Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/X6itab8HD2SWplO3tOpHPtQ4mKk.roa
File: X6itab8HD2SWplO3tOpHPtQ4mKk.roa (raw, json)
Hash identifier: tcAqjQm5QtZk02FAaoI9AHt103Oz1uVPdIklIoyV8C4=
Subject key identifier: 5F:A8:AD:69:BF:07:0F:64:96:A6:53:B7:B4:EA:47:3E:D4:38:98:A9
Certificate issuer: /CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Certificate serial: 0EDAA6F5
Authority key identifier: 68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/X6itab8HD2SWplO3tOpHPtQ4mKk.roa
Signing time: Sat 01 Jan 2022 15:02:18 +0000
ROA not before: Sat 01 Jan 2022 15:02:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202735
IP address blocks: 185.155.238.0/24 maxlen: 24
185.155.237.0/24 maxlen: 24
185.155.236.0/22 maxlen: 22
185.155.236.0/24 maxlen: 24
185.155.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 249210613 (0xedaa6f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68231a500a0a8108dc7a4358b1002b1fdbf07995
Validity
Not Before: Jan 1 15:02:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fa8ad69bf070f6496a653b7b4ea473ed43898a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:76:bc:80:57:64:40:ff:04:ac:79:f8:cb:4b:
a3:d1:81:16:e7:82:ed:ef:a9:92:e7:db:b7:f8:51:
5f:80:07:a4:b9:6b:b7:0f:72:10:bf:f4:98:d4:c7:
7f:8d:8f:4b:98:00:97:02:33:17:3f:8f:11:63:52:
31:8c:26:0c:98:d9:68:6f:f4:9e:35:d2:0f:14:d0:
49:95:65:7d:05:1f:d6:d7:c1:0f:63:56:31:a2:2d:
38:25:c0:5d:37:a6:eb:17:62:af:ec:09:95:bd:e5:
01:67:aa:7c:9c:6b:1a:cc:8c:e2:40:02:df:9d:d6:
b0:0a:34:df:fc:fa:12:a7:b8:c6:27:f9:5e:97:12:
a5:ed:92:c2:6f:b1:6b:4a:04:ab:2e:3c:5f:51:86:
b9:d7:69:3e:70:0a:b5:74:2c:e9:3e:27:5e:42:f9:
ee:3a:99:0a:67:86:7f:58:4d:25:3d:06:6c:27:1d:
51:a9:e4:9f:fc:f4:af:c9:90:10:ff:ce:92:38:36:
3d:62:f2:55:be:6f:0b:33:73:4c:49:a9:37:da:f4:
c8:df:cc:9c:9e:11:49:be:3a:70:31:96:a8:ad:1f:
c3:30:b4:15:35:44:a8:da:32:43:35:98:9d:82:17:
57:ed:7f:3c:6f:79:e2:6d:63:a8:20:84:be:05:d9:
c6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A8:AD:69:BF:07:0F:64:96:A6:53:B7:B4:EA:47:3E:D4:38:98:A9
X509v3 Authority Key Identifier:
keyid:68:23:1A:50:0A:0A:81:08:DC:7A:43:58:B1:00:2B:1F:DB:F0:79:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCMaUAoKgQjcekNYsQArH9vweZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/X6itab8HD2SWplO3tOpHPtQ4mKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/00b085-9966-4275-a52b-7f23b34686c2/1/aCMaUAoKgQjcekNYsQArH9vweZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.236.0/22
Signature Algorithm: sha256WithRSAEncryption
