Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/d39c6c-45e1-4126-a4e2-40438a999414/1/iJda3AVBIZRtA4r-ZUzXyCVglwg.roa
File: iJda3AVBIZRtA4r-ZUzXyCVglwg.roa (raw, json)
Hash identifier: TDElnpBoo+b7V80oKd/vQfgHUb8GQexabp1a4XMEBHs=
Subject key identifier: 88:97:5A:DC:05:41:21:94:6D:03:8A:FE:65:4C:D7:C8:25:60:97:08
Certificate issuer: /CN=044d65e74254b25fe00eb8ea06bb58fbe68ac19b
Certificate serial: 01821079BD13B4500D20CEC24C6E1DC6027B
Authority key identifier: 04:4D:65:E7:42:54:B2:5F:E0:0E:B8:EA:06:BB:58:FB:E6:8A:C1:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BE1l50JUsl_gDrjqBrtY--aKwZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/d39c6c-45e1-4126-a4e2-40438a999414/1/iJda3AVBIZRtA4r-ZUzXyCVglwg.roa
Signing time: Mon 18 Jul 2022 08:43:09 +0000
ROA not before: Mon 18 Jul 2022 08:43:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42306
IP address blocks: 185.137.144.0/22 maxlen: 22
176.123.12.0/22 maxlen: 22
2a07:4c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:10:79:bd:13:b4:50:0d:20:ce:c2:4c:6e:1d:c6:02:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=044d65e74254b25fe00eb8ea06bb58fbe68ac19b
Validity
Not Before: Jul 18 08:43:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88975adc054121946d038afe654cd7c825609708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:58:a8:59:1e:c9:e6:cc:37:e7:f9:51:4a:b0:
ee:c1:16:dc:c3:ed:57:fb:2e:9a:4d:70:03:3c:14:
1f:50:94:f6:9d:91:18:49:f4:96:d7:ba:a7:ee:75:
15:58:dd:1f:8a:6d:b2:bf:cf:01:f9:67:2d:b4:be:
8a:b4:aa:e6:45:93:97:ad:66:1e:b4:59:6c:31:89:
52:b9:ea:05:85:a5:19:a9:a9:45:34:b7:e4:42:15:
28:cb:9f:23:22:98:9f:37:e4:c6:e7:b9:a0:88:4c:
cd:ea:21:6b:a2:25:64:5d:c3:50:ba:a6:90:33:75:
dd:c3:4b:dc:74:55:0e:0d:ee:aa:60:4f:f4:6c:6d:
45:8b:7d:17:55:97:35:f3:e6:1b:6a:f6:fd:d7:53:
10:2d:31:9e:8e:bd:e4:b7:61:e7:04:42:23:b4:75:
4b:24:41:8a:97:3f:51:38:02:5f:89:18:4a:f8:e4:
eb:06:dd:49:f4:13:df:69:cb:f5:b0:c5:bb:1f:a7:
4b:72:ef:94:ec:34:e6:29:9c:bf:3e:87:4a:b6:f1:
3b:62:f9:45:ac:e6:10:8f:f9:b2:06:2b:be:ae:3c:
2c:88:22:ef:83:96:5e:73:7e:66:3e:92:d8:79:fd:
09:91:cc:65:7a:2a:fd:c7:de:d1:f4:4e:f0:cd:0f:
d8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:97:5A:DC:05:41:21:94:6D:03:8A:FE:65:4C:D7:C8:25:60:97:08
X509v3 Authority Key Identifier:
keyid:04:4D:65:E7:42:54:B2:5F:E0:0E:B8:EA:06:BB:58:FB:E6:8A:C1:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BE1l50JUsl_gDrjqBrtY--aKwZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d39c6c-45e1-4126-a4e2-40438a999414/1/iJda3AVBIZRtA4r-ZUzXyCVglwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/d39c6c-45e1-4126-a4e2-40438a999414/1/BE1l50JUsl_gDrjqBrtY--aKwZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.123.12.0/22
