Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/s9pUlXQuiN1k58-QW6NVLYaufkw.roa
File: s9pUlXQuiN1k58-QW6NVLYaufkw.roa (raw, json)
Hash identifier: wobr3DmRvasIj1jvmm7HP3sN57458jLp05zayDnZG1M=
Subject key identifier: B3:DA:54:95:74:2E:88:DD:64:E7:CF:90:5B:A3:55:2D:86:AE:7E:4C
Certificate issuer: /CN=1ba8ea3a2288a6af8f64a8383002c74085579a07
Certificate serial: 01855CEE0869FA03029A0CCD97F1778662FA
Authority key identifier: 1B:A8:EA:3A:22:88:A6:AF:8F:64:A8:38:30:02:C7:40:85:57:9A:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6jqOiKIpq-PZKg4MALHQIVXmgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/s9pUlXQuiN1k58-QW6NVLYaufkw.roa
Signing time: Thu 29 Dec 2022 08:09:41 +0000
ROA not before: Thu 29 Dec 2022 08:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212975
IP address blocks: 185.115.72.0/23 maxlen: 23
185.115.74.0/23 maxlen: 23
2a01:9647::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5c:ee:08:69:fa:03:02:9a:0c:cd:97:f1:77:86:62:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba8ea3a2288a6af8f64a8383002c74085579a07
Validity
Not Before: Dec 29 08:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3da5495742e88dd64e7cf905ba3552d86ae7e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:52:76:80:d6:35:98:e3:aa:81:d7:a4:c0:b1:
b1:fe:da:60:12:0d:2e:55:4e:d8:38:a9:cb:8b:e9:
78:89:b0:03:e4:9c:5d:4f:22:6d:32:a9:aa:ca:65:
2f:e9:5f:e3:1c:b6:da:b2:2a:23:23:d3:e2:7c:5c:
35:b3:fb:6a:4c:62:22:e7:cd:b0:da:f9:69:cc:36:
76:6d:3a:d8:f5:f9:20:9d:69:e4:0e:14:72:45:66:
17:dc:71:8c:49:73:9c:23:3a:b5:b0:26:b5:b8:a0:
06:f4:e9:ed:4e:d8:68:bc:02:2d:50:88:2e:8f:b0:
9c:94:1a:11:0a:7b:91:dd:e1:d7:f2:b4:f7:fd:44:
c6:e9:6d:f8:4f:4a:fb:ad:b9:ac:6e:8f:91:4d:0f:
a4:06:78:e2:a3:30:2a:69:bb:dd:a0:ad:e8:be:9e:
b5:5a:bf:85:7b:77:79:f6:90:64:9f:0c:ea:66:d4:
ae:de:9c:bd:79:95:a1:d1:59:47:1a:78:e1:1f:6e:
fe:a5:d9:12:fb:f1:d5:81:ef:3d:47:99:0b:b6:06:
7b:18:a4:2f:32:c0:3a:08:d0:ea:2f:e4:35:06:40:
0a:ba:81:0a:e4:24:23:0b:f6:23:92:96:89:2c:9b:
7a:4f:69:6e:da:26:53:4c:59:02:51:de:a3:88:74:
a8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:DA:54:95:74:2E:88:DD:64:E7:CF:90:5B:A3:55:2D:86:AE:7E:4C
X509v3 Authority Key Identifier:
keyid:1B:A8:EA:3A:22:88:A6:AF:8F:64:A8:38:30:02:C7:40:85:57:9A:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6jqOiKIpq-PZKg4MALHQIVXmgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/s9pUlXQuiN1k58-QW6NVLYaufkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/c0b283-88b9-43cd-b08f-a8ea43253ed5/1/G6jqOiKIpq-PZKg4MALHQIVXmgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.72.0/22
IPv6:
2a01:9647::/32