83:b9:45:56:03:f2:53:df:cc:4b:cc:88:01:62:30:ef:52:db:
04:f8:28:6e:8a:d1:12:5f:48:26:b4:49:2f:3f:9f:4f:5c:5e:
b8:2d:80:a0:3f:09:a5:8f:0f:3c:69:1c:34:ed:65:10:5f:6d:
c6:ed:f6:dc:3d:1e:0b:b2:fa:7c:f2:2d:77:71:0e:31:c6:43:
7b:82:2b:f1:8b:03:b0:74:a8:e0:82:0b:af:5d:c4:a3:98:67:
8c:89:0f:f6:db:7a:c6:b1:f9:3e:1a:42:6d:b6:22:ab:57:45:
15:5b:85:95:f2:0a:15:60:21:c8:e7:5f:8d:4c:2b:0e:9a:ef:
8b:67:07:d6:8b:aa:1f:7b:b8:7f:7b:45:37:46:0b:33:fe:08:
71:5f:98:5f:00:74:27:ce:d9:8f:4c:66:90:0b:86:1e:46:99:
61:f4:24:e1:75:1c:48:79:f1:5c:63:e8:59:ae:2c:97:45:64:
c3:af:88:d2:d3:21:ce:91:f4:c7:0b:66:be:bf:72:4e:95:11:
86:f0:a0:41:ec:57:3e:9b:51:d6:77:7b:80:5a:28:7d:3f:db:
e8:17:69:d3:a3:14:f2:42:dc:99:fa:3e:1f:47:b0:3b:16:3a:
8d:4d:db:cd:99:11:8e:6a:67:98:47:32:f2:81:b5:37:5c:68:
35:08:34:bb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDtqm9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ODIzMWE1MDBhMGE4MTA4ZGM3YTQzNThiMTAwMmIxZmRiZjA3OTk1MB4XDTIyMDEw
MTE1MDIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZhOGFkNjliZjA3
MGY2NDk2YTY1M2I3YjRlYTQ3M2VkNDM4OThhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ92vIBXZED/BKx5+MtLo9GBFueC7e+pkufbt/hRX4AHpLlr
tw9yEL/0mNTHf42PS5gAlwIzFz+PEWNSMYwmDJjZaG/0njXSDxTQSZVlfQUf1tfB
D2NWMaItOCXAXTem6xdir+wJlb3lAWeqfJxrGsyM4kAC353WsAo03/z6Eqe4xif5
XpcSpe2Swm+xa0oEqy48X1GGuddpPnAKtXQs6T4nXkL57jqZCmeGf1hNJT0GbCcd
Uankn/z0r8mQEP/Okjg2PWLyVb5vCzNzTEmpN9r0yN/MnJ4RSb46cDGWqK0fwzC0
FTVEqNoyQzWYnYIXV+1/PG954m1jqCCEvgXZxm8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRfqK1pvwcPZJamU7e06kc+1DiYqTAfBgNVHSMEGDAWgBRoIxpQCgqBCNx6
Q1ixACsf2/B5lTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FDTWFVQW9LZ1FqY2VrTllzUUFySDl2d2VaVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvMDBiMDg1LTk5NjYtNDI3NS1hNTJiLTdmMjNiMzQ2ODZjMi8x
L1g2aXRhYjhIRDJTV3BsTzN0T3BIUHRRNG1Lay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
MDBiMDg1LTk5NjYtNDI3NS1hNTJiLTdmMjNiMzQ2ODZjMi8xL2FDTWFVQW9LZ1Fq
Y2VrTllzUUFySDl2d2VaVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmb7DANBgkqhkiG9w0BAQsFAAOC
AQEAg7lFVgPyU9/MS8yIAWIw71LbBPgoborREl9IJrRJLz+fT1xeuC2AoD8JpY8P
PGkcNO1lEF9txu323D0eC7L6fPItd3EOMcZDe4Ir8YsDsHSo4IILr13Eo5hnjIkP
9tt6xrH5PhpCbbYiq1dFFVuFlfIKFWAhyOdfjUwrDprvi2cH1ouqH3u4f3tFN0YL
M/4IcV+YXwB0J87Zj0xmkAuGHkaZYfQk4XUcSHnxXGPoWa4sl0Vkw6+I0tMhzpH0
xwtmvr9yTpURhvCgQexXPptR1nd7gFoofT/b6Bdp06MU8kLcmfo+H0ewOxY6jU3b
zZkRjmpnmEcy8oG1N1xoNQg0uw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:10 2023 by rpki-client on console-fra.rpki-client.org