Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/d8b9f4-ad01-447c-a4de-0215aca1b909/1/cKpogVQzw7DXiz4rNS33RYjHVXk.roa
File: cKpogVQzw7DXiz4rNS33RYjHVXk.roa (raw, json)
Hash identifier: Eei7YhJayje3DndzeL5iBD0zlnfp4q7dyR+1FzDqSXY=
Subject key identifier: 70:AA:68:81:54:33:C3:B0:D7:8B:3E:2B:35:2D:F7:45:88:C7:55:79
Certificate issuer: /CN=27d8af7e56c80d18dc968f4dbcec813f85ea30a4
Certificate serial: 192526
Authority key identifier: 27:D8:AF:7E:56:C8:0D:18:DC:96:8F:4D:BC:EC:81:3F:85:EA:30:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9ivflbIDRjclo9NvOyBP4XqMKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/d8b9f4-ad01-447c-a4de-0215aca1b909/1/cKpogVQzw7DXiz4rNS33RYjHVXk.roa
Signing time: Tue 22 Feb 2022 16:27:54 +0000
ROA not before: Tue 22 Feb 2022 16:27:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209026
IP address blocks: 185.253.236.0/22 maxlen: 24
2a0c:42c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1647910 (0x192526)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d8af7e56c80d18dc968f4dbcec813f85ea30a4
Validity
Not Before: Feb 22 16:27:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70aa68815433c3b0d78b3e2b352df74588c75579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:34:e1:53:21:76:e3:9e:38:4f:9e:5c:53:08:
af:2f:99:e3:20:02:1b:98:d3:f9:fb:d7:7d:68:c3:
6c:39:0c:cb:15:7e:d0:e0:46:06:16:2a:ed:39:f9:
b7:0a:79:12:c9:e3:c3:75:c2:b0:0f:bf:21:4e:1a:
c0:3b:73:cd:0c:c7:ab:c5:fa:01:29:81:7d:9a:c0:
8f:2e:17:51:94:9d:34:0c:6a:ae:2a:2b:71:06:f6:
01:ce:bc:b2:71:e5:19:3b:07:09:96:6b:20:c1:d1:
b0:0f:af:2c:a3:68:8e:8f:dc:19:6f:32:2d:97:cd:
db:65:81:1c:87:14:91:7f:67:ce:1d:43:c0:ad:5c:
d0:2b:fe:b6:d3:6f:89:55:c1:4a:3c:97:f1:1b:cc:
ea:01:21:0f:fe:0d:1f:b4:2e:da:18:1c:c7:fd:95:
81:4e:90:ff:da:45:41:3d:90:e5:b5:e7:58:93:95:
0d:e1:79:8a:2f:e4:8c:ff:68:f7:0f:f8:a6:95:2d:
9b:60:7f:0b:a1:76:9c:3b:25:80:c8:ec:a3:85:25:
17:97:dd:e2:7d:9a:0e:4d:6a:24:a4:71:3c:08:0c:
58:9c:b0:7a:9e:9d:63:f1:ef:6c:95:43:5d:ba:76:
b0:5c:30:09:a9:a8:cd:9c:b4:89:21:89:9a:3c:d6:
f3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AA:68:81:54:33:C3:B0:D7:8B:3E:2B:35:2D:F7:45:88:C7:55:79
X509v3 Authority Key Identifier:
keyid:27:D8:AF:7E:56:C8:0D:18:DC:96:8F:4D:BC:EC:81:3F:85:EA:30:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9ivflbIDRjclo9NvOyBP4XqMKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/d8b9f4-ad01-447c-a4de-0215aca1b909/1/cKpogVQzw7DXiz4rNS33RYjHVXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/d8b9f4-ad01-447c-a4de-0215aca1b909/1/J9ivflbIDRjclo9NvOyBP4XqMKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.236.0/22
