Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/9IaZKSj9DcrbLfLBwu_uBWpGekI.roa
File: 9IaZKSj9DcrbLfLBwu_uBWpGekI.roa (raw, json)
Hash identifier: ockfuqwZnxcjraUsKTGUkuy4xFMJprJyiuIgf1RJ/V0=
Subject key identifier: F4:86:99:29:28:FD:0D:CA:DB:2D:F2:C1:C2:EF:EE:05:6A:46:7A:42
Certificate issuer: /CN=d612742b91d770fe8efbc9b5dcf8dc38984dd0f0
Certificate serial: 0181E41A14821146499A6EAF35FAC5F13270
Authority key identifier: D6:12:74:2B:91:D7:70:FE:8E:FB:C9:B5:DC:F8:DC:38:98:4D:D0:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1hJ0K5HXcP6O-8m13PjcOJhN0PA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/9IaZKSj9DcrbLfLBwu_uBWpGekI.roa
Signing time: Sat 09 Jul 2022 17:55:23 +0000
ROA not before: Sat 09 Jul 2022 17:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58316
IP address blocks: 185.56.216.0/23 maxlen: 23
185.17.104.0/23 maxlen: 23
185.198.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e4:1a:14:82:11:46:49:9a:6e:af:35:fa:c5:f1:32:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d612742b91d770fe8efbc9b5dcf8dc38984dd0f0
Validity
Not Before: Jul 9 17:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f486992928fd0dcadb2df2c1c2efee056a467a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:22:5d:ad:e3:fd:95:75:76:e6:b2:36:1f:a2:
21:df:33:a3:53:c6:8a:42:5f:73:90:85:e2:52:05:
8e:87:e1:6b:e2:e1:c5:2a:0e:8d:6a:13:1c:df:87:
81:3d:e5:bc:6c:c2:41:a0:3f:b8:95:60:af:45:a7:
ba:80:df:36:e9:f8:9a:69:5a:6e:4d:c8:74:da:1e:
a4:6e:de:53:89:c8:d2:c0:f8:37:ed:2c:ff:ac:38:
13:8e:a2:0d:91:b9:74:83:6e:77:18:2f:90:d6:9e:
46:9b:12:f7:47:ef:ea:09:2e:d3:3d:36:de:e3:61:
4a:3c:bc:df:52:2b:70:b4:5f:36:12:ac:f1:b9:a2:
9d:4d:70:0f:4f:a1:c5:75:f8:15:a9:9b:02:3b:f7:
ec:ca:fd:3a:1e:77:c2:5a:24:73:0e:cd:f5:77:22:
c1:31:4b:9d:ef:4a:63:2d:22:16:c7:01:17:c8:42:
a0:9f:c3:b6:52:b4:72:d3:44:c7:e4:4e:b8:8a:5a:
4b:bf:54:c1:5b:2f:21:84:5b:64:b7:14:6d:42:b5:
6f:92:8b:73:7a:40:22:d1:13:1d:73:6a:08:95:17:
13:3e:01:7c:52:ab:7e:39:8f:80:b8:fc:b6:92:45:
6f:0b:9d:6a:dc:54:00:ea:15:5e:3b:7c:ce:92:71:
a7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:86:99:29:28:FD:0D:CA:DB:2D:F2:C1:C2:EF:EE:05:6A:46:7A:42
X509v3 Authority Key Identifier:
keyid:D6:12:74:2B:91:D7:70:FE:8E:FB:C9:B5:DC:F8:DC:38:98:4D:D0:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1hJ0K5HXcP6O-8m13PjcOJhN0PA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/9IaZKSj9DcrbLfLBwu_uBWpGekI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/13fb65-4ee7-4026-aa3a-9d56e3adca90/1/1hJ0K5HXcP6O-8m13PjcOJhN0PA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.104.0/23
185.56.216.0/23
