Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/4vAOVxHawv46oKZoTjMSm4BQsS0.roa
File: 4vAOVxHawv46oKZoTjMSm4BQsS0.roa (raw, json)
Hash identifier: NFjE94FagxC/ViSXPkaV4EGhOhIuslwqP3uDj/2H3Fc=
Subject key identifier: E2:F0:0E:57:11:DA:C2:FE:3A:A0:A6:68:4E:33:12:9B:80:50:B1:2D
Certificate issuer: /CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Certificate serial: 01822CBB85BB7763AC6E810F876CF33C0755
Authority key identifier: 81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/4vAOVxHawv46oKZoTjMSm4BQsS0.roa
Signing time: Sat 23 Jul 2022 20:24:23 +0000
ROA not before: Sat 23 Jul 2022 20:24:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205659
IP address blocks: 185.218.232.0/24 maxlen: 24
185.218.232.0/23 maxlen: 23
185.218.233.0/24 maxlen: 24
185.218.234.0/24 maxlen: 24
185.229.242.0/24 maxlen: 24
185.235.12.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:2c:bb:85:bb:77:63:ac:6e:81:0f:87:6c:f3:3c:07:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81c8b73ab7bdeb76ff48b2ca099616edbe71c426
Validity
Not Before: Jul 23 20:24:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2f00e5711dac2fe3aa0a6684e33129b8050b12d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ae:73:d2:4e:ba:79:a0:c1:09:b6:a5:a9:19:
5a:ea:e2:5b:41:85:d4:58:a6:1b:97:45:53:6d:c2:
83:ec:79:e6:9b:61:23:9a:0c:af:1b:79:67:87:d9:
37:b0:db:04:d6:32:ac:5f:41:ca:63:ed:da:70:6a:
1f:ff:60:84:fb:d6:8c:b0:b5:88:6c:8a:39:0c:e8:
14:db:f6:00:91:9c:73:f0:9c:8c:42:19:ad:c6:aa:
95:d3:f7:72:04:31:ae:cc:ea:2a:8f:b9:32:15:10:
91:72:b0:e4:8b:c2:15:52:6d:76:5b:6b:3b:00:1f:
2b:dc:e9:93:ef:38:d0:1f:f5:6e:d1:4c:b0:62:2b:
78:a0:6f:94:7f:ae:ce:bb:ee:fc:84:99:8f:d5:47:
59:16:ce:81:d0:0b:ad:fd:58:9a:80:d9:06:89:66:
49:73:e0:9d:3e:48:ce:7f:d7:aa:3a:38:3e:76:1d:
6d:2f:8a:1a:6a:99:d4:0b:91:5d:4c:4a:34:62:58:
2a:88:a5:0c:95:46:cb:59:8c:43:4e:d6:62:07:c1:
e5:af:f4:b5:30:62:84:f9:fd:ad:09:bd:83:ec:ce:
4c:ee:85:c8:61:69:f7:ee:15:5f:4e:d6:89:85:3c:
27:00:f8:9a:d1:a4:4f:8d:c9:4a:8a:9d:45:a2:96:
99:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:F0:0E:57:11:DA:C2:FE:3A:A0:A6:68:4E:33:12:9B:80:50:B1:2D
X509v3 Authority Key Identifier:
keyid:81:C8:B7:3A:B7:BD:EB:76:FF:48:B2:CA:09:96:16:ED:BE:71:C4:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gci3Ore963b_SLLKCZYW7b5xxCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/4vAOVxHawv46oKZoTjMSm4BQsS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/207934-9edc-4a89-820e-d8488b3ab42f/1/gci3Ore963b_SLLKCZYW7b5xxCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.232.0-185.218.234.255
