Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/IOB0qpA7Btvji8JN37uzCdkWD4E.roa
File: IOB0qpA7Btvji8JN37uzCdkWD4E.roa (raw, json)
Hash identifier: 2f2kveTd8LVS6MKxrEAHOXFOHj3WBO2/nlGlg5eLD9A=
Subject key identifier: 20:E0:74:AA:90:3B:06:DB:E3:8B:C2:4D:DF:BB:B3:09:D9:16:0F:81
Certificate issuer: /CN=b262bf21de51385859416c4c608001e2025a5d25
Certificate serial: 354F4A
Authority key identifier: B2:62:BF:21:DE:51:38:58:59:41:6C:4C:60:80:01:E2:02:5A:5D:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/smK_Id5ROFhZQWxMYIAB4gJaXSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/IOB0qpA7Btvji8JN37uzCdkWD4E.roa
Signing time: Sat 01 Jan 2022 02:01:00 +0000
ROA not before: Sat 01 Jan 2022 02:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60036
IP address blocks: 185.19.148.0/23 maxlen: 23
185.19.148.0/24 maxlen: 24
185.19.149.0/24 maxlen: 24
195.177.253.0/24 maxlen: 24
195.177.252.0/24 maxlen: 24
91.232.181.0/24 maxlen: 24
195.177.252.0/23 maxlen: 23
185.61.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3493706 (0x354f4a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b262bf21de51385859416c4c608001e2025a5d25
Validity
Not Before: Jan 1 02:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20e074aa903b06dbe38bc24ddfbbb309d9160f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:69:c9:0d:cf:18:58:40:35:50:30:fa:be:88:
5e:ce:31:ec:bb:26:3e:5c:6d:e1:85:ac:6e:f8:c3:
12:8d:0d:27:fe:7b:ad:9a:54:f0:2d:0a:87:b0:ce:
73:43:f8:4f:35:13:72:75:f1:54:db:98:6f:a3:f9:
9a:a8:bc:fe:01:01:05:0a:18:f4:78:7a:24:fa:b9:
88:b4:03:01:03:1e:b3:fd:dc:7f:be:fa:15:54:79:
cc:4d:81:d3:c9:a7:a9:1b:99:a7:11:06:6e:12:db:
93:41:50:4b:df:76:80:e3:34:0f:42:bd:82:5b:d0:
6a:b4:e2:3f:51:b8:16:4a:8a:eb:2b:fb:41:20:51:
dd:2f:14:98:db:d5:24:fa:44:e0:07:5b:0a:94:ad:
fc:97:ea:d5:62:5a:f0:f8:f4:a2:da:6d:77:ad:9b:
a0:88:3a:38:dc:b1:bd:f9:fa:d7:87:4e:f2:29:a9:
b8:d5:66:55:49:6f:2c:6e:e0:16:e6:2f:b5:17:5c:
cc:70:0a:1a:a4:ae:2b:4a:fe:e5:29:a3:d7:a7:ce:
e2:ac:6b:ec:0b:cb:11:63:80:a5:5f:b0:fb:64:de:
c7:94:fe:0c:43:c2:cc:72:97:c5:8e:fe:dd:e2:7f:
b1:be:9a:92:e8:d5:05:2e:c8:e7:79:99:4f:7e:19:
6d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:E0:74:AA:90:3B:06:DB:E3:8B:C2:4D:DF:BB:B3:09:D9:16:0F:81
X509v3 Authority Key Identifier:
keyid:B2:62:BF:21:DE:51:38:58:59:41:6C:4C:60:80:01:E2:02:5A:5D:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/smK_Id5ROFhZQWxMYIAB4gJaXSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/IOB0qpA7Btvji8JN37uzCdkWD4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/863093-5ed6-43b2-bbda-14c6c5055f88/1/smK_Id5ROFhZQWxMYIAB4gJaXSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.181.0/24
