Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/E0INu1BH-ITYfhvJwain0s0ECls.roa
File: E0INu1BH-ITYfhvJwain0s0ECls.roa (raw, json)
Hash identifier: d3YRwqSqChOo9+8iF42BpU13tsBv6HJJPwuYikeRpfU=
Subject key identifier: 13:42:0D:BB:50:47:F8:84:D8:7E:1B:C9:C1:A8:A7:D2:CD:04:0A:5B
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0184A3824F975CB7F2556BD73571D1205D2A
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/E0INu1BH-ITYfhvJwain0s0ECls.roa
Signing time: Wed 23 Nov 2022 08:02:17 +0000
ROA not before: Wed 23 Nov 2022 08:02:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 185.199.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a3:82:4f:97:5c:b7:f2:55:6b:d7:35:71:d1:20:5d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Nov 23 08:02:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=13420dbb5047f884d87e1bc9c1a8a7d2cd040a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:fb:47:08:96:ad:88:7d:15:0c:72:93:f0:f8:
71:92:72:e6:f5:97:39:f7:e9:16:73:e9:57:bc:49:
cc:06:e2:f4:35:51:44:15:0e:93:25:f2:dc:4f:e2:
1c:b1:e0:1e:ed:42:19:36:99:bf:f1:e9:4a:5f:a7:
03:91:33:00:49:ad:16:aa:17:5b:33:8c:77:91:89:
3a:b5:54:92:10:9c:3f:45:41:82:b5:3c:ef:3f:32:
df:51:ed:7f:2a:00:0a:74:93:83:ee:23:c4:ff:cc:
75:53:a7:af:a0:ad:3d:bb:0e:42:49:36:f1:f2:cd:
71:f0:28:b1:c6:43:d3:c9:b4:fd:64:67:08:f8:87:
f0:45:16:e9:bd:9d:3d:17:f9:97:69:09:56:ea:a1:
e7:df:dd:90:6b:cc:5d:33:e2:5e:84:c3:dc:57:21:
ab:e0:d5:9f:f1:73:6a:e7:a5:60:b8:9a:63:f4:46:
b3:8c:fa:55:f7:4c:c7:60:94:f0:d8:66:d4:a8:09:
99:bd:0a:46:da:c7:12:ac:0f:c8:b0:dd:9f:50:15:
9d:cd:f2:79:df:fb:2f:c8:10:bc:2c:da:99:ee:cb:
ad:40:9b:ad:f8:4d:be:4d:b0:5d:3e:be:29:27:60:
a7:db:51:b7:98:a1:21:22:a1:cd:26:3c:e6:08:e8:
dd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:42:0D:BB:50:47:F8:84:D8:7E:1B:C9:C1:A8:A7:D2:CD:04:0A:5B
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/E0INu1BH-ITYfhvJwain0s0ECls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.149.0/24
Signature Algorithm: sha256WithRSAEncryption
79:db:08:52:a5:6a:d4:96:c0:a6:d8:54:c9:4e:90:27:60:9c:
58:57:57:df:ea:94:9e:28:d9:8f:06:d2:96:11:f3:68:6a:80:
da:55:12:61:09:c1:33:3f:fc:1b:55:a1:8c:76:3e:61:7c:7a:
ee:e4:c5:a5:dd:7a:a0:a0:0b:0f:30:6e:fc:de:0e:a7:1c:f5:
9a:76:72:d6:c8:47:b3:41:10:1a:b7:bd:55:9e:10:bd:ca:d2:
09:6d:be:59:c3:d8:ca:c1:aa:d5:30:77:3e:1f:11:94:9d:a7:
ae:a0:5b:7d:e9:b0:af:9a:9e:e4:8e:bd:3f:2a:19:8f:70:15:
6a:0d:d1:13:55:5f:c9:d2:c4:16:45:99:0f:14:5b:62:6d:a6:
1c:a6:86:16:86:39:6b:5f:5e:e6:62:b9:97:aa:0e:97:3c:13:
92:0d:db:61:7c:b3:0e:cd:f4:7c:2d:26:69:e8:8a:98:14:1c:
de:8c:69:cd:27:ad:56:0c:ca:11:f9:a0:76:b4:64:c2:ff:0f:
cd:b3:1d:16:1b:29:f2:09:81:35:51:5f:b8:91:8b:77:e4:90:
a1:c4:f7:75:da:40:e8:d6:4f:05:8f:f7:08:bf:c8:05:de:9a:
91:9d:4a:db:43:01:70:3b:a8:d8:09:97:48:a5:57:ab:7c:a3:
90:b0:d0:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSjgk+XXLfyVWvXNXHRIF0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjIxMTIzMDgwMjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQyMGRiYjUwNDdmODg0ZDg3ZTFiYzljMWE4YTdkMmNkMDQwYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvtHCJatiH0VDHKT8PhxknLm9Zc5
9+kWc+lXvEnMBuL0NVFEFQ6TJfLcT+IcseAe7UIZNpm/8elKX6cDkTMASa0Wqhdb
M4x3kYk6tVSSEJw/RUGCtTzvPzLfUe1/KgAKdJOD7iPE/8x1U6evoK09uw5CSTbx
8s1x8CixxkPTybT9ZGcI+IfwRRbpvZ09F/mXaQlW6qHn392Qa8xdM+JehMPcVyGr
4NWf8XNq56VguJpj9EazjPpV90zHYJTw2GbUqAmZvQpG2scSrA/IsN2fUBWdzfJ5
3/svyBC8LNqZ7sutQJut+E2+TbBdPr4pJ2Cn21G3mKEhIqHNJjzmCOjdBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBNCDbtQR/iE2H4bycGop9LNBApbMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvRTBJTnUxQkgtSVRZZmh2SndhaW4wczBFQ2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuceVMA0G
CSqGSIb3DQEBCwUAA4IBAQB52whSpWrUlsCm2FTJTpAnYJxYV1ff6pSeKNmPBtKW
EfNoaoDaVRJhCcEzP/wbVaGMdj5hfHru5MWl3XqgoAsPMG783g6nHPWadnLWyEez
QRAat71VnhC9ytIJbb5Zw9jKwarVMHc+HxGUnaeuoFt96bCvmp7kjr0/KhmPcBVq
DdETVV/J0sQWRZkPFFtibaYcpoYWhjlrX17mYrmXqg6XPBOSDdthfLMOzfR8LSZp
6IqYFBzejGnNJ61WDMoR+aB2tGTC/w/Nsx0WGynyCYE1UV+4kYt35JChxPd12kDo
1k8Fj/cIv8gF3pqRnUrbQwFwO6jYCZdIpVerfKOQsNBo
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:35 2024 by rpki-client on console-ams.rpki-client.org