Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/I2Zvq51xiITyERXllR69UyXvQK4.roa
File: I2Zvq51xiITyERXllR69UyXvQK4.roa (raw, json)
Hash identifier: lwvvMHUIHPFJgFuOhgvaPYGYq8Fi8JSOe9YcK9q8aGQ=
Subject key identifier: 23:66:6F:AB:9D:71:88:84:F2:11:15:E5:95:1E:BD:53:25:EF:40:AE
Certificate issuer: /CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Certificate serial: 01F15972
Authority key identifier: 54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/I2Zvq51xiITyERXllR69UyXvQK4.roa
Signing time: Tue 04 Jan 2022 13:48:42 +0000
ROA not before: Tue 04 Jan 2022 13:48:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43872
IP address blocks: 185.253.176.0/22 maxlen: 22
193.247.94.0/24 maxlen: 24
193.247.103.0/24 maxlen: 24
193.247.101.0/24 maxlen: 24
185.187.61.0/24 maxlen: 24
185.183.20.0/22 maxlen: 22
193.247.165.0/24 maxlen: 24
5.253.252.0/22 maxlen: 22
92.118.111.0/24 maxlen: 24
2a10:cac0::/29 maxlen: 29
2a0b:180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 32594290 (0x1f15972)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=543e20bf5f252b1bdbd21dc99d94cd97ea7f0fe6
Validity
Not Before: Jan 4 13:48:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23666fab9d718884f21115e5951ebd5325ef40ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d4:a2:e7:75:2b:1a:53:d4:0a:1f:24:88:c7:
b3:4c:06:1d:18:d6:1a:0f:4b:91:ab:fc:92:e6:94:
5b:de:86:be:8c:1c:e8:d7:3a:1c:07:5f:ed:70:3d:
7f:21:6c:14:47:37:50:9a:c4:58:96:da:d3:94:c8:
79:ed:37:3d:d3:33:29:9a:64:42:a8:74:e4:02:fb:
21:9a:5e:8e:49:01:13:9b:1a:0a:9d:84:b9:80:7d:
63:a2:89:fb:72:4f:34:52:c0:c9:30:51:1d:34:0d:
ac:65:ea:b2:9d:c9:93:8c:9a:48:89:c8:08:1f:18:
7e:fa:96:64:7c:cc:d3:3b:89:84:9c:42:16:3f:c3:
b7:6c:1a:3d:71:4c:9f:ec:4c:95:15:19:70:81:bf:
ff:a8:e1:1f:99:68:52:a4:9d:eb:45:e3:dd:7c:18:
86:35:f9:d3:9a:4d:82:5e:43:ca:0e:37:8b:93:6f:
c4:ea:ba:02:e6:f2:08:21:88:0a:38:e0:d0:08:a9:
77:a1:25:fa:21:d9:56:d1:58:ce:a3:5b:87:91:20:
38:28:83:7b:5c:2e:a6:fa:33:db:bf:c9:df:31:ce:
c6:b5:fb:03:0d:50:48:f1:1a:c0:f2:0a:ac:ea:ae:
93:86:b6:a9:69:98:5f:c8:1f:c7:aa:66:f9:ee:4a:
d6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:66:6F:AB:9D:71:88:84:F2:11:15:E5:95:1E:BD:53:25:EF:40:AE
X509v3 Authority Key Identifier:
keyid:54:3E:20:BF:5F:25:2B:1B:DB:D2:1D:C9:9D:94:CD:97:EA:7F:0F:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VD4gv18lKxvb0h3JnZTNl-p_D-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/I2Zvq51xiITyERXllR69UyXvQK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4e87a6-6536-454a-a59e-d5ad996a1ac8/1/VD4gv18lKxvb0h3JnZTNl-p_D-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.252.0/22
92.118.111.0/24
185.183.20.0/22
185.187.61.0/24
185.253.176.0/22
193.247.94.0/24
193.247.101.0/24
193.247.103.0/24
