Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/015e90-5204-4d09-8b26-fceacbd73845/1/7Ghx7hlmDinXLNDGpFo62pjq14o.roa
File: 7Ghx7hlmDinXLNDGpFo62pjq14o.roa (raw, json)
Hash identifier: ocg/3P+8LaUoXqJnY8sour9L8gdQLwMbRQpSbLbDqxk=
Subject key identifier: EC:68:71:EE:19:66:0E:29:D7:2C:D0:C6:A4:5A:3A:DA:98:EA:D7:8A
Certificate issuer: /CN=e5cbde75d536e91b28a23469349d1cf28b884a3b
Certificate serial: 0183ED724403B83298AD304EC7434969F5A2
Authority key identifier: E5:CB:DE:75:D5:36:E9:1B:28:A2:34:69:34:9D:1C:F2:8B:88:4A:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cveddU26RsoojRpNJ0c8ouISjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/015e90-5204-4d09-8b26-fceacbd73845/1/7Ghx7hlmDinXLNDGpFo62pjq14o.roa
Signing time: Tue 18 Oct 2022 23:33:52 +0000
ROA not before: Tue 18 Oct 2022 23:33:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 394354
IP address blocks: 185.159.198.0/24 maxlen: 24
185.159.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ed:72:44:03:b8:32:98:ad:30:4e:c7:43:49:69:f5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5cbde75d536e91b28a23469349d1cf28b884a3b
Validity
Not Before: Oct 18 23:33:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec6871ee19660e29d72cd0c6a45a3ada98ead78a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:44:88:19:d6:80:4a:1d:6c:b4:27:6c:e7:1d:
52:bb:5c:b8:29:c5:fe:de:00:73:59:83:af:3d:40:
6f:d9:08:58:0f:d3:af:b1:c0:e6:0b:a0:49:ad:80:
fc:a6:a6:59:fa:74:5d:12:ef:dc:6b:d2:69:12:fc:
9a:2b:73:37:0b:e6:09:de:68:16:15:54:33:88:aa:
54:f3:fe:e5:84:8f:f6:2e:de:4e:0b:ec:e3:18:b9:
7c:35:f1:8d:a4:1a:ca:4e:09:19:cb:14:d4:58:5b:
e2:4b:14:81:8e:1f:a7:bf:9b:82:ea:d9:bf:a5:fa:
4a:0e:41:57:5c:83:5c:85:c1:24:2b:61:03:58:45:
94:5d:b4:0b:90:8e:d9:3e:cf:7b:28:f7:d7:19:08:
31:27:46:d0:a5:bb:f3:c7:e6:89:59:7f:48:a2:98:
7d:31:4e:0c:a2:3d:ce:d7:18:71:90:ee:4b:f7:75:
af:26:49:07:d1:4c:2f:73:b6:37:cf:a2:56:50:0b:
ab:3f:d0:10:1b:8d:f5:04:c1:ac:43:73:8a:3d:64:
04:64:e7:98:f2:93:99:80:e2:90:d4:dc:d3:fc:b1:
d3:6b:8d:7c:21:0b:5e:b1:e5:73:b0:29:54:cd:ea:
02:68:4c:b6:12:3e:78:ce:ee:1e:8d:80:4f:79:a0:
da:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:68:71:EE:19:66:0E:29:D7:2C:D0:C6:A4:5A:3A:DA:98:EA:D7:8A
X509v3 Authority Key Identifier:
keyid:E5:CB:DE:75:D5:36:E9:1B:28:A2:34:69:34:9D:1C:F2:8B:88:4A:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cveddU26RsoojRpNJ0c8ouISjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/015e90-5204-4d09-8b26-fceacbd73845/1/7Ghx7hlmDinXLNDGpFo62pjq14o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/015e90-5204-4d09-8b26-fceacbd73845/1/5cveddU26RsoojRpNJ0c8ouISjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.196.0/24
