Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/IbNA5Ywc_DDKCEGB16-KrfiG6Xc.roa
File: IbNA5Ywc_DDKCEGB16-KrfiG6Xc.roa (raw, json)
Hash identifier: c8PtGzAHahjvuiKn7iXeKCsIyhu2mEr0LFocBKWp6EA=
Subject key identifier: 21:B3:40:E5:8C:1C:FC:30:CA:08:41:81:D7:AF:8A:AD:F8:86:E9:77
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 16C828EF
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/IbNA5Ywc_DDKCEGB16-KrfiG6Xc.roa
Signing time: Sat 01 Jan 2022 02:51:18 +0000
ROA not before: Sat 01 Jan 2022 02:51:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9056
IP address blocks: 194.149.66.0/24 maxlen: 24
194.149.64.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 382216431 (0x16c828ef)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 02:51:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21b340e58c1cfc30ca084181d7af8aadf886e977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d1:d6:3d:cf:95:d9:20:3e:56:92:6a:56:0f:
bc:c7:06:07:7b:7b:35:33:42:aa:92:bc:c4:29:ad:
9a:17:13:b5:76:cc:90:f5:98:9b:b0:2b:f4:51:37:
b7:94:14:7f:fb:62:ca:1b:3a:13:04:62:4b:d7:d7:
ac:39:67:6f:b7:9e:54:77:3c:25:fb:16:c5:94:00:
a9:e0:c6:99:d4:fa:1a:33:a4:49:c8:c1:3d:20:81:
9d:d8:52:10:ca:12:4d:09:0b:44:fb:06:b0:55:0e:
3e:b0:fa:3c:54:55:c4:ca:6c:a4:e7:26:33:2f:6e:
67:27:a6:ea:c7:a5:e4:20:ac:47:80:4b:ea:b2:91:
f3:0f:d7:aa:88:06:fc:4c:c8:12:cc:85:aa:77:29:
a7:8c:12:9c:28:bd:78:d3:c3:0f:b4:ee:6e:ec:fc:
70:66:c4:29:a9:ef:2a:af:0a:55:75:be:44:3d:c1:
6a:a4:5a:a5:c1:c6:5f:68:d9:28:ca:49:4b:b7:26:
0b:ad:48:68:0a:5c:c7:db:94:85:c8:28:b7:8f:ca:
63:8f:00:e7:6e:ad:f4:1e:62:32:e6:1c:b1:0e:4a:
84:de:cc:ff:07:fb:21:ea:2f:c3:1f:b5:91:25:aa:
17:80:35:10:bb:44:c6:93:b0:7b:13:eb:f7:f9:00:
ef:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B3:40:E5:8C:1C:FC:30:CA:08:41:81:D7:AF:8A:AD:F8:86:E9:77
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/IbNA5Ywc_DDKCEGB16-KrfiG6Xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.149.64.0/21
Signature Algorithm: sha256WithRSAEncryption
08:a3:5f:f8:33:bc:14:df:46:17:2e:ed:ea:30:e2:96:9c:7b:
92:b9:31:dd:3c:81:71:39:fa:47:f4:00:21:f6:07:6a:71:8c:
68:a5:9b:25:d4:8e:3f:c3:04:e7:4d:7f:d2:aa:cd:66:9d:2f:
67:3a:81:82:bf:ab:35:0e:09:a4:c0:c1:fd:93:1d:7b:08:85:
3c:75:ed:22:bf:0a:8c:be:16:af:b3:05:0f:05:4e:6c:bc:38:
8f:0c:23:bc:b6:93:83:df:d0:b2:4d:36:54:9b:14:76:06:7a:
ac:2a:b2:11:3e:5f:47:b7:fd:59:49:72:28:60:84:c6:56:94:
54:fa:04:df:06:9d:f7:d6:b9:6c:ae:97:ac:2d:fa:ea:c2:92:
93:08:bd:21:83:14:3c:0a:7d:c9:73:cc:73:8b:ea:a6:ff:18:
06:56:1b:78:1a:ec:8c:2d:5b:93:31:24:c8:72:03:c9:02:97:
83:0b:de:41:35:4a:87:0b:7c:01:89:c7:94:53:33:22:44:2a:
58:b1:96:38:c2:d5:07:6a:bf:f3:19:ee:7a:2f:f0:d9:75:bd:
a9:51:da:e2:13:b9:b0:97:84:4d:14:27:9a:09:fc:a1:f6:f9:
7e:10:66:46:cc:8e:17:18:8b:f8:dc:f4:23:73:6e:22:33:31:
ec:cd:4b:27
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFsgo7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGIyMjAyM2I2ZWFkNGMyOTY4M2E5ZmVkNDQ5M2QwM2RlZTJjNjg1MB4XDTIyMDEw
MTAyNTExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFiMzQwZTU4YzFj
ZmMzMGNhMDg0MTgxZDdhZjhhYWRmODg2ZTk3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvR1j3PldkgPlaSalYPvMcGB3t7NTNCqpK8xCmtmhcTtXbM
kPWYm7Ar9FE3t5QUf/tiyhs6EwRiS9fXrDlnb7eeVHc8JfsWxZQAqeDGmdT6GjOk
ScjBPSCBndhSEMoSTQkLRPsGsFUOPrD6PFRVxMpspOcmMy9uZyem6sel5CCsR4BL
6rKR8w/XqogG/EzIEsyFqncpp4wSnCi9eNPDD7Tubuz8cGbEKanvKq8KVXW+RD3B
aqRapcHGX2jZKMpJS7cmC61IaApcx9uUhcgot4/KY48A526t9B5iMuYcsQ5KhN7M
/wf7Ieovwx+1kSWqF4A1ELtExpOwexPr9/kA7wcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQhs0DljBz8MMoIQYHXr4qt+IbpdzAfBgNVHSMEGDAWgBQ4siAjturUwpaD
qf7UST0D3uLGhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09MSWdJN2JxMU1LV2c2bi0xRWs5QTk3aXhvVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvODgxM2Y1LTRlN2ItNGQ1MS1iNWYzLTQwZDk1YmQzM2ZjYi8x
L0liTkE1WXdjX0RES0NFR0IxNi1LcmZpRzZYYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
ODgxM2Y1LTRlN2ItNGQ1MS1iNWYzLTQwZDk1YmQzM2ZjYi8xL09MSWdJN2JxMU1L
V2c2bi0xRWs5QTk3aXhvVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8KVQDANBgkqhkiG9w0BAQsFAAOC
AQEACKNf+DO8FN9GFy7t6jDilpx7krkx3TyBcTn6R/QAIfYHanGMaKWbJdSOP8ME
501/0qrNZp0vZzqBgr+rNQ4JpMDB/ZMdewiFPHXtIr8KjL4Wr7MFDwVObLw4jwwj
vLaTg9/Qsk02VJsUdgZ6rCqyET5fR7f9WUlyKGCExlaUVPoE3wad99a5bK6XrC36
6sKSkwi9IYMUPAp9yXPMc4vqpv8YBlYbeBrsjC1bkzEkyHIDyQKXgwveQTVKhwt8
AYnHlFMzIkQqWLGWOMLVB2q/8xnuei/w2XW9qVHa4hO5sJeETRQnmgn8ofb5fhBm
RsyOFxiL+Nz0I3NuIjMx7M1LJw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org