Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/19c428-6f77-4fdd-b388-c14b72f0ebd9/1/4AsUm_sUUPOTYfoEryBGHX7XPto.roa
File: 4AsUm_sUUPOTYfoEryBGHX7XPto.roa (raw, json)
Hash identifier: NOSqfRl0dFyyFshAqeC7NKia3NIedLfGNYVRegnzqtg=
Subject key identifier: E0:0B:14:9B:FB:14:50:F3:93:61:FA:04:AF:20:46:1D:7E:D7:3E:DA
Certificate issuer: /CN=1bd7b74778f71513720ef7e98ff2e6e80b6f649e
Certificate serial: 0983B1BE
Authority key identifier: 1B:D7:B7:47:78:F7:15:13:72:0E:F7:E9:8F:F2:E6:E8:0B:6F:64:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G9e3R3j3FRNyDvfpj_Lm6AtvZJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/19c428-6f77-4fdd-b388-c14b72f0ebd9/1/4AsUm_sUUPOTYfoEryBGHX7XPto.roa
Signing time: Sat 01 Jan 2022 06:03:59 +0000
ROA not before: Sat 01 Jan 2022 06:03:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209772
IP address blocks: 185.68.129.0/24 maxlen: 24
185.68.130.0/24 maxlen: 24
185.68.130.0/23 maxlen: 23
185.68.131.0/24 maxlen: 24
185.68.128.0/23 maxlen: 23
185.68.128.0/24 maxlen: 24
185.207.161.0/24 maxlen: 24
185.207.162.0/24 maxlen: 24
185.207.162.0/23 maxlen: 23
185.207.163.0/24 maxlen: 24
185.207.160.0/24 maxlen: 24
185.207.160.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 159625662 (0x983b1be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bd7b74778f71513720ef7e98ff2e6e80b6f649e
Validity
Not Before: Jan 1 06:03:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e00b149bfb1450f39361fa04af20461d7ed73eda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c7:fb:22:28:a2:8c:57:fe:82:ff:9a:fb:eb:
b8:e9:6d:17:68:86:66:28:98:be:b7:7c:69:c1:6a:
26:75:3e:d0:9a:24:be:c9:d1:d6:bd:8d:df:25:e9:
40:9d:2f:94:75:90:8f:7c:24:3c:1b:39:21:f3:9f:
8e:c6:73:06:42:c9:57:ee:af:ae:bf:9b:86:b7:13:
63:af:69:9c:54:43:ed:bf:fa:68:b5:28:b5:06:c2:
b8:ee:65:f8:a0:6a:6e:40:52:17:a7:29:68:3b:28:
f5:ff:6a:46:29:93:d0:87:ca:aa:51:aa:8c:8e:b3:
c4:7a:bf:e9:d4:8e:2d:4c:37:63:fc:ac:1c:2b:43:
4e:9b:db:26:98:58:5c:12:20:e2:8b:25:1e:90:c1:
34:f0:77:ec:87:c0:be:c3:1d:15:b3:00:ee:6f:73:
2a:e9:e5:bf:5c:e5:91:06:73:52:58:02:f8:cc:9f:
7d:7f:f5:55:c7:01:39:1c:a4:2c:70:1a:fb:8e:9d:
60:17:e1:b8:03:e0:ef:23:a7:9b:28:48:40:59:c1:
3b:03:1e:da:d5:a6:8b:f7:83:2e:49:01:c5:5d:d1:
94:29:d7:2e:57:f9:64:77:fb:cc:b8:f2:07:84:99:
54:85:d5:cf:e8:a7:a6:43:df:ab:31:68:34:38:18:
59:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:0B:14:9B:FB:14:50:F3:93:61:FA:04:AF:20:46:1D:7E:D7:3E:DA
X509v3 Authority Key Identifier:
keyid:1B:D7:B7:47:78:F7:15:13:72:0E:F7:E9:8F:F2:E6:E8:0B:6F:64:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G9e3R3j3FRNyDvfpj_Lm6AtvZJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/19c428-6f77-4fdd-b388-c14b72f0ebd9/1/4AsUm_sUUPOTYfoEryBGHX7XPto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/19c428-6f77-4fdd-b388-c14b72f0ebd9/1/G9e3R3j3FRNyDvfpj_Lm6AtvZJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.128.0/22
