Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/IzCjw-xJGtQnvVt8ncPAk_TNfEM.roa
File: IzCjw-xJGtQnvVt8ncPAk_TNfEM.roa (raw, json)
Hash identifier: y2zlc8F7P+yFrpHw2wfvrdnseEuHtIwxDpabsmD2+js=
Subject key identifier: 23:30:A3:C3:EC:49:1A:D4:27:BD:5B:7C:9D:C3:C0:93:F4:CD:7C:43
Certificate issuer: /CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Certificate serial: 06628A61
Authority key identifier: 29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/IzCjw-xJGtQnvVt8ncPAk_TNfEM.roa
Signing time: Sat 01 Jan 2022 14:04:19 +0000
ROA not before: Sat 01 Jan 2022 14:04:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3491
IP address blocks: 185.152.51.0/24 maxlen: 24
185.152.48.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 107121249 (0x6628a61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2906f026b1fe636c9a5da011dc7fd69c581d02b8
Validity
Not Before: Jan 1 14:04:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2330a3c3ec491ad427bd5b7c9dc3c093f4cd7c43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b4:20:0e:36:49:9f:8a:bc:da:b4:d6:95:77:
e8:ae:16:8a:dc:6e:f8:a0:70:e8:f7:ac:88:72:67:
01:22:84:24:35:5f:22:fa:c7:c2:0f:ea:81:c1:e5:
33:e0:27:7a:31:39:02:17:26:cf:ae:8b:ea:4d:45:
56:a0:73:e5:69:a4:b8:6d:3d:ed:25:db:16:e3:08:
ec:1e:68:02:0f:8f:8c:b6:d3:91:6c:db:7b:ac:d3:
98:5f:e8:aa:cd:db:63:d5:4e:50:89:a0:ee:55:66:
94:a7:42:17:47:40:09:a0:bf:ab:e6:2e:5c:ba:0e:
e7:90:04:3c:4c:89:29:6b:6f:df:74:b7:8e:e1:42:
27:3d:61:25:bf:69:cf:fd:a5:c0:2a:de:1e:5f:0f:
64:f2:66:02:f8:a6:b5:0a:92:d8:be:cd:8c:cc:2d:
18:b8:5c:15:8d:70:a7:fe:f7:01:6b:bf:b2:1e:34:
4c:b0:2f:f3:85:b3:9d:4b:18:45:86:92:74:17:97:
df:32:49:0b:7c:8d:52:42:bf:64:f2:c1:e7:8d:b5:
9b:be:e1:4e:ab:da:3d:d7:17:66:ca:12:12:d3:94:
5b:44:c4:b7:e8:9f:85:52:f8:a9:db:a3:1e:17:de:
40:68:59:76:23:d4:be:36:7f:34:a1:ff:19:e1:5f:
12:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:30:A3:C3:EC:49:1A:D4:27:BD:5B:7C:9D:C3:C0:93:F4:CD:7C:43
X509v3 Authority Key Identifier:
keyid:29:06:F0:26:B1:FE:63:6C:9A:5D:A0:11:DC:7F:D6:9C:58:1D:02:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQbwJrH-Y2yaXaAR3H_WnFgdArg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/IzCjw-xJGtQnvVt8ncPAk_TNfEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/67a32d-7bf8-4b04-aa05-80a91be83e4b/1/KQbwJrH-Y2yaXaAR3H_WnFgdArg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.48.0/22
Signature Algorithm: sha256WithRSAEncryption
36:11:5c:f9:2f:27:05:ca:82:b7:42:b2:37:f2:e4:b6:c4:44:
23:a1:95:d3:ee:68:d7:f3:ad:5a:35:c7:15:d2:1e:71:7a:a9:
b8:ee:e4:93:08:a7:18:d1:12:2b:84:e3:37:91:a8:a3:f2:30:
37:64:10:bf:b2:0e:7a:cd:30:e2:78:a5:5e:4e:a8:a8:78:7c:
99:88:97:9c:2c:bb:0e:b7:ba:28:76:65:ca:e3:e0:2e:3d:c3:
50:53:5b:06:4b:e4:dd:87:99:ff:21:22:1f:f3:b5:30:44:e7:
3d:a9:19:14:54:2e:e5:aa:d2:6a:f5:eb:24:66:8d:6d:fa:c5:
6c:59:08:cb:03:6d:59:8c:a2:68:85:53:66:4f:db:d4:4f:3e:
4a:2f:fe:d0:c3:0d:0c:0c:a9:1c:66:56:43:2c:03:46:2e:0b:
1c:42:78:39:1d:f1:a7:a2:93:fd:d1:25:0e:19:dd:99:99:15:
0e:82:6e:ba:b5:83:e0:8e:24:0d:43:e0:00:15:2c:ad:2f:1c:
98:c1:33:df:5e:a0:ca:52:77:13:27:bf:4f:c2:b4:85:b8:d3:
80:47:72:63:91:66:58:5a:ea:08:e7:5e:e4:dd:40:c9:f4:c8:
d5:ce:05:c5:ed:3d:b8:8c:cd:25:fe:32:e9:5c:33:a0:32:b3:
a9:ab:12:fd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBmKKYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTA2ZjAyNmIxZmU2MzZjOWE1ZGEwMTFkYzdmZDY5YzU4MWQwMmI4MB4XDTIyMDEw
MTE0MDQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjMzMGEzYzNlYzQ5
MWFkNDI3YmQ1YjdjOWRjM2MwOTNmNGNkN2M0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK60IA42SZ+KvNq01pV36K4Witxu+KBw6PesiHJnASKEJDVf
IvrHwg/qgcHlM+AnejE5Ahcmz66L6k1FVqBz5WmkuG097SXbFuMI7B5oAg+PjLbT
kWzbe6zTmF/oqs3bY9VOUImg7lVmlKdCF0dACaC/q+YuXLoO55AEPEyJKWtv33S3
juFCJz1hJb9pz/2lwCreHl8PZPJmAvimtQqS2L7NjMwtGLhcFY1wp/73AWu/sh40
TLAv84WznUsYRYaSdBeX3zJJC3yNUkK/ZPLB5421m77hTqvaPdcXZsoSEtOUW0TE
t+ifhVL4qdujHhfeQGhZdiPUvjZ/NKH/GeFfEk0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQjMKPD7Eka1Ce9W3ydw8CT9M18QzAfBgNVHSMEGDAWgBQpBvAmsf5jbJpd
oBHcf9acWB0CuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tRYndKckgtWTJ5YVhhQVIzSF9XbkZnZEFyZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvNjdhMzJkLTdiZjgtNGIwNC1hYTA1LTgwYTkxYmU4M2U0Yi8x
L0l6Q2p3LXhKR3RRbnZWdDhuY1BBa19UTmZFTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
NjdhMzJkLTdiZjgtNGIwNC1hYTA1LTgwYTkxYmU4M2U0Yi8xL0tRYndKckgtWTJ5
YVhhQVIzSF9XbkZnZEFyZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmYMDANBgkqhkiG9w0BAQsFAAOC
AQEANhFc+S8nBcqCt0KyN/LktsREI6GV0+5o1/OtWjXHFdIecXqpuO7kkwinGNES
K4TjN5Goo/IwN2QQv7IOes0w4nilXk6oqHh8mYiXnCy7Dre6KHZlyuPgLj3DUFNb
Bkvk3YeZ/yEiH/O1METnPakZFFQu5arSavXrJGaNbfrFbFkIywNtWYyiaIVTZk/b
1E8+Si/+0MMNDAypHGZWQywDRi4LHEJ4OR3xp6KT/dElDhndmZkVDoJuurWD4I4k
DUPgABUsrS8cmMEz316gylJ3Eye/T8K0hbjTgEdyY5FmWFrqCOde5N1AyfTI1c4F
xe09uIzNJf4y6VwzoDKzqasS/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:12 2024 by rpki-client on console-ams.rpki-client.org