Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/Ia2Lsde1JwFNB4ulrFQ4rVnMhyk.roa
File: Ia2Lsde1JwFNB4ulrFQ4rVnMhyk.roa (raw, json)
Hash identifier: ImZDPNZSzRe8Z73RQURc9LR1MfwoGricfW3RAl/G+rk=
Subject key identifier: 21:AD:8B:B1:D7:B5:27:01:4D:07:8B:A5:AC:54:38:AD:59:CC:87:29
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 178AF602
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/Ia2Lsde1JwFNB4ulrFQ4rVnMhyk.roa
Signing time: Thu 31 Mar 2022 08:01:35 +0000
ROA not before: Thu 31 Mar 2022 08:01:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201178
IP address blocks: 185.81.236.0/24 maxlen: 24
185.81.236.0/22 maxlen: 24
185.81.237.0/24 maxlen: 24
185.81.238.0/24 maxlen: 24
185.81.239.0/24 maxlen: 24
185.153.248.0/22 maxlen: 24
2a05:8a00::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 394982914 (0x178af602)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Mar 31 08:01:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21ad8bb1d7b527014d078ba5ac5438ad59cc8729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:14:07:d1:77:f1:74:4e:ee:d3:c8:7c:03:68:
46:4d:cf:83:53:6b:23:2a:ef:ae:73:4e:62:e9:42:
8d:4d:4b:84:ec:c1:ff:61:32:92:c3:15:c3:ed:a7:
e8:a8:46:7a:1b:90:01:ef:18:ec:48:27:62:59:8c:
8a:51:9a:09:c8:89:c5:58:a1:3a:96:e3:6f:98:81:
64:09:11:ff:9a:79:28:13:38:af:e9:94:30:7b:47:
81:2c:42:82:c2:5f:4b:15:0e:e0:5a:be:dd:bc:d5:
de:de:d3:35:12:76:bf:2a:81:fa:6e:21:64:2b:8a:
95:e9:56:93:19:91:99:ae:9a:ba:1a:48:6d:2f:a1:
6d:88:0f:7b:bc:ba:31:91:01:79:4d:d1:f3:14:10:
a5:2a:71:f3:e1:4e:05:c9:b2:44:ff:97:f9:8f:48:
3a:d0:dd:0c:d1:53:34:20:7b:cf:2d:7e:f9:23:7f:
b0:e6:ce:c2:3d:25:ed:59:33:90:03:41:00:28:3f:
2c:f9:a5:24:1c:15:b4:29:87:54:79:85:87:0d:b2:
63:4c:8e:98:b8:51:a6:cc:e7:26:48:e4:3e:c8:49:
58:e1:52:24:0a:0d:eb:b9:b9:b6:5d:ca:8f:82:fa:
4e:3c:5a:17:d6:fa:0a:52:ce:ff:b1:e5:24:11:de:
13:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:AD:8B:B1:D7:B5:27:01:4D:07:8B:A5:AC:54:38:AD:59:CC:87:29
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/Ia2Lsde1JwFNB4ulrFQ4rVnMhyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.236.0/22
185.153.248.0/22
IPv6:
2a05:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
79:c0:c8:e5:ee:82:d4:7e:b2:18:89:a1:00:26:89:79:7d:2e:
11:2e:ab:4d:aa:9a:86:cf:23:06:57:24:ab:3c:01:10:68:83:
9a:a5:a9:5b:fd:c8:a7:2d:f9:91:f0:74:38:7b:c7:7b:aa:c5:
9d:3c:f9:07:4a:06:70:2b:4a:70:06:c0:12:d5:da:4b:83:e8:
c6:d6:06:c4:94:81:db:7c:1e:f1:aa:f6:37:29:24:b7:5d:0f:
45:73:70:36:ff:3b:89:d6:69:31:aa:e2:c0:74:79:b6:2e:bb:
40:99:40:c6:f6:ec:7f:82:ed:02:c8:7c:a9:2a:80:64:e4:83:
03:fa:73:8d:a7:e2:cd:21:49:44:b4:c1:15:1a:13:04:d8:e0:
f5:33:65:e0:fa:43:0f:13:55:c1:50:ce:ea:3f:8a:7a:30:89:
ba:29:f7:4f:5c:2b:c7:0b:fb:0f:1d:63:62:31:12:0e:7f:ba:
4d:21:94:04:db:e5:b1:1b:63:ea:cd:5a:b5:91:43:2a:de:48:
06:e9:09:e1:af:da:17:77:3f:36:57:52:92:54:ca:3b:49:a6:
c2:19:10:09:91:db:e2:fd:71:86:8d:bc:80:c2:fd:78:93:9b:
76:ac:fb:77:64:8a:e0:2d:cf:2f:bc:56:72:f4:0a:be:28:8e:
84:df:93:7e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEF4r2AjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDY3MzY3OTY3ZGM3NjMzNDlmZDBiNTBlMzFmNzViODIzMDI4NTkwMB4XDTIyMDMz
MTA4MDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjFhZDhiYjFkN2I1
MjcwMTRkMDc4YmE1YWM1NDM4YWQ1OWNjODcyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANsUB9F38XRO7tPIfANoRk3Pg1NrIyrvrnNOYulCjU1LhOzB
/2EyksMVw+2n6KhGehuQAe8Y7EgnYlmMilGaCciJxVihOpbjb5iBZAkR/5p5KBM4
r+mUMHtHgSxCgsJfSxUO4Fq+3bzV3t7TNRJ2vyqB+m4hZCuKlelWkxmRma6auhpI
bS+hbYgPe7y6MZEBeU3R8xQQpSpx8+FOBcmyRP+X+Y9IOtDdDNFTNCB7zy1++SN/
sObOwj0l7VkzkANBACg/LPmlJBwVtCmHVHmFhw2yY0yOmLhRpsznJkjkPshJWOFS
JAoN67m5tl3Kj4L6TjxaF9b6ClLO/7HlJBHeE8MCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQhrYux17UnAU0Hi6WsVDitWcyHKTAfBgNVHSMEGDAWgBS0ZzZ5Z9x2M0n9
C1DjH3W4IwKFkDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RHYzJlV2ZjZGpOSl9RdFE0eDkxdUNNQ2haQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvZGZjNGYyLWVkN2QtNDYxMC04NjBjLWI4MTM3M2M0MGRjOS8x
L0lhMkxzZGUxSndGTkI0dWxyRlE0clZuTWh5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
ZGZjNGYyLWVkN2QtNDYxMC04NjBjLWI4MTM3M2M0MGRjOS8xL3RHYzJlV2ZjZGpO
Sl9RdFE0eDkxdUNNQ2haQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlR7AMEArmZ+DANBAIAAjAHAwUD
KgWKADANBgkqhkiG9w0BAQsFAAOCAQEAecDI5e6C1H6yGImhACaJeX0uES6rTaqa
hs8jBlckqzwBEGiDmqWpW/3Ipy35kfB0OHvHe6rFnTz5B0oGcCtKcAbAEtXaS4Po
xtYGxJSB23we8ar2Nykkt10PRXNwNv87idZpMariwHR5ti67QJlAxvbsf4LtAsh8
qSqAZOSDA/pzjafizSFJRLTBFRoTBNjg9TNl4PpDDxNVwVDO6j+KejCJuin3T1wr
xwv7Dx1jYjESDn+6TSGUBNvlsRtj6s1atZFDKt5IBukJ4a/aF3c/NldSklTKO0mm
whkQCZHb4v1xho28gML9eJObdqz7d2SK4C3PL7xWcvQKviiOhN+Tfg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:39 2024 by rpki-client on console-ams.rpki-client.org