Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/4L8LLJMSqaEU8mvNaJpgI--dOik.roa
File: 4L8LLJMSqaEU8mvNaJpgI--dOik.roa (raw, json)
Hash identifier: 2V437+HXy1ozN0IwatmgdDX9FfNKzmxsIvUmnAB/d34=
Subject key identifier: E0:BF:0B:2C:93:12:A9:A1:14:F2:6B:CD:68:9A:60:23:EF:9D:3A:29
Certificate issuer: /CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
Certificate serial: 0183858B63D24732955E629E4B5B091B3247
Authority key identifier: 0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/4L8LLJMSqaEU8mvNaJpgI--dOik.roa
Signing time: Wed 28 Sep 2022 19:20:48 +0000
ROA not before: Wed 28 Sep 2022 19:20:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205367
IP address blocks: 185.220.181.0/24 maxlen: 24
185.220.180.0/24 maxlen: 24
185.220.183.0/24 maxlen: 24
185.220.180.0/22 maxlen: 22
185.220.182.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:85:8b:63:d2:47:32:95:5e:62:9e:4b:5b:09:1b:32:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ae427101cb2e2bd565084de6471f6eb48d24f96
Validity
Not Before: Sep 28 19:20:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0bf0b2c9312a9a114f26bcd689a6023ef9d3a29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:18:a0:dc:1a:71:26:fd:5c:9a:06:b3:e9:9e:
0c:ed:3a:aa:54:56:a9:98:f4:fb:81:c2:7c:ad:55:
0e:96:49:87:3e:74:f4:59:ab:db:6c:27:6b:43:80:
0f:ab:e9:17:b4:e7:0e:a6:9f:2b:fc:43:57:ae:e5:
d5:47:d4:91:25:2a:25:12:ba:0d:bc:9d:6c:7a:78:
a7:6d:56:eb:7f:7a:f1:70:9e:6c:50:81:21:ce:26:
37:e5:15:11:7a:58:ae:06:eb:42:22:2a:7b:d8:46:
55:37:e7:7c:07:8b:f9:8e:75:11:17:74:44:4c:2d:
49:a9:e6:88:49:83:d9:5d:dc:40:60:e7:38:bf:2a:
97:40:71:19:3f:3a:36:06:e2:7b:4e:71:29:b7:22:
9c:ec:f3:1f:55:92:d5:29:6a:9d:25:4b:5b:ab:aa:
50:b2:a0:81:36:37:5d:0a:10:82:fb:f4:4e:82:95:
63:06:08:fe:4e:61:d0:ca:77:9a:24:80:4a:e8:12:
f1:a2:62:ff:74:69:04:1b:40:fc:9f:12:66:1a:04:
88:eb:bb:6d:3b:3a:fb:1f:32:f4:90:6b:9a:7a:f0:
78:15:49:47:f8:ed:c6:58:c6:06:4a:d4:42:ce:fd:
a9:82:23:1b:c7:69:b7:c4:c6:38:ab:11:52:fc:08:
ee:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:BF:0B:2C:93:12:A9:A1:14:F2:6B:CD:68:9A:60:23:EF:9D:3A:29
X509v3 Authority Key Identifier:
keyid:0A:E4:27:10:1C:B2:E2:BD:56:50:84:DE:64:71:F6:EB:48:D2:4F:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CuQnEByy4r1WUITeZHH260jST5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/4L8LLJMSqaEU8mvNaJpgI--dOik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/e112fc-05ef-4f1f-85be-7c9e684ccce2/1/CuQnEByy4r1WUITeZHH260jST5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.180.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:5b:58:d6:2d:67:e6:bd:d4:16:5a:6d:7a:eb:f1:90:95:90:
99:e7:68:a0:e6:67:44:c3:39:0f:4e:e8:17:12:f2:06:29:53:
40:31:ef:a4:71:68:bd:6a:8f:dc:c9:39:37:ea:cc:d2:ba:fa:
cb:56:a8:5d:be:14:4b:23:d6:0d:c8:a1:d8:ab:27:ce:43:96:
c3:4d:e4:db:73:bd:c4:d5:5b:3b:f6:54:1b:38:30:65:70:0c:
de:3d:d9:99:af:9e:fc:2d:f1:cb:60:0e:53:35:33:c6:07:92:
92:ce:96:b0:2c:06:07:ad:f7:4c:01:a0:d3:65:e7:67:9a:ba:
bf:02:50:1b:33:c7:c2:a4:a4:ff:a9:39:c7:00:c5:63:e7:93:
90:e3:4a:32:c8:ef:f8:26:31:74:ca:34:b9:38:9c:ab:31:e8:
97:6c:ed:0c:e7:6b:33:a4:a1:4d:12:e5:bc:59:37:4f:ae:79:
88:e2:11:20:95:05:e2:8d:3a:fd:32:b2:94:35:56:98:f7:f0:
29:f9:2c:85:96:d7:48:a2:93:8b:4d:e5:1c:d8:1e:5b:8c:49:
df:94:0d:8e:dd:ee:82:fe:43:51:01:0e:02:3e:45:9b:46:e8:
1a:b0:6d:9e:19:b3:39:85:8b:bb:97:25:71:85:b3:ce:cf:dc:
19:2f:34:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOFi2PSRzKVXmKeS1sJGzJHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhZTQyNzEwMWNiMmUyYmQ1NjUwODRkZTY0NzFmNmViNDhk
MjRmOTYwHhcNMjIwOTI4MTkyMDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGJmMGIyYzkzMTJhOWExMTRmMjZiY2Q2ODlhNjAyM2VmOWQzYTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRig3BpxJv1cmgaz6Z4M7TqqVFap
mPT7gcJ8rVUOlkmHPnT0WavbbCdrQ4APq+kXtOcOpp8r/ENXruXVR9SRJSolEroN
vJ1seninbVbrf3rxcJ5sUIEhziY35RUReliuButCIip72EZVN+d8B4v5jnURF3RE
TC1JqeaISYPZXdxAYOc4vyqXQHEZPzo2BuJ7TnEptyKc7PMfVZLVKWqdJUtbq6pQ
sqCBNjddChCC+/ROgpVjBgj+TmHQyneaJIBK6BLxomL/dGkEG0D8nxJmGgSI67tt
Ozr7HzL0kGuaevB4FUlH+O3GWMYGStRCzv2pgiMbx2m3xMY4qxFS/AjuNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOC/CyyTEqmhFPJrzWiaYCPvnTopMB8GA1UdIwQY
MBaAFArkJxAcsuK9VlCE3mRx9utI0k+WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUt
N2M5ZTY4NGNjY2UyLzEvNEw4TExKTVNxYUVVOG12TmFKcGdJLS1kT2lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lMTEyZmMtMDVlZi00ZjFmLTg1YmUtN2M5ZTY4NGNjY2Uy
LzEvQ3VRbkVCeXk0cjFXVUlUZVpISDI2MGpTVDVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCudy0MA0G
CSqGSIb3DQEBCwUAA4IBAQBLW1jWLWfmvdQWWm166/GQlZCZ52ig5mdEwzkPTugX
EvIGKVNAMe+kcWi9ao/cyTk36szSuvrLVqhdvhRLI9YNyKHYqyfOQ5bDTeTbc73E
1Vs79lQbODBlcAzePdmZr578LfHLYA5TNTPGB5KSzpawLAYHrfdMAaDTZednmrq/
AlAbM8fCpKT/qTnHAMVj55OQ40oyyO/4JjF0yjS5OJyrMeiXbO0M52szpKFNEuW8
WTdPrnmI4hEglQXijTr9MrKUNVaY9/Ap+SyFltdIopOLTeUc2B5bjEnflA2O3e6C
/kNRAQ4CPkWbRugasG2eGbM5hYu7lyVxhbPOz9wZLzSS
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:53 2024 by rpki-client on console-ams.rpki-client.org