Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e70295-6c2e-48fb-8fc9-1260a6f3a393/1/IDZshWsT3BbEm-fRYIF60vR9_q8.roa
File: IDZshWsT3BbEm-fRYIF60vR9_q8.roa (raw, json)
Hash identifier: Et5/EqqEitRAbcAgz7582G37+XpEoiMa3fLvbjoMkj4=
Subject key identifier: 20:36:6C:85:6B:13:DC:16:C4:9B:E7:D1:60:81:7A:D2:F4:7D:FE:AF
Certificate issuer: /CN=19908b6369148f4f3c50f167103f7a0478c52942
Certificate serial: 018A07818B4BABEEEDADE2B462381D5E6164
Authority key identifier: 19:90:8B:63:69:14:8F:4F:3C:50:F1:67:10:3F:7A:04:78:C5:29:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZCLY2kUj088UPFnED96BHjFKUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e70295-6c2e-48fb-8fc9-1260a6f3a393/1/IDZshWsT3BbEm-fRYIF60vR9_q8.roa
Signing time: Fri 18 Aug 2023 07:17:24 +0000
ROA not before: Fri 18 Aug 2023 07:17:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12403
IP address blocks: 193.200.183.0/24 maxlen: 24
176.114.32.0/20 maxlen: 20
176.114.32.0/22 maxlen: 22
176.114.36.0/22 maxlen: 22
176.114.44.0/22 maxlen: 22
176.114.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:07:81:8b:4b:ab:ee:ed:ad:e2:b4:62:38:1d:5e:61:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19908b6369148f4f3c50f167103f7a0478c52942
Validity
Not Before: Aug 18 07:17:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=20366c856b13dc16c49be7d160817ad2f47dfeaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:82:2a:cc:16:b4:b9:bf:3a:45:0e:c7:89:2f:
73:90:47:51:8c:e0:fb:f1:d9:51:da:3d:6f:ca:30:
f7:e3:86:a0:23:28:27:a6:93:c2:b8:ef:97:35:47:
eb:73:12:98:02:44:65:d6:0d:39:37:06:ec:68:d2:
41:27:50:42:9f:40:af:67:6a:da:f1:c6:29:c4:25:
bc:25:75:a6:4c:77:83:01:bf:b0:13:7f:44:37:01:
25:be:ad:f8:92:52:86:ea:11:6a:45:cb:28:28:ac:
91:ee:0f:65:1a:e5:fc:a9:bf:5c:02:3c:33:2b:6e:
31:df:d5:47:66:99:0b:b0:bb:1a:0a:72:e7:5a:3b:
75:d3:c9:37:8c:91:d3:40:95:ff:49:91:cd:5d:c6:
40:85:a7:40:2c:c5:f7:fc:28:54:42:c4:b2:82:3b:
0b:a3:f7:88:4d:f4:f8:8c:f3:a0:95:87:ad:75:73:
d1:ed:8c:53:76:69:a9:21:4b:40:3c:90:91:fb:83:
b5:8f:ff:5d:75:0f:e8:ec:07:7d:fd:51:17:08:55:
3d:42:f3:88:ba:33:7a:e2:17:0f:61:19:54:db:c0:
bb:6a:1f:77:9e:5a:06:fd:55:88:e7:55:b9:bc:7d:
32:8d:02:22:0f:a6:52:62:8f:44:5c:a3:3a:31:e8:
d0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:36:6C:85:6B:13:DC:16:C4:9B:E7:D1:60:81:7A:D2:F4:7D:FE:AF
X509v3 Authority Key Identifier:
keyid:19:90:8B:63:69:14:8F:4F:3C:50:F1:67:10:3F:7A:04:78:C5:29:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZCLY2kUj088UPFnED96BHjFKUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e70295-6c2e-48fb-8fc9-1260a6f3a393/1/IDZshWsT3BbEm-fRYIF60vR9_q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e70295-6c2e-48fb-8fc9-1260a6f3a393/1/GZCLY2kUj088UPFnED96BHjFKUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.114.32.0/20
