Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/C_NIyl5SewKvuoqYOLNZPvgBNrE.roa
File: C_NIyl5SewKvuoqYOLNZPvgBNrE.roa (raw, json)
Hash identifier: zYsT/wL+gaQ3p8XIkgJZ0Gr2tuhpYq420+kVTZKUpBs=
Subject key identifier: 0B:F3:48:CA:5E:52:7B:02:AF:BA:8A:98:38:B3:59:3E:F8:01:36:B1
Certificate issuer: /CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Certificate serial: 0184CCF5A3B44C3434E439D38FC5D7318E59
Authority key identifier: B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/C_NIyl5SewKvuoqYOLNZPvgBNrE.roa
Signing time: Thu 01 Dec 2022 09:12:41 +0000
ROA not before: Thu 01 Dec 2022 09:12:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202196
IP address blocks: 185.150.60.0/22 maxlen: 22
185.150.60.0/23 maxlen: 23
185.150.60.0/24 maxlen: 24
185.150.61.0/24 maxlen: 24
185.150.62.0/24 maxlen: 24
185.150.62.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cc:f5:a3:b4:4c:34:34:e4:39:d3:8f:c5:d7:31:8e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a90f6896678442afaee1baaaa6b2a2decacd3b
Validity
Not Before: Dec 1 09:12:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bf348ca5e527b02afba8a9838b3593ef80136b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4d:49:e5:73:79:55:69:84:06:74:f6:bf:ad:
c2:e1:50:a0:29:75:19:d8:75:a4:d4:85:d7:f7:0c:
4c:eb:f2:9f:20:63:2e:2a:30:ad:b6:48:5e:54:17:
99:97:3f:f9:ed:c1:22:b7:a2:91:a4:20:5b:75:1a:
d7:69:6e:96:d9:e9:7c:39:76:04:4a:01:96:9d:1e:
b1:48:21:65:b6:22:3f:1c:af:56:e5:a1:c7:48:7d:
42:44:73:8a:ce:9e:e3:4b:6b:5b:61:2d:42:57:ef:
83:42:35:14:a3:20:ff:a2:fc:9e:f6:44:d7:71:ba:
5c:cc:47:dd:9c:ec:3d:5c:44:d6:5a:64:60:97:82:
be:18:aa:1b:17:b9:f3:6e:84:3a:87:16:77:d1:c2:
59:24:85:5f:28:6d:d9:ff:34:09:36:17:38:7a:82:
bc:dd:78:81:18:5f:fd:a0:f2:80:13:7d:42:c1:0f:
56:aa:89:d8:06:8a:52:13:20:d9:fe:48:6e:41:08:
c1:54:29:be:40:5e:85:91:61:4a:62:7d:78:c4:20:
ee:5f:43:d1:30:f7:88:c8:c1:04:62:4e:2d:ae:c9:
ac:c6:eb:32:38:2c:93:18:44:f2:9d:18:45:1b:d1:
dc:24:1e:72:4b:00:be:e3:26:4d:cd:d3:a8:81:b7:
8a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:F3:48:CA:5E:52:7B:02:AF:BA:8A:98:38:B3:59:3E:F8:01:36:B1
X509v3 Authority Key Identifier:
keyid:B4:A9:0F:68:96:67:84:42:AF:AE:E1:BA:AA:A6:B2:A2:DE:CA:CD:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKkPaJZnhEKvruG6qqayot7KzTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/C_NIyl5SewKvuoqYOLNZPvgBNrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/e61614-ebc5-4731-8560-9d1812999a35/1/tKkPaJZnhEKvruG6qqayot7KzTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.60.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:f5:dc:9d:1d:72:c3:29:7c:13:24:ab:cd:be:76:8f:f0:51:
ac:d7:95:bd:65:83:ec:f2:b5:5c:f8:d8:3e:d4:b8:8c:3e:d1:
9b:2f:d0:49:2c:54:7d:9e:72:76:d7:66:3c:c9:62:8a:d6:04:
aa:85:70:73:af:d3:8f:36:a3:0e:02:e2:7e:fc:27:e0:a4:26:
4a:bf:fc:01:3e:6c:65:62:2f:88:6a:62:a6:60:b1:ee:69:f7:
6f:a8:6f:19:73:fb:96:ea:ca:3a:21:e6:8a:67:11:7b:f0:a0:
3e:7a:fa:f6:af:2d:78:3e:05:a2:5a:0f:6b:6d:94:16:3d:aa:
95:5f:c3:88:59:ec:fa:e4:b1:51:fa:f0:bd:52:c8:fd:22:78:
ad:a7:1b:fe:b6:4a:b4:40:fc:d8:13:b8:2d:93:d4:8a:06:14:
6c:93:14:d0:af:91:7a:fe:d9:54:51:b2:7b:c4:fd:7d:bd:a0:
41:8c:e0:4a:d0:27:ff:a2:ed:84:dc:27:69:a3:f8:0d:19:ec:
b0:e8:49:80:d2:56:51:05:17:8a:f0:0f:29:ed:01:fb:b1:be:
c0:9a:fe:ab:b1:a6:56:69:39:c6:ae:ae:b4:b4:83:cc:07:bd:
62:03:d7:51:88:0c:ae:e4:a9:ab:29:1b:27:78:98:ac:eb:c1:
9e:af:55:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTM9aO0TDQ05DnTj8XXMY5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YTkwZjY4OTY2Nzg0NDJhZmFlZTFiYWFhYTZiMmEyZGVj
YWNkM2IwHhcNMjIxMjAxMDkxMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmYzNDhjYTVlNTI3YjAyYWZiYThhOTgzOGIzNTkzZWY4MDEzNmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnE1J5XN5VWmEBnT2v63C4VCgKXUZ
2HWk1IXX9wxM6/KfIGMuKjCttkheVBeZlz/57cEit6KRpCBbdRrXaW6W2el8OXYE
SgGWnR6xSCFltiI/HK9W5aHHSH1CRHOKzp7jS2tbYS1CV++DQjUUoyD/ovye9kTX
cbpczEfdnOw9XETWWmRgl4K+GKobF7nzboQ6hxZ30cJZJIVfKG3Z/zQJNhc4eoK8
3XiBGF/9oPKAE31CwQ9WqonYBopSEyDZ/khuQQjBVCm+QF6FkWFKYn14xCDuX0PR
MPeIyMEEYk4trsmsxusyOCyTGETynRhFG9HcJB5ySwC+4yZNzdOogbeKCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAvzSMpeUnsCr7qKmDizWT74ATaxMB8GA1UdIwQY
MBaAFLSpD2iWZ4RCr67huqqmsqLeys07MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAt
OWQxODEyOTk5YTM1LzEvQ19OSXlsNVNld0t2dW9xWU9MTlpQdmdCTnJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9lNjE2MTQtZWJjNS00NzMxLTg1NjAtOWQxODEyOTk5YTM1
LzEvdEtrUGFKWm5oRUt2cnVHNnFxYXlvdDdLelRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZY8MA0G
CSqGSIb3DQEBCwUAA4IBAQCg9dydHXLDKXwTJKvNvnaP8FGs15W9ZYPs8rVc+Ng+
1LiMPtGbL9BJLFR9nnJ212Y8yWKK1gSqhXBzr9OPNqMOAuJ+/CfgpCZKv/wBPmxl
Yi+IamKmYLHuafdvqG8Zc/uW6so6IeaKZxF78KA+evr2ry14PgWiWg9rbZQWPaqV
X8OIWez65LFR+vC9Usj9Initpxv+tkq0QPzYE7gtk9SKBhRskxTQr5F6/tlUUbJ7
xP19vaBBjOBK0Cf/ou2E3Cdpo/gNGeyw6EmA0lZRBReK8A8p7QH7sb7Amv6rsaZW
aTnGrq60tIPMB71iA9dRiAyu5KmrKRsneJis68Ger1Um
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:19 2024 by rpki-client on console-fra.rpki-client.org