Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/I3N22BjX9qtBFtd89ZvvntIEDQY.roa
File: I3N22BjX9qtBFtd89ZvvntIEDQY.roa (raw, json)
Hash identifier: Vu2QmbGAA1QndOGNZpdDgnqRBWl7XJkGk2o23Pi2qq4=
Subject key identifier: 23:73:76:D8:18:D7:F6:AB:41:16:D7:7C:F5:9B:EF:9E:D2:04:0D:06
Certificate issuer: /CN=ccd7947ec83136ef9446316235686a9102562c44
Certificate serial: 10002E6D
Authority key identifier: CC:D7:94:7E:C8:31:36:EF:94:46:31:62:35:68:6A:91:02:56:2C:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNeUfsgxNu-URjFiNWhqkQJWLEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/I3N22BjX9qtBFtd89ZvvntIEDQY.roa
Signing time: Sat 01 Jan 2022 09:53:18 +0000
ROA not before: Sat 01 Jan 2022 09:53:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202617
IP address blocks: 185.159.0.0/24 maxlen: 24
185.159.1.0/24 maxlen: 24
185.159.0.0/22 maxlen: 22
185.159.2.0/24 maxlen: 24
2a07:b0c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 268447341 (0x10002e6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccd7947ec83136ef9446316235686a9102562c44
Validity
Not Before: Jan 1 09:53:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=237376d818d7f6ab4116d77cf59bef9ed2040d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:54:2b:6b:cd:cc:51:cf:e8:07:a4:a5:c7:5f:
17:f8:17:58:1e:5e:33:a1:9e:12:98:53:94:f3:9a:
f3:4b:0c:1e:ef:6b:d4:4b:69:cb:31:1a:43:7b:d3:
06:e0:82:8f:45:2a:45:d6:b0:ee:e4:d9:da:e5:60:
c8:1d:a8:4b:a2:59:62:63:44:b0:8c:39:f8:4e:39:
02:e9:a6:46:94:58:82:e1:19:2f:e1:3f:9e:3f:bb:
77:ed:df:28:4f:e4:12:2e:bd:93:5f:ac:3d:d4:46:
9f:b7:86:69:81:18:30:a5:0c:b2:be:34:95:75:c7:
15:be:70:03:cd:b0:62:8a:d6:eb:01:bb:b4:76:45:
8b:97:f8:ee:63:73:c7:4b:f1:84:7c:a1:d9:6a:28:
94:b4:8d:c6:7d:0b:7d:59:43:7c:0c:74:b6:08:79:
b6:81:a3:0d:69:0d:92:a5:2d:8d:35:69:15:e9:b7:
58:99:69:d5:49:2d:77:1b:05:0a:a0:3f:37:0d:a6:
87:9b:a2:ba:f2:4b:1c:1f:29:2a:c9:34:85:3a:e8:
9e:68:65:78:b6:f0:de:9e:b0:fe:12:47:00:fc:ae:
ba:e3:87:3d:54:0b:f1:a5:bc:8c:d3:08:51:57:f7:
33:2d:95:ed:92:f7:2a:ec:c0:79:dc:fd:79:57:08:
ba:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:73:76:D8:18:D7:F6:AB:41:16:D7:7C:F5:9B:EF:9E:D2:04:0D:06
X509v3 Authority Key Identifier:
keyid:CC:D7:94:7E:C8:31:36:EF:94:46:31:62:35:68:6A:91:02:56:2C:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNeUfsgxNu-URjFiNWhqkQJWLEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/I3N22BjX9qtBFtd89ZvvntIEDQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/eab77d-831a-43bc-8cbe-288766061d98/1/zNeUfsgxNu-URjFiNWhqkQJWLEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.0.0/22
IPv6:
