Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IsSgvAV9mwHxy8-9rUPytmNqWH4.roa
File: IsSgvAV9mwHxy8-9rUPytmNqWH4.roa (raw, json)
Hash identifier: ARuAoXtw0t2T1njJskNdpHXV5u2jZFjhsKVFo5ELo+o=
Subject key identifier: 22:C4:A0:BC:05:7D:9B:01:F1:CB:CF:BD:AD:43:F2:B6:63:6A:58:7E
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018533D3F1D044609617016A49B507262F2C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IsSgvAV9mwHxy8-9rUPytmNqWH4.roa
Signing time: Wed 21 Dec 2022 08:36:46 +0000
ROA not before: Wed 21 Dec 2022 08:36:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 185.206.250.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
45.8.21.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:33:d3:f1:d0:44:60:96:17:01:6a:49:b5:07:26:2f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Dec 21 08:36:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22c4a0bc057d9b01f1cbcfbdad43f2b6636a587e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fe:c7:f8:c5:6b:38:33:da:62:8f:44:21:8c:
8a:30:fc:2e:de:6a:f0:23:25:d2:f3:d2:8e:df:df:
54:81:ca:98:38:64:f5:b4:96:be:a9:c0:82:41:f4:
96:67:6c:a4:50:80:38:82:57:94:bc:86:fd:5b:a6:
30:f1:1e:23:c5:18:c6:1c:f1:70:d6:a3:16:c7:da:
b3:7f:0a:52:46:bf:fd:dc:33:66:11:54:25:f9:4f:
24:01:aa:95:b6:17:42:55:7f:ba:93:73:86:eb:80:
32:7d:c9:4f:5c:ec:da:8e:0a:87:74:d5:3b:77:0a:
ce:e4:e5:d7:f5:d3:c8:aa:9c:54:1b:27:15:b4:86:
76:5c:94:53:50:5f:77:36:5b:f6:73:25:fe:99:dc:
e9:ea:54:71:2c:bd:c4:dd:6d:2f:c1:db:39:ee:80:
ce:4f:ba:c3:2b:18:b3:4d:ba:c5:e9:7f:ac:07:5e:
2b:bb:0e:05:02:6f:50:5a:1b:1e:2a:15:59:93:22:
b3:f9:8f:05:57:2d:3b:10:ff:16:90:2b:e7:5f:d3:
e9:7b:5a:ff:09:cb:79:92:d4:95:ac:83:d0:49:93:
bc:58:14:17:b4:59:bd:be:4b:25:f0:13:0f:39:a5:
95:47:1c:3c:b1:87:7b:ad:9c:7e:db:f5:90:87:60:
2a:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C4:A0:BC:05:7D:9B:01:F1:CB:CF:BD:AD:43:F2:B6:63:6A:58:7E
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/IsSgvAV9mwHxy8-9rUPytmNqWH4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.21.0/24
45.131.135.0/24
185.206.250.0/24
185.223.155.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:af:13:ae:0a:4d:23:11:f4:6a:eb:1e:d9:1f:fa:6a:3c:18:
b4:9a:ab:05:74:80:56:20:15:74:21:d9:e2:bb:b0:c9:2d:e6:
0e:f1:1e:36:73:26:65:ee:54:82:c8:d0:ee:f0:7c:3f:5d:58:
f9:9d:b7:e0:33:36:46:20:ca:d1:5b:5c:2b:d1:3d:48:c1:b9:
8a:53:b4:d8:71:79:81:27:9a:8d:f1:8c:9a:09:10:69:0b:7c:
6a:07:ad:d9:3d:bc:b4:e3:fc:e3:ec:dc:0f:84:00:1c:6c:56:
a3:53:0d:84:a1:14:5f:c5:86:12:1b:f3:6a:c8:f7:41:0a:e0:
d3:0b:d7:47:db:51:b4:d7:f0:f5:46:7b:3c:bd:76:07:4a:18:
fa:a4:92:69:2f:2e:d8:59:5a:dc:00:9a:72:35:a5:1b:45:eb:
24:2a:86:38:dc:40:ac:6e:3b:9b:5f:3d:bc:e5:4b:5f:92:28:
c7:b7:54:86:21:64:49:8b:b6:2e:12:20:61:c4:d8:4f:bd:c7:
1b:d0:6c:b4:ef:20:ae:93:1b:89:61:c0:62:22:17:17:38:b0:
18:73:bc:bd:aa:b3:de:ad:89:a5:b6:17:9e:79:0a:77:22:ab:
ea:10:91:14:f5:65:64:c4:b7:95:f2:c5:d5:5f:8b:51:69:19:
24:92:ac:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUz0/HQRGCWFwFqSbUHJi8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjIxMjIxMDgzNjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmM0YTBiYzA1N2Q5YjAxZjFjYmNmYmRhZDQzZjJiNjYzNmE1ODdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP7H+MVrODPaYo9EIYyKMPwu3mrw
IyXS89KO399UgcqYOGT1tJa+qcCCQfSWZ2ykUIA4gleUvIb9W6Yw8R4jxRjGHPFw
1qMWx9qzfwpSRr/93DNmEVQl+U8kAaqVthdCVX+6k3OG64AyfclPXOzajgqHdNU7
dwrO5OXX9dPIqpxUGycVtIZ2XJRTUF93Nlv2cyX+mdzp6lRxLL3E3W0vwds57oDO
T7rDKxizTbrF6X+sB14ruw4FAm9QWhseKhVZkyKz+Y8FVy07EP8WkCvnX9Ppe1r/
Cct5ktSVrIPQSZO8WBQXtFm9vksl8BMPOaWVRxw8sYd7rZx+2/WQh2AqOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCLEoLwFfZsB8cvPva1D8rZjalh+MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvSXNTZ3ZBVjltd0h4eTgtOXJVUHl0bU5xV0g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQgVAwQA
LYOHAwQAuc76AwQAud+bMA0GCSqGSIb3DQEBCwUAA4IBAQAKrxOuCk0jEfRq6x7Z
H/pqPBi0mqsFdIBWIBV0Idniu7DJLeYO8R42cyZl7lSCyNDu8Hw/XVj5nbfgMzZG
IMrRW1wr0T1IwbmKU7TYcXmBJ5qN8YyaCRBpC3xqB63ZPby04/zj7NwPhAAcbFaj
Uw2EoRRfxYYSG/NqyPdBCuDTC9dH21G01/D1Rns8vXYHShj6pJJpLy7YWVrcAJpy
NaUbReskKoY43ECsbjubXz285UtfkijHt1SGIWRJi7YuEiBhxNhPvccb0Gy07yCu
kxuJYcBiIhcXOLAYc7y9qrPerYmltheeeQp3IqvqEJEU9WVkxLeV8sXVX4tRaRkk
kqyr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:21 2024 by rpki-client on console-ams.rpki-client.org