Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/ifgeBmv9HG3I0DvT_XlxJ2RnfDs.roa
File: ifgeBmv9HG3I0DvT_XlxJ2RnfDs.roa (raw, json)
Hash identifier: P8m+nwa9RLZjM3ao7sjnrXtBs7Vym8YINj5495eK4eM=
Subject key identifier: 89:F8:1E:06:6B:FD:1C:6D:C8:D0:3B:D3:FD:79:71:27:64:67:7C:3B
Certificate issuer: /CN=e08e17a781b64119a3a6357000254f5b795b0da8
Certificate serial: 21F16528
Authority key identifier: E0:8E:17:A7:81:B6:41:19:A3:A6:35:70:00:25:4F:5B:79:5B:0D:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4I4Xp4G2QRmjpjVwACVPW3lbDag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/ifgeBmv9HG3I0DvT_XlxJ2RnfDs.roa
Signing time: Sat 01 Jan 2022 08:01:14 +0000
ROA not before: Sat 01 Jan 2022 08:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61343
IP address blocks: 185.27.84.0/22 maxlen: 22
192.76.166.0/24 maxlen: 24
192.76.168.0/24 maxlen: 24
185.10.36.0/22 maxlen: 22
192.76.167.0/24 maxlen: 24
192.76.169.0/24 maxlen: 24
2a03:5540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 569468200 (0x21f16528)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e08e17a781b64119a3a6357000254f5b795b0da8
Validity
Not Before: Jan 1 08:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89f81e066bfd1c6dc8d03bd3fd79712764677c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e3:c8:31:27:ba:25:90:2b:4f:71:22:f7:01:
cc:5b:fd:ce:1d:5e:b0:cd:22:7a:6a:6c:f4:41:06:
eb:5a:49:87:92:5d:35:f0:f1:f8:f2:d3:de:9b:13:
3f:54:44:10:2a:1a:83:de:1d:69:65:c7:71:d5:ee:
7c:0d:58:10:3e:ba:2f:be:6c:e9:62:57:6e:04:a4:
28:99:a1:c1:e9:46:03:ec:d2:33:38:64:18:69:4a:
09:94:42:a9:9a:d6:fc:9f:3d:91:f1:d1:6d:a4:d4:
45:bf:2b:94:00:97:fa:23:d8:06:13:67:17:1c:c0:
a3:f6:4d:7d:e1:e1:f1:d7:27:73:28:ab:a2:3b:e4:
df:b9:9e:2b:d8:4d:97:2c:d5:69:95:1f:b8:47:7a:
63:11:84:5d:55:af:b9:40:82:e0:72:b8:6d:e6:d8:
be:fe:99:43:d7:37:ea:a2:b5:47:aa:64:86:b2:bf:
17:dc:30:ac:b2:ca:01:90:35:da:25:30:47:39:3b:
0a:57:17:08:6d:20:60:03:fc:3f:94:2f:5b:75:26:
cf:1f:db:c8:b2:4e:94:a8:f1:d1:c4:a1:50:9d:2d:
b8:9a:6b:69:bc:05:24:52:7e:f2:97:79:91:40:61:
74:0a:7d:08:cf:b8:ed:7c:5e:b3:2f:9e:23:b1:d1:
99:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:F8:1E:06:6B:FD:1C:6D:C8:D0:3B:D3:FD:79:71:27:64:67:7C:3B
X509v3 Authority Key Identifier:
keyid:E0:8E:17:A7:81:B6:41:19:A3:A6:35:70:00:25:4F:5B:79:5B:0D:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4I4Xp4G2QRmjpjVwACVPW3lbDag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/ifgeBmv9HG3I0DvT_XlxJ2RnfDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/a14020-1bfb-4133-afce-d5e45f2ca879/1/4I4Xp4G2QRmjpjVwACVPW3lbDag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.36.0/22
185.27.84.0/22