Signature Algorithm: sha256WithRSAEncryption
10:c4:33:38:97:f7:c1:33:53:47:d5:a6:25:f8:fe:8a:dd:f8:
6e:f5:2a:f9:2c:82:31:17:38:1f:5d:e2:1b:7a:df:da:8d:13:
d0:0d:7a:a8:60:a6:3d:bd:46:cb:19:e2:6d:c7:33:4f:8c:83:
7b:e9:79:1d:f1:44:d3:bb:04:02:64:ff:9e:09:50:da:3c:43:
54:d8:10:e1:26:82:22:23:0d:69:9a:18:61:2a:c8:b4:fa:d5:
9f:56:1d:a5:95:5b:79:31:9c:00:cc:d9:fa:81:a0:ea:ce:77:
96:58:61:87:51:3e:f4:84:75:9a:cd:77:43:0f:4d:9d:cf:df:
33:09:58:48:03:98:12:be:41:a8:de:29:9a:46:02:af:f0:03:
67:93:8b:a2:8d:d3:af:a4:dc:da:75:7f:44:a6:90:e4:8e:ba:
93:d4:43:e7:c6:c4:79:2c:bf:a1:e7:ff:89:8c:5f:52:cd:86:
5e:c3:ba:7c:cc:ff:57:13:59:27:a8:d9:53:38:82:b1:6e:8f:
75:9f:3b:06:6d:c1:12:3a:82:3a:24:48:65:c5:51:ca:8a:d7:
5d:aa:19:7a:8d:22:5f:30:ad:74:68:c1:b6:c0:f6:12:09:79:
73:fc:eb:bc:ea:60:a4:3e:a9:6e:7f:9f:9d:57:a4:ae:91:34:
48:38:15:70
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVc7ghp+gMCmgzNl/F3hmL6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYThlYTNhMjI4OGE2YWY4ZjY0YTgzODMwMDJjNzQwODU1
NzlhMDcwHhcNMjIxMjI5MDgwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2RhNTQ5NTc0MmU4OGRkNjRlN2NmOTA1YmEzNTUyZDg2YWU3ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAolJ2gNY1mOOqgdekwLGx/tpgEg0u
VU7YOKnLi+l4ibAD5JxdTyJtMqmqymUv6V/jHLbasiojI9PifFw1s/tqTGIi582w
2vlpzDZ2bTrY9fkgnWnkDhRyRWYX3HGMSXOcIzq1sCa1uKAG9OntTthovAItUIgu
j7CclBoRCnuR3eHX8rT3/UTG6W34T0r7rbmsbo+RTQ+kBnjiozAqabvdoK3ovp61
Wr+Fe3d59pBknwzqZtSu3py9eZWh0VlHGnjhH27+pdkS+/HVge89R5kLtgZ7GKQv
MsA6CNDqL+Q1BkAKuoEK5CQjC/YjkpaJLJt6T2lu2iZTTFkCUd6jiHSoeQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLPaVJV0LojdZOfPkFujVS2Grn5MMB8GA1UdIwQY
MBaAFBuo6joiiKavj2SoODACx0CFV5oHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZqcU9pS0lwcS1QWktnNE1BTEhRSVZYbWdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9jMGIyODMtODhiOS00M2NkLWIwOGYt
YThlYTQzMjUzZWQ1LzEvczlwVWxYUXVpTjFrNTgtUVc2TlZMWWF1Zmt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9jMGIyODMtODhiOS00M2NkLWIwOGYtYThlYTQzMjUzZWQ1
LzEvRzZqcU9pS0lwcS1QWktnNE1BTEhRSVZYbWdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXNIMA0E
AgACMAcDBQAqAZZHMA0GCSqGSIb3DQEBCwUAA4IBAQAQxDM4l/fBM1NH1aYl+P6K
3fhu9Sr5LIIxFzgfXeIbet/ajRPQDXqoYKY9vUbLGeJtxzNPjIN76Xkd8UTTuwQC
ZP+eCVDaPENU2BDhJoIiIw1pmhhhKsi0+tWfVh2llVt5MZwAzNn6gaDqzneWWGGH
UT70hHWazXdDD02dz98zCVhIA5gSvkGo3imaRgKv8ANnk4uijdOvpNzadX9EppDk
jrqT1EPnxsR5LL+h5/+JjF9SzYZew7p8zP9XE1knqNlTOIKxbo91nzsGbcESOoI6
JEhlxVHKitddqhl6jSJfMK10aMG2wPYSCXlz/Ou86mCkPqluf5+dV6SukTRIOBVw
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:50 2023 by rpki-client on console-fra.rpki-client.org