Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/ad603f-8fea-4849-9edb-c3668b503a1c/1/2ZksumnQ4rNqAFNJF4kum3Km4ek.roa
File: 2ZksumnQ4rNqAFNJF4kum3Km4ek.roa (raw, json)
Hash identifier: KHT6kf7nnFGj4WhRdjUdEMDz45h8fe4RzsY3Ga/ZBOY=
Subject key identifier: D9:99:2C:BA:69:D0:E2:B3:6A:00:53:49:17:89:2E:9B:72:A6:E1:E9
Certificate issuer: /CN=41251342e05d58b3b7fc93a15cba1eb71e542385
Certificate serial: 01852F534C429E9EC1C1E20915111C59C2E5
Authority key identifier: 41:25:13:42:E0:5D:58:B3:B7:FC:93:A1:5C:BA:1E:B7:1E:54:23:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSUTQuBdWLO3_JOhXLoetx5UI4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/ad603f-8fea-4849-9edb-c3668b503a1c/1/2ZksumnQ4rNqAFNJF4kum3Km4ek.roa
Signing time: Tue 20 Dec 2022 11:37:46 +0000
ROA not before: Tue 20 Dec 2022 11:37:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201691
IP address blocks: 185.165.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:53:4c:42:9e:9e:c1:c1:e2:09:15:11:1c:59:c2:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41251342e05d58b3b7fc93a15cba1eb71e542385
Validity
Not Before: Dec 20 11:37:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9992cba69d0e2b36a00534917892e9b72a6e1e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:26:5c:fa:7b:c2:bd:ed:d8:45:8e:a2:f8:d3:
fb:ed:43:c3:ac:bd:45:d9:41:55:b1:d9:e4:9b:23:
ad:6a:9e:b9:cc:52:3d:4d:96:e7:49:42:55:0b:f4:
4b:12:67:52:a9:63:61:12:e9:a6:5b:f6:a4:66:a9:
f0:8d:80:1e:d3:ef:1a:c7:8a:37:f0:03:ae:f1:a6:
2d:d2:e7:1b:a0:65:95:5a:42:a2:41:6b:ec:0f:33:
cc:57:4f:d7:2e:61:0e:e8:3e:28:7d:82:1e:41:60:
d3:0f:c6:8b:91:a3:e5:d3:f8:e3:82:cd:15:77:d2:
94:70:7d:62:84:0e:01:e7:c0:63:00:3b:8c:0d:32:
02:f9:09:b5:57:14:97:24:bb:10:76:7f:e3:05:7f:
44:cd:07:1d:4c:45:a4:e3:b3:49:35:07:27:bc:17:
ef:5f:20:89:a3:6a:48:28:89:9e:f9:6c:ab:38:10:
ce:be:3a:d8:9b:c0:8c:7a:34:50:b4:8c:52:73:5d:
9c:d5:af:9a:3d:cc:59:66:2f:82:c0:b3:90:d6:86:
06:fa:00:57:5d:43:23:8c:72:f8:90:c8:d4:06:72:
22:0f:e5:9f:a9:dc:fc:30:23:d5:64:95:b0:27:4e:
59:e5:37:d8:46:d0:23:1a:d0:c8:fa:54:06:ab:31:
77:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:99:2C:BA:69:D0:E2:B3:6A:00:53:49:17:89:2E:9B:72:A6:E1:E9
X509v3 Authority Key Identifier:
keyid:41:25:13:42:E0:5D:58:B3:B7:FC:93:A1:5C:BA:1E:B7:1E:54:23:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSUTQuBdWLO3_JOhXLoetx5UI4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ad603f-8fea-4849-9edb-c3668b503a1c/1/2ZksumnQ4rNqAFNJF4kum3Km4ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/ad603f-8fea-4849-9edb-c3668b503a1c/1/QSUTQuBdWLO3_JOhXLoetx5UI4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.31.0/24
