Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/x1pE-9Zws3OOlZ8Y8U1gZhyCHv4.roa
File: x1pE-9Zws3OOlZ8Y8U1gZhyCHv4.roa (raw, json)
Hash identifier: f/kzJd9qQJgaAQkI8Nz7osE4N2G2iCX7q39xVqddz+E=
Subject key identifier: C7:5A:44:FB:D6:70:B3:73:8E:95:9F:18:F1:4D:60:66:1C:82:1E:FE
Certificate issuer: /CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Certificate serial: 0184C2B1277C47B3629795746400959177D4
Authority key identifier: B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/x1pE-9Zws3OOlZ8Y8U1gZhyCHv4.roa
Signing time: Tue 29 Nov 2022 09:21:40 +0000
ROA not before: Tue 29 Nov 2022 09:21:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209242
IP address blocks: 185.148.107.0/24 maxlen: 24
185.148.106.0/24 maxlen: 24
185.176.24.0/24 maxlen: 24
185.176.26.0/24 maxlen: 24
185.148.104.0/24 maxlen: 24
185.148.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:b1:27:7c:47:b3:62:97:95:74:64:00:95:91:77:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1af12f5ca75c922a4aa5dacb49c04a93237f4ed
Validity
Not Before: Nov 29 09:21:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c75a44fbd670b3738e959f18f14d60661c821efe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:11:87:81:69:eb:8f:7b:67:48:4f:74:79:91:
ae:3e:1b:1d:42:04:84:23:06:d9:8d:28:1f:54:63:
bb:ac:24:cd:e2:2f:fa:b7:9c:c9:15:28:72:b0:1f:
d0:4f:72:78:96:a7:b6:36:fa:72:89:16:6e:a8:99:
c3:b8:d5:7f:8a:82:98:46:ad:55:48:1e:d8:8c:c6:
4d:ea:0a:27:4a:4a:d5:1c:b8:6a:26:62:cf:bc:85:
85:14:48:00:bf:88:f8:56:50:4e:2d:f3:f1:a0:dd:
63:9c:1d:ed:f2:f0:b9:77:70:4b:49:53:be:c5:e4:
66:e4:46:5c:47:48:52:50:13:19:5e:5d:a2:e6:a1:
60:af:2a:0d:80:cb:2d:a8:2b:e6:67:fd:c6:2b:51:
bb:03:a1:80:be:f9:8e:bd:a3:a5:dc:14:53:92:0b:
17:f0:d5:82:13:9f:4a:ca:89:31:0c:3d:1c:6e:0e:
7d:49:ea:3e:32:45:ed:0e:bb:f3:4c:f6:2a:2e:a1:
7a:91:1f:df:ca:d3:aa:08:93:a3:06:52:33:ec:97:
20:fa:ed:95:f7:4f:0f:44:3c:9e:55:2b:7f:40:60:
fe:01:d8:86:e1:11:da:0f:f2:8b:49:0e:32:d3:f8:
3d:d3:32:5d:5e:fc:c9:70:db:a0:16:e4:79:ec:c8:
5e:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:5A:44:FB:D6:70:B3:73:8E:95:9F:18:F1:4D:60:66:1C:82:1E:FE
X509v3 Authority Key Identifier:
keyid:B1:AF:12:F5:CA:75:C9:22:A4:AA:5D:AC:B4:9C:04:A9:32:37:F4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sa8S9cp1ySKkql2stJwEqTI39O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/x1pE-9Zws3OOlZ8Y8U1gZhyCHv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/cbcf68-7cbf-47f0-82ee-5760efbcc654/1/sa8S9cp1ySKkql2stJwEqTI39O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.104.0/22
