Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/4K5VwLFhLPEwSr8t1Q3AOTdQqnA.roa
File: 4K5VwLFhLPEwSr8t1Q3AOTdQqnA.roa (raw, json)
Hash identifier: F8npMg9NWpaZnsdRqA+k6d8SKh6yL4nPsZ5qxj0pp4U=
Subject key identifier: E0:AE:55:C0:B1:61:2C:F1:30:4A:BF:2D:D5:0D:C0:39:37:50:AA:70
Certificate issuer: /CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Certificate serial: 0184BE22C6E76A7AE673091538E3CA00E54D
Authority key identifier: 57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/4K5VwLFhLPEwSr8t1Q3AOTdQqnA.roa
Signing time: Mon 28 Nov 2022 12:07:40 +0000
ROA not before: Mon 28 Nov 2022 12:07:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201691
IP address blocks: 185.88.178.0/24 maxlen: 24
185.88.176.0/24 maxlen: 24
185.88.179.0/24 maxlen: 24
185.88.177.0/24 maxlen: 24
2a05:cd01::/32 maxlen: 32
2a05:cd00::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:be:22:c6:e7:6a:7a:e6:73:09:15:38:e3:ca:00:e5:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57b275b9bcc45dce8b3ef0172c96737800947a4e
Validity
Not Before: Nov 28 12:07:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0ae55c0b1612cf1304abf2dd50dc0393750aa70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:73:67:58:68:5c:0a:5a:c8:26:67:84:3e:5a:
93:5b:7b:e7:5d:1f:a6:cb:89:d2:85:da:ea:cc:d1:
01:8c:dc:b2:7f:a2:32:78:e1:0a:72:50:53:62:dd:
bb:95:51:bc:80:87:3d:1b:f7:eb:aa:45:53:4c:af:
c2:09:b1:a2:b1:cb:95:f8:b0:a2:1c:e4:df:84:2e:
09:65:62:b7:b1:b8:22:07:11:f2:54:5f:86:cd:2e:
2a:48:08:ff:66:d8:46:c2:2d:be:08:e6:79:e7:25:
dc:c5:b6:97:89:2a:5f:0e:9d:b0:21:e0:b2:d7:4e:
54:8c:f6:b4:92:3f:99:7d:2b:81:ed:5f:79:52:0f:
a0:5a:2a:4c:fe:2a:3c:83:89:ce:b8:30:a8:a7:0e:
3a:da:0b:4d:e7:d5:c2:66:7e:80:59:6f:4d:49:2a:
15:09:35:23:75:9c:c8:ac:ea:ed:f3:53:d6:5b:32:
bd:a9:8d:60:44:45:cb:e8:55:8c:ba:ff:08:89:4d:
0d:3d:e5:14:7f:ce:e9:36:3d:ad:96:68:d8:c3:52:
2c:f5:a0:52:ae:16:01:37:91:24:d4:5b:5d:89:ca:
0d:a7:2a:fe:6e:f6:6c:b2:97:a1:8e:b3:c3:85:46:
9c:3f:e8:dc:e7:22:c6:46:ca:22:53:f1:68:e3:f8:
af:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:AE:55:C0:B1:61:2C:F1:30:4A:BF:2D:D5:0D:C0:39:37:50:AA:70
X509v3 Authority Key Identifier:
keyid:57:B2:75:B9:BC:C4:5D:CE:8B:3E:F0:17:2C:96:73:78:00:94:7A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V7J1ubzEXc6LPvAXLJZzeACUek4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/4K5VwLFhLPEwSr8t1Q3AOTdQqnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/a35052-7336-425f-a7ba-87f68b71e44d/1/V7J1ubzEXc6LPvAXLJZzeACUek4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.176.0/22
