:4b:78:6f:f8:d6:2c:66:12:
ef:3b:30:26:ff:cd:26:f2:55:c6:40:4b:2a:21:d7:da:9c:2a:
07:64:52:16:9e:0c:9c:54:e7:72:3d:f9:cb:33:d4:75:f0:6b:
cc:0d:ac:c3:e8:9b:76:ea:16:68:42:92:4a:76:b8:f8:d8:01:
22:3a:f1:b5:98:e6:3f:8b:70:0a:45:aa:4d:e0:e8:5e:86:dc:
65:34:bf:f1:e1:59:f8:f1:24:f9:de:e3:f5:13:d2:1c:d0:f6:
d3:f7:59:e8:53:9d:d8:db:ec:f7:b4:93:a3:6a:9f:8f:26:cd:
92:08:48:b9:7e:d7:e9:19:83:89:f7:61:71:c8:ab:f1:45:d2:
a8:78:d4:09:13:13:0c:95:39:e2:70:e8:ce:ed:4c:9d:fe:76:
98:dd:24:be:ba:d8:86:bf:6f:2c:0f:d1:1d:7f:70:f6:4f:55:
0d:65:65:0f:1f:87:39:1e:45:42:b1:4c:eb:32:01:39:0c:94:
34:ce:b4:67:3d:f2:94:27:22:53:8f:a6:40:12:ed:c3:f0:34:
3d:bb:0b:5e:f7:90:63:c9:f9:a6:9f:f4:7b:db:3c:ca:3e:e3:
99:21:18:31:d0:6c:4a:9d:82:1c:cb:cf:94:20:26:19:79:93:
e7:d1:23:33
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECtxj3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NjZhOWQ1NDIyOTc1NzdiMzdhYTBjNDIzMTk1YWZlMmE5OGUxMzVkMB4XDTIyMDEw
MTEyNTkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGIzODEzMzgyMzIy
OTE3NWY3NmE4NzRjNWY4YzFiMTE3NjQwYzAxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2BtF13ZarkuStXAzsaisYOzcMLl7vmYRAM6WtTNqnExxMU
PkvD68zabC9Sx0WuzLTYTFq3NjPNvFxHBgSsAOLKqprM0XkDNX2Avs9hz3B12JIX
paVh7Iwt/S5XTy9Se9DX/lYKerlvpTb+FvUxgALxp/K1k0AlfV1PYmnGFBHWty0C
VIoSd1srYhEAnxpDipVuGTaQp7rVF1T+HvFZj8Vsvt9HWFPJKHDcIQqXQ1VCKuiH
Pg037V7jcQ1IMuBWNVlLqL7bfMP1XQRCfMevsiveSB+nlcpeqolLbNwUIHJ+qlSE
OOp1EWxAo8kPbnji+mVQ8/sP3RJ0sDvWEr0uI6cCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSLOBM4IyKRdfdqh0xfjBsRdkDAFTAfBgNVHSMEGDAWgBQ2ap1UIpdXezeq
DEIxla/iqY4TXTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05tcWRWQ0tYVjNzM3FneENNWld2NHFtT0UxMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvZmM3NTQ1LWM1ZmEtNDNiZC04ODM5LWQxODVkZWMwNjAxMi8x
L2l6Z1RPQ01pa1hYM2FvZE1YNHdiRVhaQXdCVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
ZmM3NTQ1LWM1ZmEtNDNiZC04ODM5LWQxODVkZWMwNjAxMi8xL05tcWRWQ0tYVjNz
M3FneENNWld2NHFtT0UxMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVvP1AMEAFvRaAMEA483kAMEArm3
HDANBgkqhkiG9w0BAQsFAAOCAQEAvd+jjEamzZaiNEt4b/jWLGYS7zswJv/NJvJV
xkBLKiHX2pwqB2RSFp4MnFTncj35yzPUdfBrzA2sw+ibduoWaEKSSna4+NgBIjrx
tZjmP4twCkWqTeDoXobcZTS/8eFZ+PEk+d7j9RPSHND20/dZ6FOd2Nvs97STo2qf
jybNkghIuX7X6RmDifdhccir8UXSqHjUCRMTDJU54nDozu1Mnf52mN0kvrrYhr9v
LA/RHX9w9k9VDWVlDx+HOR5FQrFM6zIBOQyUNM60Zz3ylCciU4+mQBLtw/A0PbsL
XveQY8n5pp/0e9s8yj7jmSEYMdBsSp2CHMvPlCAmGXmT59EjMw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:04 2023 by rpki-client on console-fra.rpki-client.org