Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/I8lUCeLJTgVAc7mJsN4iBF68cTI.roa
File: I8lUCeLJTgVAc7mJsN4iBF68cTI.roa (raw, json)
Hash identifier: y+yzpFJpwWT4Uxig/pPSDJhi91g91c99VLWFHC/GwCA=
Subject key identifier: 23:C9:54:09:E2:C9:4E:05:40:73:B9:89:B0:DE:22:04:5E:BC:71:32
Certificate issuer: /CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Certificate serial: 018571D7C0468B644A8FA4B99B0C3D42DE0A
Authority key identifier: 06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/I8lUCeLJTgVAc7mJsN4iBF68cTI.roa
Signing time: Mon 02 Jan 2023 09:37:22 +0000
ROA not before: Mon 02 Jan 2023 09:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60929
IP address blocks: 185.23.152.0/22 maxlen: 22
185.23.152.0/24 maxlen: 24
185.23.154.0/24 maxlen: 24
185.23.155.0/24 maxlen: 24
185.23.153.0/24 maxlen: 24
2a00:6e20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c0:46:8b:64:4a:8f:a4:b9:9b:0c:3d:42:de:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06bd30ac3561a1df7fc6b296bf9d29dd5581f1ee
Validity
Not Before: Jan 2 09:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23c95409e2c94e054073b989b0de22045ebc7132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:68:1f:58:9d:a6:9e:cc:bb:76:ca:27:7d:34:
4e:10:0e:cb:17:fa:a4:e0:57:15:d2:ee:2b:4c:60:
8a:6a:62:e1:4e:dd:fb:bc:b0:a7:7e:6a:46:91:97:
d3:4d:43:66:2d:c3:36:c5:8a:d2:8d:29:4a:53:4b:
6c:d9:34:8b:b7:db:cb:fa:e3:16:1b:52:de:aa:cb:
d2:b4:37:7a:33:09:36:93:33:0c:86:7c:4c:56:67:
67:29:62:83:d4:e4:11:c9:9d:a3:9c:f9:b3:69:9d:
92:2d:b8:7d:2b:f2:31:f6:54:bc:eb:65:20:b2:ff:
0e:d9:c5:a9:6a:e7:47:6f:a3:67:d7:67:6f:44:f7:
f9:f9:75:7c:97:36:0c:13:72:be:dc:54:92:ca:5a:
51:6f:65:87:34:c7:2d:9e:86:c2:fc:bb:50:a3:1e:
a1:e1:d9:4f:39:06:ec:9d:9a:b4:a3:34:9a:37:b3:
c7:bd:5a:51:a9:ef:f1:c2:a6:48:79:60:fc:c1:77:
75:f5:22:60:f5:98:02:26:b4:52:8b:60:e2:f3:9e:
ea:48:6c:f6:97:a2:89:dc:e8:13:85:19:3a:6d:f3:
a3:f0:86:cd:31:ab:35:a6:7b:84:3d:52:6c:1d:b4:
d0:ed:dd:e4:a7:b7:69:17:02:20:ab:3f:2a:1a:35:
a1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C9:54:09:E2:C9:4E:05:40:73:B9:89:B0:DE:22:04:5E:BC:71:32
X509v3 Authority Key Identifier:
keyid:06:BD:30:AC:35:61:A1:DF:7F:C6:B2:96:BF:9D:29:DD:55:81:F1:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Br0wrDVhod9_xrKWv50p3VWB8e4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/I8lUCeLJTgVAc7mJsN4iBF68cTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a01ab5-83c0-4e19-9093-79175b151a52/1/Br0wrDVhod9_xrKWv50p3VWB8e4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.152.0/22
