Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/5D5fQpB5cbslCW7dk-WKf0OehIk.roa
File: 5D5fQpB5cbslCW7dk-WKf0OehIk.roa (raw, json)
Hash identifier: JNRfPNxpG1xEwu6l9reZ2Y0dTkmk0neiO5voBR2YS7Q=
Subject key identifier: E4:3E:5F:42:90:79:71:BB:25:09:6E:DD:93:E5:8A:7F:43:9E:84:89
Certificate issuer: /CN=232af36b9c079da091827da3d07c9c8a5236cb54
Certificate serial: 0184CE33527C4422D541379296F342A232F8
Authority key identifier: 23:2A:F3:6B:9C:07:9D:A0:91:82:7D:A3:D0:7C:9C:8A:52:36:CB:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iyrza5wHnaCRgn2j0HycilI2y1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/5D5fQpB5cbslCW7dk-WKf0OehIk.roa
Signing time: Thu 01 Dec 2022 14:59:40 +0000
ROA not before: Thu 01 Dec 2022 14:59:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200984
IP address blocks: 185.89.180.0/22 maxlen: 24
2a05:da00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:33:52:7c:44:22:d5:41:37:92:96:f3:42:a2:32:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=232af36b9c079da091827da3d07c9c8a5236cb54
Validity
Not Before: Dec 1 14:59:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e43e5f42907971bb25096edd93e58a7f439e8489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a5:b7:37:1a:fa:31:0c:13:46:b1:4e:b0:98:
21:b4:93:53:d3:a8:bc:00:4f:36:9c:a9:92:8c:a2:
cb:c3:a3:3e:07:23:3c:db:76:5a:ba:fb:9c:26:91:
f2:17:ec:8a:74:9b:90:35:82:86:fb:a8:a1:22:f2:
c9:5a:54:d5:08:93:30:5e:02:db:48:d2:c5:8a:96:
ac:c0:66:73:85:a8:9e:a0:a3:11:8d:9f:61:d7:01:
dc:28:79:45:6e:ab:95:ca:a4:73:c3:6f:7e:75:fc:
39:68:ee:cf:d3:e1:f0:ab:17:8e:bd:5d:3e:5f:60:
42:1a:f4:58:cb:fe:98:85:51:48:84:58:51:b1:7f:
aa:39:e4:df:cb:ba:0b:e9:42:50:6a:6b:f6:74:db:
22:cd:d9:21:ec:e7:f6:a9:14:37:41:b7:3c:10:c4:
27:bf:f9:9f:ab:db:ee:f6:de:4e:69:38:c1:05:e6:
7a:78:1b:ff:b9:66:66:09:ca:5f:9e:df:0b:58:8c:
6d:a4:58:e8:ef:d2:74:d0:f9:c2:5b:95:fa:c3:42:
8c:92:e4:e7:98:64:f5:ca:9c:c3:2c:ea:71:24:4b:
2a:ae:a6:d4:ba:34:e4:76:a1:9d:ac:3a:7c:3c:36:
91:31:6d:a4:b6:43:7d:cd:bc:f6:42:5c:60:fb:f5:
dc:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3E:5F:42:90:79:71:BB:25:09:6E:DD:93:E5:8A:7F:43:9E:84:89
X509v3 Authority Key Identifier:
keyid:23:2A:F3:6B:9C:07:9D:A0:91:82:7D:A3:D0:7C:9C:8A:52:36:CB:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iyrza5wHnaCRgn2j0HycilI2y1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/5D5fQpB5cbslCW7dk-WKf0OehIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c2fd33-fd44-4e08-b424-aa1045220b5b/1/Iyrza5wHnaCRgn2j0HycilI2y1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.180.0/22
IPv6:
2a05:da00::/29