193.247.165.0/24
IPv6:
2a0b:180::/29
2a10:cac0::/29
Signature Algorithm: sha256WithRSAEncryption
13:b2:39:49:c9:56:dd:05:cf:6b:e3:04:d0:c7:39:ea:05:28:
10:c6:5b:22:46:99:c8:da:04:53:81:47:25:2e:ff:74:8c:e2:
a8:8d:3f:d7:0f:36:0a:1b:f7:13:dc:c9:9d:b7:b5:d2:bc:4a:
2e:de:62:a8:1e:3c:99:ab:4a:d3:42:41:8a:76:20:37:50:2e:
0e:d8:23:be:9b:1c:a9:cc:f1:1f:24:f6:14:a8:e5:0f:15:b0:
0c:37:3e:ba:0f:d8:fa:40:91:f4:f3:b0:94:ad:68:31:51:05:
5a:92:5a:0e:c1:62:5c:4b:af:16:ef:9e:c9:c4:cf:fb:09:ce:
57:b7:0f:8a:62:de:25:dd:2b:3c:66:b4:54:84:f1:9a:51:d9:
e7:82:24:0a:f7:2b:a3:c7:b8:3b:48:73:9c:ae:e9:87:df:bf:
28:ec:eb:70:d9:9c:41:cf:6c:fd:26:c0:5e:61:c7:92:b6:71:
72:0b:88:00:84:3f:43:9e:8e:a2:be:fc:7c:2c:88:8f:f3:3b:
fb:62:c8:c8:7e:b2:44:4e:b4:07:4d:e1:d7:cb:b9:76:2e:73:
c0:b3:d6:49:62:c9:95:ac:0e:b9:a9:40:0c:50:0d:a4:2b:8f:
c2:57:ec:d5:8c:d9:1f:8b:a3:f1:c5:ac:e1:ea:6f:db:87:9d:
14:df:d9:9b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEAfFZcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDNlMjBiZjVmMjUyYjFiZGJkMjFkYzk5ZDk0Y2Q5N2VhN2YwZmU2MB4XDTIyMDEw
NDEzNDg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM2NjZmYWI5ZDcx
ODg4NGYyMTExNWU1OTUxZWJkNTMyNWVmNDBhZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKXUoud1KxpT1AofJIjHs0wGHRjWGg9Lkav8kuaUW96Gvowc
6Nc6HAdf7XA9fyFsFEc3UJrEWJba05TIee03PdMzKZpkQqh05AL7IZpejkkBE5sa
Cp2EuYB9Y6KJ+3JPNFLAyTBRHTQNrGXqsp3Jk4yaSInICB8YfvqWZHzM0zuJhJxC
Fj/Dt2waPXFMn+xMlRUZcIG//6jhH5loUqSd60Xj3XwYhjX505pNgl5Dyg43i5Nv
xOq6AubyCCGICjjg0Aipd6El+iHZVtFYzqNbh5EgOCiDe1wupvoz27/J3zHOxrX7
Aw1QSPEawPIKrOquk4a2qWmYX8gfx6pm+e5K1ssCAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBQjZm+rnXGIhPIRFeWVHr1TJe9ArjAfBgNVHSMEGDAWgBRUPiC/XyUrG9vS
HcmdlM2X6n8P5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZENGd2MThsS3h2YjBoM0puWlRObC1wX0QtWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvNGU4N2E2LTY1MzYtNDU0YS1hNTllLWQ1YWQ5OTZhMWFjOC8x
L0kyWnZxNTF4aUlUeUVSWGxsUjY5VXlYdlFLNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
NGU4N2E2LTY1MzYtNDU0YS1hNTllLWQ1YWQ5OTZhMWFjOC8xL1ZENGd2MThsS3h2
YjBoM0puWlRObC1wX0QtWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwPAQCAAEwNgMEAgX9/AMEAFx2bwMEArm3FAMEALm7
PQMEArn9sAMEAMH3XgMEAMH3ZQMEAMH3ZwMEAMH3pTAUBAIAAjAOAwUDKgsBgAMF
AyoQysAwDQYJKoZIhvcNAQELBQADggEBABOyOUnJVt0Fz2vjBNDHOeoFKBDGWyJG
mcjaBFOBRyUu/3SM4qiNP9cPNgob9xPcyZ23tdK8Si7eYqgePJmrStNCQYp2IDdQ
Lg7YI76bHKnM8R8k9hSo5Q8VsAw3ProP2PpAkfTzsJStaDFRBVqSWg7BYlxLrxbv
nsnEz/sJzle3D4pi3iXdKzxmtFSE8ZpR2eeCJAr3K6PHuDtIc5yu6Yffvyjs63DZ
nEHPbP0mwF5hx5K2cXILiACEP0OejqK+/HwsiI/zO/tiyMh+skROtAdN4dfLuXYu
c8Cz1kliyZWsDrmpQAxQDaQrj8JX7NWM2R+Lo/HFrOHqb9uHnRTf2Zs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:07 2024 by rpki-client on console-ams.rpki-client.org