Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/I5QZs0ssaMtkmFHzZ6CoPahCk-M.roa
File: I5QZs0ssaMtkmFHzZ6CoPahCk-M.roa (raw, json)
Hash identifier: Mf88GjaU/8Mp3gvs3Wk4T+KesMMSxbyG2aEqVy9OUMo=
Subject key identifier: 23:94:19:B3:4B:2C:68:CB:64:98:51:F3:67:A0:A8:3D:A8:42:93:E3
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0184629A3111EF212C0292F35763346F8651
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/I5QZs0ssaMtkmFHzZ6CoPahCk-M.roa
Signing time: Thu 10 Nov 2022 17:33:03 +0000
ROA not before: Thu 10 Nov 2022 17:33:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30738
IP address blocks: 109.248.160.0/22 maxlen: 25
195.211.53.0/24 maxlen: 24
188.130.254.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:62:9a:31:11:ef:21:2c:02:92:f3:57:63:34:6f:86:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Nov 10 17:33:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=239419b34b2c68cb649851f367a0a83da84293e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:00:e7:47:3a:fd:97:c4:ad:76:12:32:13:55:
a1:34:b3:0d:68:13:cc:4a:97:02:15:db:83:49:ae:
77:45:ef:9e:af:9f:a9:16:5f:d7:ce:49:c8:6c:a7:
f0:f8:30:31:03:28:32:08:7f:aa:9e:43:13:56:85:
b7:49:a9:4c:6c:4e:64:08:44:77:e7:1e:47:18:21:
8f:e6:77:f8:47:57:95:f2:ee:1f:41:5f:72:3a:d3:
27:be:6d:d3:26:e4:be:66:da:f2:68:4f:ba:85:af:
1d:15:e9:b3:15:2c:ae:48:59:a9:35:c5:43:14:76:
10:59:b9:af:bd:0b:4b:f5:24:10:f0:10:03:07:34:
64:06:4a:4c:7d:00:bd:f6:aa:21:77:12:e5:15:c6:
dc:e0:50:7a:eb:84:cf:b7:51:14:07:80:20:89:08:
9e:61:4f:98:e3:40:cf:23:91:39:d0:2c:8e:77:bc:
2b:91:b2:32:1f:8c:a2:7c:fe:75:b3:09:c6:21:27:
c7:e3:12:75:f3:d9:97:b3:62:bd:6a:74:26:e0:90:
98:fb:93:ac:e7:2c:ed:4d:f8:e8:bf:83:73:21:eb:
f6:78:66:cc:63:64:28:5f:da:7c:f6:bf:18:f2:61:
aa:6e:df:0a:69:cb:f2:13:f5:87:70:df:1b:ae:38:
4f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:94:19:B3:4B:2C:68:CB:64:98:51:F3:67:A0:A8:3D:A8:42:93:E3
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/I5QZs0ssaMtkmFHzZ6CoPahCk-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.160.0/22
188.130.182.0/24
188.130.254.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
82:02:3f:eb:d3:a3:3f:d6:ff:1d:16:1e:99:98:10:e1:e9:7b:
f8:51:2a:a5:5c:3c:c8:8f:5b:5f:04:3d:8c:55:c9:89:aa:1c:
e5:0d:87:50:c8:18:e9:3c:fd:f5:82:aa:3c:b5:ee:79:8e:3e:
00:fc:b9:3b:63:8e:fa:e1:df:de:71:fe:53:01:6e:8e:8a:d2:
63:7a:06:c8:97:6e:a9:5f:77:1f:55:71:02:97:e6:9d:03:3a:
3e:0b:82:5a:ce:4b:06:9f:ad:38:64:58:87:57:dc:a4:42:47:
0e:b7:c8:bb:70:8a:81:40:68:7f:47:0a:38:8d:bf:e1:81:c1:
30:d8:03:58:10:23:16:15:50:7b:2d:ce:f3:80:0a:4a:53:c1:
e8:12:94:d4:91:e6:b5:7e:46:ca:71:76:c6:ed:af:23:7a:b4:
75:e9:0b:df:57:a6:46:f5:60:c7:b1:98:e2:c4:0a:ef:0a:aa:
22:77:6c:22:03:19:b6:cc:9a:9d:a9:35:17:f0:dc:c2:07:dd:
6e:b6:9c:53:23:e0:10:a7:4e:91:c8:86:6b:84:24:4c:ed:40:
56:4f:fa:9b:42:bc:74:fe:1a:21:0f:68:70:40:7c:36:59:f5:
66:c0:30:66:94:ac:ad:9d:3d:bc:66:cc:60:22:99:4d:03:fc:
32:71:04:b0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYRimjER7yEsApLzV2M0b4ZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIxMTEwMTczMzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk0MTliMzRiMmM2OGNiNjQ5ODUxZjM2N2EwYTgzZGE4NDI5M2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ADnRzr9l8StdhIyE1WhNLMNaBPM
SpcCFduDSa53Re+er5+pFl/XzknIbKfw+DAxAygyCH+qnkMTVoW3SalMbE5kCER3
5x5HGCGP5nf4R1eV8u4fQV9yOtMnvm3TJuS+ZtryaE+6ha8dFemzFSyuSFmpNcVD
FHYQWbmvvQtL9SQQ8BADBzRkBkpMfQC99qohdxLlFcbc4FB664TPt1EUB4AgiQie
YU+Y40DPI5E50CyOd7wrkbIyH4yifP51swnGISfH4xJ189mXs2K9anQm4JCY+5Os
5yztTfjov4NzIev2eGbMY2QoX9p89r8Y8mGqbt8KacvyE/WHcN8brjhPbQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCOUGbNLLGjLZJhR82egqD2oQpPjMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvSTVRWnMwc3NhTXRrbUZIelo2Q29QYWhDay1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCbfigAwQA
vIK2AwQAvIL+AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IB
AQCCAj/r06M/1v8dFh6ZmBDh6Xv4USqlXDzIj1tfBD2MVcmJqhzlDYdQyBjpPP31
gqo8te55jj4A/Lk7Y4764d/ecf5TAW6OitJjegbIl26pX3cfVXECl+adAzo+C4Ja
zksGn604ZFiHV9ykQkcOt8i7cIqBQGh/Rwo4jb/hgcEw2ANYECMWFVB7Lc7zgApK
U8HoEpTUkea1fkbKcXbG7a8jerR16QvfV6ZG9WDHsZjixArvCqoid2wiAxm2zJqd
qTUX8NzCB91utpxTI+AQp06RyIZrhCRM7UBWT/qbQrx0/hohD2hwQHw2WfVmwDBm
lKytnT28ZsxgIplNA/wycQSw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:10 2023 by rpki-client on console-fra.rpki-client.org