IPv6:
2a00:6e20::/32
Signature Algorithm: sha256WithRSAEncryption
71:06:c1:09:30:72:93:24:9e:8b:f0:15:07:5f:87:cf:8b:bb:
a3:98:27:9e:71:3e:cb:63:61:f0:67:67:76:26:7c:1c:fe:c5:
c1:52:1a:38:7e:2c:f1:da:62:fe:5b:47:74:cb:fb:14:a6:38:
49:75:e3:6c:53:df:9b:dd:f7:dd:85:fa:c1:80:8d:01:0f:2f:
c5:ed:3c:76:fe:4f:92:9f:0a:96:be:d1:f4:44:5c:74:4e:8f:
e6:13:39:3b:95:6a:a5:e7:ea:3e:1f:1b:82:8e:e8:cb:8f:a6:
dd:00:d3:5d:09:df:51:fa:57:67:ac:1b:36:89:e3:12:ef:52:
66:15:d1:a7:7e:05:3f:ca:e9:61:70:d1:d0:74:80:cd:3b:3a:
ba:ef:2e:40:10:46:97:66:08:6e:56:e0:6b:b6:bd:c4:71:81:
e3:bd:a2:16:bf:1c:79:8f:84:44:4e:3c:d1:10:46:a5:5c:9a:
de:bd:40:b9:e5:26:c1:55:59:23:fb:39:86:77:f8:b3:4f:82:
59:63:15:96:d8:a9:94:6c:81:bd:30:f7:51:a6:ba:0f:e0:43:
87:a0:78:d0:04:48:33:0d:3f:41:f3:9e:a4:03:39:9d:6d:12:
91:4b:b0:19:0d:b7:78:42:48:22:28:23:d3:3f:49:3a:47:0f:
5f:15:08:53
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx18BGi2RKj6S5mww9Qt4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2YmQzMGFjMzU2MWExZGY3ZmM2YjI5NmJmOWQyOWRkNTU4
MWYxZWUwHhcNMjMwMTAyMDkzNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2M5NTQwOWUyYzk0ZTA1NDA3M2I5ODliMGRlMjIwNDVlYmM3MTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGgfWJ2mnsy7dsonfTROEA7LF/qk
4FcV0u4rTGCKamLhTt37vLCnfmpGkZfTTUNmLcM2xYrSjSlKU0ts2TSLt9vL+uMW
G1LeqsvStDd6Mwk2kzMMhnxMVmdnKWKD1OQRyZ2jnPmzaZ2SLbh9K/Ix9lS862Ug
sv8O2cWpaudHb6Nn12dvRPf5+XV8lzYME3K+3FSSylpRb2WHNMctnobC/LtQox6h
4dlPOQbsnZq0ozSaN7PHvVpRqe/xwqZIeWD8wXd19SJg9ZgCJrRSi2Di857qSGz2
l6KJ3OgThRk6bfOj8IbNMas1pnuEPVJsHbTQ7d3kp7dpFwIgqz8qGjWhtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCPJVAniyU4FQHO5ibDeIgRevHEyMB8GA1UdIwQY
MBaAFAa9MKw1YaHff8aylr+dKd1VgfHuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMt
NzkxNzViMTUxYTUyLzEvSThsVUNlTEpUZ1ZBYzdtSnNONGlCRjY4Y1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hMDFhYjUtODNjMC00ZTE5LTkwOTMtNzkxNzViMTUxYTUy
LzEvQnIwd3JEVmhvZDlfeHJLV3Y1MHAzVldCOGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuReYMA0E
AgACMAcDBQAqAG4gMA0GCSqGSIb3DQEBCwUAA4IBAQBxBsEJMHKTJJ6L8BUHX4fP
i7ujmCeecT7LY2HwZ2d2Jnwc/sXBUho4fizx2mL+W0d0y/sUpjhJdeNsU9+b3ffd
hfrBgI0BDy/F7Tx2/k+SnwqWvtH0RFx0To/mEzk7lWql5+o+HxuCjujLj6bdANNd
Cd9R+ldnrBs2ieMS71JmFdGnfgU/yulhcNHQdIDNOzq67y5AEEaXZghuVuBrtr3E
cYHjvaIWvxx5j4RETjzREEalXJrevUC55SbBVVkj+zmGd/izT4JZYxWW2KmUbIG9
MPdRproP4EOHoHjQBEgzDT9B856kAzmdbRKRS7AZDbd4QkgiKCPTP0k6Rw9fFQhT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:58 2025 by rpki-client