Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/iBHWDf-EyhBxcCSjeyk7gZTxioo.roa
File: iBHWDf-EyhBxcCSjeyk7gZTxioo.roa (raw, json)
Hash identifier: OBh5+u2F35kTKwSVZxKQg3eh9ZrkoYdujFKCMQigFj4=
Subject key identifier: 88:11:D6:0D:FF:84:CA:10:71:70:24:A3:7B:29:3B:81:94:F1:8A:8A
Certificate issuer: /CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Certificate serial: 16A3870B
Authority key identifier: 92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/iBHWDf-EyhBxcCSjeyk7gZTxioo.roa
Signing time: Sat 01 Jan 2022 02:00:27 +0000
ROA not before: Sat 01 Jan 2022 02:00:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33848
IP address blocks: 141.36.0.0/16 maxlen: 27
192.109.218.0/24 maxlen: 27
185.152.96.0/22 maxlen: 27
84.21.32.0/19 maxlen: 27
147.12.96.0/19 maxlen: 27
2a00:4980::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 379815691 (0x16a3870b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92686c852f36fbe9fc8be77c409b5226a6ee54d5
Validity
Not Before: Jan 1 02:00:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8811d60dff84ca10717024a37b293b8194f18a8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d1:dc:9f:e9:47:bc:51:fe:d5:d8:8c:49:d3:
5a:22:35:ed:48:91:6b:9b:c2:ce:ca:4a:3c:03:84:
8b:2b:10:37:3e:4a:f9:6e:f8:42:59:23:d7:be:6d:
8a:88:89:91:28:f5:80:bd:4e:2c:45:21:d9:87:55:
3c:92:66:8c:a1:dd:05:fe:81:e5:4d:dc:80:15:79:
17:a5:22:d5:73:1b:af:e2:c6:9b:d8:95:55:f2:0f:
cd:89:99:8f:ca:9c:35:10:30:39:7b:e5:dc:de:2a:
a7:03:f3:d1:a5:d6:a5:0b:f2:62:04:c1:87:d1:dc:
c0:b9:74:74:cd:7a:37:91:c1:c5:3e:2e:86:20:a4:
d8:51:2c:44:e7:2d:66:c7:11:d5:b5:c8:3a:b3:e8:
e6:d5:b0:1d:c2:30:f7:d4:9a:2f:1f:5d:5a:4a:e0:
1a:48:f2:ef:c2:80:3e:b7:da:40:da:9d:d4:9f:b7:
85:94:a3:b9:d0:62:c9:4b:86:78:2c:e1:30:5d:9a:
78:2c:6c:8c:b4:68:36:0a:94:fc:6e:f9:7b:2b:09:
f7:23:bd:e7:c5:db:c0:c9:b7:c8:85:7d:5b:49:af:
51:07:40:bf:06:75:74:8d:ec:93:25:12:dc:6f:52:
c6:d8:a2:af:23:42:a8:31:b7:58:4c:7e:ed:e9:47:
95:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:11:D6:0D:FF:84:CA:10:71:70:24:A3:7B:29:3B:81:94:F1:8A:8A
X509v3 Authority Key Identifier:
keyid:92:68:6C:85:2F:36:FB:E9:FC:8B:E7:7C:40:9B:52:26:A6:EE:54:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kmhshS82--n8i-d8QJtSJqbuVNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/iBHWDf-EyhBxcCSjeyk7gZTxioo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/d559b2-4b33-4f8d-9d21-ba71fbdb0374/1/kmhshS82--n8i-d8QJtSJqbuVNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.32.0/19
141.36.0.0/16
147.12.96.0/19
185.152.96.0/22
192.109.218.0/24
IPv6:
2a00:4980::/29
Signature Algorithm: sha256WithRSAEncryption
