Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/iJ4PeAn_qJCSM5fxaTUpb0aDt_k.roa
File: iJ4PeAn_qJCSM5fxaTUpb0aDt_k.roa (raw, json)
Hash identifier: GuX30RPgwnqc15/CcaI4uhLtsZE64tYtRegv/2w9c0o=
Subject key identifier: 88:9E:0F:78:09:FF:A8:90:92:33:97:F1:69:35:29:6F:46:83:B7:F9
Certificate issuer: /CN=64b31dcd6bb5308029c4273230514f726b1b86ba
Certificate serial: 055B9912
Authority key identifier: 64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/iJ4PeAn_qJCSM5fxaTUpb0aDt_k.roa
Signing time: Sat 01 Jan 2022 07:55:58 +0000
ROA not before: Sat 01 Jan 2022 07:55:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 135391
IP address blocks: 185.232.56.0/24 maxlen: 24
185.232.58.0/24 maxlen: 24
185.232.57.0/24 maxlen: 24
185.232.59.0/24 maxlen: 24
2a0d:5300:300::/40 maxlen: 40
2a0d:5300::/40 maxlen: 40
2a0d:5300:100::/40 maxlen: 40
2a0d:5300:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89889042 (0x55b9912)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64b31dcd6bb5308029c4273230514f726b1b86ba
Validity
Not Before: Jan 1 07:55:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=889e0f7809ffa890923397f16935296f4683b7f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:6d:39:f1:2e:27:43:ab:ee:27:26:78:71:08:
bd:09:07:21:8c:40:ed:82:86:9f:db:0f:83:d9:55:
74:10:fe:96:34:ff:6d:83:8c:8b:d8:65:0f:f2:10:
f9:62:b5:a7:c3:74:9d:67:da:c7:5d:99:0b:80:41:
43:a9:a3:17:23:eb:9f:3a:29:16:ad:00:79:da:96:
15:94:2d:c8:95:16:8e:45:36:e0:11:22:9a:75:30:
20:21:1e:3c:ea:e8:bc:77:2b:39:5c:a1:ec:fb:fc:
85:c3:16:28:7f:a3:0e:66:f5:b1:a8:b5:07:bd:e5:
55:b7:d0:f0:90:20:0a:2d:57:8b:0d:78:74:6a:ed:
2d:c3:c0:93:c9:ff:dd:93:41:e1:bb:ce:26:de:9d:
1b:cc:b8:5f:80:fd:35:c5:ac:69:86:fd:8c:0c:8f:
dc:d4:51:db:df:71:d1:a2:76:f4:2a:de:bb:cd:ed:
a1:53:81:a3:03:77:70:82:65:a6:f8:d1:7b:50:78:
3f:aa:66:88:be:92:d3:18:2e:fb:5d:4b:a6:68:d4:
27:89:7d:83:32:a2:78:7d:b2:2b:f6:de:84:c7:e9:
dc:d4:53:aa:be:37:9c:a4:e4:57:a3:85:09:45:b3:
f5:50:4b:82:2d:37:0c:11:4e:ce:af:12:e7:3d:87:
21:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9E:0F:78:09:FF:A8:90:92:33:97:F1:69:35:29:6F:46:83:B7:F9
X509v3 Authority Key Identifier:
keyid:64:B3:1D:CD:6B:B5:30:80:29:C4:27:32:30:51:4F:72:6B:1B:86:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLMdzWu1MIApxCcyMFFPcmsbhro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/iJ4PeAn_qJCSM5fxaTUpb0aDt_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/980d6e-8a99-4260-8064-44ab689e1d4d/1/ZLMdzWu1MIApxCcyMFFPcmsbhro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.56.0/22
IPv6:
2a0d:5300::/38
