Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/ilXmdNw2lE1glLxhPA0sHvtnsfk.roa
File: ilXmdNw2lE1glLxhPA0sHvtnsfk.roa (raw, json)
Hash identifier: KH8DLwIEw1aMiVlana6raXu5C9SaD7GVU6VvYCY9ezg=
Subject key identifier: 8A:55:E6:74:DC:36:94:4D:60:94:BC:61:3C:0D:2C:1E:FB:67:B1:F9
Certificate issuer: /CN=037f532fa262f5c6bd9615bcd79d6edd43f2e075
Certificate serial: 0823DF37
Authority key identifier: 03:7F:53:2F:A2:62:F5:C6:BD:96:15:BC:D7:9D:6E:DD:43:F2:E0:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A39TL6Ji9ca9lhW8151u3UPy4HU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/ilXmdNw2lE1glLxhPA0sHvtnsfk.roa
Signing time: Sat 01 Jan 2022 00:54:59 +0000
ROA not before: Sat 01 Jan 2022 00:54:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 185.186.108.0/24 maxlen: 24
185.186.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136568631 (0x823df37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037f532fa262f5c6bd9615bcd79d6edd43f2e075
Validity
Not Before: Jan 1 00:54:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a55e674dc36944d6094bc613c0d2c1efb67b1f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:96:61:d1:f8:6c:e0:d5:1d:81:94:b9:31:5a:
2b:21:d1:ac:de:1e:b8:12:85:a4:1b:9d:97:45:1e:
54:aa:c6:e1:12:32:be:03:5f:d9:a6:df:4c:36:e9:
e6:3f:5e:4c:2e:94:27:92:14:a7:b6:35:ad:81:90:
05:a5:48:3a:22:64:40:ff:ea:6a:f6:28:7f:4b:54:
60:8e:13:0d:97:62:10:ca:7f:c5:5f:10:1e:67:24:
05:e1:40:03:4a:92:9b:c5:b0:01:8a:24:e2:dc:56:
5c:7d:49:bc:c6:b8:b6:4f:aa:27:2b:27:f1:28:da:
0d:ca:0d:df:f5:97:0f:cf:fc:09:7b:4e:ad:3d:2f:
3c:db:5c:aa:98:4f:56:10:84:50:c0:96:27:50:3b:
34:b0:fd:b2:ca:8d:70:d7:70:b3:12:14:8e:c6:cc:
28:06:7c:86:41:8e:8d:0c:d2:28:07:2a:68:05:cc:
40:6f:a3:48:b4:7c:95:2f:e8:e2:72:b5:d8:d2:e4:
52:b7:b9:10:82:54:bd:bb:e9:b6:bd:6e:b2:4f:1e:
49:86:c3:54:e2:fa:b4:7d:d4:7e:d9:ad:5d:31:1e:
13:2d:37:23:56:fc:04:9c:49:e8:0a:1a:b6:f0:9a:
3d:96:6c:f3:2b:97:91:1c:59:28:e3:c5:2b:be:cd:
ed:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:55:E6:74:DC:36:94:4D:60:94:BC:61:3C:0D:2C:1E:FB:67:B1:F9
X509v3 Authority Key Identifier:
keyid:03:7F:53:2F:A2:62:F5:C6:BD:96:15:BC:D7:9D:6E:DD:43:F2:E0:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A39TL6Ji9ca9lhW8151u3UPy4HU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/ilXmdNw2lE1glLxhPA0sHvtnsfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/08e57c-d716-4705-9561-03adfbc68c91/1/A39TL6Ji9ca9lhW8151u3UPy4HU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.108.0/23
Signature Algorithm: sha256WithRSAEncryption