192.76.166.0-192.76.169.255
IPv6:
2a03:5540::/32
Signature Algorithm: sha256WithRSAEncryption
64:73:35:b4:4e:ec:8b:c8:16:e4:97:81:55:9f:14:46:42:4f:
e7:67:5c:b8:34:93:f6:ac:91:79:4c:0c:af:62:c1:55:d7:26:
bc:e1:36:12:ea:71:0e:f5:51:2b:e5:49:21:73:a9:15:a1:0a:
18:2d:6f:86:9a:43:ef:c4:44:97:69:b9:90:00:3d:e3:32:7b:
e9:94:1b:79:7a:c6:1d:50:a2:f2:8c:43:cb:92:f7:1c:fe:cd:
c5:5b:5f:76:26:be:ba:a8:f3:42:86:63:f9:d4:eb:af:e4:93:
98:3b:5d:2d:95:73:ec:ae:bc:07:74:b9:99:28:dc:2f:1d:f5:
d4:a7:11:5e:1b:50:04:f1:34:70:51:12:22:74:0d:9a:36:7b:
66:97:f4:00:19:08:97:2d:8a:d3:b6:60:27:9c:37:68:3b:95:
ee:36:2b:5d:53:48:7d:10:52:bf:61:fc:18:58:22:14:4b:90:
3e:2f:98:52:e2:e1:80:5b:6a:ee:7f:23:91:90:d7:0c:ab:34:
af:6f:06:4b:8c:69:60:26:ff:11:44:9a:0d:2e:2b:cd:88:90:
b4:b3:2c:5f:30:fb:20:29:e4:70:39:a2:c9:c3:c5:83:28:29:
c4:25:ce:5d:36:a3:15:ce:7e:87:ff:a4:0e:67:b2:38:af:78:
64:e1:97:d3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEIfFlKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDhlMTdhNzgxYjY0MTE5YTNhNjM1NzAwMDI1NGY1Yjc5NWIwZGE4MB4XDTIyMDEw
MTA4MDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODlmODFlMDY2YmZk
MWM2ZGM4ZDAzYmQzZmQ3OTcxMjc2NDY3N2MzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXjyDEnuiWQK09xIvcBzFv9zh1esM0iemps9EEG61pJh5Jd
NfDx+PLT3psTP1REECoag94daWXHcdXufA1YED66L75s6WJXbgSkKJmhwelGA+zS
MzhkGGlKCZRCqZrW/J89kfHRbaTURb8rlACX+iPYBhNnFxzAo/ZNfeHh8dcncyir
ojvk37meK9hNlyzVaZUfuEd6YxGEXVWvuUCC4HK4bebYvv6ZQ9c36qK1R6pkhrK/
F9wwrLLKAZA12iUwRzk7ClcXCG0gYAP8P5QvW3Umzx/byLJOlKjx0cShUJ0tuJpr
abwFJFJ+8pd5kUBhdAp9CM+47Xxesy+eI7HRmWcCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSJ+B4Ga/0cbcjQO9P9eXEnZGd8OzAfBgNVHSMEGDAWgBTgjhengbZBGaOm
NXAAJU9beVsNqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRJNFhwNEcyUVJtanBqVndBQ1ZQVzNsYkRhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvYTE0MDIwLTFiZmItNDEzMy1hZmNlLWQ1ZTQ1ZjJjYTg3OS8x
L2lmZ2VCbXY5SEczSTBEdlRfWGx4SjJSbmZEcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
YTE0MDIwLTFiZmItNDEzMy1hZmNlLWQ1ZTQ1ZjJjYTg3OS8xLzRJNFhwNEcyUVJt
anBqVndBQ1ZQVzNsYkRhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGgMEArkKJAMEArkbVDAMAwQBwEymAwQB
wEyoMA0EAgACMAcDBQAqA1VAMA0GCSqGSIb3DQEBCwUAA4IBAQBkczW0TuyLyBbk
l4FVnxRGQk/nZ1y4NJP2rJF5TAyvYsFV1ya84TYS6nEO9VEr5Ukhc6kVoQoYLW+G
mkPvxESXabmQAD3jMnvplBt5esYdUKLyjEPLkvcc/s3FW192Jr66qPNChmP51Ouv
5JOYO10tlXPsrrwHdLmZKNwvHfXUpxFeG1AE8TRwURIidA2aNntml/QAGQiXLYrT
tmAnnDdoO5XuNitdU0h9EFK/YfwYWCIUS5A+L5hS4uGAW2rufyORkNcMqzSvbwZL
jGlgJv8RRJoNLivNiJC0syxfMPsgKeRwOaLJw8WDKCnEJc5dNqMVzn6H/6QOZ7I4
r3hk4ZfT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:17 2023 by rpki-client on console-ams.rpki-client.org