Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/5IGLVI_YZvRx4717bmrxz24RBTw.roa
File: 5IGLVI_YZvRx4717bmrxz24RBTw.roa (raw, json)
Hash identifier: fr8SEPD9YG/5TN2P2GRBlEL3NoK9TnaZLn1/MyDKFOI=
Subject key identifier: E4:81:8B:54:8F:D8:66:F4:71:E3:BD:7B:6E:6A:F1:CF:6E:11:05:3C
Certificate issuer: /CN=234cd34911cfce946a22ea84663738cdcc076d45
Certificate serial: 0BAFC3E2
Authority key identifier: 23:4C:D3:49:11:CF:CE:94:6A:22:EA:84:66:37:38:CD:CC:07:6D:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0zTSRHPzpRqIuqEZjc4zcwHbUU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/5IGLVI_YZvRx4717bmrxz24RBTw.roa
Signing time: Sat 01 Jan 2022 11:56:56 +0000
ROA not before: Sat 01 Jan 2022 11:56:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59699
IP address blocks: 185.4.152.0/22 maxlen: 24
185.30.188.0/22 maxlen: 24
185.63.161.0/24 maxlen: 24
185.63.162.0/24 maxlen: 24
185.63.163.0/24 maxlen: 24
85.208.242.0/24 maxlen: 24
85.208.243.0/24 maxlen: 24
85.208.241.0/24 maxlen: 24
2a04:4bc0::/29 maxlen: 48
2a02:c7c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196068322 (0xbafc3e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=234cd34911cfce946a22ea84663738cdcc076d45
Validity
Not Before: Jan 1 11:56:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e4818b548fd866f471e3bd7b6e6af1cf6e11053c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:02:7e:84:2f:54:92:33:ff:eb:01:e3:a3:86:
58:42:ad:a5:1b:be:2e:a1:a1:63:a9:d6:4f:59:7b:
61:a2:63:9b:09:1f:eb:07:0e:d8:b6:ed:94:d4:42:
c4:96:fc:63:93:c3:74:20:47:00:94:3e:63:54:50:
d4:ac:b1:3b:f6:4b:c4:73:d3:7f:0f:17:b2:56:a6:
29:97:55:3b:9d:dc:67:db:13:45:ed:7d:c0:5c:10:
76:8e:57:cb:97:e4:af:b1:09:8b:20:17:1a:0b:e0:
a9:a4:dc:26:a8:d9:7f:18:81:df:a6:95:c8:50:7a:
ec:cc:3b:a5:67:fc:1f:43:a1:67:f6:5c:e9:9a:ce:
e1:37:26:eb:fe:d6:16:8f:6f:ae:a8:45:26:bf:4f:
43:1b:0d:0e:d1:2e:4c:c2:5c:09:66:83:d5:22:13:
84:cb:9b:eb:84:38:1f:07:1b:03:9a:3c:8b:8f:a1:
88:b6:21:25:59:74:b6:47:c0:03:a5:cd:64:3b:d4:
9c:f3:bb:c3:55:b0:ca:77:a2:86:3b:07:09:f0:12:
0c:69:38:40:0b:c3:c0:1b:6f:e0:c8:23:70:71:d6:
14:d4:03:21:be:67:44:50:c4:6d:47:9e:53:87:4c:
3f:4e:50:14:ea:ec:1b:3a:5d:72:4d:e9:87:40:f9:
ba:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:81:8B:54:8F:D8:66:F4:71:E3:BD:7B:6E:6A:F1:CF:6E:11:05:3C
X509v3 Authority Key Identifier:
keyid:23:4C:D3:49:11:CF:CE:94:6A:22:EA:84:66:37:38:CD:CC:07:6D:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0zTSRHPzpRqIuqEZjc4zcwHbUU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/5IGLVI_YZvRx4717bmrxz24RBTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/5f536f-38fe-45be-b8f9-125500d2be94/1/I0zTSRHPzpRqIuqEZjc4zcwHbUU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.241.0-85.208.243.255
