Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/Ib0fW49cYj13HURo3bbxgj7mUEY.roa
File: Ib0fW49cYj13HURo3bbxgj7mUEY.roa (raw, json)
Hash identifier: 2LJMkSJsKrBSO7S78UJsNnmR/2VdtrLOTM4nxyGNQ9w=
Subject key identifier: 21:BD:1F:5B:8F:5C:62:3D:77:1D:44:68:DD:B6:F1:82:3E:E6:50:46
Certificate issuer: /CN=188fb0985e360c38f8658d56687ca862d9408d90
Certificate serial: 032A19F4
Authority key identifier: 18:8F:B0:98:5E:36:0C:38:F8:65:8D:56:68:7C:A8:62:D9:40:8D:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GI-wmF42DDj4ZY1WaHyoYtlAjZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/Ib0fW49cYj13HURo3bbxgj7mUEY.roa
Signing time: Sat 01 Jan 2022 10:55:46 +0000
ROA not before: Sat 01 Jan 2022 10:55:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8868
IP address blocks: 185.120.162.0/24 maxlen: 24
185.120.163.0/24 maxlen: 24
185.194.79.0/24 maxlen: 24
185.120.160.0/23 maxlen: 23
185.174.250.0/24 maxlen: 24
185.174.248.0/23 maxlen: 23
185.174.251.0/24 maxlen: 24
185.194.78.0/24 maxlen: 24
185.194.76.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53090804 (0x32a19f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=188fb0985e360c38f8658d56687ca862d9408d90
Validity
Not Before: Jan 1 10:55:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21bd1f5b8f5c623d771d4468ddb6f1823ee65046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:71:95:f9:56:69:c9:23:56:7f:51:34:b0:3a:
b9:31:b4:fb:0a:65:ec:c0:de:db:cb:df:9a:1b:2d:
63:d5:2e:d0:ad:5f:6f:f2:78:b4:5c:a2:3b:f5:9d:
0c:35:c2:18:8a:a7:ad:80:7f:7f:9a:e5:7a:e7:86:
61:2a:2f:c9:fa:d0:b1:88:2f:95:dc:2b:bf:8f:22:
47:1b:01:67:f1:1b:be:fc:a3:5c:a1:9e:45:00:74:
c1:4d:44:ba:64:dc:0f:98:bb:e1:85:0b:cf:d0:6e:
0e:6e:a8:f6:49:20:ca:aa:6a:5e:23:95:3e:02:21:
a2:2a:70:ae:94:9a:f0:d6:7c:52:a2:e3:64:38:f7:
0e:8e:86:c2:7c:79:99:88:67:1e:73:09:aa:9c:f1:
2d:b8:f2:f7:f6:24:c0:20:ba:d0:1d:dd:c7:51:f3:
b0:8b:37:1f:7e:0f:d0:9e:cd:72:24:a9:73:00:fb:
e5:18:6c:6c:84:0a:0b:bf:64:01:96:1f:9c:77:90:
a3:82:d6:96:d2:58:12:60:c0:c7:2f:34:15:46:eb:
e4:44:fa:83:a0:5a:02:fc:97:07:46:7a:77:0f:23:
fb:0f:8f:50:d2:28:c1:e9:4a:dc:8f:dc:4b:a1:8e:
d7:49:a2:3f:53:b9:31:1f:e4:c2:d1:2b:97:d9:df:
85:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:BD:1F:5B:8F:5C:62:3D:77:1D:44:68:DD:B6:F1:82:3E:E6:50:46
X509v3 Authority Key Identifier:
keyid:18:8F:B0:98:5E:36:0C:38:F8:65:8D:56:68:7C:A8:62:D9:40:8D:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GI-wmF42DDj4ZY1WaHyoYtlAjZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/Ib0fW49cYj13HURo3bbxgj7mUEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/67bce3-ecbc-478d-8210-d07906a84b1d/1/GI-wmF42DDj4ZY1WaHyoYtlAjZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.160.0/22