193.200.183.0/24
Signature Algorithm: sha256WithRSAEncryption
44:1c:a5:f7:1d:ac:8f:80:dd:1c:2b:1f:15:50:ea:aa:28:8d:
c5:10:c3:95:dc:c7:eb:8e:fb:18:66:06:7c:45:c5:d2:bc:9c:
c4:01:3b:d0:d0:66:86:c6:90:23:7a:20:06:47:b6:a0:39:e7:
a6:5d:e7:b0:1e:0b:f7:d0:88:34:28:19:17:e4:86:6c:93:dc:
a3:b8:9a:c6:0d:91:b1:c4:a4:83:5d:d0:23:74:d3:44:a4:a6:
26:05:7e:9e:03:e3:c6:5c:44:0a:c9:fb:98:cd:a0:4c:af:43:
27:de:f7:4e:91:63:9f:73:2f:ea:ee:ca:ff:58:65:51:79:36:
1c:89:6d:a2:81:81:76:06:d4:0e:64:87:72:45:8c:b1:ae:f8:
99:55:b5:fb:39:6f:6a:f5:25:ac:74:86:f9:40:ab:f8:68:72:
9b:07:0d:1c:ee:01:81:a6:36:be:aa:19:b1:a0:30:65:bf:73:
e2:77:4b:8b:dd:09:a3:e7:0c:81:4d:0a:c4:75:65:a5:2c:c4:
9f:23:fd:35:58:9c:0b:f2:f8:a5:f7:60:5c:f1:d9:0f:b9:73:
39:7f:6c:e9:6c:4d:81:e3:39:70:2f:ff:c6:b4:6b:8c:f9:af:
df:8c:c0:0a:19:13:16:b5:b3:c9:16:6a:6d:6f:63:93:62:fb:
4f:7f:07:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYoHgYtLq+7treK0YjgdXmFkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5OTA4YjYzNjkxNDhmNGYzYzUwZjE2NzEwM2Y3YTA0Nzhj
NTI5NDIwHhcNMjMwODE4MDcxNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM2NmM4NTZiMTNkYzE2YzQ5YmU3ZDE2MDgxN2FkMmY0N2RmZWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYIqzBa0ub86RQ7HiS9zkEdRjOD7
8dlR2j1vyjD344agIygnppPCuO+XNUfrcxKYAkRl1g05NwbsaNJBJ1BCn0CvZ2ra
8cYpxCW8JXWmTHeDAb+wE39ENwElvq34klKG6hFqRcsoKKyR7g9lGuX8qb9cAjwz
K24x39VHZpkLsLsaCnLnWjt108k3jJHTQJX/SZHNXcZAhadALMX3/ChUQsSygjsL
o/eITfT4jPOglYetdXPR7YxTdmmpIUtAPJCR+4O1j/9ddQ/o7Ad9/VEXCFU9QvOI
ujN64hcPYRlU28C7ah93nloG/VWI51W5vH0yjQIiD6ZSYo9EXKM6MejQZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCA2bIVrE9wWxJvn0WCBetL0ff6vMB8GA1UdIwQY
MBaAFBmQi2NpFI9PPFDxZxA/egR4xSlCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1pDTFkya1VqMDg4VVBGbkVEOTZCSGpGS1VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNzAyOTUtNmMyZS00OGZiLThmYzkt
MTI2MGE2ZjNhMzkzLzEvSURac2hXc1QzQmJFbS1mUllJRjYwdlI5X3E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNzAyOTUtNmMyZS00OGZiLThmYzktMTI2MGE2ZjNhMzkz
LzEvR1pDTFkya1VqMDg4VVBGbkVEOTZCSGpGS1VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEsHIgAwQA
wci3MA0GCSqGSIb3DQEBCwUAA4IBAQBEHKX3HayPgN0cKx8VUOqqKI3FEMOV3Mfr
jvsYZgZ8RcXSvJzEATvQ0GaGxpAjeiAGR7agOeemXeewHgv30Ig0KBkX5IZsk9yj
uJrGDZGxxKSDXdAjdNNEpKYmBX6eA+PGXEQKyfuYzaBMr0Mn3vdOkWOfcy/q7sr/
WGVReTYciW2igYF2BtQOZIdyRYyxrviZVbX7OW9q9SWsdIb5QKv4aHKbBw0c7gGB
pja+qhmxoDBlv3Pid0uL3Qmj5wyBTQrEdWWlLMSfI/01WJwL8vil92Bc8dkPuXM5
f2zpbE2B4zlwL//GtGuM+a/fjMAKGRMWtbPJFmptb2OTYvtPfwcW
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:42 2025 by rpki-client