Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/78b190-8a02-4cb8-b484-526f7cc529b7/1/i5Y5j2uYxLjIe1s4iovz73JNwLg.roa
File: i5Y5j2uYxLjIe1s4iovz73JNwLg.roa (raw, json)
Hash identifier: YVGqHUwrazOJDK4Riwy5PfwPxq+Gg1Ept1PjLivwbLw=
Subject key identifier: 8B:96:39:8F:6B:98:C4:B8:C8:7B:5B:38:8A:8B:F3:EF:72:4D:C0:B8
Certificate issuer: /CN=ba54b6e5fcca308b36dc8f167606b2d659839cf1
Certificate serial: 0183B1F3A16CF8ADB6BFD9BD6E7A0D5F8C63
Authority key identifier: BA:54:B6:E5:FC:CA:30:8B:36:DC:8F:16:76:06:B2:D6:59:83:9C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ulS25fzKMIs23I8Wdgay1lmDnPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/78b190-8a02-4cb8-b484-526f7cc529b7/1/i5Y5j2uYxLjIe1s4iovz73JNwLg.roa
Signing time: Fri 07 Oct 2022 10:17:57 +0000
ROA not before: Fri 07 Oct 2022 10:17:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204007
IP address blocks: 185.190.89.0/24 maxlen: 24
185.185.216.0/24 maxlen: 24
185.185.219.0/24 maxlen: 24
185.185.218.0/24 maxlen: 24
185.185.217.0/24 maxlen: 24
2a10:64c0::/29 maxlen: 29
2a0b:6580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:f3:a1:6c:f8:ad:b6:bf:d9:bd:6e:7a:0d:5f:8c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba54b6e5fcca308b36dc8f167606b2d659839cf1
Validity
Not Before: Oct 7 10:17:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b96398f6b98c4b8c87b5b388a8bf3ef724dc0b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c2:9c:5f:97:23:e0:9b:21:a5:a4:a2:66:44:
0f:8a:d9:a5:83:f3:d2:ab:5a:1a:21:8e:fd:69:60:
2b:83:72:db:1d:11:92:fc:54:0e:c9:9c:80:39:53:
d4:44:b0:05:9e:e2:a6:c0:33:8b:6a:40:a0:03:26:
80:f5:4b:cc:35:66:e5:29:37:46:ce:3e:1c:81:f3:
fe:76:16:62:28:d9:2d:87:56:f1:6e:d5:01:33:38:
b6:bd:d3:ae:a1:44:82:60:8e:74:4e:44:e3:22:c1:
13:a7:b9:60:c6:7b:5d:82:2c:15:4d:6d:45:bf:10:
55:b9:2a:a4:45:8a:da:63:75:69:47:5d:04:17:34:
d9:1f:9e:81:84:f6:f9:99:9f:60:f6:ab:e2:06:ff:
04:ad:c1:58:37:c8:00:de:4d:1d:d5:0d:0e:9d:04:
a7:22:22:85:4c:7e:46:00:3b:3a:f1:c7:c8:9b:f5:
c0:9b:ca:a0:62:6e:d7:1a:b6:68:25:d1:59:a8:c9:
03:97:08:84:76:e2:d2:d3:8b:15:ce:45:83:e9:1d:
5e:51:58:66:1e:67:12:13:ed:aa:d1:4e:e7:e4:6a:
b5:66:e4:ba:67:34:1a:96:6f:36:35:b3:2b:08:6d:
44:15:2a:83:b0:7f:22:a7:62:80:0f:57:62:6f:66:
57:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:96:39:8F:6B:98:C4:B8:C8:7B:5B:38:8A:8B:F3:EF:72:4D:C0:B8
X509v3 Authority Key Identifier:
keyid:BA:54:B6:E5:FC:CA:30:8B:36:DC:8F:16:76:06:B2:D6:59:83:9C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ulS25fzKMIs23I8Wdgay1lmDnPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/78b190-8a02-4cb8-b484-526f7cc529b7/1/i5Y5j2uYxLjIe1s4iovz73JNwLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/78b190-8a02-4cb8-b484-526f7cc529b7/1/ulS25fzKMIs23I8Wdgay1lmDnPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.216.0/22
