Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/cwp2a2Yrin3SmlBTDoE5vIb0JwU.roa
File: cwp2a2Yrin3SmlBTDoE5vIb0JwU.roa (raw, json)
Hash identifier: 6ICfuD4dkppo1afj3WJWj7hSprKLmgawKWjuZM1nxgw=
Subject key identifier: 73:0A:76:6B:66:2B:8A:7D:D2:9A:50:53:0E:81:39:BC:86:F4:27:05
Certificate issuer: /CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
Certificate serial: 0183A7C510FE3A8D4F0B15152F9AC743ACCC
Authority key identifier: 7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/cwp2a2Yrin3SmlBTDoE5vIb0JwU.roa
Signing time: Wed 05 Oct 2022 10:50:53 +0000
ROA not before: Wed 05 Oct 2022 10:50:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60703
IP address blocks: 185.26.220.0/24 maxlen: 24
185.26.220.0/22 maxlen: 22
185.26.222.0/24 maxlen: 24
185.26.221.0/24 maxlen: 24
2a04:3a00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a7:c5:10:fe:3a:8d:4f:0b:15:15:2f:9a:c7:43:ac:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
Validity
Not Before: Oct 5 10:50:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=730a766b662b8a7dd29a50530e8139bc86f42705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:42:b9:1b:29:3f:e4:37:35:8e:01:12:d5:94:
d6:cd:4c:e1:35:c8:0b:eb:cb:d8:e3:77:24:3c:ca:
90:86:e4:a8:d4:d3:31:36:40:c0:22:d4:54:50:ed:
f2:2e:a3:20:be:d3:d5:bc:d2:c9:40:86:41:31:a0:
ea:6d:5e:b9:8b:7d:4d:cb:10:cf:1f:83:8a:4a:99:
2a:99:58:af:a2:ac:96:2b:40:a0:3a:aa:cf:07:38:
13:8c:8f:11:0f:9e:59:71:ed:46:a1:e0:5b:c5:f5:
ac:17:2a:36:73:03:81:42:3e:9e:3d:97:da:7b:f9:
19:5c:68:da:c6:5e:c7:07:a6:79:e7:22:03:2e:86:
90:9a:20:55:b1:d3:d2:49:83:30:bf:df:f1:d4:e2:
1c:34:16:cc:69:07:00:0d:59:3a:30:e5:a9:f4:b3:
07:a5:27:da:42:3d:40:47:a6:91:89:4b:a8:3e:a4:
68:cd:3f:9f:f7:53:91:25:05:06:f2:97:df:9e:dd:
1e:25:07:1d:9b:03:c9:18:62:e0:ea:b5:7b:42:7f:
99:93:64:17:7a:fa:22:f8:52:c1:b9:5f:e2:06:d8:
ed:ad:26:9d:1f:4d:a1:21:d5:71:6f:ee:1d:9e:33:
94:53:de:63:98:29:77:12:58:f3:1e:65:dd:96:92:
d9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:0A:76:6B:66:2B:8A:7D:D2:9A:50:53:0E:81:39:BC:86:F4:27:05
X509v3 Authority Key Identifier:
keyid:7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/cwp2a2Yrin3SmlBTDoE5vIb0JwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/fCOA12SpYR3-L7wM4MxASW7B6D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.220.0/22
IPv6:
2a04:3a00::/29
Signature Algorithm: sha256WithRSAEncryption
2d:70:6c:c1:4d:03:5b:53:23:08:08:0a:66:87:c8:ad:ed:7b:
7c:77:d5:e0:28:b9:9f:5a:02:57:04:2c:f3:f4:df:f8:76:99:
7f:97:9a:b9:a4:35:2c:6f:cd:cd:ef:69:6d:1b:14:8c:6c:e3:
f9:fc:a1:01:ff:47:aa:f8:74:c4:cb:b9:91:d5:31:7e:41:1c:
0c:ef:07:32:36:ef:92:ab:5f:7f:02:69:33:9f:1c:fc:b9:54:
a3:20:65:c4:00:26:79:a3:ed:94:3a:aa:5e:4e:89:ae:3a:51:
e2:e6:05:e3:18:3d:93:f6:76:6c:ed:05:69:24:0f:24:2b:39:
d6:92:d6:81:da:2e:ef:a2:a8:ba:4b:a7:0e:7c:b0:43:40:13:
49:fb:90:7d:e1:85:f0:04:1f:1a:64:1e:b1:52:32:93:36:a7:
36:30:89:74:d1:63:ab:b0:2b:6c:2e:4c:a7:ba:72:4e:75:22:
7e:e5:ea:d5:2c:10:a1:d2:46:f0:af:37:5c:02:29:6f:b2:e5:
21:97:d5:b1:94:31:95:82:72:2d:1b:e6:61:2d:7c:ae:09:37:
4c:62:75:6b:d2:70:7f:14:b3:d9:f1:5c:87:aa:e5:14:79:94:
34:35:3b:89:55:b8:87:7e:c1:3c:4a:c7:97:e8:30:07:0d:1d:
cc:56:e3:8a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYOnxRD+Oo1PCxUVL5rHQ6zMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMjM4MGQ3NjRhOTYxMWRmZTJmYmMwY2UwY2M0MDQ5NmVj
MWU4M2UwHhcNMjIxMDA1MTA1MDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzBhNzY2YjY2MmI4YTdkZDI5YTUwNTMwZTgxMzliYzg2ZjQyNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkK5Gyk/5Dc1jgES1ZTWzUzhNcgL
68vY43ckPMqQhuSo1NMxNkDAItRUUO3yLqMgvtPVvNLJQIZBMaDqbV65i31NyxDP
H4OKSpkqmVivoqyWK0CgOqrPBzgTjI8RD55Zce1GoeBbxfWsFyo2cwOBQj6ePZfa
e/kZXGjaxl7HB6Z55yIDLoaQmiBVsdPSSYMwv9/x1OIcNBbMaQcADVk6MOWp9LMH
pSfaQj1AR6aRiUuoPqRozT+f91ORJQUG8pffnt0eJQcdmwPJGGLg6rV7Qn+Zk2QX
evoi+FLBuV/iBtjtrSadH02hIdVxb+4dnjOUU95jmCl3EljzHmXdlpLZEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHMKdmtmK4p90ppQUw6BObyG9CcFMB8GA1UdIwQY
MBaAFHwjgNdkqWEd/i+8DODMQEluweg+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMt
NWQ4Y2E2MzY4MWFkLzEvY3dwMmEyWXJpbjNTbWxCVERvRTV2SWIwSndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMtNWQ4Y2E2MzY4MWFk
LzEvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRrcMA0E
AgACMAcDBQMqBDoAMA0GCSqGSIb3DQEBCwUAA4IBAQAtcGzBTQNbUyMICApmh8it
7Xt8d9XgKLmfWgJXBCzz9N/4dpl/l5q5pDUsb83N72ltGxSMbOP5/KEB/0eq+HTE
y7mR1TF+QRwM7wcyNu+Sq19/Amkznxz8uVSjIGXEACZ5o+2UOqpeTomuOlHi5gXj
GD2T9nZs7QVpJA8kKznWktaB2i7voqi6S6cOfLBDQBNJ+5B94YXwBB8aZB6xUjKT
Nqc2MIl00WOrsCtsLkynunJOdSJ+5erVLBCh0kbwrzdcAilvsuUhl9WxlDGVgnIt
G+ZhLXyuCTdMYnVr0nB/FLPZ8VyHquUUeZQ0NTuJVbiHfsE8SseX6DAHDR3MVuOK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:15 2024 by rpki-client on console-fra.rpki-client.org