Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/ks0YvYHbbWCOR_oEGAS21_owtnE.roa
File: ks0YvYHbbWCOR_oEGAS21_owtnE.roa (raw, json)
Hash identifier: 2X8SZLb2I+YvvGByEPRxwiiIv7yUOz5dGVW3LDYGIOU=
Subject key identifier: 92:CD:18:BD:81:DB:6D:60:8E:47:FA:04:18:04:B6:D7:FA:30:B6:71
Certificate issuer: /CN=2af5e4866ba09820124a6e511104fc41fa541995
Certificate serial: 01856EC205790C4024EAFA6A50643FB93EA1
Authority key identifier: 2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/ks0YvYHbbWCOR_oEGAS21_owtnE.roa
Signing time: Sun 01 Jan 2023 19:14:47 +0000
ROA not before: Sun 01 Jan 2023 19:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47796
IP address blocks: 185.110.239.0/24 maxlen: 24
185.110.236.0/24 maxlen: 24
185.110.237.0/24 maxlen: 24
185.110.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:c2:05:79:0c:40:24:ea:fa:6a:50:64:3f:b9:3e:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2af5e4866ba09820124a6e511104fc41fa541995
Validity
Not Before: Jan 1 19:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=92cd18bd81db6d608e47fa041804b6d7fa30b671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c8:ba:fc:45:a4:f4:b5:0f:00:58:ba:27:e5:
7d:2d:8b:71:e6:85:23:2a:98:6b:d6:52:94:6d:06:
10:e8:0a:31:62:19:a8:f7:0a:df:11:97:9e:4b:a0:
bc:9e:81:13:cf:78:05:82:03:3b:00:71:ee:08:91:
af:49:12:3c:12:f2:bb:66:2a:9c:63:11:79:26:e0:
0e:8b:8f:10:00:e1:26:0e:80:6f:6d:5c:0f:b8:39:
84:f7:a0:e8:b8:20:f9:29:a1:2b:69:54:37:84:e0:
e8:8a:d2:15:2e:84:df:9b:4c:7c:60:19:86:5e:e9:
59:41:8d:d4:10:0c:a6:ea:ca:73:f0:dd:d3:34:1e:
13:11:2b:79:1e:2c:8f:56:47:70:6d:29:fd:6e:16:
1a:e6:bd:97:33:43:c3:e1:73:3d:22:b5:67:f2:57:
3b:f6:a4:2e:b4:5c:23:64:c7:59:73:50:d4:19:22:
c4:02:3b:e9:5b:a5:d3:54:6b:c6:2e:80:27:a1:0d:
9c:41:cb:00:46:61:8d:62:bd:39:f1:73:1c:64:9e:
e5:38:a7:b9:92:93:89:8b:86:63:a4:ec:af:6f:a5:
aa:ab:19:2f:6b:b5:55:06:54:bc:a0:5b:ab:56:4a:
6d:57:83:b9:60:5e:aa:10:fd:cb:f8:02:de:de:53:
4e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:CD:18:BD:81:DB:6D:60:8E:47:FA:04:18:04:B6:D7:FA:30:B6:71
X509v3 Authority Key Identifier:
keyid:2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/ks0YvYHbbWCOR_oEGAS21_owtnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.236.0/22
Signature Algorithm: sha256WithRSAEncryption
83:9b:55:e0:51:a5:77:63:81:77:92:db:db:88:c6:87:f9:7c:
89:92:69:31:27:7f:cb:73:43:64:06:d6:8e:99:64:e5:c7:e9:
3d:98:2d:26:9c:7c:33:9a:43:4e:cf:c2:aa:d6:77:6b:2e:fb:
b2:a9:cb:98:48:1f:21:81:20:8d:21:9f:e6:51:0c:94:ef:09:
c1:47:36:79:a4:d7:d0:1b:14:e6:9c:7a:bb:d1:3b:05:04:34:
2a:bf:48:9d:95:03:d4:52:9a:33:51:53:d2:62:55:7d:89:89:
90:b3:40:d2:58:62:f2:70:4f:85:5f:62:16:2b:0c:58:de:5f:
6e:db:b5:35:de:9c:9d:3e:eb:ce:03:db:bb:81:9c:46:38:04:
1a:39:56:a4:60:1d:ce:79:db:cd:f5:0c:ef:c0:62:b2:0d:68:
7f:2d:54:2f:8c:4e:04:27:64:59:69:e7:aa:68:a2:4a:ad:e2:
2f:17:15:86:ca:ac:ec:81:d2:e1:22:b0:6c:73:34:f1:aa:e0:
26:f0:83:39:2b:aa:04:a3:8a:87:76:c7:54:75:c6:42:82:10:
9c:59:34:8e:aa:de:70:22:cd:00:1c:da:23:a3:49:7f:ff:dd:
e0:0a:7c:95:3f:24:7e:85:5b:2e:b2:fe:22:99:c9:ff:2b:f3:
d0:34:ec:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuwgV5DEAk6vpqUGQ/uT6hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZjVlNDg2NmJhMDk4MjAxMjRhNmU1MTExMDRmYzQxZmE1
NDE5OTUwHhcNMjMwMTAxMTkxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmNkMThiZDgxZGI2ZDYwOGU0N2ZhMDQxODA0YjZkN2ZhMzBiNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Mi6/EWk9LUPAFi6J+V9LYtx5oUj
Kphr1lKUbQYQ6AoxYhmo9wrfEZeeS6C8noETz3gFggM7AHHuCJGvSRI8EvK7Ziqc
YxF5JuAOi48QAOEmDoBvbVwPuDmE96DouCD5KaEraVQ3hODoitIVLoTfm0x8YBmG
XulZQY3UEAym6spz8N3TNB4TESt5HiyPVkdwbSn9bhYa5r2XM0PD4XM9IrVn8lc7
9qQutFwjZMdZc1DUGSLEAjvpW6XTVGvGLoAnoQ2cQcsARmGNYr058XMcZJ7lOKe5
kpOJi4ZjpOyvb6Wqqxkva7VVBlS8oFurVkptV4O5YF6qEP3L+ALe3lNOcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLNGL2B221gjkf6BBgEttf6MLZxMB8GA1UdIwQY
MBaAFCr15IZroJggEkpuUREE/EH6VBmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2Qt
YzMyMGU1MGEzYzc5LzEva3MwWXZZSGJiV0NPUl9vRUdBUzIxX293dG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2QtYzMyMGU1MGEzYzc5
LzEvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW7sMA0G
CSqGSIb3DQEBCwUAA4IBAQCDm1XgUaV3Y4F3ktvbiMaH+XyJkmkxJ3/Lc0NkBtaO
mWTlx+k9mC0mnHwzmkNOz8Kq1ndrLvuyqcuYSB8hgSCNIZ/mUQyU7wnBRzZ5pNfQ
GxTmnHq70TsFBDQqv0idlQPUUpozUVPSYlV9iYmQs0DSWGLycE+FX2IWKwxY3l9u
27U13pydPuvOA9u7gZxGOAQaOVakYB3OedvN9QzvwGKyDWh/LVQvjE4EJ2RZaeeq
aKJKreIvFxWGyqzsgdLhIrBsczTxquAm8IM5K6oEo4qHdsdUdcZCghCcWTSOqt5w
Is0AHNojo0l//93gCnyVPyR+hVsusv4imcn/K/PQNOyY
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:09 2025 by rpki-client