185.207.160.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:05:f8:5d:24:84:4c:ca:66:24:c4:ab:cb:e9:57:b8:b9:f7:
6d:78:20:f5:4f:00:c1:76:26:02:28:fa:30:15:dd:60:78:e4:
d9:d8:d6:de:7e:8b:73:a5:94:57:25:72:9f:c3:00:85:8d:4c:
4a:7a:e9:b7:ab:74:f2:ae:d4:56:2d:b9:1f:cf:ac:c8:10:7e:
4c:d8:1c:f9:94:40:a0:2e:41:07:1c:f9:92:13:ea:01:e1:95:
2d:41:5b:c1:e6:6a:4d:24:5d:79:c2:51:70:6a:e3:e2:b6:9a:
28:a3:99:fc:08:ae:ef:02:b3:ce:89:87:2c:65:22:76:3d:90:
04:bb:e1:c5:e6:93:a2:bc:33:1e:75:1d:c4:c0:59:41:42:12:
27:d9:9a:cf:95:63:da:41:82:2f:dd:29:3e:7f:67:89:6a:13:
d7:43:a3:2e:bb:a4:78:b7:27:03:bc:1f:79:9a:c9:70:e4:1d:
5a:67:c3:5a:6a:f5:2b:20:59:ea:f3:04:39:63:c2:56:86:45:
36:33:f0:4c:33:f8:87:d4:03:ca:5a:9d:b7:e1:77:e9:73:a1:
2c:f2:33:cc:4c:14:01:56:a6:9e:5d:3b:8d:83:b4:ef:bd:4c:
1e:26:c0:3b:fe:f6:68:17:bb:25:a4:b7:b7:2a:01:08:d5:df:
21:4d:34:41
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECYOxvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YmQ3Yjc0Nzc4ZjcxNTEzNzIwZWY3ZTk4ZmYyZTZlODBiNmY2NDllMB4XDTIyMDEw
MTA2MDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTAwYjE0OWJmYjE0
NTBmMzkzNjFmYTA0YWYyMDQ2MWQ3ZWQ3M2VkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALvH+yIoooxX/oL/mvvruOltF2iGZiiYvrd8acFqJnU+0Jok
vsnR1r2N3yXpQJ0vlHWQj3wkPBs5IfOfjsZzBkLJV+6vrr+bhrcTY69pnFRD7b/6
aLUotQbCuO5l+KBqbkBSF6cpaDso9f9qRimT0IfKqlGqjI6zxHq/6dSOLUw3Y/ys
HCtDTpvbJphYXBIg4oslHpDBNPB37IfAvsMdFbMA7m9zKunlv1zlkQZzUlgC+Myf
fX/1VccBORykLHAa+46dYBfhuAPg7yOnmyhIQFnBOwMe2tWmi/eDLkkBxV3RlCnX
Llf5ZHf7zLjyB4SZVIXVz+inpkPfqzFoNDgYWQUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTgCxSb+xRQ85Nh+gSvIEYdftc+2jAfBgNVHSMEGDAWgBQb17dHePcVE3IO
9+mP8uboC29knjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c5ZTNSM2ozRlJOeUR2ZnBqX0xtNkF0dlpKNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvMTljNDI4LTZmNzctNGZkZC1iMzg4LWMxNGI3MmYwZWJkOS8x
LzRBc1VtX3NVVVBPVFlmb0VyeUJHSFg3WFB0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
MTljNDI4LTZmNzctNGZkZC1iMzg4LWMxNGI3MmYwZWJkOS8xL0c5ZTNSM2ozRlJO
eUR2ZnBqX0xtNkF0dlpKNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArlEgAMEArnPoDANBgkqhkiG9w0B
AQsFAAOCAQEAqQX4XSSETMpmJMSry+lXuLn3bXgg9U8AwXYmAij6MBXdYHjk2djW
3n6Lc6WUVyVyn8MAhY1MSnrpt6t08q7UVi25H8+syBB+TNgc+ZRAoC5BBxz5khPq
AeGVLUFbweZqTSRdecJRcGrj4raaKKOZ/Aiu7wKzzomHLGUidj2QBLvhxeaTorwz
HnUdxMBZQUISJ9maz5Vj2kGCL90pPn9niWoT10OjLrukeLcnA7wfeZrJcOQdWmfD
Wmr1KyBZ6vMEOWPCVoZFNjPwTDP4h9QDylqdt+F36XOhLPIzzEwUAVamnl07jYO0
771MHibAO/72aBe7JaS3tyoBCNXfIU00QQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:25 2023 by rpki-client on console-fra.rpki-client.org