Signature Algorithm: sha256WithRSAEncryption
be:49:33:57:7b:22:7c:a0:fc:26:fb:ea:04:79:86:f7:7d:e1:
39:7d:1e:75:3f:39:73:e7:0b:b4:d9:2f:43:75:98:58:96:03:
b2:b8:a5:3d:89:5c:b2:4f:52:6e:12:84:68:b8:b4:8b:05:dc:
c0:23:f3:c7:7b:98:79:10:37:c0:3e:a0:19:94:65:95:7d:95:
f3:d1:05:af:ea:b0:ce:8a:53:df:39:1b:29:40:a9:44:ce:0b:
6a:b8:4a:81:83:af:f2:d2:47:23:d8:ac:f1:89:23:1e:fe:42:
ca:68:56:a9:1e:29:31:1e:03:5e:66:f2:cc:1c:de:46:30:83:
52:b1:ca:9b:4c:16:62:49:ce:49:c0:54:67:f1:51:a6:a7:9d:
57:98:8b:00:49:ab:e4:9e:b6:54:dd:b4:0e:4a:3b:5f:82:5f:
16:9a:71:9b:b0:e9:45:d1:24:bd:9f:f6:79:8c:6a:c6:1f:4a:
4a:9e:14:77:af:32:0a:44:16:b2:62:87:4b:33:af:bb:e4:40:
67:92:0c:54:35:8c:f0:d0:8e:3a:a2:47:36:de:99:21:8a:3f:
35:d5:61:06:bb:f1:64:23:26:a3:41:d0:cb:4a:85:16:e6:57:
19:3f:4b:6b:7c:1c:24:8e:e7:0e:33:00:1e:58:a0:2d:a2:4c:
af:71:3e:7a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEBVuZEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NGIzMWRjZDZiYjUzMDgwMjljNDI3MzIzMDUxNGY3MjZiMWI4NmJhMB4XDTIyMDEw
MTA3NTU1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODg5ZTBmNzgwOWZm
YTg5MDkyMzM5N2YxNjkzNTI5NmY0NjgzYjdmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOxtOfEuJ0Or7icmeHEIvQkHIYxA7YKGn9sPg9lVdBD+ljT/
bYOMi9hlD/IQ+WK1p8N0nWfax12ZC4BBQ6mjFyPrnzopFq0AedqWFZQtyJUWjkU2
4BEimnUwICEePOrovHcrOVyh7Pv8hcMWKH+jDmb1sai1B73lVbfQ8JAgCi1Xiw14
dGrtLcPAk8n/3ZNB4bvOJt6dG8y4X4D9NcWsaYb9jAyP3NRR299x0aJ29Creu83t
oVOBowN3cIJlpvjRe1B4P6pmiL6S0xgu+11LpmjUJ4l9gzKieH2yK/behMfp3NRT
qr43nKTkV6OFCUWz9VBLgi03DBFOzq8S5z2HIXUCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBSIng94Cf+okJIzl/FpNSlvRoO3+TAfBgNVHSMEGDAWgBRksx3Na7UwgCnE
JzIwUU9yaxuGujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pMTWR6V3UxTUlBcHhDY3lNRkZQY21zYmhyby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjcvOTgwZDZlLThhOTktNDI2MC04MDY0LTQ0YWI2ODllMWQ0ZC8x
L2lKNFBlQW5fcUpDU001ZnhhVFVwYjBhRHRfay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjcv
OTgwZDZlLThhOTktNDI2MC04MDY0LTQ0YWI2ODllMWQ0ZC8xL1pMTWR6V3UxTUlB
cHhDY3lNRkZQY21zYmhyby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEArnoODAOBAIAAjAIAwYCKg1TAAAw
DQYJKoZIhvcNAQELBQADggEBAL5JM1d7Inyg/Cb76gR5hvd94Tl9HnU/OXPnC7TZ
L0N1mFiWA7K4pT2JXLJPUm4ShGi4tIsF3MAj88d7mHkQN8A+oBmUZZV9lfPRBa/q
sM6KU985GylAqUTOC2q4SoGDr/LSRyPYrPGJIx7+QspoVqkeKTEeA15m8swc3kYw
g1KxyptMFmJJzknAVGfxUaannVeYiwBJq+SetlTdtA5KO1+CXxaacZuw6UXRJL2f
9nmMasYfSkqeFHevMgpEFrJih0szr7vkQGeSDFQ1jPDQjjqiRzbemSGKPzXVYQa7
8WQjJqNB0MtKhRbmVxk/S2t8HCSO5w4zAB5YoC2iTK9xPno=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:58 2023 by rpki-client on console-ams.rpki-client.org