Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/IcyZDGCzYMtggdf4CtoQDI8jyZY.roa
File: IcyZDGCzYMtggdf4CtoQDI8jyZY.roa (raw, json)
Hash identifier: alef9LL9a+3CKHioQ6+i7nquzo/Bdi083g24L2826FU=
Subject key identifier: 21:CC:99:0C:60:B3:60:CB:60:81:D7:F8:0A:DA:10:0C:8F:23:C9:96
Certificate issuer: /CN=5d16dccfb2e2c88cf09f487c421fc8af7bbd3574
Certificate serial: 07898296
Authority key identifier: 5D:16:DC:CF:B2:E2:C8:8C:F0:9F:48:7C:42:1F:C8:AF:7B:BD:35:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/IcyZDGCzYMtggdf4CtoQDI8jyZY.roa
Signing time: Sat 01 Jan 2022 05:52:47 +0000
ROA not before: Sat 01 Jan 2022 05:52:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200931
IP address blocks: 185.91.4.0/24 maxlen: 24
185.91.4.0/22 maxlen: 22
185.91.5.0/24 maxlen: 24
185.91.6.0/24 maxlen: 24
2a03:8860::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126452374 (0x7898296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d16dccfb2e2c88cf09f487c421fc8af7bbd3574
Validity
Not Before: Jan 1 05:52:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21cc990c60b360cb6081d7f80ada100c8f23c996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:88:5c:b2:6e:4b:4e:69:7e:4c:22:ad:c3:37:
35:8a:e9:2f:79:65:cc:e5:b4:f4:4b:d5:f0:74:6d:
55:91:8d:e6:bf:be:31:84:86:40:88:6a:52:87:80:
f0:0e:3a:e7:18:ca:80:36:e9:92:ac:91:a3:b6:58:
e1:6f:85:e9:28:73:81:07:0c:92:ce:8d:53:22:eb:
de:28:c6:3d:67:cf:38:32:67:9b:3d:7c:41:3b:f2:
8d:46:5e:f1:52:a2:66:3d:4b:67:36:52:5a:72:58:
be:22:ed:69:39:0c:68:98:c0:f2:47:b3:94:53:17:
94:ec:50:2f:7f:73:71:b9:e1:20:5a:2a:b6:0f:6e:
5a:15:9b:c3:1a:fc:b5:9e:b3:3c:97:98:2e:bb:73:
5b:05:fb:0d:82:ea:3d:e3:cd:fd:e7:5f:1d:28:47:
95:b6:27:07:a0:0f:80:08:aa:84:71:43:ed:0e:65:
ba:dd:e2:17:a2:f8:96:29:55:1b:88:cd:1b:a4:1c:
47:9c:21:79:01:ff:9d:76:30:d2:48:59:87:c7:ed:
65:f9:12:1b:a6:32:36:7c:e8:be:0d:d7:22:12:33:
ab:13:d2:71:5a:b6:5f:fb:3e:ae:82:85:f3:28:36:
e7:bd:2d:c9:a2:1a:02:ee:83:a7:80:57:11:5a:e5:
e2:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CC:99:0C:60:B3:60:CB:60:81:D7:F8:0A:DA:10:0C:8F:23:C9:96
X509v3 Authority Key Identifier:
keyid:5D:16:DC:CF:B2:E2:C8:8C:F0:9F:48:7C:42:1F:C8:AF:7B:BD:35:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/IcyZDGCzYMtggdf4CtoQDI8jyZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ad0241-1ae3-4d5b-b0d1-85c5d5302d88/1/XRbcz7LiyIzwn0h8Qh_Ir3u9NXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.4.0/22
IPv6:
2a03:8860::/32
Signature Algorithm: sha256WithRSAEncryption
