Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/24b5ba-bf06-4b51-95bc-a45218c58418/1/IKA-zUR44zV73k57mQTaqN6IunM.roa
File: IKA-zUR44zV73k57mQTaqN6IunM.roa (raw, json)
Hash identifier: YJZFQ1gaPiKEgBm6SEW3+DPfvP1d47HztjoxCDS//+A=
Subject key identifier: 20:A0:3E:CD:44:78:E3:35:7B:DE:4E:7B:99:04:DA:A8:DE:88:BA:73
Certificate issuer: /CN=c0c9413f076a782110c14490d890f1b3e98e0785
Certificate serial: 01828BFA214DFD21978D2ECCFAC5C1893E03
Authority key identifier: C0:C9:41:3F:07:6A:78:21:10:C1:44:90:D8:90:F1:B3:E9:8E:07:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wMlBPwdqeCEQwUSQ2JDxs-mOB4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/24b5ba-bf06-4b51-95bc-a45218c58418/1/IKA-zUR44zV73k57mQTaqN6IunM.roa
Signing time: Thu 11 Aug 2022 08:16:41 +0000
ROA not before: Thu 11 Aug 2022 08:16:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51177
IP address blocks: 188.214.30.0/24 maxlen: 24
193.29.187.0/24 maxlen: 24
84.234.96.0/22 maxlen: 22
188.241.58.0/24 maxlen: 24
45.128.116.0/22 maxlen: 22
193.201.82.0/24 maxlen: 24
91.235.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:8b:fa:21:4d:fd:21:97:8d:2e:cc:fa:c5:c1:89:3e:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0c9413f076a782110c14490d890f1b3e98e0785
Validity
Not Before: Aug 11 08:16:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20a03ecd4478e3357bde4e7b9904daa8de88ba73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:15:28:38:45:bc:9b:15:d1:cc:10:98:e0:43:
dc:82:ec:a5:dc:41:3c:c9:85:06:79:6d:eb:53:a1:
cc:19:c2:7b:cf:37:36:92:2c:2b:37:93:89:b6:5a:
e1:5f:02:63:47:f0:f4:4e:69:54:26:ce:2f:30:18:
c8:63:ab:7f:b1:0f:8e:09:cd:a0:13:7b:e2:e3:cd:
b7:be:52:3e:0e:f1:1b:12:05:c6:65:d7:68:d8:9b:
2b:41:24:e9:fb:83:2a:b1:3f:4a:76:29:d2:84:05:
96:ca:bf:bd:ee:b7:09:b7:f7:2d:05:23:c8:dc:27:
d1:39:23:ee:25:17:fb:ba:ad:49:cd:b9:a3:71:88:
b1:5b:c7:6c:15:ae:5b:5b:ed:a2:65:8d:95:7b:c0:
0b:0e:7e:de:cf:00:75:ae:4a:1d:44:ff:4e:39:c5:
62:65:73:9d:02:2f:80:01:3d:4d:d3:af:f8:08:38:
19:e0:b3:7b:38:aa:46:74:09:72:47:6f:78:0b:88:
0b:f3:a3:2a:ea:4b:65:ac:50:d4:3b:4c:3e:aa:5a:
c0:6c:3c:dc:df:f0:69:f0:27:ba:93:7d:f0:7f:f1:
b4:29:bf:91:01:e0:13:85:e2:96:80:db:7d:c3:59:
91:80:a2:9d:2a:9b:00:eb:f8:bb:ff:50:80:0b:16:
d2:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A0:3E:CD:44:78:E3:35:7B:DE:4E:7B:99:04:DA:A8:DE:88:BA:73
X509v3 Authority Key Identifier:
keyid:C0:C9:41:3F:07:6A:78:21:10:C1:44:90:D8:90:F1:B3:E9:8E:07:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wMlBPwdqeCEQwUSQ2JDxs-mOB4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/24b5ba-bf06-4b51-95bc-a45218c58418/1/IKA-zUR44zV73k57mQTaqN6IunM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/24b5ba-bf06-4b51-95bc-a45218c58418/1/wMlBPwdqeCEQwUSQ2JDxs-mOB4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.116.0/22