185.4.152.0/22
185.30.188.0/22
185.63.161.0-185.63.163.255
IPv6:
2a02:c7c0::/29
2a04:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:da:85:b5:10:10:88:ab:1b:96:bd:87:1a:de:f3:a3:49:78:
77:7b:62:1e:23:43:78:37:73:b0:b0:3c:12:fa:9b:36:51:66:
66:ab:ad:78:33:49:da:cd:45:dd:de:c4:fc:d0:99:c2:33:67:
a8:98:bf:f7:1b:ba:9e:3c:f1:e2:ba:8d:e3:14:e5:37:8d:94:
fd:25:44:73:c2:6d:c6:60:62:72:db:02:81:a0:05:13:ce:69:
34:be:7f:cb:06:e7:97:07:e4:71:5d:34:1a:c6:1f:e3:02:04:
07:1e:de:81:c5:ed:54:62:6f:d9:1d:46:30:e0:08:f3:2d:72:
50:ee:64:1d:ed:bf:9b:d5:a5:e3:f4:a2:f3:49:b3:27:ae:3b:
67:87:dc:25:52:f6:a3:44:86:c3:05:24:ba:4a:f2:55:fd:96:
f5:2a:39:5a:2c:aa:a3:34:7f:ca:82:a6:d9:03:7d:0c:68:19:
20:b1:1c:b5:f8:a1:e0:5f:b1:c3:5e:6f:1c:15:e9:3b:78:ab:
5f:e2:db:1a:ce:96:ca:a5:f5:b9:65:99:9c:c7:0d:49:da:9f:
dc:c8:ae:69:b0:67:71:c5:07:56:be:fc:d4:32:ed:fc:68:c0:
19:6c:5f:51:80:a9:80:54:5f:b3:a0:03:19:a5:34:bb:6a:11:
8a:ba:d3:6d
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIEC6/D4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzRjZDM0OTExY2ZjZTk0NmEyMmVhODQ2NjM3MzhjZGNjMDc2ZDQ1MB4XDTIyMDEw
MTExNTY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTQ4MThiNTQ4ZmQ4
NjZmNDcxZTNiZDdiNmU2YWYxY2Y2ZTExMDUzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0CfoQvVJIz/+sB46OGWEKtpRu+LqGhY6nWT1l7YaJjmwkf
6wcO2LbtlNRCxJb8Y5PDdCBHAJQ+Y1RQ1KyxO/ZLxHPTfw8XslamKZdVO53cZ9sT
Re19wFwQdo5Xy5fkr7EJiyAXGgvgqaTcJqjZfxiB36aVyFB67Mw7pWf8H0OhZ/Zc
6ZrO4Tcm6/7WFo9vrqhFJr9PQxsNDtEuTMJcCWaD1SIThMub64Q4HwcbA5o8i4+h
iLYhJVl0tkfAA6XNZDvUnPO7w1WwyneihjsHCfASDGk4QAvDwBtv4MgjcHHWFNQD
Ib5nRFDEbUeeU4dMP05QFOrsGzpdck3ph0D5uocCAwEAAaOCAkEwggI9MB0GA1Ud
DgQWBBTkgYtUj9hm9HHjvXtuavHPbhEFPDAfBgNVHSMEGDAWgBQjTNNJEc/OlGoi
6oRmNzjNzAdtRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kwelRTUkhQenBScUl1cUVaamM0emN3SGJVVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNWY1MzZmLTM4ZmUtNDViZS1iOGY5LTEyNTUwMGQyYmU5NC8x
LzVJR0xWSV9ZWnZSeDQ3MTdibXJ4ejI0UkJUdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
NWY1MzZmLTM4ZmUtNDViZS1iOGY5LTEyNTUwMGQyYmU5NC8xL0kwelRTUkhQenBS
cUl1cUVaamM0emN3SGJVVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBX
BggrBgEFBQcBBwEB/wRIMEYwLgQCAAEwKDAMAwQAVdDxAwQCVdDwAwQCuQSYAwQC
uR68MAwDBAC5P6EDBAK5P6AwFAQCAAIwDgMFAyoCx8ADBQMqBEvAMA0GCSqGSIb3
DQEBCwUAA4IBAQCf2oW1EBCIqxuWvYca3vOjSXh3e2IeI0N4N3OwsDwS+ps2UWZm
q614M0nazUXd3sT80JnCM2eomL/3G7qePPHiuo3jFOU3jZT9JURzwm3GYGJy2wKB
oAUTzmk0vn/LBueXB+RxXTQaxh/jAgQHHt6Bxe1UYm/ZHUYw4AjzLXJQ7mQd7b+b
1aXj9KLzSbMnrjtnh9wlUvajRIbDBSS6SvJV/Zb1KjlaLKqjNH/KgqbZA30MaBkg
sRy1+KHgX7HDXm8cFek7eKtf4tsazpbKpfW5ZZmcxw1J2p/cyK5psGdxxQdWvvzU
Mu38aMAZbF9RgKmAVF+zoAMZpTS7ahGKutNt
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:50 2023 by rpki-client on console-fra.rpki-client.org