Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ICIxKyw47NR-0mlgNOUHmt6S7fM.roa
File: ICIxKyw47NR-0mlgNOUHmt6S7fM.roa (raw, json)
Hash identifier: CXeraUZGS9CSCD/dI4mAo67gDFZEsC3iUl5mXKzOFUQ=
Subject key identifier: 20:22:31:2B:2C:38:EC:D4:7E:D2:69:60:34:E5:07:9A:DE:92:ED:F3
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 0181F8F36764358268A2E116322CD828B2D4
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ICIxKyw47NR-0mlgNOUHmt6S7fM.roa
Signing time: Wed 13 Jul 2022 19:05:10 +0000
ROA not before: Wed 13 Jul 2022 19:05:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 185.239.245.0/24 maxlen: 24
185.254.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f8:f3:67:64:35:82:68:a2:e1:16:32:2c:d8:28:b2:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Jul 13 19:05:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2022312b2c38ecd47ed2696034e5079ade92edf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:48:8e:2b:a6:c2:86:34:28:dd:e3:ab:3d:bb:
f1:e2:ae:07:88:ff:4a:06:3a:16:da:8e:2e:48:02:
13:ca:2d:6b:58:22:10:31:f4:7f:b7:94:09:12:0c:
6b:60:f8:fd:20:76:66:00:9f:cb:10:39:b6:fa:57:
be:0c:c9:43:c3:72:32:28:a6:80:13:61:7a:38:77:
07:61:5d:fc:f9:ca:56:26:d0:49:02:49:91:bd:c9:
03:e3:23:01:17:f4:81:07:af:30:13:a1:f1:20:29:
d0:e7:96:fe:d6:c0:ba:82:7c:ed:2b:cb:bd:2d:1d:
62:54:f9:e2:42:34:73:8f:7d:79:9d:df:2c:b8:1d:
42:87:25:72:b0:b9:01:da:46:d9:3e:9d:93:cc:0e:
ae:89:a7:15:6c:cb:dd:f9:4d:24:a9:ed:14:dc:c3:
d0:1b:7b:f2:00:bc:7b:6c:e3:f1:d4:60:6b:d0:46:
f7:f2:ab:4f:12:e8:2d:5d:e4:c8:41:21:b1:17:8c:
9f:e1:73:c3:13:2c:e6:50:c3:f6:1c:a9:3f:03:cc:
d1:96:09:e8:0a:09:a4:e1:91:61:4b:6c:03:47:b9:
a6:09:d6:c3:fb:9d:cc:6a:e4:35:b1:68:a2:ed:09:
a2:af:f9:9c:e7:dd:2c:66:ec:06:ff:00:91:83:47:
4b:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:22:31:2B:2C:38:EC:D4:7E:D2:69:60:34:E5:07:9A:DE:92:ED:F3
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/ICIxKyw47NR-0mlgNOUHmt6S7fM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.245.0/24
185.254.19.0/24
Signature Algorithm: sha256WithRSAEncryption
18:26:0b:1e:1e:89:c2:7c:80:9f:71:7b:4c:aa:1f:a8:77:bd:
8e:c9:99:c8:8d:46:f3:d6:8b:a6:e1:9b:4a:5b:03:eb:7d:61:
3b:8f:f3:44:72:a6:55:91:c4:8e:3a:cd:8f:dc:da:d8:28:a2:
b0:cd:bc:21:25:f1:e7:9a:c1:ce:dc:b7:99:bd:08:34:db:b5:
3e:a3:11:d1:3d:2c:2d:29:00:e3:e3:3f:ab:9c:ce:ac:85:1b:
6c:98:8a:8a:15:40:79:9a:4e:c3:bf:e4:2e:54:61:7f:82:e9:
89:48:86:eb:cb:56:a4:b2:c2:b7:d7:b6:b6:99:43:6c:33:c9:
67:dc:81:5a:a1:45:e6:ab:09:11:db:a4:d6:5f:48:9c:b3:fd:
64:2e:fe:da:e0:2e:c0:7e:97:32:06:4d:e3:17:92:20:4d:89:
7f:13:bf:01:91:5c:4f:f2:cc:ea:07:96:bb:b5:7d:28:b3:34:
ad:ed:b1:02:ea:ea:8a:4a:5b:24:43:37:b0:8a:3f:3b:17:21:
d9:f1:fb:8a:ae:b6:17:47:34:2b:ac:ca:a0:a6:dd:6b:d0:b8:
a4:29:38:0f:be:e4:47:c9:44:ba:4d:58:5b:02:41:a7:56:fd:
8b:04:dd:90:7b:67:5d:bd:8c:6a:ef:24:cf:4d:ce:07:f7:df:
cd:04:9d:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYH482dkNYJoouEWMizYKLLUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjIwNzEzMTkwNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDIyMzEyYjJjMzhlY2Q0N2VkMjY5NjAzNGU1MDc5YWRlOTJlZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0iOK6bChjQo3eOrPbvx4q4HiP9K
BjoW2o4uSAITyi1rWCIQMfR/t5QJEgxrYPj9IHZmAJ/LEDm2+le+DMlDw3IyKKaA
E2F6OHcHYV38+cpWJtBJAkmRvckD4yMBF/SBB68wE6HxICnQ55b+1sC6gnztK8u9
LR1iVPniQjRzj315nd8suB1ChyVysLkB2kbZPp2TzA6uiacVbMvd+U0kqe0U3MPQ
G3vyALx7bOPx1GBr0Eb38qtPEugtXeTIQSGxF4yf4XPDEyzmUMP2HKk/A8zRlgno
Cgmk4ZFhS2wDR7mmCdbD+53MauQ1sWii7Qmir/mc590sZuwG/wCRg0dLxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCAiMSssOOzUftJpYDTlB5reku3zMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvSUNJeEt5dzQ3TlItMG1sZ05PVUhtdDZTN2ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAue/1AwQA
uf4TMA0GCSqGSIb3DQEBCwUAA4IBAQAYJgseHonCfICfcXtMqh+od72OyZnIjUbz
1oum4ZtKWwPrfWE7j/NEcqZVkcSOOs2P3NrYKKKwzbwhJfHnmsHO3LeZvQg027U+
oxHRPSwtKQDj4z+rnM6shRtsmIqKFUB5mk7Dv+QuVGF/gumJSIbry1akssK317a2
mUNsM8ln3IFaoUXmqwkR26TWX0ics/1kLv7a4C7AfpcyBk3jF5IgTYl/E78BkVxP
8szqB5a7tX0oszSt7bEC6uqKSlskQzewij87FyHZ8fuKrrYXRzQrrMqgpt1r0Lik
KTgPvuRHyUS6TVhbAkGnVv2LBN2Qe2ddvYxq7yTPTc4H99/NBJ0b
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:10 2023 by rpki-client on console-fra.rpki-client.org