Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/7GBwLaoXcRQvFsU_IIQHlFXVlPg.roa
File: 7GBwLaoXcRQvFsU_IIQHlFXVlPg.roa (raw, json)
Hash identifier: +tJI/qTRGBomfWQPHVKd1yEjbFQbyFELu4EP62Lz2EI=
Subject key identifier: EC:60:70:2D:AA:17:71:14:2F:16:C5:3F:20:84:07:94:55:D5:94:F8
Certificate issuer: /CN=baa23f740ad564c5693b77091c71b3c03136a580
Certificate serial: 0184A9ECABF8C55D8BA01DE78E203110212A
Authority key identifier: BA:A2:3F:74:0A:D5:64:C5:69:3B:77:09:1C:71:B3:C0:31:36:A5:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqI_dArVZMVpO3cJHHGzwDE2pYA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/7GBwLaoXcRQvFsU_IIQHlFXVlPg.roa
Signing time: Thu 24 Nov 2022 13:56:10 +0000
ROA not before: Thu 24 Nov 2022 13:56:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49040
IP address blocks: 185.242.90.0/24 maxlen: 24
185.242.89.0/24 maxlen: 24
185.242.88.0/24 maxlen: 24
185.242.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:ec:ab:f8:c5:5d:8b:a0:1d:e7:8e:20:31:10:21:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa23f740ad564c5693b77091c71b3c03136a580
Validity
Not Before: Nov 24 13:56:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec60702daa1771142f16c53f2084079455d594f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6b:d3:76:0d:ce:13:60:92:a2:81:b4:8a:f3:
59:58:c1:80:c3:ce:17:00:2c:15:e5:ed:14:20:e9:
29:fd:ab:94:0c:19:e0:71:41:8c:ae:58:e8:4a:53:
ed:5e:ea:e9:83:bc:22:a6:6d:d2:3c:aa:6d:18:e5:
94:41:17:53:c2:e1:4d:01:c6:d9:70:63:0e:12:8c:
a8:92:ae:6b:1d:75:df:40:59:51:b8:1f:ca:01:e7:
80:83:bd:4d:e7:07:55:09:ed:88:cf:bc:64:c6:aa:
66:50:ea:27:b0:54:3e:e6:69:37:ae:ea:79:17:cf:
36:9f:34:b1:27:34:24:01:17:80:28:8b:2f:5e:77:
62:76:92:fd:93:2d:c0:13:85:8a:64:62:a7:55:f6:
73:0d:77:57:be:63:a7:68:6a:66:8d:8f:94:b5:aa:
7a:65:b4:6b:d4:d7:36:dc:94:0d:ae:25:85:68:4e:
6f:33:1b:c5:e9:12:4d:22:c4:f7:99:1e:6b:49:cb:
7b:43:9f:26:46:f0:1e:63:5b:5c:17:9a:b2:e4:d0:
d1:2a:4c:53:8e:b0:2a:72:47:2d:44:41:43:76:2a:
eb:27:99:05:54:34:87:92:69:13:67:38:64:78:c7:
51:26:cd:bd:fc:99:dd:b9:e1:fd:8f:ef:d4:40:a2:
ae:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:60:70:2D:AA:17:71:14:2F:16:C5:3F:20:84:07:94:55:D5:94:F8
X509v3 Authority Key Identifier:
keyid:BA:A2:3F:74:0A:D5:64:C5:69:3B:77:09:1C:71:B3:C0:31:36:A5:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqI_dArVZMVpO3cJHHGzwDE2pYA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/7GBwLaoXcRQvFsU_IIQHlFXVlPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/8c09b3-f6d8-4c9a-964c-8527c9b3e75f/1/uqI_dArVZMVpO3cJHHGzwDE2pYA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.88.0/22
