Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/aIieSCk8LFxd8BWcqX0b81M24rY.roa
File: aIieSCk8LFxd8BWcqX0b81M24rY.roa (raw, json)
Hash identifier: QpmzkodVd5RIsQAmgD0ZEVB4gHXCJJdSwqoDm7JbRsU=
Subject key identifier: 68:88:9E:48:29:3C:2C:5C:5D:F0:15:9C:A9:7D:1B:F3:53:36:E2:B6
Certificate issuer: /CN=229a038176c796ea4f2769f6be3cace1a3597634
Certificate serial: 01857230FAFBACDE3E29BD67D6BE3C50BFDF
Authority key identifier: 22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/aIieSCk8LFxd8BWcqX0b81M24rY.roa
Signing time: Mon 02 Jan 2023 11:14:50 +0000
ROA not before: Mon 02 Jan 2023 11:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34722
IP address blocks: 185.160.16.0/24 maxlen: 24
185.160.17.0/24 maxlen: 24
185.160.16.0/22 maxlen: 22
185.160.19.0/24 maxlen: 24
185.160.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:30:fa:fb:ac:de:3e:29:bd:67:d6:be:3c:50:bf:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=229a038176c796ea4f2769f6be3cace1a3597634
Validity
Not Before: Jan 2 11:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68889e48293c2c5c5df0159ca97d1bf35336e2b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a5:f4:76:21:ff:56:d4:fa:78:fb:70:5a:70:
f4:bb:3b:6f:b9:db:1c:ac:b5:b7:7a:e5:08:0f:82:
d7:9e:c7:af:f0:bb:47:c5:66:09:48:33:55:bc:b2:
55:4d:76:04:36:3c:e9:f0:fc:dd:22:87:5e:5b:fa:
07:fa:b2:cb:be:45:fe:a8:fe:e1:6c:ea:ce:a7:7a:
b7:4d:31:e9:ba:ad:e7:7c:c0:c5:8f:bb:96:77:a2:
25:57:4a:64:02:16:23:6f:75:6a:d6:7b:f7:e2:bc:
08:b4:2b:1c:ce:ad:e7:2a:c2:a5:55:e3:e2:6c:85:
e6:db:c3:17:f3:91:a3:ad:46:14:33:c3:86:de:bc:
1f:4d:04:58:24:3b:ad:82:af:26:88:22:f0:a8:44:
e8:da:98:76:a2:a5:85:d9:18:93:57:64:12:3d:fe:
81:ea:ad:62:8f:f2:4d:f6:e4:1f:25:2d:ad:3f:c1:
fb:20:ec:cf:e0:3f:36:b0:d2:40:9f:95:57:e7:e0:
0b:da:ef:6c:75:ff:2f:b0:c2:d1:58:90:26:46:65:
aa:0b:7a:44:64:d1:ee:30:15:42:2d:76:da:32:8a:
90:38:2a:e5:db:a0:68:a8:52:56:36:a8:95:8f:f0:
89:40:2b:57:a2:69:81:24:cb:33:9d:3f:b4:55:95:
ab:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:88:9E:48:29:3C:2C:5C:5D:F0:15:9C:A9:7D:1B:F3:53:36:E2:B6
X509v3 Authority Key Identifier:
keyid:22:9A:03:81:76:C7:96:EA:4F:27:69:F6:BE:3C:AC:E1:A3:59:76:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IpoDgXbHlupPJ2n2vjys4aNZdjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/aIieSCk8LFxd8BWcqX0b81M24rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/3b5f4e-93ff-4dfb-b02d-dc2301fbbb7c/1/IpoDgXbHlupPJ2n2vjys4aNZdjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.16.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:e5:d1:80:cb:5a:e1:89:be:ca:2f:3d:c7:d9:2a:ef:39:4a:
cc:f9:83:5b:7e:73:cb:57:59:93:01:0b:7f:bd:13:07:be:2e:
f7:e6:44:86:ff:7d:f9:04:f7:0e:51:51:11:ac:82:4c:68:5f:
27:99:cd:ea:62:e4:74:0b:8a:c3:42:8a:93:5b:ab:a6:d2:2b:
86:f1:47:35:3a:e8:9c:a6:64:49:ab:df:05:69:b6:34:d3:96:
c3:ac:a5:a0:e8:e8:84:99:f7:3b:25:53:15:34:8e:92:06:98:
60:f5:c6:01:b0:49:43:5b:68:62:eb:b2:c7:48:46:05:0a:90:
67:fe:c7:ef:c1:c6:1c:71:7a:65:c4:52:3b:08:0b:e3:16:4d:
79:01:de:37:9c:8b:32:4c:57:5f:d3:8d:5e:c6:50:7c:cf:8d:
58:0e:e7:f6:21:d2:f4:d5:f8:9b:a2:96:e0:dc:c7:c4:9d:a3:
28:b0:16:0d:fb:d5:60:62:6a:34:56:90:c7:0e:71:74:42:b0:
c6:71:a9:9b:7e:a0:b6:db:b5:71:99:0f:1f:66:d7:98:c2:57:
4a:67:df:ab:63:31:b8:25:8a:87:d6:a1:b8:27:2f:8a:3d:1a:
d7:f6:27:63:7c:ab:85:66:56:42:0c:f1:cb:dc:04:a3:68:1d:
80:39:b7:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyMPr7rN4+Kb1n1r48UL/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyOWEwMzgxNzZjNzk2ZWE0ZjI3NjlmNmJlM2NhY2UxYTM1
OTc2MzQwHhcNMjMwMTAyMTExNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODg4OWU0ODI5M2MyYzVjNWRmMDE1OWNhOTdkMWJmMzUzMzZlMmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6X0diH/VtT6ePtwWnD0uztvudsc
rLW3euUID4LXnsev8LtHxWYJSDNVvLJVTXYENjzp8PzdIodeW/oH+rLLvkX+qP7h
bOrOp3q3TTHpuq3nfMDFj7uWd6IlV0pkAhYjb3Vq1nv34rwItCsczq3nKsKlVePi
bIXm28MX85GjrUYUM8OG3rwfTQRYJDutgq8miCLwqETo2ph2oqWF2RiTV2QSPf6B
6q1ij/JN9uQfJS2tP8H7IOzP4D82sNJAn5VX5+AL2u9sdf8vsMLRWJAmRmWqC3pE
ZNHuMBVCLXbaMoqQOCrl26BoqFJWNqiVj/CJQCtXommBJMsznT+0VZWrGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGiInkgpPCxcXfAVnKl9G/NTNuK2MB8GA1UdIwQY
MBaAFCKaA4F2x5bqTydp9r48rOGjWXY0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQt
ZGMyMzAxZmJiYjdjLzEvYUlpZVNDazhMRnhkOEJXY3FYMGI4MU0yNHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS8zYjVmNGUtOTNmZi00ZGZiLWIwMmQtZGMyMzAxZmJiYjdj
LzEvSXBvRGdYYkhsdXBQSjJuMnZqeXM0YU5aZGpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaAQMA0G
CSqGSIb3DQEBCwUAA4IBAQAv5dGAy1rhib7KLz3H2SrvOUrM+YNbfnPLV1mTAQt/
vRMHvi735kSG/335BPcOUVERrIJMaF8nmc3qYuR0C4rDQoqTW6um0iuG8Uc1Ouic
pmRJq98FabY005bDrKWg6OiEmfc7JVMVNI6SBphg9cYBsElDW2hi67LHSEYFCpBn
/sfvwcYccXplxFI7CAvjFk15Ad43nIsyTFdf041exlB8z41YDuf2IdL01fibopbg
3MfEnaMosBYN+9VgYmo0VpDHDnF0QrDGcambfqC227VxmQ8fZteYwldKZ9+rYzG4
JYqH1qG4Jy+KPRrX9idjfKuFZlZCDPHL3ASjaB2AObe7
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:53 2025 by rpki-client