Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/IiypKS01gZghYVAjBOU98QrP4mM.roa
File: IiypKS01gZghYVAjBOU98QrP4mM.roa (raw, json)
Hash identifier: 5aQtaMwvGsQHv+VBhdvIMExpMvdmzMEYErJ27Q9yOvw=
Subject key identifier: 22:2C:A9:29:2D:35:81:98:21:61:50:23:04:E5:3D:F1:0A:CF:E2:63
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0B80C015
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/IiypKS01gZghYVAjBOU98QrP4mM.roa
Signing time: Sat 01 Jan 2022 10:53:37 +0000
ROA not before: Sat 01 Jan 2022 10:53:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58329
IP address blocks: 185.158.249.0/24 maxlen: 24
194.76.225.0/24 maxlen: 24
31.214.157.0/24 maxlen: 24
193.242.210.0/23 maxlen: 23
2001:67c:2ae8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192987157 (0xb80c015)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 1 10:53:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=222ca9292d3581982161502304e53df10acfe263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:06:7b:2f:ae:ec:ef:3c:d5:92:ba:f7:20:40:
d2:31:15:13:e6:c3:0a:ba:03:32:16:e8:30:ef:99:
af:a7:67:5f:bf:21:92:51:63:8f:48:77:4f:f0:22:
d7:48:f9:57:51:bb:7c:04:70:e5:fa:67:0e:20:13:
18:28:43:b2:eb:21:53:53:2e:a1:86:56:56:17:7a:
42:a7:69:1c:61:75:dc:05:65:37:3d:42:c1:4d:d4:
69:a4:17:df:82:68:64:4d:bd:73:87:07:ac:b6:51:
46:f7:c2:e7:7b:ae:08:97:1f:68:7d:cd:7a:5a:9b:
1f:ba:80:7d:0c:06:45:93:7e:76:f8:43:99:4a:8e:
4c:c2:8b:fc:c0:81:d6:80:f1:26:53:05:a1:d2:df:
a7:14:b5:4a:29:75:41:7b:4a:56:e3:9b:15:f8:a0:
3b:7a:92:1e:fa:59:20:e3:3a:f7:0c:28:a9:fa:0a:
60:98:df:ae:67:2d:5c:69:94:13:ef:7b:0c:f8:07:
ab:b3:d4:69:cc:f6:b3:40:da:90:cc:9e:58:7f:10:
c7:7b:11:31:af:c8:46:67:1e:86:e6:ba:44:34:b9:
31:ff:5f:b8:61:ad:fa:ef:98:75:25:f4:d2:6f:a5:
2b:90:67:33:d3:3e:f2:22:11:87:ab:d6:aa:47:a9:
e7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2C:A9:29:2D:35:81:98:21:61:50:23:04:E5:3D:F1:0A:CF:E2:63
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/IiypKS01gZghYVAjBOU98QrP4mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.157.0/24
185.158.249.0/24
193.242.210.0/23
194.76.225.0/24
IPv6:
2001:67c:2ae8::/48
Signature Algorithm: sha256WithRSAEncryption
73:f6:28:cc:6d:59:f1:04:a5:5f:a7:47:56:c6:b9:a4:64:ba:
7d:b5:4a:98:27:21:5d:77:8a:c5:c6:28:47:2c:67:9a:6c:e7:
9a:19:dc:d9:ff:6a:cb:05:a6:3f:fb:fd:3d:11:74:c6:f7:89:
a6:73:04:42:68:07:a9:f6:26:a7:8d:5b:f8:76:d5:75:15:8b:
5b:5e:5f:62:1b:a9:21:a2:9c:bf:dc:77:66:ef:e7:75:3a:cc:
c3:59:25:9e:5b:e2:82:49:22:5a:56:ea:3e:78:bd:ef:91:10:
a8:e0:bd:be:88:7f:ce:2c:85:6f:e5:b5:67:c9:37:f1:be:4e:
97:ad:fa:30:d7:94:34:e8:57:5a:94:45:53:a4:d0:0e:73:b8:
1b:9c:e0:bd:2f:16:81:3a:95:0b:e2:30:61:f6:ff:14:e8:56:
cb:92:cf:47:94:23:14:f9:29:df:8e:f1:74:12:1a:34:cc:f3:
4e:99:f4:cc:dd:0b:44:02:a1:b5:f0:b9:db:6f:3a:27:69:71:
35:59:14:1c:ee:50:ab:70:37:9e:be:5d:04:f4:c5:97:73:03:
a8:e4:20:f5:a1:93:ce:cc:bc:17:f7:f2:7b:9b:fa:f4:5f:12:
25:e5:cf:2f:fd:42:f1:52:03:f6:ed:05:a6:04:7e:e9:ef:d4:
bd:6b:a7:5c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEC4DAFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NThkMTJmMDk1MDUzYzM1ODc2Yjg4YjQ3Njg1ZDY0MzU0MjFmY2YyMB4XDTIyMDEw
MTEwNTMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjIyY2E5MjkyZDM1
ODE5ODIxNjE1MDIzMDRlNTNkZjEwYWNmZTI2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQGey+u7O881ZK69yBA0jEVE+bDCroDMhboMO+Zr6dnX78h
klFjj0h3T/Ai10j5V1G7fARw5fpnDiATGChDsushU1MuoYZWVhd6QqdpHGF13AVl
Nz1CwU3UaaQX34JoZE29c4cHrLZRRvfC53uuCJcfaH3NelqbH7qAfQwGRZN+dvhD
mUqOTMKL/MCB1oDxJlMFodLfpxS1Sil1QXtKVuObFfigO3qSHvpZIOM69wwoqfoK
YJjfrmctXGmUE+97DPgHq7PUacz2s0DakMyeWH8Qx3sRMa/IRmcehua6RDS5Mf9f
uGGt+u+YdSX00m+lK5BnM9M+8iIRh6vWqkep50cCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBQiLKkpLTWBmCFhUCME5T3xCs/iYzAfBgNVHSMEGDAWgBRFjRLwlQU8NYdr
iLR2hdZDVCH88jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JZMFM4SlVGUERXSGE0aTBkb1hXUTFRaF9QSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvN2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8x
L0lpeXBLUzAxZ1pnaFlWQWpCT1U5OFFyUDRtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
N2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8xL1JZMFM4SlVGUERX
SGE0aTBkb1hXUTFRaF9QSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEAB/WnQMEALme+QMEAcHy0gMEAMJM
4TAPBAIAAjAJAwcAIAEGfCroMA0GCSqGSIb3DQEBCwUAA4IBAQBz9ijMbVnxBKVf
p0dWxrmkZLp9tUqYJyFdd4rFxihHLGeabOeaGdzZ/2rLBaY/+/09EXTG94mmcwRC
aAep9ianjVv4dtV1FYtbXl9iG6khopy/3Hdm7+d1OszDWSWeW+KCSSJaVuo+eL3v
kRCo4L2+iH/OLIVv5bVnyTfxvk6Xrfow15Q06FdalEVTpNAOc7gbnOC9LxaBOpUL
4jBh9v8U6FbLks9HlCMU+SnfjvF0Eho0zPNOmfTM3QtEAqG18LnbbzonaXE1WRQc
7lCrcDeevl0E9MWXcwOo5CD1oZPOzLwX9/J7m/r0XxIl5c8v/ULxUgP27QWmBH7p
79S9a6dc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:31 2023 by rpki-client on console-ams.rpki-client.org