Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/iPchOd34nYmID5z0xjX10Sx91U8.roa
File: iPchOd34nYmID5z0xjX10Sx91U8.roa (raw, json)
Hash identifier: nqD+23HAyWJnDAvIaM1sOZ0sSEx8OuhjnaP9VMuBy1s=
Subject key identifier: 88:F7:21:39:DD:F8:9D:89:88:0F:9C:F4:C6:35:F5:D1:2C:7D:D5:4F
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0184C2777AD515CF4B4DDD73419A5276940B
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/iPchOd34nYmID5z0xjX10Sx91U8.roa
Signing time: Tue 29 Nov 2022 08:18:40 +0000
ROA not before: Tue 29 Nov 2022 08:18:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38136
IP address blocks: 185.248.184.0/22 maxlen: 24
188.214.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:77:7a:d5:15:cf:4b:4d:dd:73:41:9a:52:76:94:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Nov 29 08:18:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88f72139ddf89d89880f9cf4c635f5d12c7dd54f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b5:ef:70:09:91:83:41:63:73:7c:17:77:02:
9e:07:ca:10:3b:19:da:14:a8:83:d5:2f:5a:8f:29:
55:e0:dc:c8:76:ea:30:67:61:b7:c8:68:fe:0f:d2:
32:8b:5f:a6:b6:7c:f8:e0:5d:7c:04:ac:69:01:51:
76:5c:b0:bd:82:0c:8d:a7:62:e3:89:05:fd:28:9d:
7b:66:1d:8a:c9:b8:90:0f:ec:63:4d:70:9d:4a:fb:
2f:0d:fe:10:8c:10:75:91:63:15:70:b0:df:4c:09:
a1:93:5c:80:c6:cb:35:50:d6:6c:ed:b4:dd:a3:48:
5c:06:d4:fd:b8:e5:fd:75:12:a5:0e:73:cf:55:6e:
c8:7c:0b:f3:69:99:c3:a6:ac:3c:68:e9:fe:d9:d4:
12:1f:c1:e1:e1:45:f9:ac:94:49:27:5e:ef:50:85:
46:af:ea:0e:f3:a8:93:25:0d:a8:2f:3e:a4:9a:4f:
8a:29:61:3f:d1:05:3b:64:e1:12:72:85:a1:bf:9a:
d5:e1:76:9f:cd:5a:ee:bd:ab:f2:6d:dd:69:46:b5:
d4:a0:a3:5d:ea:ed:52:f1:04:8c:df:1b:d8:ef:b9:
3e:6d:43:47:07:d3:68:b0:76:df:22:b3:94:ce:f3:
e3:12:46:63:41:8c:7e:55:fc:60:8a:cf:28:0a:07:
44:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F7:21:39:DD:F8:9D:89:88:0F:9C:F4:C6:35:F5:D1:2C:7D:D5:4F
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/iPchOd34nYmID5z0xjX10Sx91U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.184.0/22
188.214.236.0/22
Signature Algorithm: sha256WithRSAEncryption
59:c9:7f:b2:54:a5:11:b7:22:ed:aa:e7:74:84:78:58:8d:7d:
4f:a8:a0:34:c5:81:d2:d6:80:a9:07:41:58:d7:83:b8:96:6d:
b7:b7:25:cd:23:a2:25:f1:00:98:07:ae:be:c1:3f:b8:13:d8:
d7:8a:82:3e:6c:50:92:83:9d:fa:c5:7b:13:f2:25:86:ea:1f:
6e:c3:6a:4b:80:7f:ba:23:a0:8e:5f:a1:00:e4:86:99:0a:49:
e7:b2:51:8e:76:48:fc:54:80:38:f2:73:ff:70:ce:cb:dc:27:
b9:4b:9d:6b:93:a0:0f:88:70:ff:b9:78:f2:fb:05:cf:af:d8:
1e:e5:db:03:b9:25:c3:a8:62:98:8a:03:95:16:01:1e:fa:47:
5c:d0:76:5b:4d:ca:67:b6:cd:71:e1:3d:1c:e6:6f:c3:49:c5:
dd:86:93:e9:e5:4b:23:51:19:15:12:e5:58:de:41:f3:79:5f:
91:f5:fd:09:14:14:fe:78:ff:78:fa:1e:de:eb:ed:e1:29:5c:
3f:f6:11:43:e1:87:5f:2c:5d:df:ee:ed:87:91:7e:08:fb:49:
e8:05:f1:a2:3a:0f:35:e3:50:9a:80:06:5e:be:8b:0b:f7:ba:
c7:ba:47:c7:f5:81:3a:73:74:33:c3:e3:96:c8:77:9e:c3:04:
86:76:b4:93
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTCd3rVFc9LTd1zQZpSdpQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIxMTI5MDgxODQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGY3MjEzOWRkZjg5ZDg5ODgwZjljZjRjNjM1ZjVkMTJjN2RkNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubXvcAmRg0Fjc3wXdwKeB8oQOxna
FKiD1S9ajylV4NzIduowZ2G3yGj+D9Iyi1+mtnz44F18BKxpAVF2XLC9ggyNp2Lj
iQX9KJ17Zh2KybiQD+xjTXCdSvsvDf4QjBB1kWMVcLDfTAmhk1yAxss1UNZs7bTd
o0hcBtT9uOX9dRKlDnPPVW7IfAvzaZnDpqw8aOn+2dQSH8Hh4UX5rJRJJ17vUIVG
r+oO86iTJQ2oLz6kmk+KKWE/0QU7ZOEScoWhv5rV4XafzVruvavybd1pRrXUoKNd
6u1S8QSM3xvY77k+bUNHB9NosHbfIrOUzvPjEkZjQYx+Vfxgis8oCgdEhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIj3ITnd+J2JiA+c9MY19dEsfdVPMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvaVBjaE9kMzRuWW1JRDV6MHhqWDEwU3g5MVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufi4AwQC
vNbsMA0GCSqGSIb3DQEBCwUAA4IBAQBZyX+yVKURtyLtqud0hHhYjX1PqKA0xYHS
1oCpB0FY14O4lm23tyXNI6Il8QCYB66+wT+4E9jXioI+bFCSg536xXsT8iWG6h9u
w2pLgH+6I6COX6EA5IaZCknnslGOdkj8VIA48nP/cM7L3Ce5S51rk6APiHD/uXjy
+wXPr9ge5dsDuSXDqGKYigOVFgEe+kdc0HZbTcpnts1x4T0c5m/DScXdhpPp5Usj
URkVEuVY3kHzeV+R9f0JFBT+eP94+h7e6+3hKVw/9hFD4YdfLF3f7u2HkX4I+0no
BfGiOg8141CagAZevosL97rHukfH9YE6c3Qzw+OWyHeewwSGdrST
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org