Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/z_IHkatalM8hrBgRMh_oCXkbTxU.roa
File: z_IHkatalM8hrBgRMh_oCXkbTxU.roa (raw, json)
Hash identifier: 46jRjjikScvmrA05rjtVXpAa6/1rlH8b0won7Omnnmg=
Subject key identifier: CF:F2:07:91:AB:5A:94:CF:21:AC:18:11:32:1F:E8:09:79:1B:4F:15
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 018442CC351B87F90FB6FB5E6B462025B263
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/z_IHkatalM8hrBgRMh_oCXkbTxU.roa
Signing time: Fri 04 Nov 2022 13:19:49 +0000
ROA not before: Fri 04 Nov 2022 13:19:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203614
IP address blocks: 185.128.61.0/24 maxlen: 24
185.128.60.0/24 maxlen: 24
185.128.63.0/24 maxlen: 24
185.128.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:cc:35:1b:87:f9:0f:b6:fb:5e:6b:46:20:25:b2:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Nov 4 13:19:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cff20791ab5a94cf21ac1811321fe809791b4f15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:66:8b:2e:c7:19:33:54:42:dd:69:ff:0f:ed:
4d:8d:40:4b:94:99:6f:f8:91:0c:06:5d:3f:34:68:
99:ca:42:f7:e7:6e:b5:13:07:9d:f5:02:36:81:c1:
8f:23:99:5c:fa:87:22:fc:3f:f9:55:26:44:e0:3e:
bd:d5:e2:5c:5e:ac:eb:ac:01:50:75:68:d0:05:87:
f4:38:66:74:b8:df:00:6e:92:26:95:19:cb:9f:d3:
64:07:55:8f:c2:df:26:e6:4a:00:04:1f:9a:f7:f1:
18:1b:a4:15:2c:bb:c9:34:ed:0c:13:f5:d8:f1:59:
48:6e:3b:e0:55:95:a9:49:47:b4:64:d7:01:6d:95:
64:c7:36:47:fa:86:bc:71:58:71:31:02:f8:56:7a:
4a:8f:fc:22:aa:da:6e:7d:e6:ce:85:21:f5:38:67:
e9:01:4a:7f:ae:85:5f:3f:09:48:e9:44:77:47:d0:
72:97:a7:ae:9b:64:ca:7d:6f:3f:05:e7:89:f8:32:
ce:49:b1:76:06:31:6e:f5:47:41:8d:5e:db:e3:8e:
b5:e1:43:ff:a3:fb:84:c9:14:19:4b:52:fa:aa:cb:
cb:d6:07:e8:59:18:5e:2d:9e:75:3a:63:22:a5:7e:
c7:e8:74:ff:74:11:10:41:9e:06:f8:b7:ac:ff:cf:
52:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F2:07:91:AB:5A:94:CF:21:AC:18:11:32:1F:E8:09:79:1B:4F:15
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/z_IHkatalM8hrBgRMh_oCXkbTxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.60.0/22
Signature Algorithm: sha256WithRSAEncryption
17:e9:6f:36:e5:46:2e:6b:b0:18:c4:08:9e:15:3f:d7:a9:6c:
1c:30:e5:2e:15:30:f8:35:82:04:06:86:a5:91:4d:27:67:9d:
f2:2c:a9:fd:04:4d:95:46:72:8f:07:bf:67:55:9e:0c:f6:0c:
9d:f2:d3:43:b2:90:38:5b:35:41:e9:b5:5a:5e:4d:5b:29:16:
5f:b0:35:4a:0b:ba:32:0e:f6:95:0c:66:4e:ef:eb:d0:13:c5:
d9:b8:67:54:3b:1a:bb:ae:ba:fc:50:4f:ad:77:3c:b0:00:48:
38:98:3e:d9:0c:a4:e8:62:78:9b:7a:41:d6:51:cf:ac:04:86:
99:2d:2e:6c:48:8f:04:b6:5d:ec:78:b0:9d:9a:76:76:4c:71:
56:c5:1a:33:29:a2:60:0b:bf:8a:9b:83:46:a0:4e:37:86:b8:
32:8e:a1:e5:03:a5:9b:88:47:37:83:b5:0e:52:d1:c5:4c:a0:
f3:a6:73:38:f4:7d:91:c4:49:4c:ea:e7:26:62:41:71:c2:fc:
db:ce:2e:ae:0d:a0:ea:f8:fe:85:36:cd:fd:bf:eb:df:f7:46:
3e:97:11:41:39:ed:c2:e4:d6:21:5a:d9:f4:cd:3b:86:ba:5b:
82:7c:f9:86:43:b0:2b:3c:05:4a:5f:45:0c:44:63:c2:40:b2:
10:be:cf:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRCzDUbh/kPtvtea0YgJbJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjIxMTA0MTMxOTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmYyMDc5MWFiNWE5NGNmMjFhYzE4MTEzMjFmZTgwOTc5MWI0ZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWaLLscZM1RC3Wn/D+1NjUBLlJlv
+JEMBl0/NGiZykL35261Ewed9QI2gcGPI5lc+oci/D/5VSZE4D691eJcXqzrrAFQ
dWjQBYf0OGZ0uN8AbpImlRnLn9NkB1WPwt8m5koABB+a9/EYG6QVLLvJNO0ME/XY
8VlIbjvgVZWpSUe0ZNcBbZVkxzZH+oa8cVhxMQL4VnpKj/wiqtpufebOhSH1OGfp
AUp/roVfPwlI6UR3R9Byl6eum2TKfW8/BeeJ+DLOSbF2BjFu9UdBjV7b44614UP/
o/uEyRQZS1L6qsvL1gfoWRheLZ51OmMipX7H6HT/dBEQQZ4G+Les/89S9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM/yB5GrWpTPIawYETIf6Al5G08VMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvel9JSGthdGFsTThockJnUk1oX29DWGtiVHhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYA8MA0G
CSqGSIb3DQEBCwUAA4IBAQAX6W825UYua7AYxAieFT/XqWwcMOUuFTD4NYIEBoal
kU0nZ53yLKn9BE2VRnKPB79nVZ4M9gyd8tNDspA4WzVB6bVaXk1bKRZfsDVKC7oy
DvaVDGZO7+vQE8XZuGdUOxq7rrr8UE+tdzywAEg4mD7ZDKToYnibekHWUc+sBIaZ
LS5sSI8Etl3seLCdmnZ2THFWxRozKaJgC7+Km4NGoE43hrgyjqHlA6WbiEc3g7UO
UtHFTKDzpnM49H2RxElM6ucmYkFxwvzbzi6uDaDq+P6FNs39v+vf90Y+lxFBOe3C
5NYhWtn0zTuGuluCfPmGQ7ArPAVKX0UMRGPCQLIQvs8v
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:38 2023 by rpki-client on console-fra.rpki-client.org