Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/Il-LeKW9bFqWPz8D5rMakwdWw1U.roa
File: Il-LeKW9bFqWPz8D5rMakwdWw1U.roa (raw, json)
Hash identifier: KzcSMYOv6w7XFbZBHX2Ko6aGHwQUoG9X7+tnogsRkmc=
Subject key identifier: 22:5F:8B:78:A5:BD:6C:5A:96:3F:3F:03:E6:B3:1A:93:07:56:C3:55
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018410A92794305E9DA313B023DB9D2C538F
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/Il-LeKW9bFqWPz8D5rMakwdWw1U.roa
Signing time: Tue 25 Oct 2022 19:40:31 +0000
ROA not before: Tue 25 Oct 2022 19:40:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58329
IP address blocks: 185.158.249.0/24 maxlen: 24
194.76.225.0/24 maxlen: 24
31.214.157.0/24 maxlen: 24
193.242.210.0/23 maxlen: 23
79.132.128.0/24 maxlen: 24
2001:67c:2ae8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:a9:27:94:30:5e:9d:a3:13:b0:23:db:9d:2c:53:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Oct 25 19:40:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=225f8b78a5bd6c5a963f3f03e6b31a930756c355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2d:04:56:4d:29:9c:47:b6:83:01:20:ef:5c:
1c:13:37:ff:58:1a:3c:d0:15:71:09:7c:a8:96:f4:
bf:f9:ea:68:fb:5e:7d:b7:49:ff:44:0c:7d:8f:16:
58:6a:6f:2b:c7:c5:2c:b4:f6:40:7c:f9:fe:2c:e5:
1e:79:02:7d:72:66:93:8e:cd:43:8c:0b:44:df:c2:
62:79:b2:a6:a6:ad:dd:89:f0:0d:da:87:4d:cd:a2:
7a:0f:3c:35:f3:f7:72:39:6d:3b:70:1c:ae:f4:8a:
e3:91:5e:69:dc:8e:7e:74:c5:55:00:d8:33:8a:9b:
ab:05:62:e1:b7:5c:25:ea:e6:74:4b:b5:ee:23:5d:
7c:b4:a1:26:9c:d3:59:1c:e6:a4:b2:5a:6b:30:4c:
78:2d:32:a3:a7:44:ab:37:45:97:79:f3:ae:d8:d6:
d7:b8:c0:93:36:9a:4c:b1:9a:7e:08:09:68:b5:65:
90:83:2c:8e:b6:54:8a:eb:e3:f8:fc:d8:a6:74:82:
87:02:b4:ff:92:b5:a8:6f:c5:e3:f6:09:03:8c:cc:
bb:46:b4:04:48:2d:28:2b:56:1d:3e:6b:63:53:42:
42:52:ae:af:90:f1:44:90:17:67:a0:12:f0:26:09:
d2:ad:ab:30:48:dc:bd:f6:9b:b8:f8:f2:d3:85:d1:
09:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:5F:8B:78:A5:BD:6C:5A:96:3F:3F:03:E6:B3:1A:93:07:56:C3:55
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/Il-LeKW9bFqWPz8D5rMakwdWw1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.157.0/24
79.132.128.0/24
185.158.249.0/24
193.242.210.0/23
194.76.225.0/24
IPv6:
2001:67c:2ae8::/48
Signature Algorithm: sha256WithRSAEncryption
62:02:db:83:23:f4:15:50:b7:5a:dd:78:0b:7e:de:36:84:86:
b5:94:ff:3c:d1:b0:03:f5:e6:fb:f9:db:32:fc:5e:2b:be:a0:
eb:45:ce:86:8f:21:d5:41:d7:5f:3a:fc:27:8f:0b:ea:db:73:
21:e1:24:31:20:ba:dc:65:b6:11:57:31:22:60:5a:3a:7b:13:
ee:e6:a2:8f:54:7f:42:a8:8e:27:db:dc:ce:53:83:c6:90:6e:
c4:fa:1c:45:2a:f4:77:60:0c:75:6f:2e:9b:e2:e9:82:16:95:
15:49:47:6d:c5:40:d9:dd:2b:ce:05:76:69:c8:7c:ea:a5:9b:
db:29:60:37:73:3a:32:05:61:f6:3d:30:74:d1:68:49:e6:3e:
77:4c:7b:30:7a:05:c0:0a:44:40:5b:17:09:46:ea:6f:b6:1a:
a4:30:2a:c4:98:71:d7:be:06:af:62:82:03:dd:10:35:18:4c:
fa:e1:12:7e:17:00:b5:ca:a0:1c:0f:12:74:b4:0f:30:56:d6:
ef:a2:c9:1a:f3:01:88:f1:06:95:c0:93:62:ab:2c:3f:6f:6f:
7c:b5:1f:61:13:0f:fc:49:6d:cc:02:8c:66:e3:a5:03:38:1c:
96:c0:96:f7:30:00:59:ed:0e:9a:f2:27:96:6c:8b:53:91:95:
0a:3b:0e:fe
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYQQqSeUMF6doxOwI9udLFOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjIxMDI1MTk0MDMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjVmOGI3OGE1YmQ2YzVhOTYzZjNmMDNlNmIzMWE5MzA3NTZjMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS0EVk0pnEe2gwEg71wcEzf/WBo8
0BVxCXyolvS/+epo+159t0n/RAx9jxZYam8rx8UstPZAfPn+LOUeeQJ9cmaTjs1D
jAtE38JiebKmpq3difAN2odNzaJ6Dzw18/dyOW07cByu9IrjkV5p3I5+dMVVANgz
ipurBWLht1wl6uZ0S7XuI118tKEmnNNZHOakslprMEx4LTKjp0SrN0WXefOu2NbX
uMCTNppMsZp+CAlotWWQgyyOtlSK6+P4/NimdIKHArT/krWob8Xj9gkDjMy7RrQE
SC0oK1YdPmtjU0JCUq6vkPFEkBdnoBLwJgnSraswSNy99pu4+PLThdEJAQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCJfi3ilvWxalj8/A+azGpMHVsNVMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvSWwtTGVLVzliRnFXUHo4RDVyTWFrd2RXdzFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAH9adAwQA
T4SAAwQAuZ75AwQBwfLSAwQAwkzhMA8EAgACMAkDBwAgAQZ8KugwDQYJKoZIhvcN
AQELBQADggEBAGIC24Mj9BVQt1rdeAt+3jaEhrWU/zzRsAP15vv52zL8Xiu+oOtF
zoaPIdVB1186/CePC+rbcyHhJDEgutxlthFXMSJgWjp7E+7moo9Uf0Kojifb3M5T
g8aQbsT6HEUq9HdgDHVvLpvi6YIWlRVJR23FQNndK84FdmnIfOqlm9spYDdzOjIF
YfY9MHTRaEnmPndMezB6BcAKREBbFwlG6m+2GqQwKsSYcde+Bq9iggPdEDUYTPrh
En4XALXKoBwPEnS0DzBW1u+iyRrzAYjxBpXAk2KrLD9vb3y1H2ETD/xJbcwCjGbj
pQM4HJbAlvcwAFntDpryJ5Zsi1ORlQo7Dv4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org