185.137.144.0/22
IPv6:
2a07:4c0::/29
Signature Algorithm: sha256WithRSAEncryption
32:6d:9c:64:cf:63:aa:0f:14:e7:cc:a4:1f:a0:74:36:d5:76:
32:4b:ca:f4:92:d9:c2:fd:08:fe:4f:c9:a2:a2:c5:f1:a0:6f:
5c:80:cb:a6:53:5d:2f:94:cc:c2:46:11:3a:89:f6:4e:0f:69:
76:81:05:91:09:af:1f:ff:21:89:b5:ee:c5:69:81:0b:5e:ce:
ed:50:73:cb:0e:90:72:41:ff:9c:cd:e8:10:b2:91:a6:34:1f:
b5:00:23:dd:39:8b:57:32:52:c1:2a:60:e6:88:61:bd:3b:07:
2c:b4:73:dd:73:71:bb:63:0f:39:32:05:3b:77:86:60:ea:08:
50:ef:51:bb:11:52:88:f8:50:0d:8e:dd:d9:19:a4:9a:53:7d:
85:29:f4:2d:65:91:31:cc:10:d3:fc:e3:a2:8a:fe:54:3e:3a:
5f:4f:f0:64:8d:bc:64:b4:ae:e2:ea:b8:41:b7:68:b3:5e:a1:
c1:5a:94:cd:9e:26:6b:5e:b5:b7:a8:58:7c:75:e5:32:de:ee:
39:37:29:c7:a9:c6:e4:e7:65:7c:e8:6b:e4:7f:7c:7f:23:7b:
90:7b:40:f3:55:6b:5c:74:7e:aa:d1:7e:b9:23:9f:ed:f4:76:
73:08:93:2f:d1:b5:82:0b:5d:ec:0f:50:80:4e:a3:0c:4a:3b:
c4:a5:46:de
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYIQeb0TtFANIM7CTG4dxgJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NGQ2NWU3NDI1NGIyNWZlMDBlYjhlYTA2YmI1OGZiZTY4
YWMxOWIwHhcNMjIwNzE4MDg0MzA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODk3NWFkYzA1NDEyMTk0NmQwMzhhZmU2NTRjZDdjODI1NjA5NzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlioWR7J5sw35/lRSrDuwRbcw+1X
+y6aTXADPBQfUJT2nZEYSfSW17qn7nUVWN0fim2yv88B+WcttL6KtKrmRZOXrWYe
tFlsMYlSueoFhaUZqalFNLfkQhUoy58jIpifN+TG57mgiEzN6iFroiVkXcNQuqaQ
M3Xdw0vcdFUODe6qYE/0bG1Fi30XVZc18+Ybavb911MQLTGejr3kt2HnBEIjtHVL
JEGKlz9ROAJfiRhK+OTrBt1J9BPfacv1sMW7H6dLcu+U7DTmKZy/PodKtvE7YvlF
rOYQj/myBiu+rjwsiCLvg5Zec35mPpLYef0Jkcxleir9x97R9E7wzQ/YqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIiXWtwFQSGUbQOK/mVM18glYJcIMB8GA1UdIwQY
MBaAFARNZedCVLJf4A646ga7WPvmisGbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkUxbDUwSlVzbF9nRHJqcUJydFktLWFLd1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9kMzljNmMtNDVlMS00MTI2LWE0ZTIt
NDA0MzhhOTk5NDE0LzEvaUpkYTNBVkJJWlJ0QTRyLVpVelh5Q1ZnbHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9kMzljNmMtNDVlMS00MTI2LWE0ZTItNDA0MzhhOTk5NDE0
LzEvQkUxbDUwSlVzbF9nRHJqcUJydFktLWFLd1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCsHsMAwQC
uYmQMA0EAgACMAcDBQMqBwTAMA0GCSqGSIb3DQEBCwUAA4IBAQAybZxkz2OqDxTn
zKQfoHQ21XYyS8r0ktnC/Qj+T8miosXxoG9cgMumU10vlMzCRhE6ifZOD2l2gQWR
Ca8f/yGJte7FaYELXs7tUHPLDpByQf+czegQspGmNB+1ACPdOYtXMlLBKmDmiGG9
OwcstHPdc3G7Yw85MgU7d4Zg6ghQ71G7EVKI+FANjt3ZGaSaU32FKfQtZZExzBDT
/OOiiv5UPjpfT/BkjbxktK7i6rhBt2izXqHBWpTNniZrXrW3qFh8deUy3u45NynH
qcbk52V86Gvkf3x/I3uQe0DzVWtcdH6q0X65I5/t9HZzCJMv0bWCC13sD1CATqMM
SjvEpUbe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:35 2023 by rpki-client on console-fra.rpki-client.org