Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/1cI_BKQNG-Wd-uIOLAW8aQhXFG0.roa
File: 1cI_BKQNG-Wd-uIOLAW8aQhXFG0.roa (raw, json)
Hash identifier: srgKOzrFo9H9E0EnqhlYq1S9s7ZrJBASgXHS07j61co=
Subject key identifier: D5:C2:3F:04:A4:0D:1B:E5:9D:FA:E2:0E:2C:05:BC:69:08:57:14:6D
Certificate issuer: /CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
Certificate serial: 01845BEC9BB799281C4EEAEB6F6987066C5A
Authority key identifier: D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/1cI_BKQNG-Wd-uIOLAW8aQhXFG0.roa
Signing time: Wed 09 Nov 2022 10:25:43 +0000
ROA not before: Wed 09 Nov 2022 10:25:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61121
IP address blocks: 185.18.4.0/24 maxlen: 24
185.18.4.0/22 maxlen: 22
185.18.4.0/23 maxlen: 23
185.18.7.0/24 maxlen: 24
185.18.6.0/23 maxlen: 23
185.18.5.0/24 maxlen: 24
185.18.6.0/24 maxlen: 24
2a03:f1c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:ec:9b:b7:99:28:1c:4e:ea:eb:6f:69:87:06:6c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8073d06b58652f849fa8bcf3cec6b950909bd68
Validity
Not Before: Nov 9 10:25:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5c23f04a40d1be59dfae20e2c05bc690857146d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:65:7b:48:5a:32:a4:8c:08:7e:7f:b4:9e:e1:
e8:0f:79:27:70:7e:9c:85:ce:aa:aa:14:06:e4:65:
f0:70:f8:f5:4f:e0:11:72:32:be:1d:2e:a1:63:ca:
4d:dc:5b:f2:14:85:3b:12:b6:4e:45:ea:86:f8:50:
1a:09:c2:45:9a:93:24:61:bb:1a:fb:98:f8:07:60:
d1:f2:da:f2:70:49:9c:7a:3d:9d:f3:c1:e7:29:08:
18:96:91:bb:9d:92:a3:3b:d9:62:da:a9:16:16:d9:
22:a4:ce:24:8a:aa:5b:c4:f7:8c:0f:11:ea:cb:3e:
5d:39:c2:3b:28:bf:15:b8:e4:09:aa:4f:af:71:99:
7c:0c:5e:ae:b9:16:4d:50:fb:e2:c7:92:2c:7b:b2:
27:78:28:b1:50:bf:ac:a5:03:48:55:6a:a5:49:dc:
7c:f0:d0:52:e9:1f:4d:0d:97:a4:48:f4:8e:d9:d1:
bc:05:0d:59:0f:08:e5:64:52:14:f1:67:9e:21:5e:
dc:57:a9:13:f2:19:41:3b:8b:1d:e0:61:49:e2:25:
b6:f6:95:8a:18:c5:10:96:9f:d8:6d:ca:60:c2:e3:
90:2d:02:07:e9:03:a2:4f:6c:fe:18:a8:09:ff:84:
ad:bc:36:02:cd:fb:f4:cf:54:44:60:55:c9:ca:d3:
e9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:C2:3F:04:A4:0D:1B:E5:9D:FA:E2:0E:2C:05:BC:69:08:57:14:6D
X509v3 Authority Key Identifier:
keyid:D8:07:3D:06:B5:86:52:F8:49:FA:8B:CF:3C:EC:6B:95:09:09:BD:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/1cI_BKQNG-Wd-uIOLAW8aQhXFG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/721920-939b-412b-a3c5-2329d79c4ae3/1/2Ac9BrWGUvhJ-ovPPOxrlQkJvWg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.4.0/22
