Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/IiZzsf693IAVJXpO5L2qWXHSDZU.roa
File: IiZzsf693IAVJXpO5L2qWXHSDZU.roa (raw, json)
Hash identifier: gie4DnxeXKSReAW3GX9mZzPTlFlPuVaxePzxCJ2v+/M=
Subject key identifier: 22:26:73:B1:FE:BD:DC:80:15:25:7A:4E:E4:BD:AA:59:71:D2:0D:95
Certificate issuer: /CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Certificate serial: 0183178C7156679B903CFD4D53742EFA9E55
Authority key identifier: EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/IiZzsf693IAVJXpO5L2qWXHSDZU.roa
Signing time: Wed 07 Sep 2022 10:43:43 +0000
ROA not before: Wed 07 Sep 2022 10:43:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44092
IP address blocks: 185.22.56.0/24 maxlen: 24
185.22.58.0/24 maxlen: 24
185.22.57.0/24 maxlen: 24
147.185.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:17:8c:71:56:67:9b:90:3c:fd:4d:53:74:2e:fa:9e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eac2c1afd4bdec980506fa07df7c8662d554fa46
Validity
Not Before: Sep 7 10:43:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=222673b1febddc8015257a4ee4bdaa5971d20d95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:64:d7:2e:b6:5a:39:c1:a1:a3:7c:35:ba:9f:
38:20:9f:a8:2a:89:f5:2f:32:fd:f0:4a:13:1e:5a:
1c:48:29:39:ac:9c:18:9d:f1:71:bb:ac:04:d4:90:
76:14:61:60:2f:c8:76:51:1f:ed:4e:15:e6:78:fb:
b2:87:1f:bc:51:74:cd:ca:4f:a1:53:0d:d8:4e:f3:
97:67:6d:f0:aa:30:64:b4:79:90:ed:92:6a:fd:9b:
0a:51:70:ff:ae:58:d0:37:a7:c8:aa:5b:e7:2b:f2:
2c:86:28:32:00:34:40:7d:5e:51:ce:56:af:21:c8:
64:ea:d0:34:b3:10:76:ec:60:68:54:db:01:35:73:
1b:2a:6f:0d:0d:71:ba:6c:1e:7f:e9:7c:9c:d6:39:
8a:dd:fa:22:31:78:07:4c:c8:24:92:d5:1f:05:c8:
15:01:50:0c:d8:6f:62:f0:de:6a:e4:14:7c:65:59:
2a:a2:9d:2d:f6:c5:41:f8:bd:c4:d1:da:d2:1b:61:
cb:fc:9a:e0:68:c1:48:2f:cd:99:17:fd:af:46:ed:
80:73:11:6f:6b:c9:eb:6b:21:2c:d5:7c:ca:d2:d2:
4d:5d:ff:c7:42:70:f3:ac:9b:79:91:6a:52:10:68:
c8:3a:6f:cc:86:b1:be:3f:e6:39:7c:73:56:e2:05:
87:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:26:73:B1:FE:BD:DC:80:15:25:7A:4E:E4:BD:AA:59:71:D2:0D:95
X509v3 Authority Key Identifier:
keyid:EA:C2:C1:AF:D4:BD:EC:98:05:06:FA:07:DF:7C:86:62:D5:54:FA:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6sLBr9S97JgFBvoH33yGYtVU-kY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/IiZzsf693IAVJXpO5L2qWXHSDZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/589a6b-4d7e-4012-a0fc-c0ceb037ad42/1/6sLBr9S97JgFBvoH33yGYtVU-kY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.185.163.0/24