185.19.148.0/23
185.61.115.0/24
195.177.252.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:ce:d6:57:6e:8a:56:f3:99:f6:3d:de:38:5e:ea:de:e4:1f:
49:0a:15:87:0a:b3:49:03:b8:f3:dc:0a:cb:b1:69:1e:fc:f1:
81:b7:f0:92:86:55:ff:da:aa:d7:65:79:ea:f5:56:9e:0e:1d:
04:dc:89:a2:81:22:c4:c0:9c:bc:1e:51:03:80:76:c6:d3:64:
99:d4:d7:50:9b:89:dd:d1:bd:e6:82:09:f5:48:67:5a:39:d7:
18:af:c0:ed:d3:1f:d1:d6:6d:d5:89:da:e2:36:52:fa:b7:2d:
fd:c3:39:18:a6:73:36:c2:b0:7e:89:13:74:e4:5c:ee:4d:19:
5f:f0:f7:4a:79:74:1a:e2:1b:c0:c9:cb:20:c5:fc:0d:d5:54:
7b:80:04:f7:c7:5d:2f:c2:bf:37:db:33:53:16:3b:00:80:19:
2e:e7:8e:4c:2a:9e:74:78:ee:ca:a3:22:75:21:82:b1:c5:8a:
00:37:ba:82:f2:5d:dd:5d:94:68:06:80:ee:9e:65:23:c9:62:
bb:d8:0b:dd:69:c1:ed:b9:65:7d:ad:d4:49:56:56:6c:6f:c8:
e9:c2:d0:d9:fa:44:f3:75:3d:78:e6:5e:92:db:70:10:ed:65:
0f:c6:8c:9c:f2:12:21:77:1c:76:3b:05:59:71:9a:20:e5:c7:
ba:c4:e9:f0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDNU9KMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIy
NjJiZjIxZGU1MTM4NTg1OTQxNmM0YzYwODAwMWUyMDI1YTVkMjUwHhcNMjIwMTAx
MDIwMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMGUwNzRhYTkwM2Iw
NmRiZTM4YmMyNGRkZmJiYjMwOWQ5MTYwZjgxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA+WnJDc8YWEA1UDD6vohezjHsuyY+XG3hhaxu+MMSjQ0n/nut
mlTwLQqHsM5zQ/hPNRNydfFU25hvo/maqLz+AQEFChj0eHok+rmItAMBAx6z/dx/
vvoVVHnMTYHTyaepG5mnEQZuEtuTQVBL33aA4zQPQr2CW9BqtOI/UbgWSorrK/tB
IFHdLxSY29Uk+kTgB1sKlK38l+rVYlrw+PSi2m13rZugiDo43LG9+frXh07yKam4
1WZVSW8sbuAW5i+1F1zMcAoapK4rSv7lKaPXp87irGvsC8sRY4ClX7D7ZN7HlP4M
Q8LMcpfFjv7d4n+xvpqS6NUFLsjneZlPfhltowIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFCDgdKqQOwbb44vCTd+7swnZFg+BMB8GA1UdIwQYMBaAFLJivyHeUThYWUFs
TGCAAeICWl0lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c21LX0lkNVJPRmhaUVd4TVlJQUI0Z0phWFNVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Zi84NjMwOTMtNWVkNi00M2IyLWJiZGEtMTRjNmM1MDU1Zjg4LzEv
SU9CMHFwQTdCdHZqaThKTjM3dXpDZGtXRDRFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi84
NjMwOTMtNWVkNi00M2IyLWJiZGEtMTRjNmM1MDU1Zjg4LzEvc21LX0lkNVJPRmha
UVd4TVlJQUI0Z0phWFNVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW+i1AwQBuROUAwQAuT1zAwQBw7H8
MA0GCSqGSIb3DQEBCwUAA4IBAQAbztZXbopW85n2Pd44Xure5B9JChWHCrNJA7jz
3ArLsWke/PGBt/CShlX/2qrXZXnq9VaeDh0E3ImigSLEwJy8HlEDgHbG02SZ1NdQ
m4nd0b3mggn1SGdaOdcYr8Dt0x/R1m3VidriNlL6ty39wzkYpnM2wrB+iRN05Fzu
TRlf8PdKeXQa4hvAycsgxfwN1VR7gAT3x10vwr832zNTFjsAgBku545MKp50eO7K
oyJ1IYKxxYoAN7qC8l3dXZRoBoDunmUjyWK72AvdacHtuWV9rdRJVlZsb8jpwtDZ
+kTzdT145l6S23AQ7WUPxoyc8hIhdxx2OwVZcZog5ce6xOnw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:32 2024 by rpki-client on console-ams.rpki-client.org