2a07:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
98:11:23:1f:6c:a1:62:96:6d:7c:16:af:0e:88:30:e3:5c:11:
63:ff:bf:8a:cb:bb:22:e5:0a:8b:9d:cd:a6:ec:5e:95:3b:fa:
8b:c1:6c:46:0a:c8:0d:9d:11:39:19:9f:8e:82:ac:30:59:27:
ae:44:ba:a4:e3:38:d9:c4:b4:f4:1c:a6:b6:9f:8c:31:5e:e6:
9f:90:7f:db:90:cd:39:f7:40:8d:42:f0:95:7d:96:c0:2a:80:
c8:3d:28:17:4f:8a:b1:5c:0d:9c:f3:aa:a8:f5:02:08:3e:70:
48:b1:83:68:b2:91:b3:69:8e:e3:74:86:74:01:1a:eb:af:b2:
3c:3e:bb:38:9b:22:2f:7e:97:82:b5:76:44:6e:c0:13:44:33:
a3:39:b6:63:79:ac:92:13:a9:f0:22:fe:17:21:81:22:26:c5:
a1:ca:51:35:e7:18:e4:8a:0e:ff:ed:5b:1f:67:de:9f:30:fe:
e9:63:28:5d:c4:45:03:c5:71:00:d7:fc:db:9e:1d:84:c1:db:
54:95:08:40:10:f2:03:6d:02:c6:63:d3:2f:c5:9b:79:65:bf:
67:44:a0:a0:bf:b5:88:01:35:10:03:bb:8c:b3:67:41:0a:da:
68:57:c9:52:9a:51:f9:bc:2b:ed:eb:9c:b9:4c:9a:be:f0:b4:
71:e2:d2:c7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEAAubTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Y2Q3OTQ3ZWM4MzEzNmVmOTQ0NjMxNjIzNTY4NmE5MTAyNTYyYzQ0MB4XDTIyMDEw
MTA5NTMxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjM3Mzc2ZDgxOGQ3
ZjZhYjQxMTZkNzdjZjU5YmVmOWVkMjA0MGQwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5UK2vNzFHP6AekpcdfF/gXWB5eM6GeEphTlPOa80sMHu9r
1EtpyzEaQ3vTBuCCj0UqRdaw7uTZ2uVgyB2oS6JZYmNEsIw5+E45AummRpRYguEZ
L+E/nj+7d+3fKE/kEi69k1+sPdRGn7eGaYEYMKUMsr40lXXHFb5wA82wYorW6wG7
tHZFi5f47mNzx0vxhHyh2WoolLSNxn0LfVlDfAx0tgh5toGjDWkNkqUtjTVpFem3
WJlp1UktdxsFCqA/Nw2mh5uiuvJLHB8pKsk0hTronmhleLbw3p6w/hJHAPyuuuOH
PVQL8aW8jNMIUVf3My2V7ZL3KuzAedz9eVcIupkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQjc3bYGNf2q0EW13z1m++e0gQNBjAfBgNVHSMEGDAWgBTM15R+yDE275RG
MWI1aGqRAlYsRDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pOZVVmc2d4TnUtVVJqRmlOV2hxa1FKV0xFUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvZWFiNzdkLTgzMWEtNDNiYy04Y2JlLTI4ODc2NjA2MWQ5OC8x
L0kzTjIyQmpYOXF0QkZ0ZDg5WnZ2bnRJRURRWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
ZWFiNzdkLTgzMWEtNDNiYy04Y2JlLTI4ODc2NjA2MWQ5OC8xL3pOZVVmc2d4TnUt
VVJqRmlOV2hxa1FKV0xFUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmfADANBAIAAjAHAwUDKgewwDAN
BgkqhkiG9w0BAQsFAAOCAQEAmBEjH2yhYpZtfBavDogw41wRY/+/isu7IuUKi53N
puxelTv6i8FsRgrIDZ0RORmfjoKsMFknrkS6pOM42cS09Bymtp+MMV7mn5B/25DN
OfdAjULwlX2WwCqAyD0oF0+KsVwNnPOqqPUCCD5wSLGDaLKRs2mO43SGdAEa66+y
PD67OJsiL36XgrV2RG7AE0Qzozm2Y3mskhOp8CL+FyGBIibFocpRNecY5IoO/+1b
H2fenzD+6WMoXcRFA8VxANf8254dhMHbVJUIQBDyA20CxmPTL8WbeWW/Z0SgoL+1
iAE1EAO7jLNnQQraaFfJUppR+bwr7eucuUyavvC0ceLSxw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:12 2023 by rpki-client on console-fra.rpki-client.org