Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/iUXe0hrc4EuOsWJMjGca650QP50.roa
File: iUXe0hrc4EuOsWJMjGca650QP50.roa (raw, json)
Hash identifier: fGOFsh1DtDtfnsLM+oMPCzBrEkOhMdVbM0P2KabL4F4=
Subject key identifier: 89:45:DE:D2:1A:DC:E0:4B:8E:B1:62:4C:8C:67:1A:EB:9D:10:3F:9D
Certificate issuer: /CN=ae7f187c12782fc4d844762235993329c4563a0d
Certificate serial: 02043D
Authority key identifier: AE:7F:18:7C:12:78:2F:C4:D8:44:76:22:35:99:33:29:C4:56:3A:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/iUXe0hrc4EuOsWJMjGca650QP50.roa
Signing time: Mon 04 Jul 2022 14:12:25 +0000
ROA not before: Mon 04 Jul 2022 14:12:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202877
IP address blocks: 185.151.253.0/24 maxlen: 24
185.151.252.0/22 maxlen: 22
185.151.252.0/24 maxlen: 24
185.151.255.0/24 maxlen: 24
185.151.254.0/24 maxlen: 24
2a07:7300::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132157 (0x2043d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f187c12782fc4d844762235993329c4563a0d
Validity
Not Before: Jul 4 14:12:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8945ded21adce04b8eb1624c8c671aeb9d103f9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3c:3d:f0:8b:fe:4b:cb:7e:26:86:6a:88:84:
a9:23:7b:38:9f:91:76:a1:7a:99:8a:5b:0c:66:58:
9b:84:98:5c:73:22:de:62:51:06:2d:0b:d0:1c:ab:
7c:e8:ee:62:d5:27:e1:08:bc:32:b3:8f:ad:a5:c8:
df:31:79:6a:6b:ec:0e:4f:81:35:89:75:24:8d:50:
ea:d9:e3:d9:a4:1f:b8:3b:4a:00:49:98:11:37:af:
90:ac:d6:7e:c2:55:b2:26:07:d0:51:d5:f6:99:49:
a5:23:24:af:28:99:14:d3:89:31:be:f3:04:99:4c:
12:4b:1e:9d:da:b8:6e:b3:56:2e:0d:12:26:ee:8c:
f1:44:92:af:33:a4:ba:d0:dc:60:bd:1e:10:d4:d2:
33:db:a0:bf:0f:56:63:59:05:e7:b6:8f:11:21:fd:
c1:8c:4b:30:39:3b:d5:b0:f6:7a:a6:cb:fa:77:0e:
29:c3:2e:94:12:09:e5:c4:08:ef:57:f6:85:19:2d:
93:4c:64:3f:b8:c5:e6:fa:a7:08:b2:00:06:28:42:
ad:1a:de:e7:f8:8a:0d:a0:0c:bb:98:43:97:40:fc:
ae:88:53:d4:29:91:dc:c3:34:d1:f6:c7:1f:bc:18:
72:0d:ab:d3:47:d0:91:31:e4:f3:5b:85:9c:82:52:
dc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:45:DE:D2:1A:DC:E0:4B:8E:B1:62:4C:8C:67:1A:EB:9D:10:3F:9D
X509v3 Authority Key Identifier:
keyid:AE:7F:18:7C:12:78:2F:C4:D8:44:76:22:35:99:33:29:C4:56:3A:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/iUXe0hrc4EuOsWJMjGca650QP50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/c8f647-ed79-42d9-8df6-05877604a01d/1/rn8YfBJ4L8TYRHYiNZkzKcRWOg0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.252.0/22
IPv6:
2a07:7300::/29
Signature Algorithm: sha256WithRSAEncryption
