Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IfsThFm7jYf78i3SmHpu0esWvb8.roa
File: IfsThFm7jYf78i3SmHpu0esWvb8.roa (raw, json)
Hash identifier: CnXWIXlQ+pAHmg8xqK+kI5aBAi1cDD3JWkiMuzdyiJs=
Subject key identifier: 21:FB:13:84:59:BB:8D:87:FB:F2:2D:D2:98:7A:6E:D1:EB:16:BD:BF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01850B687559664838AA363AF2E7956B9C76
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IfsThFm7jYf78i3SmHpu0esWvb8.roa
Signing time: Tue 13 Dec 2022 12:14:33 +0000
ROA not before: Tue 13 Dec 2022 12:14:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 185.246.112.0/24 maxlen: 24
194.147.17.0/24 maxlen: 24
185.246.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:68:75:59:66:48:38:aa:36:3a:f2:e7:95:6b:9c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 13 12:14:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=21fb138459bb8d87fbf22dd2987a6ed1eb16bdbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:19:82:de:e5:2e:d3:4c:c6:1d:ff:d7:89:1f:
ca:60:2e:bf:59:ba:4c:ec:77:8e:78:e6:ed:5a:28:
fd:3f:25:30:1b:4e:fc:b1:98:f6:48:af:4e:c9:e1:
87:2b:92:0a:f3:f4:bc:71:1a:10:d4:ca:5a:80:6b:
c7:b9:cf:59:54:c8:b9:e3:4e:2e:27:1a:c1:55:d2:
0d:5e:70:68:ce:2d:97:69:dc:4f:1c:e5:e0:22:e7:
42:fb:4d:af:0c:70:14:53:a1:7f:52:81:60:1d:51:
90:42:7a:d1:81:40:47:ea:de:d6:9f:26:fd:5c:a9:
96:d8:93:ef:e0:d8:88:1d:a1:e0:df:73:3e:05:2a:
ff:ff:78:90:e0:6a:21:65:ba:33:be:7d:8a:84:86:
d1:a2:82:69:fc:7b:0e:91:7e:2e:52:d4:c1:6f:22:
7d:19:fd:9e:af:30:bb:73:f0:0c:a2:60:1a:e5:1a:
c6:2b:cd:c1:ba:42:de:7a:b3:85:1a:23:2d:a4:3a:
99:f1:84:37:94:54:71:bd:7e:95:0a:65:73:d4:65:
d3:61:89:8c:06:49:8a:44:96:30:aa:c3:86:40:7e:
9a:fc:b0:fb:11:08:7e:60:c5:f6:08:b9:9b:22:5e:
ae:af:38:d4:79:a7:71:2e:2b:c6:bd:05:c5:76:4d:
ac:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FB:13:84:59:BB:8D:87:FB:F2:2D:D2:98:7A:6E:D1:EB:16:BD:BF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IfsThFm7jYf78i3SmHpu0esWvb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.246.112.0/23
194.147.17.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:6e:ff:8e:63:ac:79:93:50:13:7b:87:76:ac:0b:d8:52:8f:
b0:1c:ba:f6:5b:80:a4:7b:78:96:c8:52:16:1b:51:a4:f1:1c:
a5:b4:9e:8e:8e:e8:eb:3c:fa:ee:d0:1c:86:d5:1b:b7:b3:9f:
d2:8b:cc:12:cb:cc:a4:1b:8d:2e:5e:a5:04:74:60:69:bd:31:
94:f2:60:08:b9:56:5c:c7:d3:d2:aa:5b:cf:68:3c:4a:b4:05:
0b:57:f3:98:57:ba:78:2c:a3:c4:c7:55:dd:bb:5d:52:89:98:
75:b8:1b:51:4c:6b:18:10:59:38:a5:e3:ff:2d:5a:4d:14:e5:
73:55:86:b9:9d:e2:90:9e:dd:4f:b5:51:5b:ed:08:65:50:fd:
01:05:0b:14:8f:2d:fe:bd:82:e4:51:04:c5:b8:17:08:69:8e:
de:38:1f:34:e7:73:b8:e3:65:37:db:66:f1:86:cf:c1:c1:33:
5e:b4:af:61:fe:4a:44:ce:46:36:c2:ac:8d:3e:a3:f2:ce:be:
3f:00:5b:bd:ec:ea:67:f9:a2:b3:b2:50:e5:fa:1e:da:96:f4:
03:c0:f3:c7:fa:da:82:9f:07:a5:30:89:97:b6:43:a3:9a:c7:
b5:9f:58:9e:40:57:19:25:97:23:13:1c:9d:08:87:89:b5:3d:
3f:4d:9c:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYULaHVZZkg4qjY68ueVa5x2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMjEzMTIxNDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZiMTM4NDU5YmI4ZDg3ZmJmMjJkZDI5ODdhNmVkMWViMTZiZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RmC3uUu00zGHf/XiR/KYC6/WbpM
7HeOeObtWij9PyUwG078sZj2SK9OyeGHK5IK8/S8cRoQ1MpagGvHuc9ZVMi5404u
JxrBVdINXnBozi2XadxPHOXgIudC+02vDHAUU6F/UoFgHVGQQnrRgUBH6t7Wnyb9
XKmW2JPv4NiIHaHg33M+BSr//3iQ4GohZbozvn2KhIbRooJp/HsOkX4uUtTBbyJ9
Gf2erzC7c/AMomAa5RrGK83BukLeerOFGiMtpDqZ8YQ3lFRxvX6VCmVz1GXTYYmM
BkmKRJYwqsOGQH6a/LD7EQh+YMX2CLmbIl6urzjUeadxLivGvQXFdk2sQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCH7E4RZu42H+/It0ph6btHrFr2/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSWZzVGhGbTdqWWY3OGkzU21IcHUwZXNXdmI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBufZwAwQA
wpMRMA0GCSqGSIb3DQEBCwUAA4IBAQC5bv+OY6x5k1ATe4d2rAvYUo+wHLr2W4Ck
e3iWyFIWG1Gk8RyltJ6OjujrPPru0ByG1Ru3s5/Si8wSy8ykG40uXqUEdGBpvTGU
8mAIuVZcx9PSqlvPaDxKtAULV/OYV7p4LKPEx1Xdu11SiZh1uBtRTGsYEFk4peP/
LVpNFOVzVYa5neKQnt1PtVFb7QhlUP0BBQsUjy3+vYLkUQTFuBcIaY7eOB8053O4
42U322bxhs/BwTNetK9h/kpEzkY2wqyNPqPyzr4/AFu97Opn+aKzslDl+h7alvQD
wPPH+tqCnwelMImXtkOjmse1n1ieQFcZJZcjExydCIeJtT0/TZzl
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org