IPv6:
2a0c:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
40:0d:53:27:94:e3:d1:72:31:3b:cf:30:3a:35:9a:2e:9c:94:
b7:83:94:a9:c2:29:e8:cf:c1:3a:82:cc:77:33:ce:87:7e:6b:
c2:2e:ea:fa:7c:0a:cf:68:6d:b2:2a:9f:24:d6:dd:2b:f8:37:
98:24:44:9f:61:1e:f4:18:19:28:2b:fb:2c:95:d7:93:b6:be:
92:89:ed:8e:e1:8a:0e:ae:17:0b:82:8a:e4:14:9b:b7:5d:f1:
53:c7:c5:48:b0:3c:78:f8:b8:f5:dc:25:05:9d:31:1e:c9:b4:
11:24:f8:a1:9a:38:8d:43:28:cb:24:07:a9:ce:0d:ad:a1:77:
53:ba:0f:4b:e7:13:08:23:57:e6:37:c0:08:9b:2e:e9:e3:08:
8c:4a:89:39:eb:59:d7:71:3d:fb:3c:bb:5e:d0:ea:06:7f:ed:
63:9d:a0:94:50:f9:66:12:e5:7e:f8:30:29:51:ff:26:ee:71:
f5:0f:c0:9d:1b:51:cd:9d:cf:ab:fb:15:5e:59:2f:68:a6:a8:
78:2b:f2:87:52:ed:e1:48:ba:46:1a:76:bc:ee:c0:53:67:1a:
17:a4:06:ef:c4:6a:2b:89:41:c1:61:b6:38:bd:fc:2a:d9:92:
21:44:f1:87:dd:9b:6e:94:6e:cf:8f:37:7a:b1:87:aa:07:32:
c2:59:5e:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDGSUmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDI3
ZDhhZjdlNTZjODBkMThkYzk2OGY0ZGJjZWM4MTNmODVlYTMwYTQwHhcNMjIwMjIy
MTYyNzU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MGFhNjg4MTU0MzNj
M2IwZDc4YjNlMmIzNTJkZjc0NTg4Yzc1NTc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAszThUyF24544T55cUwivL5njIAIbmNP5+9d9aMNsOQzLFX7Q
4EYGFirtOfm3CnkSyePDdcKwD78hThrAO3PNDMerxfoBKYF9msCPLhdRlJ00DGqu
KitxBvYBzryyceUZOwcJlmsgwdGwD68so2iOj9wZbzItl83bZYEchxSRf2fOHUPA
rVzQK/6202+JVcFKPJfxG8zqASEP/g0ftC7aGBzH/ZWBTpD/2kVBPZDltedYk5UN
4XmKL+SM/2j3D/imlS2bYH8LoXacOyWAyOyjhSUXl93ifZoOTWokpHE8CAxYnLB6
np1j8e9slUNdunawXDAJqajNnLSJIYmaPNbz5wIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFHCqaIFUM8Ow14s+KzUt90WIx1V5MB8GA1UdIwQYMBaAFCfYr35WyA0Y3JaP
TbzsgT+F6jCkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SjlpdmZsYklEUmpjbG85TnZPeUJQNFhxTUtRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jMy9kOGI5ZjQtYWQwMS00NDdjLWE0ZGUtMDIxNWFjYTFiOTA5LzEv
Y0twb2dWUXp3N0RYaXo0ck5TMzNSWWpIVlhrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9k
OGI5ZjQtYWQwMS00NDdjLWE0ZGUtMDIxNWFjYTFiOTA5LzEvSjlpdmZsYklEUmpj
bG85TnZPeUJQNFhxTUtRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuf3sMA0EAgACMAcDBQMqDELAMA0G
CSqGSIb3DQEBCwUAA4IBAQBADVMnlOPRcjE7zzA6NZounJS3g5Spwinoz8E6gsx3
M86HfmvCLur6fArPaG2yKp8k1t0r+DeYJESfYR70GBkoK/ssldeTtr6Sie2O4YoO
rhcLgorkFJu3XfFTx8VIsDx4+Lj13CUFnTEeybQRJPihmjiNQyjLJAepzg2toXdT
ug9L5xMII1fmN8AImy7p4wiMSok561nXcT37PLte0OoGf+1jnaCUUPlmEuV++DAp
Uf8m7nH1D8CdG1HNnc+r+xVeWS9opqh4K/KHUu3hSLpGGna87sBTZxoXpAbvxGor
iUHBYbY4vfwq2ZIhRPGH3ZtulG7Pjzd6sYeqBzLCWV75
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org