Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/wfOl65hVDVPU-1odTfw5bGUq_io.roa
File: wfOl65hVDVPU-1odTfw5bGUq_io.roa (raw, json)
Hash identifier: W/q5GhxrMM4gO4BzbTySf1y1QK1NiXZ2p9Jf+VjpGP4=
Subject key identifier: C1:F3:A5:EB:98:55:0D:53:D4:FB:5A:1D:4D:FC:39:6C:65:2A:FE:2A
Certificate issuer: /CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Certificate serial: 0184D2E9CD64A5F425C9AC544C68EC9FFCEE
Authority key identifier: 39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/wfOl65hVDVPU-1odTfw5bGUq_io.roa
Signing time: Fri 02 Dec 2022 12:57:28 +0000
ROA not before: Fri 02 Dec 2022 12:57:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12337
IP address blocks: 185.250.111.0/24 maxlen: 24
185.250.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:e9:cd:64:a5:f4:25:c9:ac:54:4c:68:ec:9f:fc:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f7c7498fd9c9f28680495162b9eb76ad47c603
Validity
Not Before: Dec 2 12:57:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1f3a5eb98550d53d4fb5a1d4dfc396c652afe2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:81:e3:dc:b8:d7:2c:76:1c:51:a3:6f:7d:5d:
38:ca:f5:2d:83:2a:c2:cd:fb:9d:4e:8d:d3:a4:24:
83:e2:ca:6b:bf:03:63:84:42:56:fe:04:4f:6f:a9:
e2:15:e5:ce:2a:be:a8:fa:e2:3f:9d:9d:92:e0:c0:
65:04:fa:84:72:b9:0e:9e:48:3f:48:30:03:46:2f:
02:a0:4a:7f:fc:a6:b6:4e:97:3f:85:f6:e8:9c:17:
cc:02:ee:39:95:49:15:b8:e4:85:94:91:a2:25:5b:
8d:5f:e6:9f:43:b7:b2:50:60:0f:4d:4e:5f:84:60:
0d:f4:ba:55:a0:8a:16:db:4a:1f:19:53:1d:55:5e:
1e:4b:fa:01:ed:a0:42:95:a2:f2:db:f4:e0:89:5e:
47:7b:43:da:c9:b0:f3:17:86:46:49:28:6f:a3:5f:
10:3e:9e:2f:34:ae:64:8f:dd:f6:0b:a4:20:c0:3d:
8e:11:23:aa:f1:9c:29:a2:f8:cb:1d:a0:5c:1c:c7:
0b:d7:23:3c:7c:9d:f1:d0:cd:93:c7:3b:f9:6e:af:
cf:a2:a6:96:7d:85:0b:54:a5:a5:c8:87:12:f5:ee:
d6:50:bd:3d:27:81:79:b7:64:d4:90:79:56:ee:14:
05:21:b6:76:40:af:31:d1:d5:35:6f:cb:fa:c8:dc:
b9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F3:A5:EB:98:55:0D:53:D4:FB:5A:1D:4D:FC:39:6C:65:2A:FE:2A
X509v3 Authority Key Identifier:
keyid:39:F7:C7:49:8F:D9:C9:F2:86:80:49:51:62:B9:EB:76:AD:47:C6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OffHSY_ZyfKGgElRYrnrdq1HxgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/wfOl65hVDVPU-1odTfw5bGUq_io.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1d5b0b-4b05-402c-8265-efcfba9907dc/1/OffHSY_ZyfKGgElRYrnrdq1HxgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.250.109.0/24
