Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/1SgTql70aF_J5MZFKm0_TgTF2Hc.roa
File: 1SgTql70aF_J5MZFKm0_TgTF2Hc.roa (raw, json)
Hash identifier: JdWXd9HkfXSHSgrfH6tGIELiVhBBaR5d7wNHeqzYlWY=
Subject key identifier: D5:28:13:AA:5E:F4:68:5F:C9:E4:C6:45:2A:6D:3F:4E:04:C5:D8:77
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 018427DD631C3EDF1DE31721D54B48B91DAB
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/1SgTql70aF_J5MZFKm0_TgTF2Hc.roa
Signing time: Sun 30 Oct 2022 07:48:51 +0000
ROA not before: Sun 30 Oct 2022 07:48:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210539
IP address blocks: 185.196.222.0/23 maxlen: 32
185.162.88.0/24 maxlen: 24
185.174.41.0/24 maxlen: 24
185.165.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:27:dd:63:1c:3e:df:1d:e3:17:21:d5:4b:48:b9:1d:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Oct 30 07:48:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d52813aa5ef4685fc9e4c6452a6d3f4e04c5d877
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ad:71:6d:26:a5:73:a8:a1:aa:c5:b1:31:75:
31:f5:2c:ca:68:6f:fd:22:bc:f8:0d:13:49:ac:31:
31:2f:27:2a:31:41:00:d3:fc:e1:c4:2c:51:8c:d2:
77:af:1a:d0:0e:b9:c1:eb:bc:18:ee:1c:4d:78:df:
85:60:70:e1:a1:11:cb:45:b8:14:bb:c4:d4:fd:90:
0a:26:22:a3:08:fe:ee:ef:72:f5:4a:6e:da:df:2a:
0b:20:c6:46:b1:51:37:40:8f:14:25:c6:f9:2f:3c:
c4:ed:77:ad:81:8f:2a:9d:c7:c1:4c:ad:6b:ab:39:
c5:f2:76:14:de:c6:03:f8:25:c6:62:d6:c7:e0:50:
b2:64:17:9a:77:10:6c:7c:79:44:e3:65:b0:35:36:
a0:9b:e3:47:e9:96:36:e5:db:55:4e:4c:4f:86:dc:
3e:2d:11:b3:47:db:21:e5:ef:7d:6e:87:dd:17:df:
a6:5a:bc:f7:1b:1a:12:39:fe:7e:0c:66:29:9b:d1:
2d:11:5d:4d:bb:84:63:aa:f0:85:ff:72:49:da:19:
bf:05:a4:60:97:66:99:5b:98:41:5e:34:c8:48:bc:
76:37:a5:88:7e:34:5e:4e:36:c8:81:3c:94:44:d2:
51:96:49:df:2c:21:aa:b4:ff:7e:02:12:3c:5d:c6:
39:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:28:13:AA:5E:F4:68:5F:C9:E4:C6:45:2A:6D:3F:4E:04:C5:D8:77
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/1SgTql70aF_J5MZFKm0_TgTF2Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.162.88.0/24
185.165.153.0/24
185.174.41.0/24
185.196.222.0/23
Signature Algorithm: sha256WithRSAEncryption
68:ec:8d:c4:f2:77:2b:07:d5:3f:0a:af:2a:ef:8e:de:12:5f:
e3:d9:d2:ac:71:72:30:5f:ef:96:d3:57:40:95:da:d8:80:51:
22:19:19:a5:1a:15:c8:14:8b:ad:df:01:02:c5:bb:77:19:f8:
19:45:5d:0e:54:83:b9:d4:0a:d6:d9:61:93:e6:44:16:29:3e:
d5:e9:70:2d:21:ba:b3:89:f0:ec:66:81:3a:70:3d:cc:ce:5f:
de:4e:45:6f:2d:bd:c0:a8:04:65:b0:0e:9c:87:12:f6:f4:9c:
ed:2a:84:5f:bb:cd:ff:3d:cb:4d:60:fe:e2:16:af:d9:36:c3:
b9:58:a1:cc:76:33:d0:ec:96:a3:94:68:56:80:18:be:88:64:
80:96:f5:65:75:ad:ec:0d:76:4a:61:c5:90:bd:53:4b:44:51:
25:1f:a5:4b:75:29:90:e5:ab:1d:c6:4c:c0:c3:e6:2e:7a:25:
98:dc:7c:89:bc:1b:f5:2e:24:fe:8c:0e:4b:e1:90:cb:f5:9c:
43:d2:ac:3d:2c:fa:eb:ea:7d:9e:e2:99:37:4d:34:07:9a:5a:
8c:54:96:f6:b9:6c:e8:b5:be:2a:e6:d0:35:c8:62:14:36:d8:
8a:f1:b9:b4:e5:98:77:93:e9:6a:7b:b0:fb:bb:a5:97:4e:17:
ea:45:b0:0b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYQn3WMcPt8d4xch1UtIuR2rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjIxMDMwMDc0ODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI4MTNhYTVlZjQ2ODVmYzllNGM2NDUyYTZkM2Y0ZTA0YzVkODc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxK1xbSalc6ihqsWxMXUx9SzKaG/9
Irz4DRNJrDExLycqMUEA0/zhxCxRjNJ3rxrQDrnB67wY7hxNeN+FYHDhoRHLRbgU
u8TU/ZAKJiKjCP7u73L1Sm7a3yoLIMZGsVE3QI8UJcb5LzzE7XetgY8qncfBTK1r
qznF8nYU3sYD+CXGYtbH4FCyZBeadxBsfHlE42WwNTagm+NH6ZY25dtVTkxPhtw+
LRGzR9sh5e99bofdF9+mWrz3GxoSOf5+DGYpm9EtEV1Nu4RjqvCF/3JJ2hm/BaRg
l2aZW5hBXjTISLx2N6WIfjReTjbIgTyURNJRlknfLCGqtP9+AhI8XcY5PwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNUoE6pe9GhfyeTGRSptP04Exdh3MB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvMVNnVHFsNzBhRl9KNU1aRkttMF9UZ1RGMkhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuaJYAwQA
uaWZAwQAua4pAwQBucTeMA0GCSqGSIb3DQEBCwUAA4IBAQBo7I3E8ncrB9U/Cq8q
747eEl/j2dKscXIwX++W01dAldrYgFEiGRmlGhXIFIut3wECxbt3GfgZRV0OVIO5
1ArW2WGT5kQWKT7V6XAtIbqzifDsZoE6cD3Mzl/eTkVvLb3AqARlsA6chxL29Jzt
KoRfu83/PctNYP7iFq/ZNsO5WKHMdjPQ7JajlGhWgBi+iGSAlvVlda3sDXZKYcWQ
vVNLRFElH6VLdSmQ5asdxkzAw+YueiWY3HyJvBv1LiT+jA5L4ZDL9ZxD0qw9LPrr
6n2e4pk3TTQHmlqMVJb2uWzotb4q5tA1yGIUNtiK8bm05Zh3k+lqe7D7u6WXThfq
RbAL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:21 2023 by rpki-client on console-fra.rpki-client.org