38:64:d0:82:90:9d:79:dc:a1:d9:44:cc:e8:35:e1:a2:60:b6:
b7:98:94:16:03:c2:8b:90:22:58:d9:67:2a:3a:8c:73:0f:74:
e7:9f:a6:0a:c3:38:7c:05:82:d4:fc:a2:49:d4:c4:ea:08:85:
d6:07:31:d2:a2:83:19:6b:04:d4:5d:87:c4:e5:a9:d5:c4:cf:
0e:dc:c4:8a:7c:88:b2:8e:f7:cb:c4:ef:80:05:15:7c:f0:f2:
36:c7:a5:d5:ef:0c:b7:fc:e6:b0:0b:f1:c8:a2:a8:98:51:7b:
30:7b:0b:ad:2a:2a:dd:b4:bd:a3:2d:d3:5d:1b:2b:44:2b:93:
b6:55:f5:fc:6b:05:44:f1:8a:1a:c8:62:68:bb:b2:66:c6:fb:
ba:eb:00:88:4a:90:4e:3f:d0:9d:00:c3:64:c4:8c:8d:93:0d:
69:f0:83:ca:a0:49:cd:17:a8:65:7d:3a:23:c3:e8:0e:f7:40:
be:85:9d:7d:9a:95:b9:ea:dd:8c:c4:d7:48:5c:1a:f0:a9:ff:
8a:08:59:32:ff:93:80:33:53:91:ce:47:75:96:16:66:38:4a:
8b:8d:b2:9d:8e:69:b5:13:7b:a9:d4:f6:18:b1:c8:b8:76:45:
59:75:20:e4:a3:58:db:11:21:b3:f9:54:07:ed:fa:dc:57:08:
44:8c:cb:c1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB4mCljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDE2ZGNjZmIyZTJjODhjZjA5ZjQ4N2M0MjFmYzhhZjdiYmQzNTc0MB4XDTIyMDEw
MTA1NTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFjYzk5MGM2MGIz
NjBjYjYwODFkN2Y4MGFkYTEwMGM4ZjIzYzk5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALaIXLJuS05pfkwircM3NYrpL3llzOW09EvV8HRtVZGN5r++
MYSGQIhqUoeA8A465xjKgDbpkqyRo7ZY4W+F6ShzgQcMks6NUyLr3ijGPWfPODJn
mz18QTvyjUZe8VKiZj1LZzZSWnJYviLtaTkMaJjA8kezlFMXlOxQL39zcbnhIFoq
tg9uWhWbwxr8tZ6zPJeYLrtzWwX7DYLqPePN/edfHShHlbYnB6APgAiqhHFD7Q5l
ut3iF6L4lilVG4jNG6QcR5wheQH/nXYw0khZh8ftZfkSG6YyNnzovg3XIhIzqxPS
cVq2X/s+roKF8yg2570tyaIaAu6Dp4BXEVrl4qUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQhzJkMYLNgy2CB1/gK2hAMjyPJljAfBgNVHSMEGDAWgBRdFtzPsuLIjPCf
SHxCH8ive701dDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hSYmN6N0xpeUl6d24waDhRaF9JcjN1OU5YUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODAvYWQwMjQxLTFhZTMtNGQ1Yi1iMGQxLTg1YzVkNTMwMmQ4OC8x
L0ljeVpER0N6WU10Z2dkZjRDdG9RREk4anlaWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODAv
YWQwMjQxLTFhZTMtNGQ1Yi1iMGQxLTg1YzVkNTMwMmQ4OC8xL1hSYmN6N0xpeUl6
d24waDhRaF9JcjN1OU5YUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlbBDANBAIAAjAHAwUAKgOIYDAN
BgkqhkiG9w0BAQsFAAOCAQEAOGTQgpCdedyh2UTM6DXhomC2t5iUFgPCi5AiWNln
KjqMcw9055+mCsM4fAWC1PyiSdTE6giF1gcx0qKDGWsE1F2HxOWp1cTPDtzEinyI
so73y8TvgAUVfPDyNsel1e8Mt/zmsAvxyKKomFF7MHsLrSoq3bS9oy3TXRsrRCuT
tlX1/GsFRPGKGshiaLuyZsb7uusAiEqQTj/QnQDDZMSMjZMNafCDyqBJzReoZX06
I8PoDvdAvoWdfZqVuerdjMTXSFwa8Kn/ighZMv+TgDNTkc5HdZYWZjhKi42ynY5p
tRN7qdT2GLHIuHZFWXUg5KNY2xEhs/lUB+363FcIRIzLwQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:31 2024 by rpki-client on console-ams.rpki-client.org