Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/0vfYA3Le3Y1gjaUj-LT3MLhvu54.roa
File: 0vfYA3Le3Y1gjaUj-LT3MLhvu54.roa (raw, json)
Hash identifier: +i8UIAgP6uYBUM//5wvvLWHNGyWklD46HoVPDUl0aDM=
Subject key identifier: D2:F7:D8:03:72:DE:DD:8D:60:8D:A5:23:F8:B4:F7:30:B8:6F:BB:9E
Certificate issuer: /CN=d8a994d846cb6696e889c1cc32285e0b23afc777
Certificate serial: 052393F5
Authority key identifier: D8:A9:94:D8:46:CB:66:96:E8:89:C1:CC:32:28:5E:0B:23:AF:C7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2KmU2EbLZpboicHMMiheCyOvx3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/0vfYA3Le3Y1gjaUj-LT3MLhvu54.roa
Signing time: Sat 01 Jan 2022 14:02:15 +0000
ROA not before: Sat 01 Jan 2022 14:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202707
IP address blocks: 185.156.157.0/24 maxlen: 24
185.156.158.0/24 maxlen: 24
185.156.159.0/24 maxlen: 24
185.156.156.0/22 maxlen: 24
185.156.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86217717 (0x52393f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8a994d846cb6696e889c1cc32285e0b23afc777
Validity
Not Before: Jan 1 14:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2f7d80372dedd8d608da523f8b4f730b86fbb9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6e:ec:ca:28:a6:35:bc:cb:80:12:db:5c:2a:
10:32:3e:f1:6d:ec:7d:30:6a:65:d1:c9:f2:22:e8:
d9:82:3d:d7:2e:e1:31:68:d3:44:2b:0d:14:d2:d3:
70:25:ad:a0:f3:2d:64:09:8e:89:68:3e:93:94:c7:
aa:aa:0d:4d:12:4f:06:17:30:e8:96:6c:94:44:37:
39:25:0b:c8:18:d3:31:53:19:6f:05:5f:29:a5:aa:
73:9e:9f:fd:bb:e8:f3:b9:3d:a7:12:8b:e6:7c:a8:
cf:ef:47:4e:ea:5e:95:b2:b1:92:b9:5b:d3:e2:3d:
26:5d:8a:dc:c2:f6:1b:2e:ff:6b:00:37:66:0c:f9:
71:91:7f:22:b3:0f:e4:4b:e3:3e:44:c3:a4:f4:f4:
fb:b9:c7:2a:ce:ce:8b:2f:ac:ec:48:71:9f:f4:61:
d1:b0:5c:d2:7e:48:fc:35:3f:2a:5f:17:37:e7:b6:
7e:33:f2:35:ee:3a:82:f8:cd:30:89:d6:90:0f:a7:
48:da:48:0f:dc:da:5e:0d:29:76:6a:29:fc:bd:57:
07:4a:91:27:0f:d3:66:93:00:77:67:4d:c0:75:cb:
b9:e5:86:8a:3d:23:e7:6e:93:2d:d8:4c:d7:46:17:
15:f3:bb:ff:2f:54:e2:79:1c:68:64:7c:e9:c1:40:
cf:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F7:D8:03:72:DE:DD:8D:60:8D:A5:23:F8:B4:F7:30:B8:6F:BB:9E
X509v3 Authority Key Identifier:
keyid:D8:A9:94:D8:46:CB:66:96:E8:89:C1:CC:32:28:5E:0B:23:AF:C7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2KmU2EbLZpboicHMMiheCyOvx3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/0vfYA3Le3Y1gjaUj-LT3MLhvu54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/dd08f7-b6f4-4b42-81d7-23ab59798421/1/2KmU2EbLZpboicHMMiheCyOvx3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.156.0/22
