Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/iuwlVbcQJgspCEqnnGPeuEQEMKc.roa
File: iuwlVbcQJgspCEqnnGPeuEQEMKc.roa (raw, json)
Hash identifier: kBYz7jyhL5QVeIztDLR+3eaoNcC896mhY796n8bj3+w=
Subject key identifier: 8A:EC:25:55:B7:10:26:0B:29:08:4A:A7:9C:63:DE:B8:44:04:30:A7
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 0182831AB4E04ED84CBD697EFD90134E94C3
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/iuwlVbcQJgspCEqnnGPeuEQEMKc.roa
Signing time: Tue 09 Aug 2022 14:55:41 +0000
ROA not before: Tue 09 Aug 2022 14:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200356
IP address blocks: 185.159.106.0/23 maxlen: 23
2a07:b880:80::/41 maxlen: 41
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:83:1a:b4:e0:4e:d8:4c:bd:69:7e:fd:90:13:4e:94:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Aug 9 14:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8aec2555b710260b29084aa79c63deb8440430a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7c:9d:7f:37:d9:93:43:1f:cc:be:47:48:d2:
0a:bb:1c:2c:c3:fe:4c:d7:7f:b2:18:60:35:ed:9c:
55:90:75:9d:70:3e:71:f4:d7:ee:22:1f:c8:76:58:
15:38:c4:f3:97:53:81:18:df:99:06:0b:b0:3c:c8:
c2:a3:4e:38:0a:f7:13:94:32:f9:69:6e:b9:89:a8:
ca:3f:04:7b:22:0c:e7:c8:f3:71:76:53:ad:e6:52:
30:37:d9:69:00:92:ef:7d:41:5e:ee:44:4d:58:78:
84:ee:fe:26:57:23:05:3d:b6:c4:8c:cb:bf:a4:57:
ec:8c:31:56:0c:4f:9a:39:5d:ea:0b:5c:a8:b1:8a:
59:47:13:1e:e6:16:60:23:6f:d1:b9:4b:54:be:9a:
49:56:a0:3a:87:53:6f:b1:4a:ce:96:fb:c5:86:26:
88:f5:a1:05:30:9f:c8:86:10:7b:18:1b:81:85:9a:
14:f0:98:21:41:17:48:ba:28:13:a9:cd:5b:bb:6e:
f8:73:22:e2:40:9a:80:30:93:5d:88:f0:2d:1e:5e:
97:b4:b1:83:41:25:81:70:8a:33:19:d3:fc:cd:d2:
50:a2:1c:63:ff:ab:eb:77:13:7e:36:d3:51:3f:93:
87:5b:54:69:b2:dd:08:53:3d:0e:41:e9:43:44:71:
a5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:EC:25:55:B7:10:26:0B:29:08:4A:A7:9C:63:DE:B8:44:04:30:A7
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/iuwlVbcQJgspCEqnnGPeuEQEMKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.106.0/23
IPv6:
2a07:b880:80::/41
Signature Algorithm: sha256WithRSAEncryption
97:94:14:10:72:f6:6b:8e:2b:88:a9:2a:6a:dd:52:ff:94:3d:
0b:44:cc:6a:1c:54:8d:6d:40:7d:54:f7:08:e3:93:06:4e:cc:
fe:b4:17:7a:74:a5:82:24:c6:7d:b7:3c:65:e5:1a:10:fb:95:
58:b8:ab:13:00:b3:4c:87:95:76:f5:39:e0:62:3d:70:ad:14:
a6:d2:6f:ba:4d:a2:9e:97:da:06:28:19:bb:ff:f3:69:ae:a4:
07:2f:1e:75:40:e5:2e:f9:73:be:ad:f7:36:74:50:46:01:6c:
34:d8:49:05:d7:d9:c1:77:ad:f3:05:fb:1d:b6:2c:fa:8a:05:
8d:5e:ee:60:02:05:ed:76:93:1c:90:a9:07:f4:18:3a:23:58:
52:17:ec:a1:6a:d5:08:ac:17:e5:32:e6:8f:94:b6:b4:ee:3a:
7c:69:c0:a2:75:56:7d:65:ac:c7:dc:6f:13:b1:00:63:26:84:
84:0d:82:2b:de:75:44:05:ed:6f:1c:e2:85:61:24:a7:c2:ab:
a1:01:66:15:dc:ff:a2:65:77:cb:01:04:5a:26:bd:39:af:58:
bb:65:b3:bf:0b:03:25:2c:6c:f2:e4:80:89:9a:8e:40:6b:6b:
bc:a6:f4:f9:c6:51:29:14:1b:50:62:5c:6d:17:06:55:24:66:
8e:f5:b9:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYKDGrTgTthMvWl+/ZATTpTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlNDNhMGRmMDU5YTUyNTFhNDAwYjVhMWYxMzIxYmEwMGQz
MTIwZDIwHhcNMjIwODA5MTQ1NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWVjMjU1NWI3MTAyNjBiMjkwODRhYTc5YzYzZGViODQ0MDQzMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHydfzfZk0MfzL5HSNIKuxwsw/5M
13+yGGA17ZxVkHWdcD5x9NfuIh/IdlgVOMTzl1OBGN+ZBguwPMjCo044CvcTlDL5
aW65iajKPwR7IgznyPNxdlOt5lIwN9lpAJLvfUFe7kRNWHiE7v4mVyMFPbbEjMu/
pFfsjDFWDE+aOV3qC1yosYpZRxMe5hZgI2/RuUtUvppJVqA6h1NvsUrOlvvFhiaI
9aEFMJ/IhhB7GBuBhZoU8JghQRdIuigTqc1bu274cyLiQJqAMJNdiPAtHl6XtLGD
QSWBcIozGdP8zdJQohxj/6vrdxN+NtNRP5OHW1Rpst0IUz0OQelDRHGlIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIrsJVW3ECYLKQhKp5xj3rhEBDCnMB8GA1UdIwQY
MBaAFA5DoN8FmlJRpAC1ofEyG6ANMSDSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMt
MDA0ZmU0MzNjN2M4LzEvaXV3bFZiY1FKZ3NwQ0Vxbm5HUGV1RVFFTUtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wYmIzM2ItNjhmNy00NzQ4LTg0YWMtMDA0ZmU0MzNjN2M4
LzEvRGtPZzN3V2FVbEdrQUxXaDhUSWJvQTB4SU5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuZ9qMA8E
AgACMAkDBwcqB7iAAIAwDQYJKoZIhvcNAQELBQADggEBAJeUFBBy9muOK4ipKmrd
Uv+UPQtEzGocVI1tQH1U9wjjkwZOzP60F3p0pYIkxn23PGXlGhD7lVi4qxMAs0yH
lXb1OeBiPXCtFKbSb7pNop6X2gYoGbv/82mupAcvHnVA5S75c76t9zZ0UEYBbDTY
SQXX2cF3rfMF+x22LPqKBY1e7mACBe12kxyQqQf0GDojWFIX7KFq1QisF+Uy5o+U
trTuOnxpwKJ1Vn1lrMfcbxOxAGMmhIQNgivedUQF7W8c4oVhJKfCq6EBZhXc/6Jl
d8sBBFomvTmvWLtls78LAyUsbPLkgImajkBra7ym9PnGUSkUG1BiXG0XBlUkZo71
uW0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-fra.rpki-client.org