Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/f9c92d-2cfd-4962-8f26-3acaf1425b9a/1/k2dHL2D2mwhcYYFC08BTLdoDxyM.roa
File: k2dHL2D2mwhcYYFC08BTLdoDxyM.roa (raw, json)
Hash identifier: QTOHo3tgmNTheont1RjPFIFMuff8WKZX8KPar2ilZWc=
Subject key identifier: 93:67:47:2F:60:F6:9B:08:5C:61:81:42:D3:C0:53:2D:DA:03:C7:23
Certificate issuer: /CN=23d895115bd860fe613834e82be425cb04226878
Certificate serial: 0E860ED2
Authority key identifier: 23:D8:95:11:5B:D8:60:FE:61:38:34:E8:2B:E4:25:CB:04:22:68:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I9iVEVvYYP5hODToK-QlywQiaHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/f9c92d-2cfd-4962-8f26-3acaf1425b9a/1/k2dHL2D2mwhcYYFC08BTLdoDxyM.roa
Signing time: Sat 01 Jan 2022 02:57:54 +0000
ROA not before: Sat 01 Jan 2022 02:57:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24904
IP address blocks: 185.210.108.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 243666642 (0xe860ed2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23d895115bd860fe613834e82be425cb04226878
Validity
Not Before: Jan 1 02:57:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9367472f60f69b085c618142d3c0532dda03c723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:58:c0:46:6c:a7:4f:35:33:59:f2:82:a3:b0:
c4:1f:dc:f6:6c:6a:ef:c7:cb:f4:2d:9d:35:93:06:
e0:fe:99:91:92:c9:87:5a:2a:26:b4:2c:d6:6e:ed:
8e:80:2a:74:d5:7d:d7:ce:da:54:aa:e4:f2:40:82:
0c:aa:f4:0f:e9:78:a0:de:1f:ad:06:b5:d0:2e:fb:
c8:1d:6c:89:11:80:26:52:6e:f5:b5:a8:cb:3c:11:
06:fd:8c:5c:ea:1c:5f:b7:e6:4b:13:b1:3a:7a:e7:
04:f7:08:26:f6:69:67:b9:b7:b9:6f:05:d2:69:dc:
3a:c7:e4:d4:70:61:bb:9a:9b:20:40:e7:16:74:65:
9e:74:da:a2:99:0d:1d:a0:41:35:4b:93:38:2c:66:
5c:2d:ab:28:bd:b9:77:e6:9b:a0:13:73:8a:59:fa:
68:fa:3b:62:f4:cb:ad:a2:3c:98:cd:5a:01:b0:0c:
37:30:30:76:67:1b:09:b1:fd:29:a6:fc:39:1b:8e:
fe:e5:71:cc:2d:6b:59:8c:fe:c3:5f:f1:e7:80:c9:
76:11:57:20:b2:ff:1b:d1:94:4b:c0:13:e8:f2:cb:
63:fa:7d:12:bd:7e:8b:1f:a7:12:73:b9:aa:08:ff:
fa:b7:b9:c4:32:90:a2:d0:3a:a2:23:35:28:d3:06:
bd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:67:47:2F:60:F6:9B:08:5C:61:81:42:D3:C0:53:2D:DA:03:C7:23
X509v3 Authority Key Identifier:
keyid:23:D8:95:11:5B:D8:60:FE:61:38:34:E8:2B:E4:25:CB:04:22:68:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I9iVEVvYYP5hODToK-QlywQiaHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f9c92d-2cfd-4962-8f26-3acaf1425b9a/1/k2dHL2D2mwhcYYFC08BTLdoDxyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/f9c92d-2cfd-4962-8f26-3acaf1425b9a/1/I9iVEVvYYP5hODToK-QlywQiaHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.108.0/22
