Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/stNWavlbgLtxIziG0qhwOhL4E24.roa
File: stNWavlbgLtxIziG0qhwOhL4E24.roa (raw, json)
Hash identifier: 4gXVdqBktRpqVICG8RvUlhJNycNVXUSLhDr85K3hHI4=
Subject key identifier: B2:D3:56:6A:F9:5B:80:BB:71:23:38:86:D2:A8:70:3A:12:F8:13:6E
Certificate issuer: /CN=02b610cd43bafced91480fabfdcaae82049fbf71
Certificate serial: 18E94943
Authority key identifier: 02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/stNWavlbgLtxIziG0qhwOhL4E24.roa
Signing time: Sat 01 Jan 2022 07:58:31 +0000
ROA not before: Sat 01 Jan 2022 07:58:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197068
IP address blocks: 185.65.148.0/22 maxlen: 32
178.248.232.0/21 maxlen: 32
185.94.108.0/22 maxlen: 32
2a03:70c0::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 417941827 (0x18e94943)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02b610cd43bafced91480fabfdcaae82049fbf71
Validity
Not Before: Jan 1 07:58:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2d3566af95b80bb71233886d2a8703a12f8136e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a7:c8:68:67:9c:1b:32:8d:3f:80:bf:f7:a8:
df:2a:2e:d4:0e:2e:57:3c:d1:c0:31:41:c1:4b:a2:
74:64:61:16:c4:07:46:b7:6a:51:ad:88:57:74:8f:
10:fd:ec:a9:1d:e8:d7:68:ac:b0:c4:1f:a1:4d:f7:
4d:0a:ee:bd:4e:da:e4:b6:68:06:ed:07:63:00:3a:
1e:80:1e:d7:31:60:9e:8c:58:8d:5b:89:f2:bb:59:
a4:38:7d:be:ef:4e:17:a8:ee:54:a5:fc:c6:ee:1a:
e9:32:d7:07:7b:05:c9:f7:51:07:0e:96:04:a8:3a:
0d:4a:f4:92:a1:69:f0:f6:9d:94:5a:55:2e:5d:44:
48:57:16:6a:dc:4b:78:f1:39:f3:16:6e:cf:6f:b6:
d4:87:54:63:6c:ee:c8:e1:db:af:20:61:5f:af:6a:
fa:41:77:fd:57:f1:c0:fc:4a:0a:fb:42:50:c1:19:
3d:53:42:00:4b:fd:0c:69:17:e6:8e:e6:c2:11:44:
1c:f4:0f:c7:7a:89:aa:c8:94:7a:4e:d1:e5:45:e1:
df:64:63:a2:cb:cd:6a:53:97:86:c3:2d:2b:73:53:
90:6b:e4:45:c7:ea:b2:5e:bc:68:b9:28:59:cf:d2:
d8:92:46:56:b9:dd:bb:22:c1:b6:d6:37:57:20:99:
b6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:D3:56:6A:F9:5B:80:BB:71:23:38:86:D2:A8:70:3A:12:F8:13:6E
X509v3 Authority Key Identifier:
keyid:02:B6:10:CD:43:BA:FC:ED:91:48:0F:AB:FD:CA:AE:82:04:9F:BF:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArYQzUO6_O2RSA-r_cquggSfv3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/stNWavlbgLtxIziG0qhwOhL4E24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/e3decc-3ef7-4cb2-81d1-9013ca996b16/1/ArYQzUO6_O2RSA-r_cquggSfv3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.248.232.0/21
185.65.148.0/22
185.94.108.0/22
IPv6:
2a03:70c0::/32
Signature Algorithm: sha256WithRSAEncryption