185.174.248.0/22
185.194.76.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:a8:18:4c:f4:f2:d3:3f:3c:9f:7b:96:b1:f3:e3:ef:46:14:
02:7b:fd:4b:8b:72:96:69:97:fa:3c:1d:3a:a0:61:e6:22:7d:
60:db:1a:bc:85:a6:b1:7e:cb:43:3b:8c:41:3b:0b:80:13:8f:
2f:98:80:11:0f:56:a8:5a:bc:0f:1d:ad:92:a7:b6:75:cf:92:
56:d0:93:18:08:68:7c:d6:27:be:f2:06:06:51:24:2d:38:92:
53:6e:ec:0e:39:21:5c:77:94:b6:02:d9:93:1e:0f:b6:ab:14:
3a:5a:ef:03:13:c2:fe:6f:65:58:af:9f:a0:89:9b:dc:f4:88:
a9:aa:26:33:e4:b2:e2:1a:fd:eb:08:66:6a:02:f5:83:10:a7:
53:c1:15:60:cd:7a:4d:e8:91:46:65:f6:d9:f7:72:4d:b3:d9:
7f:37:60:9d:49:20:60:7f:59:c3:24:17:ec:96:85:82:18:9d:
f9:60:78:30:e7:0c:15:3b:fd:92:16:34:2c:ba:6f:2a:77:c1:
a0:f0:75:fd:b7:c0:a0:15:8c:b4:e5:61:a9:01:53:eb:9c:51:
cc:41:d3:8d:b2:b8:6d:46:a9:b0:02:98:71:7c:ba:31:6c:b3:
1e:0b:3a:d0:ff:55:75:6d:b0:80:32:b2:b5:e6:ed:60:98:9a:
bf:cd:5f:09
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAyoZ9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ODhmYjA5ODVlMzYwYzM4Zjg2NThkNTY2ODdjYTg2MmQ5NDA4ZDkwMB4XDTIyMDEw
MTEwNTU0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFiZDFmNWI4ZjVj
NjIzZDc3MWQ0NDY4ZGRiNmYxODIzZWU2NTA0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlxlflWackjVn9RNLA6uTG0+wpl7MDe28vfmhstY9Uu0K1f
b/J4tFyiO/WdDDXCGIqnrYB/f5rleueGYSovyfrQsYgvldwrv48iRxsBZ/Ebvvyj
XKGeRQB0wU1EumTcD5i74YULz9BuDm6o9kkgyqpqXiOVPgIhoipwrpSa8NZ8UqLj
ZDj3Do6Gwnx5mYhnHnMJqpzxLbjy9/YkwCC60B3dx1HzsIs3H34P0J7NciSpcwD7
5RhsbIQKC79kAZYfnHeQo4LWltJYEmDAxy80FUbr5ET6g6BaAvyXB0Z6dw8j+w+P
UNIowelK3I/cS6GO10miP1O5MR/kwtErl9nfhR0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQhvR9bj1xiPXcdRGjdtvGCPuZQRjAfBgNVHSMEGDAWgBQYj7CYXjYMOPhl
jVZofKhi2UCNkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dJLXdtRjQyRERqNFpZMVdhSHlvWXRsQWpaQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvNjdiY2UzLWVjYmMtNDc4ZC04MjEwLWQwNzkwNmE4NGIxZC8x
L0liMGZXNDljWWoxM0hVUm8zYmJ4Z2o3bVVFWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
NjdiY2UzLWVjYmMtNDc4ZC04MjEwLWQwNzkwNmE4NGIxZC8xL0dJLXdtRjQyRERq
NFpZMVdhSHlvWXRsQWpaQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArl4oAMEArmu+AMEArnCTDANBgkq
hkiG9w0BAQsFAAOCAQEAsKgYTPTy0z88n3uWsfPj70YUAnv9S4tylmmX+jwdOqBh
5iJ9YNsavIWmsX7LQzuMQTsLgBOPL5iAEQ9WqFq8Dx2tkqe2dc+SVtCTGAhofNYn
vvIGBlEkLTiSU27sDjkhXHeUtgLZkx4PtqsUOlrvAxPC/m9lWK+foImb3PSIqaom
M+Sy4hr96whmagL1gxCnU8EVYM16TeiRRmX22fdyTbPZfzdgnUkgYH9ZwyQX7JaF
ghid+WB4MOcMFTv9khY0LLpvKnfBoPB1/bfAoBWMtOVhqQFT65xRzEHTjbK4bUap
sAKYcXy6MWyzHgs60P9VdW2wgDKytebtYJiav81fCQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:49 2023 by rpki-client on console-fra.rpki-client.org