185.229.242.0/24
185.235.12.0/23
Signature Algorithm: sha256WithRSAEncryption
10:8a:39:ce:06:72:c6:2b:c2:e8:e8:1b:c9:11:01:46:f4:3b:
1d:1e:5f:42:83:c6:69:11:6b:5e:30:e8:2f:ce:91:25:04:b2:
28:b1:c0:5b:db:e4:ba:85:0a:f3:8c:ef:72:71:da:b6:18:bd:
73:97:95:95:cf:6a:65:e7:be:f0:0c:3f:7b:71:fb:e4:6c:22:
cb:32:34:9a:e6:2e:40:90:3f:84:ca:9f:d0:d1:4d:41:50:4b:
92:fe:49:91:50:6d:5e:34:67:cb:ad:d9:ac:3c:85:70:0a:07:
d3:98:8b:39:9e:6c:15:20:6e:52:e6:eb:f4:32:d1:84:e0:41:
b2:ea:8f:cd:d2:58:0d:b3:c4:d0:ff:e5:8e:75:8b:5a:c8:65:
a1:a8:b4:70:a9:22:a2:a0:cb:b8:dd:eb:e5:8b:79:f5:39:fd:
b1:69:45:83:85:b9:bb:b8:38:bc:cb:a0:4c:37:d6:b9:99:c4:
7c:37:d6:14:94:cc:be:dd:9e:f1:10:9b:5f:e0:dc:4c:f2:b5:
42:db:7b:72:39:14:7f:90:2b:8b:4e:84:58:2a:a6:4a:fc:b2:
17:a6:d9:a6:90:59:0d:f1:d9:83:36:5b:e1:1b:31:54:b0:39:
0a:73:cf:f4:2e:b1:95:07:38:0c:9c:d5:eb:c4:a1:3d:cf:55:
f0:35:d7:5e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYIsu4W7d2OsboEPh2zzPAdVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYzhiNzNhYjdiZGViNzZmZjQ4YjJjYTA5OTYxNmVkYmU3
MWM0MjYwHhcNMjIwNzIzMjAyNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMmYwMGU1NzExZGFjMmZlM2FhMGE2Njg0ZTMzMTI5YjgwNTBiMTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA665z0k66eaDBCbalqRla6uJbQYXU
WKYbl0VTbcKD7Hnmm2EjmgyvG3lnh9k3sNsE1jKsX0HKY+3acGof/2CE+9aMsLWI
bIo5DOgU2/YAkZxz8JyMQhmtxqqV0/dyBDGuzOoqj7kyFRCRcrDki8IVUm12W2s7
AB8r3OmT7zjQH/Vu0UywYit4oG+Uf67Ou+78hJmP1UdZFs6B0Aut/ViagNkGiWZJ
c+CdPkjOf9eqOjg+dh1tL4oaapnUC5FdTEo0YlgqiKUMlUbLWYxDTtZiB8Hlr/S1
MGKE+f2tCb2D7M5M7oXIYWn37hVfTtaJhTwnAPia0aRPjclKip1FopaZ0QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOLwDlcR2sL+OqCmaE4zEpuAULEtMB8GA1UdIwQY
MBaAFIHItzq3vet2/0iyygmWFu2+ccQmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUt
ZDg0ODhiM2FiNDJmLzEvNHZBT1Z4SGF3djQ2b0tab1RqTVNtNEJRc1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8yMDc5MzQtOWVkYy00YTg5LTgyMGUtZDg0ODhiM2FiNDJm
LzEvZ2NpM09yZTk2M2JfU0xMS0NaWVc3YjV4eENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAO52ugD
BAC52uoDBAC55fIDBAG56wwwDQYJKoZIhvcNAQELBQADggEBABCKOc4GcsYrwujo
G8kRAUb0Ox0eX0KDxmkRa14w6C/OkSUEsiixwFvb5LqFCvOM73Jx2rYYvXOXlZXP
amXnvvAMP3tx++RsIssyNJrmLkCQP4TKn9DRTUFQS5L+SZFQbV40Z8ut2aw8hXAK
B9OYizmebBUgblLm6/Qy0YTgQbLqj83SWA2zxND/5Y51i1rIZaGotHCpIqKgy7jd
6+WLefU5/bFpRYOFubu4OLzLoEw31rmZxHw31hSUzL7dnvEQm1/g3EzytULbe3I5
FH+QK4tOhFgqpkr8shem2aaQWQ3x2YM2W+EbMVSwOQpzz/QusZUHOAyc1evEoT3P
VfA1114=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-fra.rpki-client.org