Signature Algorithm: sha256WithRSAEncryption
52:7b:0d:41:14:44:33:61:ab:29:ec:7d:0c:85:1d:6a:32:27:
c8:80:c1:a5:da:d4:b4:13:b2:d7:ff:28:f3:b7:c9:6e:6e:bc:
5e:5e:4c:cf:7d:e2:b1:6a:48:9f:6b:a0:8f:70:93:c2:e5:cb:
70:e2:f0:b5:28:62:9b:eb:ac:43:6f:d7:a4:b8:b2:56:c3:36:
3a:cf:c6:24:76:f0:dc:e7:e4:6e:26:4b:33:e4:6c:ae:fe:84:
d1:92:43:ef:db:09:f9:ae:57:40:dc:5a:22:db:8b:53:18:81:
86:c6:68:63:af:69:f2:dc:ba:25:57:b8:94:a5:6b:50:10:37:
0d:57:f5:69:39:9d:82:30:a7:92:8f:80:a0:e7:c7:ee:0c:41:
0b:6f:d0:8e:52:c4:05:0d:32:af:f3:3f:c0:47:f4:4a:a4:9b:
6d:69:4b:d8:ea:32:82:be:ea:65:6c:75:d0:b2:0b:a2:98:c7:
2a:12:6e:85:79:9b:03:4d:d9:cc:fd:6b:9a:20:43:1c:46:ff:
da:28:a6:cb:2b:79:dd:6b:7a:a5:e6:60:36:cc:09:45:f1:17:
57:45:2f:12:26:7e:c3:40:a7:5f:d7:4e:50:f7:f4:f5:de:fc:
5e:68:84:47:7b:d7:c5:d3:dd:c8:d4:db:8a:8d:47:73:39:b8:
a7:2b:35:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUvU0xCnp7BweIJFREcWcLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMjUxMzQyZTA1ZDU4YjNiN2ZjOTNhMTVjYmExZWI3MWU1
NDIzODUwHhcNMjIxMjIwMTEzNzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk5MmNiYTY5ZDBlMmIzNmEwMDUzNDkxNzg5MmU5YjcyYTZlMWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyZc+nvCve3YRY6i+NP77UPDrL1F
2UFVsdnkmyOtap65zFI9TZbnSUJVC/RLEmdSqWNhEummW/akZqnwjYAe0+8ax4o3
8AOu8aYt0ucboGWVWkKiQWvsDzPMV0/XLmEO6D4ofYIeQWDTD8aLkaPl0/jjgs0V
d9KUcH1ihA4B58BjADuMDTIC+Qm1VxSXJLsQdn/jBX9EzQcdTEWk47NJNQcnvBfv
XyCJo2pIKIme+WyrOBDOvjrYm8CMejRQtIxSc12c1a+aPcxZZi+CwLOQ1oYG+gBX
XUMjjHL4kMjUBnIiD+Wfqdz8MCPVZJWwJ05Z5TfYRtAjGtDI+lQGqzF3+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNmZLLpp0OKzagBTSReJLptypuHpMB8GA1UdIwQY
MBaAFEElE0LgXVizt/yToVy6HrceVCOFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNVVFF1QmRXTE8zX0pPaFhMb2V0eDVVSTRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9hZDYwM2YtOGZlYS00ODQ5LTllZGIt
YzM2NjhiNTAzYTFjLzEvMlprc3VtblE0ck5xQUZOSkY0a3VtM0ttNGVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9hZDYwM2YtOGZlYS00ODQ5LTllZGItYzM2NjhiNTAzYTFj
LzEvUVNVVFF1QmRXTE8zX0pPaFhMb2V0eDVVSTRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaUfMA0G
CSqGSIb3DQEBCwUAA4IBAQBSew1BFEQzYasp7H0MhR1qMifIgMGl2tS0E7LX/yjz
t8lubrxeXkzPfeKxakifa6CPcJPC5ctw4vC1KGKb66xDb9ekuLJWwzY6z8YkdvDc
5+RuJksz5Gyu/oTRkkPv2wn5rldA3Foi24tTGIGGxmhjr2ny3LolV7iUpWtQEDcN
V/VpOZ2CMKeSj4Cg58fuDEELb9COUsQFDTKv8z/AR/RKpJttaUvY6jKCvuplbHXQ
sguimMcqEm6FeZsDTdnM/WuaIEMcRv/aKKbLK3nda3ql5mA2zAlF8RdXRS8SJn7D
QKdf105Q9/T13vxeaIRHe9fF093I1NuKjUdzObinKzUZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:50 2023 by rpki-client on console-ams.rpki-client.org