Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/iwnhvlwWUWeEsxsoPpKr_8q9aq8.roa
File: iwnhvlwWUWeEsxsoPpKr_8q9aq8.roa (raw, json)
Hash identifier: 0KLVoYot4b32yTqBZPeWcQYgj2xeBON3b+kHH5TEn4A=
Subject key identifier: 8B:09:E1:BE:5C:16:51:67:84:B3:1B:28:3E:92:AB:FF:CA:BD:6A:AF
Certificate issuer: /CN=2b2830617c43c8cbc89af3cb2a74ea5dd00fe6ea
Certificate serial: D31FFB
Authority key identifier: 2B:28:30:61:7C:43:C8:CB:C8:9A:F3:CB:2A:74:EA:5D:D0:0F:E6:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KygwYXxDyMvImvPLKnTqXdAP5uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/iwnhvlwWUWeEsxsoPpKr_8q9aq8.roa
Signing time: Sat 01 Jan 2022 11:03:31 +0000
ROA not before: Sat 01 Jan 2022 11:03:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204758
IP address blocks: 185.240.228.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13836283 (0xd31ffb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b2830617c43c8cbc89af3cb2a74ea5dd00fe6ea
Validity
Not Before: Jan 1 11:03:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b09e1be5c16516784b31b283e92abffcabd6aaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:dd:da:9d:65:a1:a2:92:f4:f8:31:3e:1a:61:
d2:a4:e5:6e:2a:d9:ac:12:6b:da:93:ca:ab:56:c9:
a6:93:f4:5e:b4:6b:d6:24:be:ee:9f:15:54:3d:8e:
dd:40:96:e5:e7:dd:b1:a3:ae:a5:56:71:a1:6c:83:
14:fd:f3:84:7c:6e:78:94:07:d8:9b:50:1b:31:45:
ba:19:ef:dc:32:48:16:0e:f1:49:9b:db:fe:e4:66:
21:44:47:7a:6d:27:ef:ac:88:89:65:c5:53:95:84:
46:7f:1a:ef:ab:a9:aa:f7:52:8a:10:b6:f3:a6:6b:
75:44:41:bf:64:2f:35:9b:66:8a:ef:4a:e7:26:a5:
6c:90:56:7e:7d:a3:41:76:b3:e3:26:85:02:6d:26:
d5:bc:2d:e8:ac:2b:c5:cb:a9:cd:aa:f3:f1:39:fa:
39:80:88:99:fb:33:b3:8d:56:4d:45:9f:7e:26:6a:
9c:1e:25:64:47:5a:2f:80:9b:a6:89:e1:7e:c5:35:
f7:0f:22:2a:24:2d:44:2b:09:b3:3e:ae:74:74:f8:
25:ac:93:a7:59:b6:d0:52:c1:81:72:c9:c2:6c:ed:
72:f2:f2:b7:31:8d:53:85:fb:da:2c:7a:b7:fe:af:
e4:56:d5:35:38:a4:2c:00:6c:28:3d:54:fc:41:a2:
d6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:09:E1:BE:5C:16:51:67:84:B3:1B:28:3E:92:AB:FF:CA:BD:6A:AF
X509v3 Authority Key Identifier:
keyid:2B:28:30:61:7C:43:C8:CB:C8:9A:F3:CB:2A:74:EA:5D:D0:0F:E6:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KygwYXxDyMvImvPLKnTqXdAP5uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/iwnhvlwWUWeEsxsoPpKr_8q9aq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/c9ee8c-574d-4cf6-a008-11b52c24a112/1/KygwYXxDyMvImvPLKnTqXdAP5uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:ec:d6:fc:7e:6f:d7:14:41:87:47:bd:d9:e9:af:37:95:86:
02:43:07:4e:f2:79:84:06:24:b5:c7:42:8e:ff:a5:ff:80:f9:
e9:91:f4:52:7d:54:48:6d:74:8f:ec:9f:6c:55:60:28:6a:cc:
2e:89:2e:ff:fe:d5:3d:f7:76:64:d2:63:55:e9:04:3a:c0:93:
09:97:91:39:d2:41:bb:e0:6d:1b:0a:ae:f3:b2:12:4d:9c:9b:
19:06:be:c7:41:e3:c6:da:ae:02:ff:ca:cc:b8:32:b5:f5:14:
ca:18:8f:aa:96:69:d9:23:4b:6e:25:f1:1a:0f:ad:c1:87:4a:
70:f5:71:47:0c:13:d0:26:c8:c8:ae:cd:ef:a2:c1:d4:2a:9b:
3b:67:76:2f:b7:bb:a4:11:7b:4a:da:b4:bf:7b:30:53:18:5e:
21:56:2b:48:52:ab:bc:e3:53:25:2c:72:9f:d8:67:fb:c9:44:
ad:26:79:35:ad:a7:e2:62:ed:e8:83:c2:11:c7:2f:6a:9c:87:
06:d2:f8:84:20:69:25:0b:d0:21:56:9c:01:c3:14:70:7d:16:
42:5f:81:58:31:b1:9d:4e:93:2a:4b:f0:1a:bf:7c:37:33:4a:
c1:13:c0:a3:e5:f9:14:97:43:43:4f:01:31:6a:29:09:18:c2:
f4:db:da:ee
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANMf+zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjI4MzA2MTdjNDNjOGNiYzg5YWYzY2IyYTc0ZWE1ZGQwMGZlNmVhMB4XDTIyMDEw
MTExMDMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGIwOWUxYmU1YzE2
NTE2Nzg0YjMxYjI4M2U5MmFiZmZjYWJkNmFhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOLd2p1loaKS9PgxPhph0qTlbirZrBJr2pPKq1bJppP0XrRr
1iS+7p8VVD2O3UCW5efdsaOupVZxoWyDFP3zhHxueJQH2JtQGzFFuhnv3DJIFg7x
SZvb/uRmIURHem0n76yIiWXFU5WERn8a76upqvdSihC286ZrdURBv2QvNZtmiu9K
5yalbJBWfn2jQXaz4yaFAm0m1bwt6Kwrxcupzarz8Tn6OYCImfszs41WTUWffiZq
nB4lZEdaL4CbponhfsU19w8iKiQtRCsJsz6udHT4JayTp1m20FLBgXLJwmztcvLy
tzGNU4X72ix6t/6v5FbVNTikLABsKD1U/EGi1tcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSLCeG+XBZRZ4SzGyg+kqv/yr1qrzAfBgNVHSMEGDAWgBQrKDBhfEPIy8ia
88sqdOpd0A/m6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0t5Z3dZWHhEeU12SW12UExLblRxWGRBUDV1by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjEvYzllZThjLTU3NGQtNGNmNi1hMDA4LTExYjUyYzI0YTExMi8x
L2l3bmh2bHdXVVdlRXN4c29QcEtyXzhxOWFxOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjEv
YzllZThjLTU3NGQtNGNmNi1hMDA4LTExYjUyYzI0YTExMi8xL0t5Z3dZWHhEeU12
SW12UExLblRxWGRBUDV1by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnw5DANBgkqhkiG9w0BAQsFAAOC
AQEAPezW/H5v1xRBh0e92emvN5WGAkMHTvJ5hAYktcdCjv+l/4D56ZH0Un1USG10
j+yfbFVgKGrMLoku//7VPfd2ZNJjVekEOsCTCZeROdJBu+BtGwqu87ISTZybGQa+
x0HjxtquAv/KzLgytfUUyhiPqpZp2SNLbiXxGg+twYdKcPVxRwwT0CbIyK7N76LB
1CqbO2d2L7e7pBF7Stq0v3swUxheIVYrSFKrvONTJSxyn9hn+8lErSZ5Na2n4mLt
6IPCEccvapyHBtL4hCBpJQvQIVacAcMUcH0WQl+BWDGxnU6TKkvwGr98NzNKwRPA
o+X5FJdDQ08BMWopCRjC9Nva7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:55 2024 by rpki-client on console-ams.rpki-client.org