Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/22V5PV9WIHbzVWGaM-weBPDPUBE.roa
File: 22V5PV9WIHbzVWGaM-weBPDPUBE.roa (raw, json)
Hash identifier: ObLStYq5H1dwlwueo0q+31SmZQlEOK/3kDrw6H30AvM=
Subject key identifier: DB:65:79:3D:5F:56:20:76:F3:55:61:9A:33:EC:1E:04:F0:CF:50:11
Certificate issuer: /CN=a608db43964b6986ec740f0b5e33f627589ac560
Certificate serial: 120DA2DA
Authority key identifier: A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/22V5PV9WIHbzVWGaM-weBPDPUBE.roa
Signing time: Tue 15 Mar 2022 06:28:09 +0000
ROA not before: Tue 15 Mar 2022 06:28:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60042
IP address blocks: 185.42.228.0/22 maxlen: 22
176.118.209.0/24 maxlen: 24
176.118.208.0/22 maxlen: 22
176.118.213.0/24 maxlen: 24
176.118.214.0/23 maxlen: 23
176.118.216.0/22 maxlen: 22
176.118.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 302883546 (0x120da2da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a608db43964b6986ec740f0b5e33f627589ac560
Validity
Not Before: Mar 15 06:28:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db65793d5f562076f355619a33ec1e04f0cf5011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d9:57:d2:a0:88:42:c1:8a:78:04:de:43:ea:
40:2e:2c:a2:5a:69:3a:f0:c8:33:bf:54:af:db:fc:
b1:3b:d0:ea:33:d2:68:24:27:9e:e0:d5:b9:88:01:
4a:fc:ab:98:60:d0:7c:16:75:05:a0:64:b3:6b:0c:
bf:fe:54:0e:29:e6:9e:6b:94:38:f4:dd:ac:32:36:
a9:a8:bb:77:d3:9b:b9:b6:61:c0:2e:ca:8a:06:e8:
3b:48:a0:72:e9:30:46:b4:6d:c9:b7:43:35:58:f8:
b9:c6:dd:4e:c0:2c:74:4b:f5:39:8c:f8:7f:4f:69:
95:08:49:52:bb:34:f3:18:f2:b1:91:92:03:73:73:
be:9c:28:fe:60:ae:fc:de:fd:0b:51:e0:03:44:17:
03:a9:fe:62:61:81:c1:7f:4d:91:25:a0:48:f2:b2:
bb:cd:6f:b1:78:f9:ea:87:6c:77:e4:10:b5:a4:19:
4d:d3:2b:be:3f:14:fe:60:c5:bd:65:9a:e7:40:31:
35:15:de:09:8c:89:1b:bd:8f:79:c5:da:3d:38:06:
ab:6e:06:85:7d:0e:88:bd:fa:96:e7:e5:60:64:f1:
ab:92:28:b4:a8:75:57:51:a1:75:1e:a1:86:97:db:
11:57:23:cf:75:77:a3:67:86:89:aa:a3:c4:ce:c0:
9b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:65:79:3D:5F:56:20:76:F3:55:61:9A:33:EC:1E:04:F0:CF:50:11
X509v3 Authority Key Identifier:
keyid:A6:08:DB:43:96:4B:69:86:EC:74:0F:0B:5E:33:F6:27:58:9A:C5:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/22V5PV9WIHbzVWGaM-weBPDPUBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/500150-1551-47de-b504-d64683cee16f/1/pgjbQ5ZLaYbsdA8LXjP2J1iaxWA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.208.0/22
176.118.213.0-176.118.223.255
185.42.228.0/22
Signature Algorithm: sha256WithRSAEncryption