IPv6:
2a05:cd00::/31
Signature Algorithm: sha256WithRSAEncryption
32:c0:00:80:5c:d8:da:76:c6:39:19:3b:68:bc:17:44:1a:d9:
68:c8:d3:ed:3a:03:cc:4b:99:47:c7:2d:10:45:7c:73:0a:f4:
5e:c4:05:d4:0a:d8:a1:e9:11:2d:c0:41:2b:dd:10:68:0a:ae:
1f:1a:de:59:fd:98:fc:f0:25:9f:5a:2a:c7:ba:2c:ae:ce:7e:
69:c7:75:20:f0:9e:4a:02:75:9b:2d:a9:3b:a8:d7:99:d5:25:
0c:28:40:08:a5:de:c9:94:42:be:43:64:52:4b:42:91:7c:a3:
27:8f:85:fe:a5:28:3d:0f:eb:7a:6d:90:f4:31:34:25:fe:cd:
ca:97:d8:8b:5c:9e:6f:0c:e1:8a:90:65:44:a8:ad:7c:32:26:
b8:68:eb:fe:5b:e0:81:aa:a5:61:fe:41:82:f8:e5:81:2e:b3:
ad:86:3a:69:d8:bb:a8:79:82:95:f6:e8:2d:f2:8a:c8:80:14:
2a:f3:79:ee:42:f4:b1:65:13:e0:ce:68:82:47:1f:ee:93:c4:
52:6b:f3:4e:0b:50:a3:7a:61:e5:82:3b:bb:db:03:de:6a:9d:
02:01:af:5b:8c:aa:44:90:ac:34:a5:f6:4b:cb:5a:34:18:50:
33:37:8b:b6:76:5b:87:be:79:ef:91:8f:a7:4c:06:82:e2:b4:
b2:13:f2:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYS+IsbnanrmcwkVOOPKAOVNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YjI3NWI5YmNjNDVkY2U4YjNlZjAxNzJjOTY3Mzc4MDA5
NDdhNGUwHhcNMjIxMTI4MTIwNzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGFlNTVjMGIxNjEyY2YxMzA0YWJmMmRkNTBkYzAzOTM3NTBhYTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0XNnWGhcClrIJmeEPlqTW3vnXR+m
y4nShdrqzNEBjNyyf6IyeOEKclBTYt27lVG8gIc9G/frqkVTTK/CCbGiscuV+LCi
HOTfhC4JZWK3sbgiBxHyVF+GzS4qSAj/ZthGwi2+COZ55yXcxbaXiSpfDp2wIeCy
105UjPa0kj+ZfSuB7V95Ug+gWipM/io8g4nOuDCopw462gtN59XCZn6AWW9NSSoV
CTUjdZzIrOrt81PWWzK9qY1gREXL6FWMuv8IiU0NPeUUf87pNj2tlmjYw1Is9aBS
rhYBN5Ek1FtdicoNpyr+bvZsspehjrPDhUacP+jc5yLGRsoiU/Fo4/ivxwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOCuVcCxYSzxMEq/LdUNwDk3UKpwMB8GA1UdIwQY
MBaAFFeydbm8xF3Oiz7wFyyWc3gAlHpOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEt
ODdmNjhiNzFlNDRkLzEvNEs1VndMRmhMUEV3U3I4dDFRM0FPVGRRcW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9hMzUwNTItNzMzNi00MjVmLWE3YmEtODdmNjhiNzFlNDRk
LzEvVjdKMXViekVYYzZMUHZBWExKWnplQUNVZWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuViwMA0E
AgACMAcDBQEqBc0AMA0GCSqGSIb3DQEBCwUAA4IBAQAywACAXNjadsY5GTtovBdE
GtloyNPtOgPMS5lHxy0QRXxzCvRexAXUCtih6REtwEEr3RBoCq4fGt5Z/Zj88CWf
WirHuiyuzn5px3Ug8J5KAnWbLak7qNeZ1SUMKEAIpd7JlEK+Q2RSS0KRfKMnj4X+
pSg9D+t6bZD0MTQl/s3Kl9iLXJ5vDOGKkGVEqK18Mia4aOv+W+CBqqVh/kGC+OWB
LrOthjpp2LuoeYKV9ugt8orIgBQq83nuQvSxZRPgzmiCRx/uk8RSa/NOC1CjemHl
gju72wPeap0CAa9bjKpEkKw0pfZLy1o0GFAzN4u2dluHvnnvkY+nTAaC4rSyE/Im
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:53 2024 by rpki-client on console-fra.rpki-client.org