Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/IgT87IQ18kiSa3-B6hkNN5efKmU.roa
File: IgT87IQ18kiSa3-B6hkNN5efKmU.roa (raw, json)
Hash identifier: 38ZSE+ESHSs/qj5czM2kTJRGY7HOQ5QRGUcdfVf5Ie0=
Subject key identifier: 22:04:FC:EC:84:35:F2:48:92:6B:7F:81:EA:19:0D:37:97:9F:2A:65
Certificate issuer: /CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Certificate serial: 018363F13E6165AC5E28A5AF17B462E4E95C
Authority key identifier: F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/IgT87IQ18kiSa3-B6hkNN5efKmU.roa
Signing time: Thu 22 Sep 2022 06:44:57 +0000
ROA not before: Thu 22 Sep 2022 06:44:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202932
IP address blocks: 185.47.224.0/22 maxlen: 22
185.47.227.0/24 maxlen: 24
185.150.68.0/22 maxlen: 22
2a07:6e80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:63:f1:3e:61:65:ac:5e:28:a5:af:17:b4:62:e4:e9:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Validity
Not Before: Sep 22 06:44:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2204fcec8435f248926b7f81ea190d37979f2a65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f3:26:ce:02:bd:37:cf:20:34:96:51:1a:d3:
ad:7a:9e:7f:48:4e:fa:04:0b:5a:9b:1f:6d:23:64:
53:28:cc:a4:26:e9:ff:ed:eb:00:0b:3b:98:1b:f4:
d4:e2:f2:f1:61:ef:26:dd:85:f5:f5:ed:dc:06:05:
e0:f2:dd:99:8b:20:20:16:9d:a9:e1:7e:31:ea:46:
80:7a:21:f0:07:76:82:65:42:d2:1a:1f:6b:51:d9:
4c:a8:36:2d:aa:62:67:3e:1b:be:c5:6c:4a:c8:7e:
3b:a1:7d:81:c4:83:7f:24:09:a2:3f:8f:d8:53:d2:
0a:4e:93:76:b4:2c:8c:3d:6a:1e:ad:f2:b8:9d:a2:
be:b5:04:a2:5d:de:df:fb:a9:3c:9b:1d:55:3e:30:
0f:cf:6e:43:3c:62:2a:d0:92:8b:ab:89:e9:0c:a7:
c5:ec:98:9d:00:2f:de:33:c5:65:e5:6a:cb:85:7c:
c0:e4:b2:d0:18:73:c3:06:0d:b4:b9:88:6e:31:27:
94:7b:9f:96:ee:02:02:3d:bf:8a:3b:72:4d:92:1c:
cd:64:1a:01:12:39:29:68:82:49:53:5d:ca:dc:4d:
0f:b5:f0:b4:8c:87:b3:86:b5:14:49:d2:e1:1d:c0:
8e:d6:69:fd:d6:c1:90:1a:b0:a7:08:24:f2:bb:64:
ae:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:04:FC:EC:84:35:F2:48:92:6B:7F:81:EA:19:0D:37:97:9F:2A:65
X509v3 Authority Key Identifier:
keyid:F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/IgT87IQ18kiSa3-B6hkNN5efKmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/1-Ogm3hBw2dedqp5BX8QyYTzFflc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.47.224.0/22
185.150.68.0/22
IPv6:
2a07:6e80::/29
Signature Algorithm: sha256WithRSAEncryption
4b:b3:f7:c4:9d:c2:cb:ea:8c:c7:56:2a:7b:8b:45:d5:0a:9f:
72:9a:5b:42:00:99:c8:02:85:ba:d2:7f:fd:c4:32:35:10:87:
7c:d0:fc:53:15:49:be:f7:6a:0b:45:1c:99:5b:a3:52:5f:4f:
52:83:ca:8b:32:94:c0:fa:79:be:e2:ad:38:e3:22:df:c4:04:
dd:44:4d:70:ac:e9:92:8b:49:52:53:b5:a6:eb:a4:33:dd:3b:
5c:6c:1f:65:53:88:30:9f:c4:cb:f2:bd:e4:16:41:c3:29:39:
f4:59:8a:0c:7b:85:f3:e7:65:32:ec:d3:5f:05:9e:79:bd:12:
dd:83:84:53:40:a8:bc:fb:ea:4a:1c:49:64:f3:f2:8f:f4:c6:
2f:e1:4b:47:fa:e3:4c:a2:55:9a:0c:79:a3:33:2f:f8:53:1d:
57:fa:5a:c8:29:48:1b:74:fe:5d:3b:de:e4:32:ab:dc:d2:cd:
2e:e1:f7:8a:47:8f:b4:da:97:f5:0f:36:7c:11:d0:49:24:9e:
86:a5:8b:f7:d5:c0:3b:49:04:03:73:dd:78:fe:05:7a:c9:cc:
29:4f:a9:04:22:38:70:5b:97:06:b6:a0:f6:a8:74:38:5e:6c:
b8:77:52:76:a7:a5:69:bc:e1:09:05:e1:93:80:20:37:d4:d1:
01:d6:73:ed
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYNj8T5hZaxeKKWvF7Ri5OlcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTgyNmRlMTA3MGQ5ZDc5ZGFhOWU0MTVmYzQzMjYxM2Nj
NTdlNTcwHhcNMjIwOTIyMDY0NDU3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjA0ZmNlYzg0MzVmMjQ4OTI2YjdmODFlYTE5MGQzNzk3OWYyYTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPMmzgK9N88gNJZRGtOtep5/SE76
BAtamx9tI2RTKMykJun/7esACzuYG/TU4vLxYe8m3YX19e3cBgXg8t2ZiyAgFp2p
4X4x6kaAeiHwB3aCZULSGh9rUdlMqDYtqmJnPhu+xWxKyH47oX2BxIN/JAmiP4/Y
U9IKTpN2tCyMPWoerfK4naK+tQSiXd7f+6k8mx1VPjAPz25DPGIq0JKLq4npDKfF
7JidAC/eM8Vl5WrLhXzA5LLQGHPDBg20uYhuMSeUe5+W7gICPb+KO3JNkhzNZBoB
EjkpaIJJU13K3E0PtfC0jIezhrUUSdLhHcCO1mn91sGQGrCnCCTyu2SuRwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCIE/OyENfJIkmt/geoZDTeXnyplMB8GA1UdIwQY
MBaAFPjoJt4QcNnXnaqeQV/EMmE8xX5XMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PZ20zaEJ3MmRlZHFwNUJYOFF5WVR6RmZsYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4
LWVhZWRiNzA5ZWZiZi8xL0lnVDg3SVExOGtpU2EzLUI2aGtOTjVlZkttVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOWQvNzNkYjc3LTBhNmItNGY5Yi1hOGU4LWVhZWRiNzA5ZWZi
Zi8xLzEtT2dtM2hCdzJkZWRxcDVCWDhReVlUekZmbGMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMBIEAgABMAwDBAK5L+AD
BAK5lkQwDQQCAAIwBwMFAyoHboAwDQYJKoZIhvcNAQELBQADggEBAEuz98Sdwsvq
jMdWKnuLRdUKn3KaW0IAmcgChbrSf/3EMjUQh3zQ/FMVSb73agtFHJlbo1JfT1KD
yosylMD6eb7irTjjIt/EBN1ETXCs6ZKLSVJTtabrpDPdO1xsH2VTiDCfxMvyveQW
QcMpOfRZigx7hfPnZTLs018Fnnm9Et2DhFNAqLz76kocSWTz8o/0xi/hS0f640yi
VZoMeaMzL/hTHVf6WsgpSBt0/l073uQyq9zSzS7h94pHj7Tal/UPNnwR0Ekknoal
i/fVwDtJBANz3Xj+BXrJzClPqQQiOHBblwa2oPaodDhebLh3UnanpWm84QkF4ZOA
IDfU0QHWc+0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:49 2023 by rpki-client on console-ams.rpki-client.org