Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0b252d-db4c-4256-ab06-06d14cf0a46b/1/thP9nzBvk9-LW0NQV0XcvI32-FI.roa
File: thP9nzBvk9-LW0NQV0XcvI32-FI.roa (raw, json)
Hash identifier: Ft9KL/0NqmVUYz9KktcvEwyHsM5cNZSIaoG+sTwefX8=
Subject key identifier: B6:13:FD:9F:30:6F:93:DF:8B:5B:43:50:57:45:DC:BC:8D:F6:F8:52
Certificate issuer: /CN=ebc86c8c2d495c9ebe42665a1513de69a9bf6553
Certificate serial: 1250BE40
Authority key identifier: EB:C8:6C:8C:2D:49:5C:9E:BE:42:66:5A:15:13:DE:69:A9:BF:65:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/68hsjC1JXJ6-QmZaFRPeaam_ZVM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0b252d-db4c-4256-ab06-06d14cf0a46b/1/thP9nzBvk9-LW0NQV0XcvI32-FI.roa
Signing time: Sat 01 Jan 2022 13:00:20 +0000
ROA not before: Sat 01 Jan 2022 13:00:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203322
IP address blocks: 185.138.172.0/23 maxlen: 23
185.138.172.0/22 maxlen: 22
185.138.174.0/23 maxlen: 23
2a07:fc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 307281472 (0x1250be40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebc86c8c2d495c9ebe42665a1513de69a9bf6553
Validity
Not Before: Jan 1 13:00:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b613fd9f306f93df8b5b43505745dcbc8df6f852
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:cb:85:ed:a6:bd:f1:e5:95:d3:ab:1e:25:8e:
63:ca:7b:c6:ef:d7:db:24:79:17:42:83:32:a1:71:
90:52:1d:4f:0b:14:d6:c9:4e:db:ec:2e:70:32:6c:
a1:c2:5e:d0:94:fb:77:b2:e5:e6:bf:75:37:0e:ec:
51:34:25:d8:b9:c9:3f:7f:32:1b:92:21:de:bf:92:
a0:8c:98:41:95:03:02:d1:53:42:e8:75:e7:e6:8d:
24:21:f4:a9:ca:a8:0f:d0:6e:14:54:a2:13:52:75:
ae:44:b0:c0:41:3e:34:5c:6f:33:81:f5:73:9d:6b:
f0:a8:3b:d5:42:d1:ed:cf:f7:60:20:18:d9:09:a7:
a5:6f:13:af:10:1f:08:a7:10:64:7c:ee:74:b1:d4:
fa:af:e8:e4:97:18:7d:62:3a:d0:79:31:82:5f:9c:
11:57:37:87:22:b1:75:61:a2:08:30:1e:c9:ce:8d:
c5:0c:e1:a0:87:65:9f:f9:12:0c:f6:cc:57:64:7f:
52:97:b4:9d:ca:a4:6e:81:a7:b1:cf:7d:9e:ed:02:
3b:bf:42:f5:5b:0f:1d:15:e7:68:6f:90:0a:67:b1:
83:f7:ec:2c:2a:22:42:85:55:f4:b8:09:66:d4:09:
41:ad:9f:00:e4:67:b3:4a:ca:c4:2a:b5:bb:cd:0d:
ca:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:13:FD:9F:30:6F:93:DF:8B:5B:43:50:57:45:DC:BC:8D:F6:F8:52
X509v3 Authority Key Identifier:
keyid:EB:C8:6C:8C:2D:49:5C:9E:BE:42:66:5A:15:13:DE:69:A9:BF:65:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/68hsjC1JXJ6-QmZaFRPeaam_ZVM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0b252d-db4c-4256-ab06-06d14cf0a46b/1/thP9nzBvk9-LW0NQV0XcvI32-FI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0b252d-db4c-4256-ab06-06d14cf0a46b/1/68hsjC1JXJ6-QmZaFRPeaam_ZVM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.172.0/22