185.250.111.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:0b:65:7d:fb:44:8c:e4:ca:da:a8:91:7d:a0:17:6a:1f:c8:
f7:1d:d3:74:37:3a:2b:cf:d5:c4:36:c1:b6:6b:ad:d1:fe:b5:
ca:28:ee:e6:3d:bf:3c:e7:f2:8d:ec:f1:c7:75:00:06:7e:51:
bf:34:60:60:6a:56:b1:5a:1b:5a:6d:f3:4f:ad:7b:f1:a8:dc:
41:c9:2a:47:85:5b:2a:25:e5:e5:e9:16:c1:71:f0:1d:e3:dd:
2c:6c:d8:82:d3:e8:01:cd:97:3a:d7:c0:71:3a:6b:6f:ab:5c:
75:a6:86:67:1a:8e:17:5e:68:c8:2d:92:b4:2d:66:0d:be:d6:
c3:8f:af:96:7e:29:0c:fc:4a:f5:4d:b0:a6:28:c2:1b:05:f7:
f0:f6:e8:47:c7:16:c7:59:f3:17:83:8f:46:f8:81:63:17:04:
51:de:51:8f:44:ec:0d:07:ce:ce:42:8c:ab:e3:cf:aa:a1:ba:
ac:58:17:cf:1a:63:c7:df:49:bb:fb:c9:dd:07:46:86:2a:6c:
13:12:5e:2d:39:30:7d:36:7f:f5:7d:9b:0f:02:d3:4e:1b:64:
4f:22:44:5f:c0:38:78:d5:61:f0:6b:48:e8:96:be:0f:75:c0:
45:ab:3d:a7:0e:cf:ef:b1:bd:52:83:78:fd:7a:de:00:b2:20:
56:12:7e:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTS6c1kpfQlyaxUTGjsn/zuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjdjNzQ5OGZkOWM5ZjI4NjgwNDk1MTYyYjllYjc2YWQ0
N2M2MDMwHhcNMjIxMjAyMTI1NzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYzYTVlYjk4NTUwZDUzZDRmYjVhMWQ0ZGZjMzk2YzY1MmFmZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4Hj3LjXLHYcUaNvfV04yvUtgyrC
zfudTo3TpCSD4sprvwNjhEJW/gRPb6niFeXOKr6o+uI/nZ2S4MBlBPqEcrkOnkg/
SDADRi8CoEp//Ka2Tpc/hfbonBfMAu45lUkVuOSFlJGiJVuNX+afQ7eyUGAPTU5f
hGAN9LpVoIoW20ofGVMdVV4eS/oB7aBClaLy2/TgiV5He0PaybDzF4ZGSShvo18Q
Pp4vNK5kj932C6QgwD2OESOq8ZwpovjLHaBcHMcL1yM8fJ3x0M2Txzv5bq/PoqaW
fYULVKWlyIcS9e7WUL09J4F5t2TUkHlW7hQFIbZ2QK8x0dU1b8v6yNy5lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMHzpeuYVQ1T1PtaHU38OWxlKv4qMB8GA1UdIwQY
MBaAFDn3x0mP2cnyhoBJUWK563atR8YDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUt
ZWZjZmJhOTkwN2RjLzEvd2ZPbDY1aFZEVlBVLTFvZFRmdzViR1VxX2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi8xZDViMGItNGIwNS00MDJjLTgyNjUtZWZjZmJhOTkwN2Rj
LzEvT2ZmSFNZX1p5ZktHZ0VsUllybnJkcTFIeGdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufptAwQA
ufpvMA0GCSqGSIb3DQEBCwUAA4IBAQBaC2V9+0SM5MraqJF9oBdqH8j3HdN0Nzor
z9XENsG2a63R/rXKKO7mPb885/KN7PHHdQAGflG/NGBgalaxWhtabfNPrXvxqNxB
ySpHhVsqJeXl6RbBcfAd490sbNiC0+gBzZc618BxOmtvq1x1poZnGo4XXmjILZK0
LWYNvtbDj6+WfikM/Er1TbCmKMIbBffw9uhHxxbHWfMXg49G+IFjFwRR3lGPROwN
B87OQoyr48+qobqsWBfPGmPH30m7+8ndB0aGKmwTEl4tOTB9Nn/1fZsPAtNOG2RP
IkRfwDh41WHwa0jolr4PdcBFqz2nDs/vsb1Sg3j9et4AsiBWEn7g
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:54 2024 by rpki-client on console-fra.rpki-client.org