IPv6:
2a03:f1c0::/32
Signature Algorithm: sha256WithRSAEncryption
13:b1:ad:6f:09:a3:65:51:5a:2f:14:69:5c:a5:20:2e:22:a6:
3f:92:5f:e0:91:09:66:2a:2f:eb:cc:8e:20:25:16:a0:19:d5:
c7:42:9a:7a:88:4b:2f:8b:a8:50:73:8a:c3:9c:31:08:3d:31:
08:fe:de:d9:45:a7:c0:6e:2f:5f:65:2a:be:7d:bf:a8:8e:dd:
34:04:1b:ff:96:f1:cf:ad:05:2d:59:f9:54:de:ff:fb:64:4e:
d8:22:19:9e:f1:77:31:89:df:d7:b8:c7:12:a5:42:f6:4a:02:
b8:f1:8c:5d:af:3d:e7:c9:4b:0b:ed:e1:68:9c:ae:ff:f5:f2:
da:a1:16:b7:97:9f:dd:94:b5:ca:95:30:c2:13:23:42:cb:21:
9e:04:8c:c6:4f:cd:de:8a:61:76:38:9a:a0:f4:7e:1c:01:57:
27:f8:51:06:16:75:e2:69:aa:59:eb:ce:b9:26:42:4d:06:fc:
e9:38:78:8b:49:2c:e2:f3:7a:ec:87:0e:33:a5:7c:c7:4f:c0:
95:cb:8c:12:69:06:97:2f:4d:18:53:cc:5a:a5:01:81:0d:bd:
cd:ca:40:a3:45:45:31:d9:f4:57:d0:1d:3d:26:6c:f0:d1:55:
b7:b8:6c:64:88:34:0d:2f:88:a0:bf:b0:f2:51:33:a0:65:65:
fb:fd:d2:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRb7Ju3mSgcTurrb2mHBmxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MDczZDA2YjU4NjUyZjg0OWZhOGJjZjNjZWM2Yjk1MDkw
OWJkNjgwHhcNMjIxMTA5MTAyNTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWMyM2YwNGE0MGQxYmU1OWRmYWUyMGUyYzA1YmM2OTA4NTcxNDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGV7SFoypIwIfn+0nuHoD3kncH6c
hc6qqhQG5GXwcPj1T+ARcjK+HS6hY8pN3FvyFIU7ErZOReqG+FAaCcJFmpMkYbsa
+5j4B2DR8trycEmcej2d88HnKQgYlpG7nZKjO9li2qkWFtkipM4kiqpbxPeMDxHq
yz5dOcI7KL8VuOQJqk+vcZl8DF6uuRZNUPvix5Ise7IneCixUL+spQNIVWqlSdx8
8NBS6R9NDZekSPSO2dG8BQ1ZDwjlZFIU8WeeIV7cV6kT8hlBO4sd4GFJ4iW29pWK
GMUQlp/YbcpgwuOQLQIH6QOiT2z+GKgJ/4StvDYCzfv0z1REYFXJytPpMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNXCPwSkDRvlnfriDiwFvGkIVxRtMB8GA1UdIwQY
MBaAFNgHPQa1hlL4SfqLzzzsa5UJCb1oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUt
MjMyOWQ3OWM0YWUzLzEvMWNJX0JLUU5HLVdkLXVJT0xBVzhhUWhYRkcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MjE5MjAtOTM5Yi00MTJiLWEzYzUtMjMyOWQ3OWM0YWUz
LzEvMkFjOUJyV0dVdmhKLW92UFBPeHJsUWtKdldnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRIEMA0E
AgACMAcDBQAqA/HAMA0GCSqGSIb3DQEBCwUAA4IBAQATsa1vCaNlUVovFGlcpSAu
IqY/kl/gkQlmKi/rzI4gJRagGdXHQpp6iEsvi6hQc4rDnDEIPTEI/t7ZRafAbi9f
ZSq+fb+ojt00BBv/lvHPrQUtWflU3v/7ZE7YIhme8Xcxid/XuMcSpUL2SgK48Yxd
rz3nyUsL7eFonK7/9fLaoRa3l5/dlLXKlTDCEyNCyyGeBIzGT83eimF2OJqg9H4c
AVcn+FEGFnXiaapZ6865JkJNBvzpOHiLSSzi83rshw4zpXzHT8CVy4wSaQaXL00Y
U8xapQGBDb3NykCjRUUx2fRX0B09Jmzw0VW3uGxkiDQNL4igv7DyUTOgZWX7/dK1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:52 2023 by rpki-client on console-ams.rpki-client.org