185.159.198.0/24
Signature Algorithm: sha256WithRSAEncryption
af:f7:4f:2c:f2:26:9d:99:67:8a:05:98:f7:47:34:1d:bc:4a:
cc:ab:ab:ee:10:25:7a:26:62:fd:d0:77:6a:22:a5:dd:05:fd:
67:b1:4f:1c:30:6b:7d:6b:8f:10:f2:f4:9f:64:a1:d6:9e:60:
12:74:cc:ca:3d:ba:21:79:7e:49:8b:c7:9e:94:29:c1:98:cd:
8c:29:5d:fd:e4:37:35:78:57:cc:2b:d9:9e:8d:75:e8:82:1d:
49:69:d3:bb:1f:c2:0d:db:01:35:7b:06:5a:8d:3c:bf:2f:41:
c0:6b:0f:52:3d:9a:e4:2c:66:8d:d8:7e:1f:e2:2d:99:a0:64:
a5:81:54:c5:42:df:13:71:ed:a5:0d:81:7e:d0:52:a3:fb:6e:
23:54:75:61:45:84:6b:9a:fd:d7:1b:40:8a:ab:33:b7:47:fd:
51:32:91:a8:2b:47:49:45:c4:f3:89:ac:4a:3f:b5:c1:b7:c3:
c4:0b:92:16:e5:7d:4a:20:0a:4a:a5:70:31:14:f6:28:3a:79:
72:a1:04:02:49:a5:5d:33:8d:f1:1e:f6:ee:a7:8d:09:8f:ef:
a2:e4:1d:f2:94:20:aa:4a:b3:e5:2e:8d:e9:20:42:7c:5a:b2:
d1:ae:37:6f:a4:f5:fd:5d:1c:b7:e3:e7:88:57:a8:a7:71:a5:
4d:a3:c7:7e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPtckQDuDKYrTBOx0NJafWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1Y2JkZTc1ZDUzNmU5MWIyOGEyMzQ2OTM0OWQxY2YyOGI4
ODRhM2IwHhcNMjIxMDE4MjMzMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzY4NzFlZTE5NjYwZTI5ZDcyY2QwYzZhNDVhM2FkYTk4ZWFkNzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0SIGdaASh1stCds5x1Su1y4KcX+
3gBzWYOvPUBv2QhYD9OvscDmC6BJrYD8pqZZ+nRdEu/ca9JpEvyaK3M3C+YJ3mgW
FVQziKpU8/7lhI/2Lt5OC+zjGLl8NfGNpBrKTgkZyxTUWFviSxSBjh+nv5uC6tm/
pfpKDkFXXINchcEkK2EDWEWUXbQLkI7ZPs97KPfXGQgxJ0bQpbvzx+aJWX9Ioph9
MU4Moj3O1xhxkO5L93WvJkkH0Uwvc7Y3z6JWUAurP9AQG431BMGsQ3OKPWQEZOeY
8pOZgOKQ1NzT/LHTa418IQteseVzsClUzeoCaEy2Ej54zu4ejYBPeaDauQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOxoce4ZZg4p1yzQxqRaOtqY6teKMB8GA1UdIwQY
MBaAFOXL3nXVNukbKKI0aTSdHPKLiEo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWN2ZWRkVTI2UnNvb2pScE5KMGM4b3VJU2pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8wMTVlOTAtNTIwNC00ZDA5LThiMjYt
ZmNlYWNiZDczODQ1LzEvN0doeDdobG1EaW5YTE5ER3BGbzYycGpxMTRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8wMTVlOTAtNTIwNC00ZDA5LThiMjYtZmNlYWNiZDczODQ1
LzEvNWN2ZWRkVTI2UnNvb2pScE5KMGM4b3VJU2pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuZ/EAwQA
uZ/GMA0GCSqGSIb3DQEBCwUAA4IBAQCv908s8iadmWeKBZj3RzQdvErMq6vuECV6
JmL90HdqIqXdBf1nsU8cMGt9a48Q8vSfZKHWnmASdMzKPboheX5Ji8eelCnBmM2M
KV395Dc1eFfMK9mejXXogh1JadO7H8IN2wE1ewZajTy/L0HAaw9SPZrkLGaN2H4f
4i2ZoGSlgVTFQt8Tce2lDYF+0FKj+24jVHVhRYRrmv3XG0CKqzO3R/1RMpGoK0dJ
RcTziaxKP7XBt8PEC5IW5X1KIApKpXAxFPYoOnlyoQQCSaVdM43xHvbup40Jj++i
5B3ylCCqSrPlLo3pIEJ8WrLRrjdvpPX9XRy34+eIV6incaVNo8d+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:29 2023 by rpki-client on console-fra.rpki-client.org