Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/bc6892-1779-457c-9214-0aa9d97c8c98/1/iiLjmxjCUIH-aGj5jlPUrA5vB50.roa
File: iiLjmxjCUIH-aGj5jlPUrA5vB50.roa (raw, json)
Hash identifier: yMxyffAIpTvhw9xOlBShmGlfG4FFXixEqplnE0qU4o0=
Subject key identifier: 8A:22:E3:9B:18:C2:50:81:FE:68:68:F9:8E:53:D4:AC:0E:6F:07:9D
Certificate issuer: /CN=429196310a7f7dd9999ec43e938fd906985a3f87
Certificate serial: 0183217AE03AA3284DF44D3B8451B9B332FC
Authority key identifier: 42:91:96:31:0A:7F:7D:D9:99:9E:C4:3E:93:8F:D9:06:98:5A:3F:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QpGWMQp_fdmZnsQ-k4_ZBphaP4c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/bc6892-1779-457c-9214-0aa9d97c8c98/1/iiLjmxjCUIH-aGj5jlPUrA5vB50.roa
Signing time: Fri 09 Sep 2022 09:00:44 +0000
ROA not before: Fri 09 Sep 2022 09:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16171
IP address blocks: 185.144.124.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:7a:e0:3a:a3:28:4d:f4:4d:3b:84:51:b9:b3:32:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=429196310a7f7dd9999ec43e938fd906985a3f87
Validity
Not Before: Sep 9 09:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a22e39b18c25081fe6868f98e53d4ac0e6f079d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a8:bc:63:68:03:94:cf:ee:65:9f:ab:27:7e:
35:ca:1a:5d:da:f3:c1:a7:7c:74:38:9e:9f:5f:68:
09:70:73:40:c3:16:c2:83:7b:3b:cb:be:d0:ee:b5:
e6:ce:ef:02:03:ff:cb:83:32:ff:31:94:f3:cf:31:
85:95:51:6e:e2:02:4c:58:15:66:dc:01:5d:95:0b:
b4:4c:d1:d4:f2:65:38:02:d8:88:90:b0:7f:cc:94:
71:f9:8d:4f:12:fc:b2:ea:3d:85:89:3f:07:49:04:
d4:bc:68:d0:da:90:73:b7:0f:50:de:f0:85:49:f3:
fb:22:6f:06:eb:e1:72:9c:4b:cf:df:82:be:2c:e3:
fb:1e:a1:74:f3:ed:75:13:14:05:d1:9e:92:ec:22:
3a:8b:e3:16:1b:3f:02:38:ba:97:ba:1a:62:f7:c0:
fb:de:42:75:ff:1e:52:fe:6b:92:11:63:5c:ef:a2:
44:56:fc:9f:40:a6:40:fb:12:2e:46:2f:46:aa:92:
31:b1:d8:a1:64:6d:4c:a3:02:23:fc:8d:c9:8e:b7:
f9:0c:95:3a:11:68:bc:89:35:2b:f4:f2:7a:b4:23:
2f:cd:34:0c:ec:41:e0:61:33:a2:2f:28:df:23:2c:
bb:64:d1:ac:92:3c:b3:45:2c:f8:43:3f:1a:00:b8:
5c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:22:E3:9B:18:C2:50:81:FE:68:68:F9:8E:53:D4:AC:0E:6F:07:9D
X509v3 Authority Key Identifier:
keyid:42:91:96:31:0A:7F:7D:D9:99:9E:C4:3E:93:8F:D9:06:98:5A:3F:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QpGWMQp_fdmZnsQ-k4_ZBphaP4c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc6892-1779-457c-9214-0aa9d97c8c98/1/iiLjmxjCUIH-aGj5jlPUrA5vB50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/bc6892-1779-457c-9214-0aa9d97c8c98/1/QpGWMQp_fdmZnsQ-k4_ZBphaP4c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.124.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:9f:61:d4:2b:a0:b8:e0:6a:9b:c6:d7:67:a4:c1:21:44:70:
5e:8e:8a:a4:a2:53:79:79:47:42:56:eb:cd:6f:09:b4:6f:50:
d0:cc:bd:dd:70:49:5a:f9:28:f7:0b:c1:c3:de:f4:d3:47:77:
ff:94:d8:6e:a6:c0:e3:0a:06:f8:6d:73:98:d6:41:55:f5:68:
fc:b1:18:fe:f1:12:6b:8d:0e:94:2e:63:61:7e:e2:1e:e2:6a:
0a:9e:e4:90:b0:8e:60:55:aa:47:0f:7a:b8:60:54:4e:a6:03:
b2:0b:40:8a:91:e1:5a:bd:25:97:11:d5:70:4c:dc:c2:d6:1e:
24:4e:d4:8d:6c:52:9e:99:ad:7d:ba:a1:69:52:81:fe:13:9e:
39:d7:94:32:0c:22:91:06:48:6e:ee:e5:65:c2:92:a0:56:c0:
a3:8d:33:cd:ee:47:d2:dd:54:ba:0e:69:0f:5b:93:08:44:71:
27:89:df:1b:4e:85:32:34:4d:7a:bb:8b:40:3d:30:82:f6:5d:
c3:8c:54:c9:e2:fa:ce:83:09:e2:21:33:d4:1d:44:b2:17:27:
54:a6:64:4d:e6:29:cc:9c:f7:76:98:de:a0:4c:7e:6c:d2:44:
89:ba:1e:98:be:82:85:16:2b:51:91:0e:e7:ea:0c:a3:99:e7:
1c:1d:22:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMheuA6oyhN9E07hFG5szL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOTE5NjMxMGE3ZjdkZDk5OTllYzQzZTkzOGZkOTA2OTg1
YTNmODcwHhcNMjIwOTA5MDkwMDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTIyZTM5YjE4YzI1MDgxZmU2ODY4Zjk4ZTUzZDRhYzBlNmYwNzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkai8Y2gDlM/uZZ+rJ341yhpd2vPB
p3x0OJ6fX2gJcHNAwxbCg3s7y77Q7rXmzu8CA//LgzL/MZTzzzGFlVFu4gJMWBVm
3AFdlQu0TNHU8mU4AtiIkLB/zJRx+Y1PEvyy6j2FiT8HSQTUvGjQ2pBztw9Q3vCF
SfP7Im8G6+FynEvP34K+LOP7HqF08+11ExQF0Z6S7CI6i+MWGz8COLqXuhpi98D7
3kJ1/x5S/muSEWNc76JEVvyfQKZA+xIuRi9GqpIxsdihZG1MowIj/I3Jjrf5DJU6
EWi8iTUr9PJ6tCMvzTQM7EHgYTOiLyjfIyy7ZNGskjyzRSz4Qz8aALhcvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoi45sYwlCB/mho+Y5T1KwObwedMB8GA1UdIwQY
MBaAFEKRljEKf33ZmZ7EPpOP2QaYWj+HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXBHV01RcF9mZG1abnNRLWs0X1pCcGhhUDRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9iYzY4OTItMTc3OS00NTdjLTkyMTQt
MGFhOWQ5N2M4Yzk4LzEvaWlMam14akNVSUgtYUdqNWpsUFVyQTV2QjUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9iYzY4OTItMTc3OS00NTdjLTkyMTQtMGFhOWQ5N2M4Yzk4
LzEvUXBHV01RcF9mZG1abnNRLWs0X1pCcGhhUDRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZB8MA0G
CSqGSIb3DQEBCwUAA4IBAQBsn2HUK6C44GqbxtdnpMEhRHBejoqkolN5eUdCVuvN
bwm0b1DQzL3dcEla+Sj3C8HD3vTTR3f/lNhupsDjCgb4bXOY1kFV9Wj8sRj+8RJr
jQ6ULmNhfuIe4moKnuSQsI5gVapHD3q4YFROpgOyC0CKkeFavSWXEdVwTNzC1h4k
TtSNbFKema19uqFpUoH+E54515QyDCKRBkhu7uVlwpKgVsCjjTPN7kfS3VS6DmkP
W5MIRHEnid8bToUyNE16u4tAPTCC9l3DjFTJ4vrOgwniITPUHUSyFydUpmRN5inM
nPd2mN6gTH5s0kSJuh6YvoKFFitRkQ7n6gyjmeccHSK9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:42 2025 by rpki-client