73:7d:3a:c0:a6:82:39:d6:88:b9:21:f4:89:a2:04:a7:62:8c:
6e:8c:30:b1:55:37:79:a7:ce:00:8f:4f:6c:fb:ad:25:24:08:
45:d1:75:22:c0:b4:bb:49:85:04:63:c0:ad:1d:d0:51:53:bb:
58:ef:25:86:e7:01:75:2d:a3:15:fe:ea:6e:d1:fe:f3:1d:bc:
f6:d0:1d:4f:76:ea:c4:b3:99:6d:9c:47:2d:47:2d:d1:43:17:
04:a2:77:91:9e:a5:75:23:ef:6f:eb:d9:e2:ba:8f:55:13:df:
d7:b1:31:13:f5:ca:b9:e6:e6:28:12:5a:db:17:72:8a:13:5b:
c8:21:d2:4b:13:1c:c0:7e:86:e7:0f:65:ad:4a:c2:cd:42:03:
22:bc:b9:22:b5:60:71:6e:25:20:cd:c3:2e:aa:81:fc:42:f6:
8d:9e:fc:94:88:ef:6d:9f:db:77:f0:9a:d2:7a:43:b1:dd:be:
5c:04:06:c2:63:d6:0c:3c:25:2b:01:98:57:91:9a:13:f6:e5:
f2:a2:4d:f3:bd:3b:8f:8f:4e:f5:93:84:f6:19:2b:06:55:5c:
d1:b2:b4:a9:3a:03:54:34:b7:3d:10:23:93:33:46:47:35:87:
9a:92:b3:c1:cb:f0:10:54:46:5b:27:95:d8:3c:c5:64:05:b8:
99:da:bc:b8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEFqOHCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjY4NmM4NTJmMzZmYmU5ZmM4YmU3N2M0MDliNTIyNmE2ZWU1NGQ1MB4XDTIyMDEw
MTAyMDAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODgxMWQ2MGRmZjg0
Y2ExMDcxNzAyNGEzN2IyOTNiODE5NGYxOGE4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHR3J/pR7xR/tXYjEnTWiI17UiRa5vCzspKPAOEiysQNz5K
+W74Qlkj175tioiJkSj1gL1OLEUh2YdVPJJmjKHdBf6B5U3cgBV5F6Ui1XMbr+LG
m9iVVfIPzYmZj8qcNRAwOXvl3N4qpwPz0aXWpQvyYgTBh9HcwLl0dM16N5HBxT4u
hiCk2FEsROctZscR1bXIOrPo5tWwHcIw99SaLx9dWkrgGkjy78KAPrfaQNqd1J+3
hZSjudBiyUuGeCzhMF2aeCxsjLRoNgqU/G75eysJ9yO958XbwMm3yIV9W0mvUQdA
vwZ1dI3skyUS3G9SxtiiryNCqDG3WEx+7elHlSECAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBSIEdYN/4TKEHFwJKN7KTuBlPGKijAfBgNVHSMEGDAWgBSSaGyFLzb76fyL
53xAm1Impu5U1TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ttaHNoUzgyLS1uOGktZDhRSnRTSnFidVZOVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvZDU1OWIyLTRiMzMtNGY4ZC05ZDIxLWJhNzFmYmRiMDM3NC8x
L2lCSFdEZi1FeWhCeGNDU2pleWs3Z1pUeGlvby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
ZDU1OWIyLTRiMzMtNGY4ZC05ZDIxLWJhNzFmYmRiMDM3NC8xL2ttaHNoUzgyLS1u
OGktZDhRSnRTSnFidVZOVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwIwQCAAEwHQMEBVQVIAMDAI0kAwQFkwxgAwQCuZhg
AwQAwG3aMA0EAgACMAcDBQMqAEmAMA0GCSqGSIb3DQEBCwUAA4IBAQBzfTrApoI5
1oi5IfSJogSnYoxujDCxVTd5p84Aj09s+60lJAhF0XUiwLS7SYUEY8CtHdBRU7tY
7yWG5wF1LaMV/upu0f7zHbz20B1PdurEs5ltnEctRy3RQxcEoneRnqV1I+9v69ni
uo9VE9/XsTET9cq55uYoElrbF3KKE1vIIdJLExzAfobnD2WtSsLNQgMivLkitWBx
biUgzcMuqoH8QvaNnvyUiO9tn9t38JrSekOx3b5cBAbCY9YMPCUrAZhXkZoT9uXy
ok3zvTuPj071k4T2GSsGVVzRsrSpOgNUNLc9ECOTM0ZHNYeakrPBy/AQVEZbJ5XY
PMVkBbiZ2ry4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:42 2024 by rpki-client on console-fra.rpki-client.org