Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/1XPbxEn4v6NTFmqIXM6uiUD3Zz8.roa
File: 1XPbxEn4v6NTFmqIXM6uiUD3Zz8.roa (raw, json)
Hash identifier: D/nsdct0kOYPvz/p8JgzwGTY0gDz55HHwUwXDvJGEMM=
Subject key identifier: D5:73:DB:C4:49:F8:BF:A3:53:16:6A:88:5C:CE:AE:89:40:F7:67:3F
Certificate issuer: /CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Certificate serial: 0189A4F8
Authority key identifier: 1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/1XPbxEn4v6NTFmqIXM6uiUD3Zz8.roa
Signing time: Sat 01 Jan 2022 05:00:43 +0000
ROA not before: Sat 01 Jan 2022 05:00:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200290
IP address blocks: 185.171.104.0/24 maxlen: 24
185.171.104.0/23 maxlen: 23
185.171.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25797880 (0x189a4f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Validity
Not Before: Jan 1 05:00:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d573dbc449f8bfa353166a885cceae8940f7673f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7b:bc:6d:e4:f8:90:ce:68:d2:a6:1a:89:af:
62:ae:d3:ec:9d:3f:93:a9:f0:5d:fd:45:8b:38:33:
59:ca:69:b5:79:2e:fb:51:94:e1:72:a5:fe:d1:4d:
9b:ff:b8:89:81:ec:99:b8:44:3b:ef:02:26:52:71:
88:8f:a0:bf:7c:03:a6:56:6c:b2:6c:73:02:ff:ef:
62:95:dd:10:71:1e:24:98:32:02:ff:d9:80:2f:9e:
28:ed:56:be:ed:81:6a:6b:23:87:bd:89:5d:8b:4d:
e7:53:79:ab:06:f8:d6:ca:46:38:a0:f6:e0:2e:b3:
df:60:b3:e7:9a:b1:6f:22:f9:5f:c1:c2:f6:5b:f0:
d5:b1:d8:cb:a0:1b:6c:d8:68:7e:f2:70:55:fd:90:
8d:2e:b4:9f:63:f1:07:53:23:6a:c8:ef:64:ad:d8:
f9:17:df:a8:ed:80:8b:35:32:76:78:58:5f:3f:c2:
d3:f1:20:a7:76:cd:63:4a:d8:a7:32:7e:27:3f:ff:
99:0d:01:5c:b0:6c:74:22:35:da:88:a3:2d:53:78:
4f:2a:2c:b7:7f:f1:6f:86:53:85:3e:a2:db:41:4f:
81:a8:84:9f:14:4c:dc:13:90:5d:db:48:45:80:5d:
f0:82:f1:51:e9:32:85:f6:5a:35:35:42:45:93:ec:
a4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:73:DB:C4:49:F8:BF:A3:53:16:6A:88:5C:CE:AE:89:40:F7:67:3F
X509v3 Authority Key Identifier:
keyid:1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/1XPbxEn4v6NTFmqIXM6uiUD3Zz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.104.0/23
Signature Algorithm: sha256WithRSAEncryption
96:52:6d:25:8c:83:d7:f1:45:ee:74:e4:93:f2:11:14:c5:ef:
68:5a:59:06:8f:ce:a8:35:fc:83:65:0c:77:1b:e4:d0:1d:46:
b2:d8:0d:72:f5:42:81:9d:21:7f:05:1a:11:c1:3d:10:ae:68:
df:ba:02:4a:5d:41:a2:12:51:a3:ac:f1:cd:28:0d:9b:3d:45:
b9:d8:5c:1d:74:f2:0c:4c:bc:f8:62:94:a2:d5:2a:8a:2e:28:
21:60:20:2c:e0:ef:23:44:a4:1a:46:3a:c9:34:b6:19:8c:c1:
dd:07:88:6c:29:e8:0b:dd:c5:9d:5d:79:8c:79:ff:e9:a7:02:
55:89:bc:87:26:c9:54:df:88:ad:38:ca:f0:af:44:4c:50:47:
dc:7f:de:2b:bc:54:39:59:c9:d4:16:35:d5:a3:b5:26:b9:79:
9d:33:26:98:ce:5d:14:c5:66:a8:60:e9:85:e2:ca:4a:4c:f3:
f9:db:e2:92:21:3a:6a:34:74:60:36:6d:7d:27:e2:2f:de:c1:
7c:04:c5:a3:79:42:0c:43:73:3d:df:fd:47:b1:38:e4:6c:dd:
ce:2c:1e:e1:9e:70:35:90:05:82:84:a5:ce:d0:1b:6f:6c:5f:
ca:bd:8d:76:41:12:55:78:c8:56:81:c7:ca:bf:ce:31:0e:af:
9e:d8:23:5f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYmk+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGRmNTk1MWM5YWU3OTk3NmQ5N2UxZDI4ZTQ2NmE2MTUxMTk4OThiMB4XDTIyMDEw
MTA1MDA0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDU3M2RiYzQ0OWY4
YmZhMzUzMTY2YTg4NWNjZWFlODk0MGY3NjczZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALt7vG3k+JDOaNKmGomvYq7T7J0/k6nwXf1FizgzWcpptXku
+1GU4XKl/tFNm/+4iYHsmbhEO+8CJlJxiI+gv3wDplZssmxzAv/vYpXdEHEeJJgy
Av/ZgC+eKO1Wvu2Bamsjh72JXYtN51N5qwb41spGOKD24C6z32Cz55qxbyL5X8HC
9lvw1bHYy6AbbNhofvJwVf2QjS60n2PxB1MjasjvZK3Y+RffqO2AizUydnhYXz/C
0/Egp3bNY0rYpzJ+Jz//mQ0BXLBsdCI12oijLVN4Tyost3/xb4ZThT6i20FPgaiE
nxRM3BOQXdtIRYBd8ILxUekyhfZaNTVCRZPspOMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTVc9vESfi/o1MWaohczq6JQPdnPzAfBgNVHSMEGDAWgBQd31lRya55l22X
4dKORmphURmJizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hkOVpVY211ZVpkdGwtSFNqa1pxWVZFWmlZcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvMmRmNzg2LTUyZDUtNDM4Yi04YjU2LTBlOTZiMWZmYjI0Ny8x
LzFYUGJ4RW40djZOVEZtcUlYTTZ1aVVEM1p6OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
MmRmNzg2LTUyZDUtNDM4Yi04YjU2LTBlOTZiMWZmYjI0Ny8xL0hkOVpVY211ZVpk
dGwtSFNqa1pxWVZFWmlZcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmraDANBgkqhkiG9w0BAQsFAAOC
AQEAllJtJYyD1/FF7nTkk/IRFMXvaFpZBo/OqDX8g2UMdxvk0B1GstgNcvVCgZ0h
fwUaEcE9EK5o37oCSl1BohJRo6zxzSgNmz1FudhcHXTyDEy8+GKUotUqii4oIWAg
LODvI0SkGkY6yTS2GYzB3QeIbCnoC93FnV15jHn/6acCVYm8hybJVN+IrTjK8K9E
TFBH3H/eK7xUOVnJ1BY11aO1Jrl5nTMmmM5dFMVmqGDpheLKSkzz+dvikiE6ajR0
YDZtfSfiL97BfATFo3lCDENzPd/9R7E45Gzdziwe4Z5wNZAFgoSlztAbb2xfyr2N
dkESVXjIVoHHyr/OMQ6vntgjXw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:10 2023 by rpki-client on console-fra.rpki-client.org