Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/9b0c77-8085-4a5a-bace-143c3d38d17c/1/iY_IaJBghFOZdBpTRj7oIIVPXMo.roa
File: iY_IaJBghFOZdBpTRj7oIIVPXMo.roa (raw, json)
Hash identifier: D3C47Q2n2d+KvimbhDnVbwKL6Vjo/fi378d1HWgPTSE=
Subject key identifier: 89:8F:C8:68:90:60:84:53:99:74:1A:53:46:3E:E8:20:85:4F:5C:CA
Certificate issuer: /CN=d2f6e6b5a34fd18b435385db87bb3ae974785108
Certificate serial: 042F1AE2
Authority key identifier: D2:F6:E6:B5:A3:4F:D1:8B:43:53:85:DB:87:BB:3A:E9:74:78:51:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vbmtaNP0YtDU4Xbh7s66XR4UQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/9b0c77-8085-4a5a-bace-143c3d38d17c/1/iY_IaJBghFOZdBpTRj7oIIVPXMo.roa
Signing time: Sat 01 Jan 2022 14:08:13 +0000
ROA not before: Sat 01 Jan 2022 14:08:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207509
IP address blocks: 185.25.94.0/24 maxlen: 24
2a0c:95c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70195938 (0x42f1ae2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f6e6b5a34fd18b435385db87bb3ae974785108
Validity
Not Before: Jan 1 14:08:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=898fc8689060845399741a53463ee820854f5cca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e0:30:19:0c:61:7c:fa:ec:76:f0:6e:b6:46:
c7:68:99:1c:aa:74:bc:a5:54:99:28:17:85:f9:83:
28:28:5c:ad:f6:cc:5f:71:f9:14:cd:9b:b3:cf:f4:
39:09:ba:4b:d8:c4:0d:b8:b2:cb:7c:a1:22:83:22:
22:9e:fe:c0:c4:0e:fa:27:0d:98:6f:b0:a4:ec:59:
e7:8d:14:42:e6:6e:c1:fe:0d:8f:0d:fe:ee:02:57:
92:c8:d9:8d:f4:d8:1d:4e:9d:83:a4:80:33:93:83:
12:9d:b5:7c:0a:8f:e2:fe:45:ad:67:27:d7:f2:3e:
c6:68:b4:41:e0:5e:54:37:95:df:d2:cc:4c:30:53:
e3:f6:09:7d:e1:5d:19:21:9b:b5:13:7e:d2:5d:5f:
27:67:69:5e:ca:7b:a9:5b:ca:c4:1c:01:0b:6e:b8:
bd:cb:a4:e0:55:20:8e:4b:c0:6b:59:14:a8:26:99:
fe:71:02:72:69:be:c3:0d:7d:ec:68:19:cd:2a:3f:
32:9c:7e:dc:81:35:00:4a:99:49:8f:c1:8f:e8:b5:
ec:58:13:80:fc:cc:8a:33:f3:61:d2:83:46:d2:39:
ac:00:82:58:a4:e0:8f:bc:39:54:44:3c:17:c4:89:
e1:7a:22:9d:f4:4d:2f:af:d4:93:9f:c7:e1:81:7c:
6d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8F:C8:68:90:60:84:53:99:74:1A:53:46:3E:E8:20:85:4F:5C:CA
X509v3 Authority Key Identifier:
keyid:D2:F6:E6:B5:A3:4F:D1:8B:43:53:85:DB:87:BB:3A:E9:74:78:51:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vbmtaNP0YtDU4Xbh7s66XR4UQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9b0c77-8085-4a5a-bace-143c3d38d17c/1/iY_IaJBghFOZdBpTRj7oIIVPXMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/9b0c77-8085-4a5a-bace-143c3d38d17c/1/0vbmtaNP0YtDU4Xbh7s66XR4UQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.94.0/24