84.234.96.0/22
91.235.116.0/24
188.214.30.0/24
188.241.58.0/24
193.29.187.0/24
193.201.82.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:26:95:99:29:62:48:7e:52:37:03:c8:43:6e:c9:61:8c:0f:
cb:b3:2f:e6:90:a0:ad:12:6a:ff:bc:03:08:12:60:5d:b1:d7:
d8:78:22:58:c3:4b:40:e9:0f:8d:86:89:73:36:42:b3:a5:4f:
67:19:66:12:b9:bd:9f:7a:a0:13:67:2b:c8:10:ed:d3:09:d4:
29:bd:ee:54:3e:7e:69:f1:a0:5d:8a:56:bf:17:e5:67:39:3e:
ce:1f:4c:66:5a:b4:75:77:fe:ba:f5:c8:d2:65:52:00:6b:3b:
69:00:08:c3:4e:d8:3c:80:6b:12:6f:dc:9c:eb:74:fd:24:61:
85:1d:58:c8:89:20:27:61:b8:be:82:1c:b6:f9:0c:b5:8a:05:
73:e5:11:47:5a:0e:c3:75:69:e6:bd:84:f2:01:1e:c9:6a:c3:
ab:86:0d:a2:21:81:f9:2c:ae:70:57:c1:b5:02:77:56:f2:68:
04:dd:b5:fa:de:fd:b0:ac:69:41:12:94:4a:8d:6d:65:43:14:
4a:64:ff:1f:4a:f3:17:07:17:90:83:37:10:48:b1:43:37:94:
23:63:48:93:cb:47:b5:94:bc:18:2f:03:b2:44:a0:43:73:15:
b0:12:74:5d:9d:7c:07:c1:d6:97:d7:42:b3:ab:62:6c:47:40:
1d:dd:6c:3c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYKL+iFN/SGXjS7M+sXBiT4DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYzk0MTNmMDc2YTc4MjExMGMxNDQ5MGQ4OTBmMWIzZTk4
ZTA3ODUwHhcNMjIwODExMDgxNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGEwM2VjZDQ0NzhlMzM1N2JkZTRlN2I5OTA0ZGFhOGRlODhiYTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRUoOEW8mxXRzBCY4EPcguyl3EE8
yYUGeW3rU6HMGcJ7zzc2kiwrN5OJtlrhXwJjR/D0TmlUJs4vMBjIY6t/sQ+OCc2g
E3vi4823vlI+DvEbEgXGZddo2JsrQSTp+4MqsT9KdinShAWWyr+97rcJt/ctBSPI
3CfROSPuJRf7uq1JzbmjcYixW8dsFa5bW+2iZY2Ve8ALDn7ezwB1rkodRP9OOcVi
ZXOdAi+AAT1N06/4CDgZ4LN7OKpGdAlyR294C4gL86Mq6ktlrFDUO0w+qlrAbDzc
3/Bp8Ce6k33wf/G0Kb+RAeATheKWgNt9w1mRgKKdKpsA6/i7/1CACxbS2wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCCgPs1EeOM1e95Oe5kE2qjeiLpzMB8GA1UdIwQY
MBaAFMDJQT8HanghEMFEkNiQ8bPpjgeFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd01sQlB3ZHFlQ0VRd1VTUTJKRHhzLW1PQjRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNGI1YmEtYmYwNi00YjUxLTk1YmMt
YTQ1MjE4YzU4NDE4LzEvSUtBLXpVUjQ0elY3M2s1N21RVGFxTjZJdW5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8yNGI1YmEtYmYwNi00YjUxLTk1YmMtYTQ1MjE4YzU4NDE4
LzEvd01sQlB3ZHFlQ0VRd1VTUTJKRHhzLW1PQjRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLYB0AwQC
VOpgAwQAW+t0AwQAvNYeAwQAvPE6AwQAwR27AwQAwclSMA0GCSqGSIb3DQEBCwUA
A4IBAQDSJpWZKWJIflI3A8hDbslhjA/Lsy/mkKCtEmr/vAMIEmBdsdfYeCJYw0tA
6Q+NholzNkKzpU9nGWYSub2feqATZyvIEO3TCdQpve5UPn5p8aBdila/F+VnOT7O
H0xmWrR1d/669cjSZVIAaztpAAjDTtg8gGsSb9yc63T9JGGFHVjIiSAnYbi+ghy2
+Qy1igVz5RFHWg7DdWnmvYTyAR7JasOrhg2iIYH5LK5wV8G1AndW8mgE3bX63v2w
rGlBEpRKjW1lQxRKZP8fSvMXBxeQgzcQSLFDN5QjY0iTy0e1lLwYLwOyRKBDcxWw
EnRdnXwHwdaX10Kzq2JsR0Ad3Ww8
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:06 2024 by rpki-client on console-fra.rpki-client.org