Signature Algorithm: sha256WithRSAEncryption
27:cc:35:fc:3a:7a:65:0b:58:40:01:9a:e3:12:92:1b:6f:8d:
2b:62:04:06:82:8a:9e:de:4b:ea:44:3c:44:6b:5e:2a:e5:ee:
97:7e:6a:c6:ee:82:3c:58:a7:88:80:4c:b6:33:34:6a:63:73:
35:54:63:3d:f6:b9:97:07:bf:25:c7:e8:24:22:91:78:d4:19:
cb:d6:85:ac:15:5f:85:72:56:2d:30:fd:d3:10:b1:1f:7b:4a:
b7:39:74:37:18:f9:34:25:ca:ef:00:9c:98:68:f3:f6:56:a0:
e3:43:88:3b:5e:66:f3:c3:8f:ca:3e:f1:6f:5f:e0:b8:81:57:
80:06:7e:63:f1:3e:62:ba:f4:3f:41:46:11:44:00:dd:bc:9d:
f2:43:50:c9:3d:47:52:04:0f:8f:7f:c5:52:d6:2e:0f:78:be:
68:74:95:b8:0d:1e:8b:89:79:85:e1:66:44:5a:c7:dd:d8:71:
ec:0f:0a:ae:e0:84:4e:a0:34:9c:d4:91:2a:97:5e:4a:24:3c:
83:90:5b:d0:5a:94:e0:14:54:4f:a6:ed:e5:ac:30:39:42:25:
b8:8b:ae:65:79:7e:24:4e:87:3e:81:f0:d4:7c:b0:d7:34:a3:
33:a6:f1:b2:3c:f9:19:14:a9:8a:72:e0:b2:87:0f:15:6c:b3:
55:25:a1:b9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBSOT9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OGE5OTRkODQ2Y2I2Njk2ZTg4OWMxY2MzMjI4NWUwYjIzYWZjNzc3MB4XDTIyMDEw
MTE0MDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJmN2Q4MDM3MmRl
ZGQ4ZDYwOGRhNTIzZjhiNGY3MzBiODZmYmI5ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNu7MoopjW8y4AS21wqEDI+8W3sfTBqZdHJ8iLo2YI91y7h
MWjTRCsNFNLTcCWtoPMtZAmOiWg+k5THqqoNTRJPBhcw6JZslEQ3OSULyBjTMVMZ
bwVfKaWqc56f/bvo87k9pxKL5nyoz+9HTupelbKxkrlb0+I9Jl2K3ML2Gy7/awA3
Zgz5cZF/IrMP5EvjPkTDpPT0+7nHKs7Oiy+s7Ehxn/Rh0bBc0n5I/DU/Kl8XN+e2
fjPyNe46gvjNMInWkA+nSNpID9zaXg0pdmop/L1XB0qRJw/TZpMAd2dNwHXLueWG
ij0j526TLdhM10YXFfO7/y9U4nkcaGR86cFAz6sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTS99gDct7djWCNpSP4tPcwuG+7njAfBgNVHSMEGDAWgBTYqZTYRstmluiJ
wcwyKF4LI6/HdzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJLbVUyRWJMWnBib2ljSE1NaWhlQ3lPdngzYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvZGQwOGY3LWI2ZjQtNGI0Mi04MWQ3LTIzYWI1OTc5ODQyMS8x
LzB2ZllBM0xlM1kxZ2phVWotTFQzTUxodnU1NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
ZGQwOGY3LWI2ZjQtNGI0Mi04MWQ3LTIzYWI1OTc5ODQyMS8xLzJLbVUyRWJMWnBi
b2ljSE1NaWhlQ3lPdngzYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmcnDANBgkqhkiG9w0BAQsFAAOC
AQEAJ8w1/Dp6ZQtYQAGa4xKSG2+NK2IEBoKKnt5L6kQ8RGteKuXul35qxu6CPFin
iIBMtjM0amNzNVRjPfa5lwe/JcfoJCKReNQZy9aFrBVfhXJWLTD90xCxH3tKtzl0
Nxj5NCXK7wCcmGjz9lag40OIO15m88OPyj7xb1/guIFXgAZ+Y/E+Yrr0P0FGEUQA
3byd8kNQyT1HUgQPj3/FUtYuD3i+aHSVuA0ei4l5heFmRFrH3dhx7A8KruCETqA0
nNSRKpdeSiQ8g5Bb0FqU4BRUT6bt5awwOUIluIuuZXl+JE6HPoHw1Hyw1zSjM6bx
sjz5GRSpinLgsocPFWyzVSWhuQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:53 2023 by rpki-client on console-fra.rpki-client.org