49:72:e9:6f:fe:9d:54:20:e0:08:f9:12:eb:d7:bf:c2:12:51:
62:38:5f:c0:b0:57:fb:df:a9:22:64:b3:1a:48:b6:e3:5f:ab:
0c:0d:45:55:90:41:07:ec:88:37:c2:6b:3e:0b:71:7a:b6:cd:
8e:e0:5f:ed:3f:81:6d:ad:29:c7:b7:1c:0e:b3:63:e0:6e:fc:
c1:67:dd:3c:31:5a:07:7d:32:46:21:5c:66:0e:90:d3:b7:5d:
1d:09:6e:11:7d:5e:f8:09:3e:af:41:b5:29:52:5f:d2:76:f3:
53:d7:89:98:50:7b:31:ce:7a:bf:bc:ac:1f:94:6e:f5:da:56:
d1:3a:6c:6e:00:9c:80:0d:e1:f8:a6:75:9a:a7:fe:14:4e:cb:
b8:71:b7:e5:be:cc:0e:c4:ec:ad:02:60:a8:0d:7a:12:00:8e:
9d:f1:b2:26:25:d0:30:c4:3e:3b:41:3e:49:ca:86:da:8b:9e:
18:b6:a5:f2:27:78:d8:00:1d:7b:0a:ba:06:e9:08:12:2a:7a:
cb:16:af:d0:91:63:07:7d:24:ed:3e:f9:b5:a5:e2:33:f8:bc:
09:6b:2c:0f:7f:28:9a:d8:f3:88:84:c5:8c:b3:b0:e7:c9:af:
ee:3b:54:4d:bc:99:13:0b:0b:88:6e:b7:c9:71:54:85:32:2c:
21:5f:1d:83
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECCPfNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MzdmNTMyZmEyNjJmNWM2YmQ5NjE1YmNkNzlkNmVkZDQzZjJlMDc1MB4XDTIyMDEw
MTAwNTQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGE1NWU2NzRkYzM2
OTQ0ZDYwOTRiYzYxM2MwZDJjMWVmYjY3YjFmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM+WYdH4bODVHYGUuTFaKyHRrN4euBKFpBudl0UeVKrG4RIy
vgNf2abfTDbp5j9eTC6UJ5IUp7Y1rYGQBaVIOiJkQP/qavYof0tUYI4TDZdiEMp/
xV8QHmckBeFAA0qSm8WwAYok4txWXH1JvMa4tk+qJysn8SjaDcoN3/WXD8/8CXtO
rT0vPNtcqphPVhCEUMCWJ1A7NLD9ssqNcNdwsxIUjsbMKAZ8hkGOjQzSKAcqaAXM
QG+jSLR8lS/o4nK12NLkUre5EIJUvbvptr1usk8eSYbDVOL6tH3UftmtXTEeEy03
I1b8BJxJ6AoatvCaPZZs8yuXkRxZKOPFK77N7SUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKVeZ03DaUTWCUvGE8DSwe+2ex+TAfBgNVHSMEGDAWgBQDf1MvomL1xr2W
FbzXnW7dQ/LgdTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0EzOVRMNkppOWNhOWxoVzgxNTF1M1VQeTRIVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvMDhlNTdjLWQ3MTYtNDcwNS05NTYxLTAzYWRmYmM2OGM5MS8x
L2lsWG1kTncybEUxZ2xMeGhQQTBzSHZ0bnNmay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
MDhlNTdjLWQ3MTYtNDcwNS05NTYxLTAzYWRmYmM2OGM5MS8xL0EzOVRMNkppOWNh
OWxoVzgxNTF1M1VQeTRIVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbm6bDANBgkqhkiG9w0BAQsFAAOC
AQEASXLpb/6dVCDgCPkS69e/whJRYjhfwLBX+9+pImSzGki241+rDA1FVZBBB+yI
N8JrPgtxerbNjuBf7T+Bba0px7ccDrNj4G78wWfdPDFaB30yRiFcZg6Q07ddHQlu
EX1e+Ak+r0G1KVJf0nbzU9eJmFB7Mc56v7ysH5Ru9dpW0TpsbgCcgA3h+KZ1mqf+
FE7LuHG35b7MDsTsrQJgqA16EgCOnfGyJiXQMMQ+O0E+ScqG2oueGLal8id42AAd
ewq6BukIEip6yxav0JFjB30k7T75taXiM/i8CWssD38omtjziITFjLOw58mv7jtU
TbyZEwsLiG63yXFUhTIsIV8dgw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:01 2023 by rpki-client on console-ams.rpki-client.org