IPv6:
2a07:fc0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:24:6a:cd:13:c2:7d:39:a3:e4:f0:ea:30:32:82:2a:1f:15:
6f:f3:8c:e6:67:86:05:db:be:4e:b9:b2:5e:f8:0c:ff:80:19:
f4:4e:6b:0d:ab:01:52:93:b9:a3:fa:7a:1f:c2:c8:c2:c0:fa:
a5:29:0b:a1:83:47:8e:6d:5b:48:d6:af:46:ca:bf:ec:59:d6:
d4:1b:4d:49:0f:18:da:d1:e5:46:2a:62:f4:39:97:4b:30:0e:
2e:e2:eb:5e:a7:c1:2e:bb:96:2c:11:ae:e9:4f:e7:ea:3e:82:
eb:c9:b3:25:2d:d9:7c:62:9c:98:d3:93:8b:a0:f7:f3:3e:8c:
d5:ec:b0:3d:2a:15:fa:a8:2f:7c:85:96:12:2c:56:6b:f4:96:
b9:25:55:da:09:b4:b1:a3:24:57:96:c3:13:4c:4a:4e:ee:6c:
76:1c:9d:21:5d:ad:65:74:ab:d9:21:d7:32:0a:d6:94:28:3e:
da:23:f6:85:14:74:d3:d0:0a:56:e0:68:32:bf:38:26:b5:2d:
99:f4:97:53:4c:92:ce:8a:ae:fa:9c:6a:69:13:d8:bb:af:32:
c2:19:11:cb:ee:52:76:c9:de:58:e2:be:bb:77:ea:31:48:87:
5f:49:cd:00:f1:2f:18:21:0a:19:28:d0:7d:fb:db:c2:55:50:
b9:f6:19:c5
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEElC+QDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YmM4NmM4YzJkNDk1YzllYmU0MjY2NWExNTEzZGU2OWE5YmY2NTUzMB4XDTIyMDEw
MTEzMDAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjYxM2ZkOWYzMDZm
OTNkZjhiNWI0MzUwNTc0NWRjYmM4ZGY2Zjg1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOfLhe2mvfHlldOrHiWOY8p7xu/X2yR5F0KDMqFxkFIdTwsU
1slO2+wucDJsocJe0JT7d7Ll5r91Nw7sUTQl2LnJP38yG5Ih3r+SoIyYQZUDAtFT
Quh15+aNJCH0qcqoD9BuFFSiE1J1rkSwwEE+NFxvM4H1c51r8Kg71ULR7c/3YCAY
2QmnpW8TrxAfCKcQZHzudLHU+q/o5JcYfWI60Hkxgl+cEVc3hyKxdWGiCDAeyc6N
xQzhoIdln/kSDPbMV2R/Upe0ncqkboGnsc99nu0CO79C9VsPHRXnaG+QCmexg/fs
LCoiQoVV9LgJZtQJQa2fAORns0rKxCq1u80Nys0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS2E/2fMG+T34tbQ1BXRdy8jfb4UjAfBgNVHSMEGDAWgBTryGyMLUlcnr5C
ZloVE95pqb9lUzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzY4aHNqQzFKWEo2LVFtWmFGUlBlYWFtX1pWTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvMGIyNTJkLWRiNGMtNDI1Ni1hYjA2LTA2ZDE0Y2YwYTQ2Yi8x
L3RoUDluekJ2azktTFcwTlFWMFhjdkkzMi1GSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
MGIyNTJkLWRiNGMtNDI1Ni1hYjA2LTA2ZDE0Y2YwYTQ2Yi8xLzY4aHNqQzFKWEo2
LVFtWmFGUlBlYWFtX1pWTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmKrDANBAIAAjAHAwUDKgcPwDAN
BgkqhkiG9w0BAQsFAAOCAQEAoyRqzRPCfTmj5PDqMDKCKh8Vb/OM5meGBdu+Trmy
XvgM/4AZ9E5rDasBUpO5o/p6H8LIwsD6pSkLoYNHjm1bSNavRsq/7FnW1BtNSQ8Y
2tHlRipi9DmXSzAOLuLrXqfBLruWLBGu6U/n6j6C68mzJS3ZfGKcmNOTi6D38z6M
1eywPSoV+qgvfIWWEixWa/SWuSVV2gm0saMkV5bDE0xKTu5sdhydIV2tZXSr2SHX
MgrWlCg+2iP2hRR009AKVuBoMr84JrUtmfSXU0ySzoqu+pxqaRPYu68ywhkRy+5S
dsneWOK+u3fqMUiHX0nNAPEvGCEKGSjQffvbwlVQufYZxQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:00 2023 by rpki-client on console-fra.rpki-client.org