185.190.89.0/24
IPv6:
2a0b:6580::/29
2a10:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
b7:aa:7b:54:6e:09:a1:ce:ae:af:b9:ab:96:9c:87:eb:f5:88:
35:95:cf:34:bd:cb:17:89:c1:62:60:d8:49:30:05:50:be:bf:
bf:fa:a3:2b:13:ea:3d:7d:66:7c:3a:76:f8:1b:a5:45:57:87:
31:66:3e:c8:98:7b:86:4e:36:e0:13:c6:3d:fc:c8:71:6e:c6:
ef:32:62:96:82:52:5c:19:d6:4c:3a:73:d4:24:2d:5e:60:3c:
b2:ac:47:f2:b1:fc:f7:8a:96:5e:db:f5:69:cd:cf:7d:04:01:
6f:51:5e:c8:0f:3d:d8:ba:51:56:e0:03:ba:15:58:ee:2d:63:
f5:6f:a8:1d:4f:27:ad:e9:ea:41:d7:6b:dc:f7:8c:66:b6:fb:
f4:0d:7f:1f:92:b2:4a:f4:22:4f:e4:9a:bf:65:70:40:32:e3:
cf:d8:9a:27:8f:39:78:b6:be:f5:74:09:9f:1b:5a:93:2e:3a:
2d:32:4f:d2:ee:5f:72:a4:c8:37:83:cf:35:37:fa:79:5d:87:
6d:f2:3f:cb:38:ce:37:10:0e:5a:6c:2b:5b:3e:b6:7b:73:0d:
98:80:30:74:80:cf:97:19:47:55:e8:7e:b0:b5:9d:3c:01:ef:
3f:02:b7:1f:a3:b1:31:78:35:9f:06:2a:e1:2b:5b:56:7e:f7:
3e:8e:7d:2b
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYOx86Fs+K22v9m9bnoNX4xjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNTRiNmU1ZmNjYTMwOGIzNmRjOGYxNjc2MDZiMmQ2NTk4
MzljZjEwHhcNMjIxMDA3MTAxNzU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjk2Mzk4ZjZiOThjNGI4Yzg3YjViMzg4YThiZjNlZjcyNGRjMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcKcX5cj4JshpaSiZkQPitmlg/PS
q1oaIY79aWArg3LbHRGS/FQOyZyAOVPURLAFnuKmwDOLakCgAyaA9UvMNWblKTdG
zj4cgfP+dhZiKNkth1bxbtUBMzi2vdOuoUSCYI50TkTjIsETp7lgxntdgiwVTW1F
vxBVuSqkRYraY3VpR10EFzTZH56BhPb5mZ9g9qviBv8ErcFYN8gA3k0d1Q0OnQSn
IiKFTH5GADs68cfIm/XAm8qgYm7XGrZoJdFZqMkDlwiEduLS04sVzkWD6R1eUVhm
HmcSE+2q0U7n5Gq1ZuS6ZzQalm82NbMrCG1EFSqDsH8ip2KAD1dib2ZX7QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIuWOY9rmMS4yHtbOIqL8+9yTcC4MB8GA1UdIwQY
MBaAFLpUtuX8yjCLNtyPFnYGstZZg5zxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWxTMjVmektNSXMyM0k4V2RnYXkxbG1EblBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi83OGIxOTAtOGEwMi00Y2I4LWI0ODQt
NTI2ZjdjYzUyOWI3LzEvaTVZNWoydVl4TGpJZTFzNGlvdno3M0pOd0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi83OGIxOTAtOGEwMi00Y2I4LWI0ODQtNTI2ZjdjYzUyOWI3
LzEvdWxTMjVmektNSXMyM0k4V2RnYXkxbG1EblBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCubnYAwQA
ub5ZMBQEAgACMA4DBQMqC2WAAwUDKhBkwDANBgkqhkiG9w0BAQsFAAOCAQEAt6p7
VG4Joc6ur7mrlpyH6/WINZXPNL3LF4nBYmDYSTAFUL6/v/qjKxPqPX1mfDp2+Bul
RVeHMWY+yJh7hk424BPGPfzIcW7G7zJiloJSXBnWTDpz1CQtXmA8sqxH8rH894qW
Xtv1ac3PfQQBb1FeyA892LpRVuADuhVY7i1j9W+oHU8nrenqQddr3PeMZrb79A1/
H5KySvQiT+Sav2VwQDLjz9iaJ485eLa+9XQJnxtaky46LTJP0u5fcqTIN4PPNTf6
eV2HbfI/yzjONxAOWmwrWz62e3MNmIAwdIDPlxlHVeh+sLWdPAHvPwK3H6OxMXg1
nwYq4StbVn73Po59Kw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:02 2024 by rpki-client on console-fra.rpki-client.org