Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/IogsGJCPrs3D40JKCCNQG0FaipM.roa
File: IogsGJCPrs3D40JKCCNQG0FaipM.roa (raw, json)
Hash identifier: +Vq/D0j1wAMHKnaFtwrdeL+JCHQednipcBXpgtLYDjs=
Subject key identifier: 22:88:2C:18:90:8F:AE:CD:C3:E3:42:4A:08:23:50:1B:41:5A:8A:93
Certificate issuer: /CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Certificate serial: 238B8861
Authority key identifier: 5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/IogsGJCPrs3D40JKCCNQG0FaipM.roa
Signing time: Sat 01 Jan 2022 11:59:12 +0000
ROA not before: Sat 01 Jan 2022 11:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15544
IP address blocks: 185.104.144.0/24 maxlen: 24
185.104.144.0/22 maxlen: 22
185.104.145.0/24 maxlen: 24
185.104.146.0/24 maxlen: 24
185.104.147.0/24 maxlen: 24
213.140.132.0/24 maxlen: 24
213.140.131.0/24 maxlen: 24
213.140.128.0/24 maxlen: 24
213.140.130.0/24 maxlen: 24
213.140.128.0/19 maxlen: 19
213.140.129.0/24 maxlen: 24
213.140.133.0/24 maxlen: 24
213.140.135.0/24 maxlen: 24
213.140.134.0/24 maxlen: 24
213.140.137.0/24 maxlen: 24
213.140.136.0/24 maxlen: 24
213.140.139.0/24 maxlen: 24
213.140.138.0/24 maxlen: 24
213.140.143.0/24 maxlen: 24
213.140.146.0/24 maxlen: 24
2a02:2298:4000::/36 maxlen: 36
2a02:2298:8000::/36 maxlen: 36
2a02:2298::/36 maxlen: 36
2a02:2298::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 596346977 (0x238b8861)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d8a9fd7c51926e22ea8aa33b3b8838e93e8bedd
Validity
Not Before: Jan 1 11:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22882c18908faecdc3e3424a0823501b415a8a93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:97:de:8a:e9:e0:e4:a6:f5:0c:32:25:8f:2e:
59:07:cb:dc:84:e2:52:8f:ce:05:c3:e4:ae:e9:70:
7c:fd:30:90:01:98:b8:97:47:66:bc:77:8b:27:12:
50:15:66:0c:e1:86:4b:f9:d0:96:c0:98:e2:e7:f7:
d8:d2:c4:d5:eb:d1:fe:0f:25:33:25:c0:84:14:17:
dd:ca:98:20:10:9e:c6:f7:b0:e5:66:e3:97:21:f5:
07:e1:02:23:55:39:54:4b:c8:5b:af:e3:e4:d9:c0:
81:9c:c3:1f:e9:8d:44:64:3c:b6:5d:ee:5f:3f:81:
6a:29:da:ab:ad:d2:bc:b7:26:23:d2:63:24:b8:af:
cb:da:f8:c7:92:98:bf:02:35:c5:86:aa:92:11:9c:
06:9f:80:74:81:cf:78:3d:f3:54:eb:02:10:8d:ce:
1d:0c:47:a8:59:ce:a3:4a:96:b0:1a:92:50:d8:db:
27:cf:c6:65:f4:09:4a:d9:f7:13:33:1f:6d:92:fc:
86:81:0f:7b:c6:7d:41:31:f9:8e:48:4d:dc:b4:31:
9b:29:79:6a:5e:15:a7:20:7a:9f:b7:4f:5e:ee:d2:
3c:d7:1a:f7:33:a8:b6:42:18:e6:c7:9e:47:54:31:
f4:c2:e9:f4:e0:33:7f:c4:80:33:d0:7f:76:f0:46:
90:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:88:2C:18:90:8F:AE:CD:C3:E3:42:4A:08:23:50:1B:41:5A:8A:93
X509v3 Authority Key Identifier:
keyid:5D:8A:9F:D7:C5:19:26:E2:2E:A8:AA:33:B3:B8:83:8E:93:E8:BE:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XYqf18UZJuIuqKozs7iDjpPovt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/IogsGJCPrs3D40JKCCNQG0FaipM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/bb861d-330f-4a97-9f9c-66c53f2b1f02/1/XYqf18UZJuIuqKozs7iDjpPovt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.144.0/22