8c:1e:e6:8a:e9:5f:7e:e2:d3:4c:c7:0b:bc:04:c3:bb:a0:77:
4f:7b:03:c2:0d:8d:5b:34:b0:5c:bc:25:0f:7a:1e:a1:37:60:
12:ce:9e:7f:65:0a:a0:1b:c5:dc:c3:59:ba:ac:fd:5a:66:f8:
59:cb:a5:c7:2d:e7:9a:e0:32:a7:eb:11:f4:c8:c5:c5:e7:27:
ce:4e:3e:e0:7f:9b:32:9b:8d:e1:81:0d:90:cd:47:a4:93:d6:
f3:f8:23:11:43:e6:9d:ef:f9:9c:38:f7:e7:f6:d4:db:ab:8e:
81:9f:d8:c6:f6:49:48:15:a4:f4:67:f0:eb:a8:be:63:55:d9:
3c:dc:56:71:69:38:87:d2:00:c8:ab:9c:10:79:5b:a0:e6:fc:
b5:1a:b4:c2:05:16:60:de:97:49:60:33:3f:46:ac:00:80:31:
45:75:4b:f7:76:73:d9:c8:0a:c4:d6:d8:77:74:fd:41:e1:cf:
60:62:ed:6c:49:57:8e:94:85:ed:bd:15:13:c0:cb:af:33:05:
da:1c:90:fa:54:d1:c5:7f:54:4c:41:1d:39:32:ca:1d:59:dd:
cd:49:a0:c0:ef:f6:b3:14:48:18:c0:e4:0d:fe:f5:f2:4a:e2:
58:7e:ec:cc:19:06:3c:a7:19:45:53:c7:7a:13:bb:8c:cd:c9:
8a:b4:b3:56
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEGOlJQzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MmI2MTBjZDQzYmFmY2VkOTE0ODBmYWJmZGNhYWU4MjA0OWZiZjcxMB4XDTIyMDEw
MTA3NTgzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjJkMzU2NmFmOTVi
ODBiYjcxMjMzODg2ZDJhODcwM2ExMmY4MTM2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJCnyGhnnBsyjT+Av/eo3you1A4uVzzRwDFBwUuidGRhFsQH
RrdqUa2IV3SPEP3sqR3o12issMQfoU33TQruvU7a5LZoBu0HYwA6HoAe1zFgnoxY
jVuJ8rtZpDh9vu9OF6juVKX8xu4a6TLXB3sFyfdRBw6WBKg6DUr0kqFp8PadlFpV
Ll1ESFcWatxLePE58xZuz2+21IdUY2zuyOHbryBhX69q+kF3/VfxwPxKCvtCUMEZ
PVNCAEv9DGkX5o7mwhFEHPQPx3qJqsiUek7R5UXh32RjosvNalOXhsMtK3NTkGvk
Rcfqsl68aLkoWc/S2JJGVrnduyLBttY3VyCZtjsCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSy01Zq+VuAu3EjOIbSqHA6EvgTbjAfBgNVHSMEGDAWgBQCthDNQ7r87ZFI
D6v9yq6CBJ+/cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FyWVF6VU82X08yUlNBLXJfY3F1Z2dTZnYzRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWUvZTNkZWNjLTNlZjctNGNiMi04MWQxLTkwMTNjYTk5NmIxNi8x
L3N0TldhdmxiZ0x0eEl6aUcwcWh3T2hMNEUyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWUv
ZTNkZWNjLTNlZjctNGNiMi04MWQxLTkwMTNjYTk5NmIxNi8xL0FyWVF6VU82X08y
UlNBLXJfY3F1Z2dTZnYzRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA7L46AMEArlBlAMEArlebDANBAIA
AjAHAwUAKgNwwDANBgkqhkiG9w0BAQsFAAOCAQEAjB7miulffuLTTMcLvATDu6B3
T3sDwg2NWzSwXLwlD3oeoTdgEs6ef2UKoBvF3MNZuqz9Wmb4Wculxy3nmuAyp+sR
9MjFxecnzk4+4H+bMpuN4YENkM1HpJPW8/gjEUPmne/5nDj35/bU26uOgZ/YxvZJ
SBWk9Gfw66i+Y1XZPNxWcWk4h9IAyKucEHlboOb8tRq0wgUWYN6XSWAzP0asAIAx
RXVL93Zz2cgKxNbYd3T9QeHPYGLtbElXjpSF7b0VE8DLrzMF2hyQ+lTRxX9UTEEd
OTLKHVndzUmgwO/2sxRIGMDkDf718kriWH7szBkGPKcZRVPHehO7jM3JirSzVg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:48 2023 by rpki-client on console-fra.rpki-client.org