Signature Algorithm: sha256WithRSAEncryption
1d:f9:23:cf:03:7e:94:79:89:7b:48:3a:a8:91:cf:9a:33:8b:
62:b4:67:39:56:9f:2a:4d:07:4b:62:9c:10:1c:09:2a:77:55:
b7:23:80:69:72:ed:20:d8:26:a4:e3:86:83:d0:c5:90:1b:77:
44:8f:8f:e3:a9:d8:cb:3e:68:a3:09:df:d0:ae:ba:fa:86:9a:
38:09:e0:1a:9a:66:d0:84:93:b0:36:2f:e9:14:6b:00:8a:75:
e2:eb:97:a3:37:b4:d7:9c:59:f2:db:8a:d8:ca:7b:91:fc:9d:
8c:9e:56:12:6c:7c:ac:61:dd:c8:fa:32:a3:c9:75:80:88:dd:
24:de:cf:2e:3e:dd:83:5b:08:43:ba:00:97:3b:31:a3:10:89:
66:7a:2e:10:cd:ff:5b:59:df:e6:61:a8:32:73:50:e6:d8:a2:
59:04:83:bb:ab:bc:9f:2a:44:79:e2:96:e0:63:f5:21:c2:f8:
14:12:7e:33:3a:0a:e1:da:f8:9b:89:60:2d:04:95:ae:c4:32:
ae:e5:72:56:d9:cd:f5:c7:3b:e9:da:59:85:47:d8:eb:c9:a1:
00:68:89:e8:e9:67:7d:a2:98:f6:d8:a9:98:f2:27:b5:67:38:
71:c5:46:9a:51:da:9b:38:1a:b0:f5:51:3b:97:93:25:89:98:
0d:4e:7c:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTOM1J8RCLVQTeSlvNCojL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMmFmMzZiOWMwNzlkYTA5MTgyN2RhM2QwN2M5YzhhNTIz
NmNiNTQwHhcNMjIxMjAxMTQ1OTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDNlNWY0MjkwNzk3MWJiMjUwOTZlZGQ5M2U1OGE3ZjQzOWU4NDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6W3Nxr6MQwTRrFOsJghtJNT06i8
AE82nKmSjKLLw6M+ByM823ZauvucJpHyF+yKdJuQNYKG+6ihIvLJWlTVCJMwXgLb
SNLFipaswGZzhaieoKMRjZ9h1wHcKHlFbquVyqRzw29+dfw5aO7P0+HwqxeOvV0+
X2BCGvRYy/6YhVFIhFhRsX+qOeTfy7oL6UJQamv2dNsizdkh7Of2qRQ3Qbc8EMQn
v/mfq9vu9t5OaTjBBeZ6eBv/uWZmCcpfnt8LWIxtpFjo79J00PnCW5X6w0KMkuTn
mGT1ypzDLOpxJEsqrqbUujTkdqGdrDp8PDaRMW2ktkN9zbz2Qlxg+/XcdQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOQ+X0KQeXG7JQlu3ZPlin9DnoSJMB8GA1UdIwQY
MBaAFCMq82ucB52gkYJ9o9B8nIpSNstUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlyemE1d0huYUNSZ24yajBIeWNpbEkyeTFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jMmZkMzMtZmQ0NC00ZTA4LWI0MjQt
YWExMDQ1MjIwYjViLzEvNUQ1ZlFwQjVjYnNsQ1c3ZGstV0tmME9laElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jMmZkMzMtZmQ0NC00ZTA4LWI0MjQtYWExMDQ1MjIwYjVi
LzEvSXlyemE1d0huYUNSZ24yajBIeWNpbEkyeTFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVm0MA0E
AgACMAcDBQMqBdoAMA0GCSqGSIb3DQEBCwUAA4IBAQAd+SPPA36UeYl7SDqokc+a
M4titGc5Vp8qTQdLYpwQHAkqd1W3I4Bpcu0g2Cak44aD0MWQG3dEj4/jqdjLPmij
Cd/Qrrr6hpo4CeAammbQhJOwNi/pFGsAinXi65ejN7TXnFny24rYynuR/J2MnlYS
bHysYd3I+jKjyXWAiN0k3s8uPt2DWwhDugCXOzGjEIlmei4Qzf9bWd/mYagyc1Dm
2KJZBIO7q7yfKkR54pbgY/UhwvgUEn4zOgrh2vibiWAtBJWuxDKu5XJW2c31xzvp
2lmFR9jryaEAaIno6Wd9opj22KmY8ie1ZzhxxUaaUdqbOBqw9VE7l5MliZgNTnzN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:36 2024 by rpki-client on console-fra.rpki-client.org