31:2d:68:9a:59:94:2c:8d:a2:39:33:53:ca:20:99:30:f8:af:
86:58:b8:5f:fd:3a:19:03:f3:a0:8a:9c:d4:60:34:0c:69:50:
75:a1:ac:cd:17:c8:6e:65:63:cf:32:72:68:46:c2:04:28:c6:
73:28:f0:9d:63:a0:94:ef:a0:e4:4d:1d:3e:1c:77:95:e1:0b:
63:3b:e8:ed:81:1e:40:7f:4f:8c:35:de:35:83:00:ed:a6:c4:
9c:42:07:b0:b7:bc:40:ee:93:25:b3:50:89:a7:c4:67:30:14:
58:cd:0d:ec:a2:1d:d9:66:86:fc:d6:ad:52:a5:3b:00:e4:0a:
c8:be:33:15:a4:d3:ca:99:d3:82:a2:c4:9f:c6:a8:5a:d0:32:
4a:f1:96:25:92:69:f8:4d:95:de:b5:9d:dc:45:c3:ca:ad:3c:
0e:ab:51:a8:51:ec:2c:53:3c:af:3b:aa:e5:0b:21:98:dc:f7:
04:75:03:4e:f6:5e:07:20:3d:4a:2e:8e:9a:7e:a9:48:40:5c:
3a:ad:60:13:dc:28:a6:46:cf:1a:9c:ac:2f:4f:c4:19:99:f4:
5c:4f:90:1b:e1:3b:be:d7:0a:cd:bc:59:bf:a0:1a:fd:df:91:
23:9b:e7:1c:fa:b2:2d:db:d1:70:58:65:51:58:59:5c:94:06:
08:33:d2:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEEg2i2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjA4ZGI0Mzk2NGI2OTg2ZWM3NDBmMGI1ZTMzZjYyNzU4OWFjNTYwMB4XDTIyMDMx
NTA2MjgwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGI2NTc5M2Q1ZjU2
MjA3NmYzNTU2MTlhMzNlYzFlMDRmMGNmNTAxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALXZV9KgiELBingE3kPqQC4solppOvDIM79Ur9v8sTvQ6jPS
aCQnnuDVuYgBSvyrmGDQfBZ1BaBks2sMv/5UDinmnmuUOPTdrDI2qai7d9ObubZh
wC7KigboO0igcukwRrRtybdDNVj4ucbdTsAsdEv1OYz4f09plQhJUrs08xjysZGS
A3Nzvpwo/mCu/N79C1HgA0QXA6n+YmGBwX9NkSWgSPKyu81vsXj56odsd+QQtaQZ
TdMrvj8U/mDFvWWa50AxNRXeCYyJG72PecXaPTgGq24GhX0OiL36luflYGTxq5Io
tKh1V1GhdR6hhpfbEVcjz3V3o2eGiaqjxM7Am+MCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTbZXk9X1YgdvNVYZoz7B4E8M9QETAfBgNVHSMEGDAWgBSmCNtDlktphux0
DwteM/YnWJrFYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BnamJRNVpMYVlic2RBOExYalAySjFpYXhXQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvNTAwMTUwLTE1NTEtNDdkZS1iNTA0LWQ2NDY4M2NlZTE2Zi8x
LzIyVjVQVjlXSUhielZXR2FNLXdlQlBEUFVCRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
NTAwMTUwLTE1NTEtNDdkZS1iNTA0LWQ2NDY4M2NlZTE2Zi8xL3BnamJRNVpMYVli
c2RBOExYalAySjFpYXhXQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEArB20DAMAwQAsHbVAwQFsHbAAwQC
uSrkMA0GCSqGSIb3DQEBCwUAA4IBAQAxLWiaWZQsjaI5M1PKIJkw+K+GWLhf/ToZ
A/OgipzUYDQMaVB1oazNF8huZWPPMnJoRsIEKMZzKPCdY6CU76DkTR0+HHeV4Qtj
O+jtgR5Af0+MNd41gwDtpsScQgewt7xA7pMls1CJp8RnMBRYzQ3soh3ZZob81q1S
pTsA5ArIvjMVpNPKmdOCosSfxqha0DJK8ZYlkmn4TZXetZ3cRcPKrTwOq1GoUews
UzyvO6rlCyGY3PcEdQNO9l4HID1KLo6afqlIQFw6rWAT3CimRs8anKwvT8QZmfRc
T5Ab4Tu+1wrNvFm/oBr935Ejm+cc+rIt29FwWGVRWFlclAYIM9Jf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:55 2025 by rpki-client