185.22.56.0-185.22.58.255
Signature Algorithm: sha256WithRSAEncryption
27:65:fa:88:1d:85:79:8c:e6:c1:c4:8d:e4:ab:5a:d5:1c:a4:
d3:f8:2e:1d:1b:80:bd:83:6a:f8:b1:66:0d:98:36:60:28:89:
2a:b6:a4:33:9f:42:00:f8:89:fe:d0:90:b1:93:53:1d:5e:9a:
bd:d0:34:42:72:0d:99:3c:98:08:88:d8:dc:b7:7b:b9:ba:80:
b4:06:8d:6f:28:0b:d7:a0:c8:da:4b:3c:d0:37:47:ad:52:82:
85:c6:0a:a6:62:5f:48:db:4e:5d:31:ad:3a:3c:d3:ff:81:74:
ce:ff:38:f3:6b:4c:1c:f3:8b:17:70:8d:c9:0e:5e:82:4c:1f:
ee:b4:98:6b:6b:d9:f0:33:15:fe:74:65:7e:e4:b0:ac:46:b1:
9b:af:29:28:24:a3:cf:cd:2d:fc:97:0a:d9:43:b0:a0:69:6b:
8e:15:fd:9f:cd:a7:d1:93:46:aa:87:41:2d:8a:02:05:d4:ee:
bf:f4:22:f5:9f:ab:0a:2f:62:20:b5:92:18:c1:01:5a:d1:51:
76:bf:71:66:42:2c:bc:a7:99:15:5e:4c:6e:07:e3:7b:b7:b5:
be:0b:06:6f:e1:12:32:23:3d:3e:c6:a2:b2:77:a9:32:c0:ce:
d7:90:7f:9e:7f:b0:8b:a6:5f:ea:90:3b:17:33:0b:76:33:bb:
96:7d:0a:d8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYMXjHFWZ5uQPP1NU3Qu+p5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYzJjMWFmZDRiZGVjOTgwNTA2ZmEwN2RmN2M4NjYyZDU1
NGZhNDYwHhcNMjIwOTA3MTA0MzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjI2NzNiMWZlYmRkYzgwMTUyNTdhNGVlNGJkYWE1OTcxZDIwZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmTXLrZaOcGho3w1up84IJ+oKon1
LzL98EoTHlocSCk5rJwYnfFxu6wE1JB2FGFgL8h2UR/tThXmePuyhx+8UXTNyk+h
Uw3YTvOXZ23wqjBktHmQ7ZJq/ZsKUXD/rljQN6fIqlvnK/IshigyADRAfV5Rzlav
Ichk6tA0sxB27GBoVNsBNXMbKm8NDXG6bB5/6Xyc1jmK3foiMXgHTMgkktUfBcgV
AVAM2G9i8N5q5BR8ZVkqop0t9sVB+L3E0drSG2HL/JrgaMFIL82ZF/2vRu2AcxFv
a8nrayEs1XzK0tJNXf/HQnDzrJt5kWpSEGjIOm/MhrG+P+Y5fHNW4gWH0QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCImc7H+vdyAFSV6TuS9qllx0g2VMB8GA1UdIwQY
MBaAFOrCwa/UveyYBQb6B998hmLVVPpGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMt
YzBjZWIwMzdhZDQyLzEvSWlaenNmNjkzSUFWSlhwTzVMMnFXWEhTRFpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS81ODlhNmItNGQ3ZS00MDEyLWEwZmMtYzBjZWIwMzdhZDQy
LzEvNnNMQnI5Uzk3SmdGQnZvSDMzeUdZdFZVLWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAk7mjMAwD
BAO5FjgDBAC5FjowDQYJKoZIhvcNAQELBQADggEBACdl+ogdhXmM5sHEjeSrWtUc
pNP4Lh0bgL2DavixZg2YNmAoiSq2pDOfQgD4if7QkLGTUx1emr3QNEJyDZk8mAiI
2Ny3e7m6gLQGjW8oC9egyNpLPNA3R61SgoXGCqZiX0jbTl0xrTo80/+BdM7/OPNr
TBzzixdwjckOXoJMH+60mGtr2fAzFf50ZX7ksKxGsZuvKSgko8/NLfyXCtlDsKBp
a44V/Z/Np9GTRqqHQS2KAgXU7r/0IvWfqwovYiC1khjBAVrRUXa/cWZCLLynmRVe
TG4H43u3tb4LBm/hEjIjPT7GorJ3qTLAzteQf55/sIumX+qQOxczC3Yzu5Z9Ctg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:47 2024 by rpki-client on console-fra.rpki-client.org