213.140.128.0/19
IPv6:
2a02:2298::/32
Signature Algorithm: sha256WithRSAEncryption
9a:db:25:a9:30:cd:79:65:87:de:cb:ad:e1:ae:03:e9:e2:62:
f3:88:5a:97:bb:44:a5:35:01:8f:e0:d7:43:32:c2:df:7a:87:
ad:4e:b3:8f:6b:30:85:17:72:d1:cd:4e:63:7b:9c:dc:f1:ce:
8f:11:be:2a:eb:5b:1c:7f:05:9d:30:ba:2f:e9:78:80:0c:98:
2f:c0:e5:1a:05:37:08:9c:a7:b7:9d:6c:c4:ff:a7:db:7b:e2:
ec:ff:a9:7b:b9:a9:de:eb:67:f6:8b:36:8e:84:bc:0c:6a:b6:
3c:76:bd:e6:e1:fe:e9:8a:f0:a7:ee:1a:b0:be:32:2c:8e:00:
54:4c:f3:f6:46:34:03:73:ab:c2:fe:85:6c:74:d0:b6:4f:d5:
8f:56:68:41:ce:3a:c5:6b:73:ba:fb:87:94:16:6f:66:cb:b6:
96:f0:ec:95:5a:2c:40:f6:f6:5c:b8:b4:97:f6:7a:52:64:9f:
68:89:32:c3:2e:41:8a:00:6c:70:a6:8b:5c:86:e5:15:c3:31:
ff:29:c0:ee:b5:4e:f3:45:29:00:1e:81:9c:4c:f4:36:17:58:
8b:0d:8d:b5:96:1a:6b:17:ba:ca:19:82:56:b8:8b:78:0f:57:
f7:3c:4f:59:81:1b:e9:16:fa:44:52:80:05:12:57:0c:e3:8a:
9c:f3:fa:c2
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEI4uIYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDhhOWZkN2M1MTkyNmUyMmVhOGFhMzNiM2I4ODM4ZTkzZThiZWRkMB4XDTIyMDEw
MTExNTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjI4ODJjMTg5MDhm
YWVjZGMzZTM0MjRhMDgyMzUwMWI0MTVhOGE5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGX3orp4OSm9QwyJY8uWQfL3ITiUo/OBcPkrulwfP0wkAGY
uJdHZrx3iycSUBVmDOGGS/nQlsCY4uf32NLE1evR/g8lMyXAhBQX3cqYIBCexvew
5WbjlyH1B+ECI1U5VEvIW6/j5NnAgZzDH+mNRGQ8tl3uXz+Bainaq63SvLcmI9Jj
JLivy9r4x5KYvwI1xYaqkhGcBp+AdIHPeD3zVOsCEI3OHQxHqFnOo0qWsBqSUNjb
J8/GZfQJStn3EzMfbZL8hoEPe8Z9QTH5jkhN3LQxmyl5al4VpyB6n7dPXu7SPNca
9zOotkIY5seeR1Qx9MLp9OAzf8SAM9B/dvBGkNkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQiiCwYkI+uzcPjQkoII1AbQVqKkzAfBgNVHSMEGDAWgBRdip/XxRkm4i6o
qjOzuIOOk+i+3TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hZcWYxOFVaSnVJdXFLb3pzN2lEanBQb3Z0MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGUvYmI4NjFkLTMzMGYtNGE5Ny05ZjljLTY2YzUzZjJiMWYwMi8x
L0lvZ3NHSkNQcnMzRDQwSktDQ05RRzBGYWlwTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGUv
YmI4NjFkLTMzMGYtNGE5Ny05ZjljLTY2YzUzZjJiMWYwMi8xL1hZcWYxOFVaSnVJ
dXFLb3pzN2lEanBQb3Z0MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlokAMEBdWMgDANBAIAAjAHAwUA
KgIimDANBgkqhkiG9w0BAQsFAAOCAQEAmtslqTDNeWWH3sut4a4D6eJi84hal7tE
pTUBj+DXQzLC33qHrU6zj2swhRdy0c1OY3uc3PHOjxG+KutbHH8FnTC6L+l4gAyY
L8DlGgU3CJynt51sxP+n23vi7P+pe7mp3utn9os2joS8DGq2PHa95uH+6Yrwp+4a
sL4yLI4AVEzz9kY0A3Orwv6FbHTQtk/Vj1ZoQc46xWtzuvuHlBZvZsu2lvDslVos
QPb2XLi0l/Z6UmSfaIkywy5BigBscKaLXIblFcMx/ynA7rVO80UpAB6BnEz0NhdY
iw2NtZYaaxe6yhmCVriLeA9X9zxPWYEb6Rb6RFKABRJXDOOKnPP6wg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:57 2024 by rpki-client on console-fra.rpki-client.org