Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/xaLqVtFGkJ8tMGKHTRv_cGD3M6U.roa
File: xaLqVtFGkJ8tMGKHTRv_cGD3M6U.roa (raw, json)
Hash identifier: j28ydfKvzfJZMgA1rtzgGEWCVQvzTI+nzb4UcmZvY5Y=
Subject key identifier: C5:A2:EA:56:D1:46:90:9F:2D:30:62:87:4D:1B:FF:70:60:F7:33:A5
Certificate issuer: /CN=348566061e368caff1881be2bac6737dfd3c1dba
Certificate serial: 0182509A057A92A706675D940CBDDFABD7A4
Authority key identifier: 34:85:66:06:1E:36:8C:AF:F1:88:1B:E2:BA:C6:73:7D:FD:3C:1D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NIVmBh42jK_xiBviusZzff08Hbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/xaLqVtFGkJ8tMGKHTRv_cGD3M6U.roa
Signing time: Sat 30 Jul 2022 19:34:07 +0000
ROA not before: Sat 30 Jul 2022 19:34:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206521
IP address blocks: 185.140.157.0/24 maxlen: 24
185.140.156.0/24 maxlen: 24
185.140.156.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:50:9a:05:7a:92:a7:06:67:5d:94:0c:bd:df:ab:d7:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=348566061e368caff1881be2bac6737dfd3c1dba
Validity
Not Before: Jul 30 19:34:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5a2ea56d146909f2d3062874d1bff7060f733a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:be:cb:75:54:3d:85:1b:4a:fc:fa:fd:d0:2b:
d4:76:6b:7a:9a:50:5d:94:68:2e:73:87:0f:b3:a6:
76:6b:84:02:60:c7:b5:3e:f8:0f:36:1a:f7:6f:1c:
65:fd:fa:9c:1d:78:d7:39:f2:53:04:16:7b:da:3f:
7f:3f:e8:d4:b0:3a:0d:d9:3c:ff:44:a8:a8:6d:4a:
7e:9f:f7:bf:b8:7e:c0:97:cb:df:8a:4a:65:eb:54:
08:c7:a9:d0:00:40:76:b7:5b:5b:2b:52:a3:fd:c8:
fe:3e:de:4a:69:49:68:85:1a:01:41:a0:4a:98:6e:
6f:2a:78:f0:10:39:37:fb:cd:75:6b:66:72:7f:15:
2a:db:55:de:6d:6c:25:7a:ae:85:4a:a4:9b:06:30:
ae:3a:3b:6c:fe:dd:9f:a9:aa:3d:c3:12:b3:22:f2:
60:d4:98:11:13:2e:cf:fd:08:ec:f9:75:04:7a:38:
d5:10:22:63:cb:6e:6b:6d:03:2f:37:0d:c9:4f:18:
9f:fd:08:de:ad:c9:10:5c:5a:0e:9e:ec:ff:79:c3:
d4:06:3e:4e:c4:b2:e2:35:41:47:3c:dc:50:42:ed:
b4:c8:d3:7a:14:d7:ed:ac:70:13:11:26:5f:c9:9b:
88:77:3b:57:c1:4e:be:f6:5f:94:f8:fb:df:f7:a5:
7b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A2:EA:56:D1:46:90:9F:2D:30:62:87:4D:1B:FF:70:60:F7:33:A5
X509v3 Authority Key Identifier:
keyid:34:85:66:06:1E:36:8C:AF:F1:88:1B:E2:BA:C6:73:7D:FD:3C:1D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NIVmBh42jK_xiBviusZzff08Hbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/xaLqVtFGkJ8tMGKHTRv_cGD3M6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/affaa1-0e7b-401e-a7c5-06270ea82154/1/NIVmBh42jK_xiBviusZzff08Hbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.156.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:3d:96:00:8b:3a:6f:71:1c:c7:bc:50:7d:96:99:a4:57:e0:
92:8e:a0:e0:03:d3:44:11:4e:9c:96:a7:86:3f:35:f7:45:8b:
ca:92:6b:2e:92:0d:b6:27:8b:88:4e:44:0a:9f:b0:7a:d2:40:
3c:a5:1e:6c:7d:72:1d:9f:c1:ac:1f:fe:57:2c:bc:50:29:28:
f8:41:6c:84:f2:9e:84:83:fd:c7:56:87:5d:2a:50:43:80:d5:
9f:39:a9:d6:8c:90:d9:c8:86:c3:25:e0:21:42:cc:c2:26:49:
7f:ce:25:2a:e1:82:3a:e7:a6:28:f7:3f:86:b7:23:32:f5:1a:
55:56:77:3c:f3:cc:13:98:f0:b4:a1:5f:17:8f:f3:57:ab:61:
37:15:37:a9:06:4a:79:52:e7:67:dd:55:51:cc:6f:2e:16:35:
60:15:53:70:06:3e:08:ab:28:b5:d9:36:c3:c2:7b:a9:00:d8:
18:26:98:ee:a5:0d:e3:53:23:3e:8f:dd:a6:af:15:a1:64:dd:
5d:4f:fd:77:61:be:0f:21:43:9c:0c:e3:c3:21:ec:f2:b9:f4:
ac:01:2e:5a:d0:00:6f:c8:6d:b7:0d:c4:46:d7:63:14:8e:27:
98:20:3c:b9:49:49:bc:a4:2e:d6:4f:ca:1c:95:09:8d:22:25:
c9:53:ce:8c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJQmgV6kqcGZ12UDL3fq9ekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ODU2NjA2MWUzNjhjYWZmMTg4MWJlMmJhYzY3MzdkZmQz
YzFkYmEwHhcNMjIwNzMwMTkzNDA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWEyZWE1NmQxNDY5MDlmMmQzMDYyODc0ZDFiZmY3MDYwZjczM2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr7LdVQ9hRtK/Pr90CvUdmt6mlBd
lGguc4cPs6Z2a4QCYMe1PvgPNhr3bxxl/fqcHXjXOfJTBBZ72j9/P+jUsDoN2Tz/
RKiobUp+n/e/uH7Al8vfikpl61QIx6nQAEB2t1tbK1Kj/cj+Pt5KaUlohRoBQaBK
mG5vKnjwEDk3+811a2ZyfxUq21XebWwleq6FSqSbBjCuOjts/t2fqao9wxKzIvJg
1JgREy7P/Qjs+XUEejjVECJjy25rbQMvNw3JTxif/QjerckQXFoOnuz/ecPUBj5O
xLLiNUFHPNxQQu20yNN6FNftrHATESZfyZuIdztXwU6+9l+U+Pvf96V7FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWi6lbRRpCfLTBih00b/3Bg9zOlMB8GA1UdIwQY
MBaAFDSFZgYeNoyv8Ygb4rrGc339PB26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTklWbUJoNDJqS194aUJ2aXVzWnpmZjA4SGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hZmZhYTEtMGU3Yi00MDFlLWE3YzUt
MDYyNzBlYTgyMTU0LzEveGFMcVZ0RkdrSjh0TUdLSFRSdl9jR0QzTTZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hZmZhYTEtMGU3Yi00MDFlLWE3YzUtMDYyNzBlYTgyMTU0
LzEvTklWbUJoNDJqS194aUJ2aXVzWnpmZjA4SGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYycMA0G
CSqGSIb3DQEBCwUAA4IBAQA8PZYAizpvcRzHvFB9lpmkV+CSjqDgA9NEEU6clqeG
PzX3RYvKkmsukg22J4uITkQKn7B60kA8pR5sfXIdn8GsH/5XLLxQKSj4QWyE8p6E
g/3HVoddKlBDgNWfOanWjJDZyIbDJeAhQszCJkl/ziUq4YI656Yo9z+GtyMy9RpV
Vnc888wTmPC0oV8Xj/NXq2E3FTepBkp5Uudn3VVRzG8uFjVgFVNwBj4Iqyi12TbD
wnupANgYJpjupQ3jUyM+j92mrxWhZN1dT/13Yb4PIUOcDOPDIezyufSsAS5a0ABv
yG23DcRG12MUjieYIDy5SUm8pC7WT8oclQmNIiXJU86M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:39 2024 by rpki-client on console-ams.rpki-client.org