Signature Algorithm: sha256WithRSAEncryption
54:35:42:af:09:a8:53:31:ea:d5:f2:3f:b6:b4:64:cc:0d:91:
0d:78:27:5b:0d:d8:77:e4:6f:a5:4e:51:d4:0f:51:6e:3b:18:
69:95:4d:ea:5c:e9:03:06:9d:2c:43:08:ee:4f:59:24:70:28:
06:ae:d3:3e:db:22:93:31:d8:e8:ee:64:8d:a3:f5:49:6a:1f:
fb:d5:e9:5f:01:97:63:ed:e9:16:20:7d:8b:ea:32:3f:21:d9:
c5:1e:31:2a:67:9b:71:b7:15:25:cf:50:c0:6a:f0:13:0c:4f:
25:5f:bf:e2:f1:a1:3d:f5:59:81:66:fa:f8:e1:ed:8c:57:45:
ce:d9:31:bb:ff:58:e1:8e:3b:e3:e7:e8:06:ff:6b:ee:81:bc:
fa:82:40:0b:7a:ef:48:f4:3c:38:2e:d3:1c:6b:cb:34:33:ef:
f6:37:76:76:9c:de:88:96:c5:5e:b4:d6:c6:ea:4e:d9:36:e8:
b2:cb:be:33:18:0d:84:fb:22:11:25:c8:15:0b:08:03:0d:44:
29:1d:f3:1b:7a:9e:19:64:db:41:c0:21:8c:2a:c2:33:f4:9c:
85:df:5b:e0:a6:e1:8f:d5:78:74:24:c0:d0:38:a1:3c:51:26:
42:b7:43:38:ee:69:d4:e8:6b:1e:69:45:ae:4f:53:50:61:fe:
ba:73:63:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSp7Kv4xV2LoB3njiAxECEqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTIzZjc0MGFkNTY0YzU2OTNiNzcwOTFjNzFiM2MwMzEz
NmE1ODAwHhcNMjIxMTI0MTM1NjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzYwNzAyZGFhMTc3MTE0MmYxNmM1M2YyMDg0MDc5NDU1ZDU5NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2vTdg3OE2CSooG0ivNZWMGAw84X
ACwV5e0UIOkp/auUDBngcUGMrljoSlPtXurpg7wipm3SPKptGOWUQRdTwuFNAcbZ
cGMOEoyokq5rHXXfQFlRuB/KAeeAg71N5wdVCe2Iz7xkxqpmUOonsFQ+5mk3rup5
F882nzSxJzQkAReAKIsvXndidpL9ky3AE4WKZGKnVfZzDXdXvmOnaGpmjY+Utap6
ZbRr1Nc23JQNriWFaE5vMxvF6RJNIsT3mR5rSct7Q58mRvAeY1tcF5qy5NDRKkxT
jrAqckctREFDdirrJ5kFVDSHkmkTZzhkeMdRJs29/JndueH9j+/UQKKumwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOxgcC2qF3EULxbFPyCEB5RV1ZT4MB8GA1UdIwQY
MBaAFLqiP3QK1WTFaTt3CRxxs8AxNqWAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFJX2RBclZaTVZwTzNjSkhIR3p3REUycFlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi84YzA5YjMtZjZkOC00YzlhLTk2NGMt
ODUyN2M5YjNlNzVmLzEvN0dCd0xhb1hjUlF2RnNVX0lJUUhsRlhWbFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi84YzA5YjMtZjZkOC00YzlhLTk2NGMtODUyN2M5YjNlNzVm
LzEvdXFJX2RBclZaTVZwTzNjSkhIR3p3REUycFlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufJYMA0G
CSqGSIb3DQEBCwUAA4IBAQBUNUKvCahTMerV8j+2tGTMDZENeCdbDdh35G+lTlHU
D1FuOxhplU3qXOkDBp0sQwjuT1kkcCgGrtM+2yKTMdjo7mSNo/VJah/71elfAZdj
7ekWIH2L6jI/IdnFHjEqZ5txtxUlz1DAavATDE8lX7/i8aE99VmBZvr44e2MV0XO
2TG7/1jhjjvj5+gG/2vugbz6gkALeu9I9Dw4LtMca8s0M+/2N3Z2nN6IlsVetNbG
6k7ZNuiyy74zGA2E+yIRJcgVCwgDDUQpHfMbep4ZZNtBwCGMKsIz9JyF31vgpuGP
1Xh0JMDQOKE8USZCt0M47mnU6GseaUWuT1NQYf66c2OT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:08 2024 by rpki-client on console-ams.rpki-client.org