Signature Algorithm: sha256WithRSAEncryption
52:8c:13:9d:a0:51:e5:de:89:f0:2f:c4:1e:05:b3:78:d8:d2:
e0:06:07:7a:d3:01:df:41:f6:71:51:98:82:3d:98:83:4e:44:
b8:bd:cb:24:d4:3d:5d:5d:a4:e2:25:91:23:e5:60:97:e9:27:
4e:f5:21:04:02:e1:29:0e:c9:3c:d2:b7:f5:c6:f5:3d:3a:95:
1d:af:b3:56:79:ba:71:3b:9c:0c:00:3a:7f:56:5b:6e:f7:de:
de:8f:b1:eb:22:98:c1:d4:05:16:e8:74:ee:03:62:b6:7d:05:
3f:31:b3:82:6f:ad:4c:c9:f2:52:91:1e:f5:4f:e6:34:5e:48:
01:f0:70:3d:3a:44:d6:00:78:61:0f:7a:41:9b:51:1b:f5:44:
26:e8:e9:93:fb:9e:40:44:39:77:ed:93:1a:9c:ea:e9:49:4d:
56:de:80:4d:f7:5d:2f:da:ad:f2:49:62:b7:9a:b2:e4:bf:a1:
b0:2e:a9:b0:32:ee:ae:3d:66:c6:71:65:bd:b4:d1:23:c2:e5:
2e:d6:33:a5:d6:5e:76:95:f2:38:c0:b6:a6:8d:f6:20:90:f0:
ac:c6:a6:12:f9:9a:2b:b8:69:c8:10:80:69:bb:09:84:9b:63:
93:32:fd:84:ba:45:65:5c:67:89:24:4e:65:67:7a:25:bf:30:
f0:86:a5:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDoYO0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
M2Q4OTUxMTViZDg2MGZlNjEzODM0ZTgyYmU0MjVjYjA0MjI2ODc4MB4XDTIyMDEw
MTAyNTc1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTM2NzQ3MmY2MGY2
OWIwODVjNjE4MTQyZDNjMDUzMmRkYTAzYzcyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxYwEZsp081M1nygqOwxB/c9mxq78fL9C2dNZMG4P6ZkZLJ
h1oqJrQs1m7tjoAqdNV9187aVKrk8kCCDKr0D+l4oN4frQa10C77yB1siRGAJlJu
9bWoyzwRBv2MXOocX7fmSxOxOnrnBPcIJvZpZ7m3uW8F0mncOsfk1HBhu5qbIEDn
FnRlnnTaopkNHaBBNUuTOCxmXC2rKL25d+aboBNziln6aPo7YvTLraI8mM1aAbAM
NzAwdmcbCbH9Kab8ORuO/uVxzC1rWYz+w1/x54DJdhFXILL/G9GUS8AT6PLLY/p9
Er1+ix+nEnO5qgj/+re5xDKQotA6oiM1KNMGvcMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSTZ0cvYPabCFxhgULTwFMt2gPHIzAfBgNVHSMEGDAWgBQj2JURW9hg/mE4
NOgr5CXLBCJoeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0k5aVZFVnZZWVA1aE9EVG9LLVFseXdRaWFIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvZjljOTJkLTJjZmQtNDk2Mi04ZjI2LTNhY2FmMTQyNWI5YS8x
L2syZEhMMkQybXdoY1lZRkMwOEJUTGRvRHh5TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
ZjljOTJkLTJjZmQtNDk2Mi04ZjI2LTNhY2FmMTQyNWI5YS8xL0k5aVZFVnZZWVA1
aE9EVG9LLVFseXdRaWFIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnSbDANBgkqhkiG9w0BAQsFAAOC
AQEAUowTnaBR5d6J8C/EHgWzeNjS4AYHetMB30H2cVGYgj2Yg05EuL3LJNQ9XV2k
4iWRI+Vgl+knTvUhBALhKQ7JPNK39cb1PTqVHa+zVnm6cTucDAA6f1Zbbvfe3o+x
6yKYwdQFFuh07gNitn0FPzGzgm+tTMnyUpEe9U/mNF5IAfBwPTpE1gB4YQ96QZtR
G/VEJujpk/ueQEQ5d+2TGpzq6UlNVt6ATfddL9qt8klit5qy5L+hsC6psDLurj1m
xnFlvbTRI8LlLtYzpdZedpXyOMC2po32IJDwrMamEvmaK7hpyBCAabsJhJtjkzL9
hLpFZVxniSROZWd6Jb8w8IalIw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:15 2023 by rpki-client on console-fra.rpki-client.org