IPv6:
2a0c:95c0::/29
Signature Algorithm: sha256WithRSAEncryption
74:23:e8:ad:4d:2e:0d:68:03:cf:b2:2f:35:57:08:c0:bd:be:
36:74:76:82:86:ec:9d:18:13:d1:12:a6:70:44:b3:2b:be:3f:
ba:76:03:d8:85:64:c7:f8:c4:5a:1d:2c:66:1c:46:21:53:cf:
24:76:3d:7d:27:5b:c6:fc:72:5f:2b:5e:1c:f3:54:c2:b4:6e:
82:59:51:9f:72:0a:0c:af:a1:4c:b2:8c:e0:2d:d8:84:76:60:
4f:47:2e:ce:22:bf:78:70:59:75:26:94:f9:c7:64:02:59:90:
e3:17:8b:c9:7e:1a:5a:7d:98:96:73:56:bf:2c:f7:ad:2c:af:
bf:ad:0b:fe:76:d8:31:b3:76:46:e6:17:ec:f4:0a:26:75:3e:
89:3e:de:55:3c:49:06:33:04:da:90:7c:bf:32:20:eb:a9:88:
d1:0f:a5:9c:29:c5:e1:5a:5a:15:57:90:08:e3:01:0e:a9:2a:
d1:71:f8:ae:ab:c2:2a:0b:03:dc:14:d7:1b:61:ee:9d:59:29:
17:db:8f:c4:91:b7:72:51:6b:0d:75:b0:45:3f:34:d1:f6:22:
b3:c9:84:1a:d9:cd:9c:f4:a8:da:c9:1a:a3:ea:80:f1:b6:fd:
46:e9:f6:17:50:e7:1a:e7:ee:b9:c5:43:7c:9c:53:ce:ab:4b:
d4:ae:f3:2a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBC8a4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmY2ZTZiNWEzNGZkMThiNDM1Mzg1ZGI4N2JiM2FlOTc0Nzg1MTA4MB4XDTIyMDEw
MTE0MDgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODk4ZmM4Njg5MDYw
ODQ1Mzk5NzQxYTUzNDYzZWU4MjA4NTRmNWNjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJzgMBkMYXz67HbwbrZGx2iZHKp0vKVUmSgXhfmDKChcrfbM
X3H5FM2bs8/0OQm6S9jEDbiyy3yhIoMiIp7+wMQO+icNmG+wpOxZ540UQuZuwf4N
jw3+7gJXksjZjfTYHU6dg6SAM5ODEp21fAqP4v5FrWcn1/I+xmi0QeBeVDeV39LM
TDBT4/YJfeFdGSGbtRN+0l1fJ2dpXsp7qVvKxBwBC264vcuk4FUgjkvAa1kUqCaZ
/nECcmm+ww197GgZzSo/Mpx+3IE1AEqZSY/Bj+i17FgTgPzMijPzYdKDRtI5rACC
WKTgj7w5VEQ8F8SJ4XoinfRNL6/Uk5/H4YF8bZ8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSJj8hokGCEU5l0GlNGPugghU9cyjAfBgNVHSMEGDAWgBTS9ua1o0/Ri0NT
hduHuzrpdHhRCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB2Ym10YU5QMFl0RFU0WGJoN3M2NlhSNFVRZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvOWIwYzc3LTgwODUtNGE1YS1iYWNlLTE0M2MzZDM4ZDE3Yy8x
L2lZX0lhSkJnaEZPWmRCcFRSajdvSUlWUFhNby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
OWIwYzc3LTgwODUtNGE1YS1iYWNlLTE0M2MzZDM4ZDE3Yy8xLzB2Ym10YU5QMFl0
RFU0WGJoN3M2NlhSNFVRZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALkZXjANBAIAAjAHAwUDKgyVwDAN
BgkqhkiG9w0BAQsFAAOCAQEAdCPorU0uDWgDz7IvNVcIwL2+NnR2gobsnRgT0RKm
cESzK74/unYD2IVkx/jEWh0sZhxGIVPPJHY9fSdbxvxyXyteHPNUwrRugllRn3IK
DK+hTLKM4C3YhHZgT0cuziK/eHBZdSaU+cdkAlmQ4xeLyX4aWn2YlnNWvyz3rSyv
v60L/nbYMbN2RuYX7PQKJnU+iT7eVTxJBjME2pB8vzIg66mI0Q+lnCnF4VpaFVeQ
COMBDqkq0XH4rqvCKgsD3BTXG2HunVkpF9uPxJG3clFrDXWwRT800fYis8mEGtnN
nPSo2skao+qA8bb9Run2F1DnGufuucVDfJxTzqtL1K7zKg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:47 2023 by rpki-client on console-fra.rpki-client.org