Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/5ZpegcOKqWEG02mjRnLCi8ilPSc.roa
File: 5ZpegcOKqWEG02mjRnLCi8ilPSc.roa (raw, json)
Hash identifier: u9ISp12ud6S3SJGF91j6h+9USQk2VnSFebSJEFMZUlk=
Subject key identifier: E5:9A:5E:81:C3:8A:A9:61:06:D3:69:A3:46:72:C2:8B:C8:A5:3D:27
Certificate issuer: /CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Certificate serial: 125F35CD
Authority key identifier: 23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/5ZpegcOKqWEG02mjRnLCi8ilPSc.roa
Signing time: Sat 01 Jan 2022 03:51:11 +0000
ROA not before: Sat 01 Jan 2022 03:51:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201701
IP address blocks: 185.66.192.0/22 maxlen: 22
185.66.193.0/24 maxlen: 24
185.66.195.0/24 maxlen: 24
185.66.194.0/24 maxlen: 24
2a03:2260:1000::/36 maxlen: 36
2a03:2260:3000::/36 maxlen: 36
2a03:2260:2000::/36 maxlen: 36
2a03:2260::/30 maxlen: 30
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 308229581 (0x125f35cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23662c9a980ad7584650abaa3545b9ea91d3e35e
Validity
Not Before: Jan 1 03:51:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e59a5e81c38aa96106d369a34672c28bc8a53d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:40:7d:aa:f6:33:80:2d:68:ee:38:f3:62:2b:
e8:c1:e8:8b:4b:bc:ad:08:34:63:13:3f:37:c9:da:
f5:bc:02:6b:4a:98:e9:80:e5:87:5c:25:30:8c:7f:
31:0c:35:02:19:8f:69:90:7c:24:25:e1:9e:f4:2e:
6b:48:a5:9d:a1:8c:76:8c:f2:28:54:e8:11:8a:13:
2d:49:a8:a5:a1:29:ce:fc:ff:3f:fe:73:fa:41:4e:
6c:d2:b1:c1:d8:bd:24:36:29:73:d5:92:09:de:95:
b5:be:b8:b7:f1:d2:57:eb:f6:32:6f:04:1a:ce:c2:
8b:22:56:43:67:d4:15:9c:ec:54:4d:68:04:1a:6b:
cf:10:cb:78:a6:ac:b7:6d:87:e3:ac:ed:3e:a8:91:
8a:88:9e:a8:b9:a9:53:0f:e3:82:03:11:b5:72:da:
d0:2c:20:a7:13:20:7f:f7:ba:2c:6a:ac:d5:41:74:
1b:84:5a:ee:60:c3:f6:1f:84:13:79:38:09:8f:fd:
40:37:35:92:15:a5:b4:55:1f:9c:99:87:11:7a:38:
4b:01:5c:1e:e5:39:f6:05:79:e6:1d:69:9d:eb:99:
39:d3:31:3f:ba:36:d6:56:ee:99:9d:1d:e3:78:6d:
1c:05:a5:a0:ca:68:f5:69:e7:df:6c:b1:a6:96:c3:
5a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:9A:5E:81:C3:8A:A9:61:06:D3:69:A3:46:72:C2:8B:C8:A5:3D:27
X509v3 Authority Key Identifier:
keyid:23:66:2C:9A:98:0A:D7:58:46:50:AB:AA:35:45:B9:EA:91:D3:E3:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I2YsmpgK11hGUKuqNUW56pHT414.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/5ZpegcOKqWEG02mjRnLCi8ilPSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/0175e6-427b-4ef9-8eb1-8232e350d458/1/I2YsmpgK11hGUKuqNUW56pHT414.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.192.0/22
IPv6:
2a03:2260::/30
Signature Algorithm: sha256WithRSAEncryption
a3:a1:d3:0b:a4:12:c8:89:04:1c:4e:3f:a1:25:6e:df:f2:c1:
0f:ed:81:2d:03:b4:60:b0:8c:9d:af:e8:c7:63:e1:10:10:5f:
1c:14:e4:d6:a4:21:3c:d4:b9:77:06:85:6a:89:a2:1b:59:f8:
66:cc:40:e3:df:dd:bc:c5:57:0f:57:75:4c:45:e1:c1:63:32:
8e:04:e2:57:2a:1a:b8:2d:39:24:8c:41:3d:8a:17:f0:18:8a:
89:5a:28:6e:cb:1f:74:48:cb:d5:5d:0e:71:ff:08:08:5c:54:
82:cd:32:61:e9:76:14:08:34:71:64:f4:90:ed:26:d7:e8:06:
b5:ad:d2:ce:1c:b4:83:ed:f3:b4:e1:38:fb:50:c4:86:42:a3:
f5:78:a1:03:38:b4:a6:c9:de:ec:af:12:b9:d0:a5:fa:74:b5:
f9:af:99:58:c7:11:85:31:19:83:6a:f8:f2:dc:62:a7:ab:b5:
11:9a:05:eb:8b:d7:44:d9:f2:56:cd:bf:55:b8:8f:ff:25:47:
13:71:4f:72:36:28:34:74:97:c2:67:89:f1:d9:cb:2a:3e:43:
ff:e7:9d:22:00:0b:20:7c:a9:4d:b1:ac:34:84:4e:c8:1a:fd:
3e:5b:39:42:62:00:19:1e:92:fe:41:13:a0:48:12:82:49:99:
3b:a2:21:46
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEl81zTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzY2MmM5YTk4MGFkNzU4NDY1MGFiYWEzNTQ1YjllYTkxZDNlMzVlMB4XDTIyMDEw
MTAzNTExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTU5YTVlODFjMzhh
YTk2MTA2ZDM2OWEzNDY3MmMyOGJjOGE1M2QyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAORAfar2M4AtaO4482Ir6MHoi0u8rQg0YxM/N8na9bwCa0qY
6YDlh1wlMIx/MQw1AhmPaZB8JCXhnvQua0ilnaGMdozyKFToEYoTLUmopaEpzvz/
P/5z+kFObNKxwdi9JDYpc9WSCd6Vtb64t/HSV+v2Mm8EGs7CiyJWQ2fUFZzsVE1o
BBprzxDLeKast22H46ztPqiRioieqLmpUw/jggMRtXLa0CwgpxMgf/e6LGqs1UF0
G4Ra7mDD9h+EE3k4CY/9QDc1khWltFUfnJmHEXo4SwFcHuU59gV55h1pneuZOdMx
P7o21lbumZ0d43htHAWloMpo9Wnn32yxppbDWjsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTlml6Bw4qpYQbTaaNGcsKLyKU9JzAfBgNVHSMEGDAWgBQjZiyamArXWEZQ
q6o1RbnqkdPjXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kyWXNtcGdLMTFoR1VLdXFOVVc1NnBIVDQxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvMDE3NWU2LTQyN2ItNGVmOS04ZWIxLTgyMzJlMzUwZDQ1OC8x
LzVacGVnY09LcVdFRzAybWpSbkxDaThpbFBTYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
MDE3NWU2LTQyN2ItNGVmOS04ZWIxLTgyMzJlMzUwZDQ1OC8xL0kyWXNtcGdLMTFo
R1VLdXFOVVc1NnBIVDQxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlCwDANBAIAAjAHAwUCKgMiYDAN
BgkqhkiG9w0BAQsFAAOCAQEAo6HTC6QSyIkEHE4/oSVu3/LBD+2BLQO0YLCMna/o
x2PhEBBfHBTk1qQhPNS5dwaFaomiG1n4ZsxA49/dvMVXD1d1TEXhwWMyjgTiVyoa
uC05JIxBPYoX8BiKiVoobssfdEjL1V0Ocf8ICFxUgs0yYel2FAg0cWT0kO0m1+gG
ta3Szhy0g+3ztOE4+1DEhkKj9XihAzi0psne7K8SudCl+nS1+a+ZWMcRhTEZg2r4
8txip6u1EZoF64vXRNnyVs2/VbiP/yVHE3FPcjYoNHSXwmeJ8dnLKj5D/+edIgAL
IHypTbGsNIROyBr9Pls5QmIAGR6S/kEToEgSgkmZO6IhRg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:46 2023 by rpki-client on console-fra.rpki-client.org