185.198.120.0/22
Signature Algorithm: sha256WithRSAEncryption
83:69:c9:8b:6f:31:52:b7:d8:43:6c:8f:79:a4:88:a5:19:b6:
ee:94:b9:4d:0f:ab:f9:6a:59:27:f7:0a:a9:1f:6e:7a:bc:84:
e5:40:b0:b9:46:a3:ed:61:32:31:66:d1:dd:4e:3e:a2:12:b5:
5d:c0:20:1c:f6:30:b3:bb:ad:e9:54:d3:ea:07:e4:f8:0b:3a:
b0:f7:20:30:98:c6:6a:a5:f5:9b:9b:72:39:ac:5f:40:3d:0f:
4d:45:81:76:e6:ad:ef:b3:c6:2d:50:c9:95:70:e1:c6:d5:ce:
ad:61:af:1e:ec:ca:c0:1e:43:5c:f3:09:26:ef:50:fb:b1:70:
e2:44:ec:aa:e8:54:a5:67:29:53:67:52:78:01:b6:07:2a:bb:
13:7d:3d:39:da:2e:b1:5a:52:de:ab:85:80:99:ff:3f:33:4c:
98:2a:97:59:ec:5f:40:a0:06:ce:a8:3c:ff:e0:f7:05:6c:ef:
3c:6b:96:b8:d4:fc:4d:11:1d:d1:28:2f:f0:5c:a5:ae:45:61:
a7:42:ba:9c:64:57:da:2c:46:8a:cf:9d:67:d3:54:57:99:fa:
aa:41:bc:89:17:52:00:e6:82:c0:d5:3b:e9:dd:87:3b:fe:54:
b8:f2:f4:1f:3a:8b:75:c2:79:75:86:d1:61:68:2d:70:ed:74:
e5:44:ad:b8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYHkGhSCEUZJmm6vNfrF8TJwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MTI3NDJiOTFkNzcwZmU4ZWZiYzliNWRjZjhkYzM4OTg0
ZGQwZjAwHhcNMjIwNzA5MTc1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDg2OTkyOTI4ZmQwZGNhZGIyZGYyYzFjMmVmZWUwNTZhNDY3YTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSJdreP9lXV25rI2H6Ih3zOjU8aK
Ql9zkIXiUgWOh+Fr4uHFKg6NahMc34eBPeW8bMJBoD+4lWCvRae6gN826fiaaVpu
Tch02h6kbt5TicjSwPg37Sz/rDgTjqINkbl0g253GC+Q1p5GmxL3R+/qCS7TPTbe
42FKPLzfUitwtF82EqzxuaKdTXAPT6HFdfgVqZsCO/fsyv06HnfCWiRzDs31dyLB
MUud70pjLSIWxwEXyEKgn8O2UrRy00TH5E64ilpLv1TBWy8hhFtktxRtQrVvkotz
ekAi0RMdc2oIlRcTPgF8Uqt+OY+AuPy2kkVvC51q3FQA6hVeO3zOknGnVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPSGmSko/Q3K2y3ywcLv7gVqRnpCMB8GA1UdIwQY
MBaAFNYSdCuR13D+jvvJtdz43DiYTdDwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWhKMEs1SFhjUDZPLThtMTNQamNPSmhOMFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8xM2ZiNjUtNGVlNy00MDI2LWFhM2Et
OWQ1NmUzYWRjYTkwLzEvOUlhWktTajlEY3JiTGZMQnd1X3VCV3BHZWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8xM2ZiNjUtNGVlNy00MDI2LWFhM2EtOWQ1NmUzYWRjYTkw
LzEvMWhKMEs1SFhjUDZPLThtMTNQamNPSmhOMFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuRFoAwQB
uTjYAwQCucZ4MA0GCSqGSIb3DQEBCwUAA4IBAQCDacmLbzFSt9hDbI95pIilGbbu
lLlND6v5alkn9wqpH256vITlQLC5RqPtYTIxZtHdTj6iErVdwCAc9jCzu63pVNPq
B+T4Czqw9yAwmMZqpfWbm3I5rF9APQ9NRYF25q3vs8YtUMmVcOHG1c6tYa8e7MrA
HkNc8wkm71D7sXDiROyq6FSlZylTZ1J4AbYHKrsTfT052i6xWlLeq4WAmf8/M0yY
KpdZ7F9AoAbOqDz/4PcFbO88a5a41PxNER3RKC/wXKWuRWGnQrqcZFfaLEaKz51n
01RXmfqqQbyJF1IA5oLA1Tvp3Yc7/lS48vQfOot1wnl1htFhaC1w7XTlRK24
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:13 2024 by rpki-client on console-ams.rpki-client.org