05:e8:87:51:a5:9c:41:6c:0e:3b:63:6a:ec:b9:1e:41:53:f6:
ff:ee:ab:e7:fd:3b:cf:e2:8c:d4:58:07:bd:a8:05:1c:e7:9d:
63:27:ff:5c:9a:17:86:fb:19:64:7c:51:e2:7a:d4:23:9f:63:
6a:98:09:a0:aa:5d:41:b5:3e:46:d3:76:cd:b2:cc:ee:c1:e2:
65:eb:7b:fb:b7:62:d8:e5:02:67:fc:c9:a3:94:6d:14:aa:f8:
bc:85:97:1a:3a:6e:7b:5c:29:e1:3c:95:0e:ba:ca:ba:76:fd:
c7:27:60:54:60:e9:fc:cc:52:3e:47:e5:b6:f9:9f:34:db:5f:
d8:ea:5d:06:8e:a2:aa:bc:fb:d7:4f:a0:fd:03:70:16:a9:32:
c8:93:7e:b0:5f:12:22:fd:d7:55:d2:c5:a2:88:6a:8a:53:ca:
0e:a0:7f:77:7b:a4:fa:18:b7:40:52:40:03:6f:4c:fb:c9:3e:
a7:9f:79:aa:09:69:a3:75:13:23:18:ba:7c:de:d4:46:80:4a:
59:08:00:22:ca:48:ca:c0:43:87:7a:ec:c7:cc:85:0f:7f:3b:
a6:da:d9:38:81:88:65:b2:d7:92:7d:fe:1d:61:37:07:5b:f8:
5b:0a:63:0f:ff:60:d6:73:e6:79:64:ab:91:a7:e9:49:90:97:
ae:4c:69:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAgQ9MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGFl
N2YxODdjMTI3ODJmYzRkODQ0NzYyMjM1OTkzMzI5YzQ1NjNhMGQwHhcNMjIwNzA0
MTQxMjI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4OTQ1ZGVkMjFhZGNl
MDRiOGViMTYyNGM4YzY3MWFlYjlkMTAzZjlkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzTw98Iv+S8t+JoZqiISpI3s4n5F2oXqZilsMZlibhJhccyLe
YlEGLQvQHKt86O5i1SfhCLwys4+tpcjfMXlqa+wOT4E1iXUkjVDq2ePZpB+4O0oA
SZgRN6+QrNZ+wlWyJgfQUdX2mUmlIySvKJkU04kxvvMEmUwSSx6d2rhus1YuDRIm
7ozxRJKvM6S60NxgvR4Q1NIz26C/D1ZjWQXnto8RIf3BjEswOTvVsPZ6psv6dw4p
wy6UEgnlxAjvV/aFGS2TTGQ/uMXm+qcIsgAGKEKtGt7n+IoNoAy7mEOXQPyuiFPU
KZHcwzTR9scfvBhyDavTR9CRMeTzW4WcglLcUQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFIlF3tIa3OBLjrFiTIxnGuudED+dMB8GA1UdIwQYMBaAFK5/GHwSeC/E2ER2
IjWZMynEVjoNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
cm44WWZCSjRMOFRZUkhZaU5aa3pLY1JXT2cwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8yYi9jOGY2NDctZWQ3OS00MmQ5LThkZjYtMDU4Nzc2MDRhMDFkLzEv
aVVYZTBocmM0RXVPc1dKTWpHY2E2NTBRUDUwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9j
OGY2NDctZWQ3OS00MmQ5LThkZjYtMDU4Nzc2MDRhMDFkLzEvcm44WWZCSjRMOFRZ
UkhZaU5aa3pLY1JXT2cwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZf8MA0EAgACMAcDBQMqB3MAMA0G
CSqGSIb3DQEBCwUAA4IBAQAF6IdRpZxBbA47Y2rsuR5BU/b/7qvn/TvP4ozUWAe9
qAUc551jJ/9cmheG+xlkfFHietQjn2NqmAmgql1BtT5G03bNsszuweJl63v7t2LY
5QJn/MmjlG0Uqvi8hZcaOm57XCnhPJUOusq6dv3HJ2BUYOn8zFI+R+W2+Z8021/Y
6l0GjqKqvPvXT6D9A3AWqTLIk36wXxIi/ddV0sWiiGqKU8oOoH93e6T6GLdAUkAD
b0z7yT6nn3mqCWmjdRMjGLp83tRGgEpZCAAiykjKwEOHeuzHzIUPfzum2tk4gYhl
steSff4dYTcHW/hbCmMP/2DWc+Z5ZKuRp+lJkJeuTGnd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-fra.rpki-client.org