185.176.24.0/24
185.176.26.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:fa:0e:1a:8d:12:e7:3e:72:1e:4d:91:d5:c2:78:81:53:35:
aa:d2:c0:33:75:89:87:7a:a6:6d:bd:af:f7:9b:2c:b8:7f:67:
4b:3d:6b:11:6d:42:91:ce:89:59:20:70:a8:50:75:2d:82:8e:
db:5a:2f:6a:fd:01:7c:42:c1:61:24:47:9e:70:ef:23:a6:64:
19:92:db:7b:71:f9:f8:9e:3d:02:5d:74:5b:56:76:db:4b:27:
ee:e8:03:20:ba:33:dc:83:7e:75:c4:66:93:5e:d1:0c:e4:6c:
0e:cb:e6:14:6f:82:b4:3f:f1:2a:cf:6d:34:c4:53:af:58:97:
8f:c4:19:04:72:a1:46:e7:15:7e:e9:af:5e:ea:e9:dc:2e:68:
fd:a8:fd:aa:fb:00:e0:ba:88:15:b6:d0:41:0e:80:90:cf:5c:
79:48:68:48:16:9f:a1:56:75:10:f6:d6:c7:66:b0:2f:da:33:
35:6b:76:f6:41:a4:4b:df:a6:31:1a:09:b0:e4:de:06:df:9e:
2d:96:4e:7d:a3:4d:9a:b5:fb:e3:82:c1:6d:46:14:3c:0a:a3:
e6:af:38:de:a2:54:01:de:79:bb:ba:56:98:d8:99:fd:b0:de:
b6:56:4d:b8:a3:d8:ea:db:a4:a9:01:bc:14:44:f5:37:23:ce:
79:8f:aa:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTCsSd8R7Nil5V0ZACVkXfUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYWYxMmY1Y2E3NWM5MjJhNGFhNWRhY2I0OWMwNGE5MzIz
N2Y0ZWQwHhcNMjIxMTI5MDkyMTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzVhNDRmYmQ2NzBiMzczOGU5NTlmMThmMTRkNjA2NjFjODIxZWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBGHgWnrj3tnSE90eZGuPhsdQgSE
IwbZjSgfVGO7rCTN4i/6t5zJFShysB/QT3J4lqe2NvpyiRZuqJnDuNV/ioKYRq1V
SB7YjMZN6gonSkrVHLhqJmLPvIWFFEgAv4j4VlBOLfPxoN1jnB3t8vC5d3BLSVO+
xeRm5EZcR0hSUBMZXl2i5qFgryoNgMstqCvmZ/3GK1G7A6GAvvmOvaOl3BRTkgsX
8NWCE59KyokxDD0cbg59Seo+MkXtDrvzTPYqLqF6kR/fytOqCJOjBlIz7Jcg+u2V
908PRDyeVSt/QGD+AdiG4RHaD/KLSQ4y0/g90zJdXvzJcNugFuR57MheCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMdaRPvWcLNzjpWfGPFNYGYcgh7+MB8GA1UdIwQY
MBaAFLGvEvXKdckipKpdrLScBKkyN/TtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUt
NTc2MGVmYmNjNjU0LzEveDFwRS05WndzM09PbFo4WThVMWdaaHlDSHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jYmNmNjgtN2NiZi00N2YwLTgyZWUtNTc2MGVmYmNjNjU0
LzEvc2E4UzljcDF5U0trcWwyc3RKd0VxVEkzOU8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuZRoAwQA
ubAYAwQAubAaMA0GCSqGSIb3DQEBCwUAA4IBAQBN+g4ajRLnPnIeTZHVwniBUzWq
0sAzdYmHeqZtva/3myy4f2dLPWsRbUKRzolZIHCoUHUtgo7bWi9q/QF8QsFhJEee
cO8jpmQZktt7cfn4nj0CXXRbVnbbSyfu6AMgujPcg351xGaTXtEM5GwOy+YUb4K0
P/Eqz200xFOvWJePxBkEcqFG5xV+6a9e6uncLmj9qP2q+wDguogVttBBDoCQz1x5
SGhIFp+hVnUQ9tbHZrAv2jM1a3b2QaRL36YxGgmw5N4G354tlk59o02atfvjgsFt
RhQ8CqPmrzjeolQB3nm7ulaY2Jn9sN62Vk24o9jq26SpAbwURPU3I855j6rC
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:29 2024 by rpki-client on console-ams.rpki-client.org