Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/5e29b5-f217-4b6b-8d2f-8973b2d7062c/1/9uQZ4ul5KzqBe28b71NhbCpNZwI.roa
File: 9uQZ4ul5KzqBe28b71NhbCpNZwI.roa (raw, json)
Hash identifier: 8s6zhTtMeAw6bUle+kgMWqA9fNq+VAXltlvEfpi3f10=
Subject key identifier: F6:E4:19:E2:E9:79:2B:3A:81:7B:6F:1B:EF:53:61:6C:2A:4D:67:02
Certificate issuer: /CN=c9b70d97edf28c76076c0f069b52bcd8e26ae0bd
Certificate serial: 1AC478F6
Authority key identifier: C9:B7:0D:97:ED:F2:8C:76:07:6C:0F:06:9B:52:BC:D8:E2:6A:E0:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ybcNl-3yjHYHbA8Gm1K82OJq4L0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/5e29b5-f217-4b6b-8d2f-8973b2d7062c/1/9uQZ4ul5KzqBe28b71NhbCpNZwI.roa
Signing time: Sat 01 Jan 2022 09:00:22 +0000
ROA not before: Sat 01 Jan 2022 09:00:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60917
IP address blocks: 185.23.36.0/24 maxlen: 24
185.23.36.0/22 maxlen: 22
185.23.38.0/24 maxlen: 24
185.23.37.0/24 maxlen: 24
185.23.39.0/24 maxlen: 24
2a00:6860::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 449083638 (0x1ac478f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9b70d97edf28c76076c0f069b52bcd8e26ae0bd
Validity
Not Before: Jan 1 09:00:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6e419e2e9792b3a817b6f1bef53616c2a4d6702
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c6:f3:c4:b5:4d:ae:8a:97:f7:d7:75:c7:41:
9b:a2:a1:c0:e2:03:65:ea:fd:e2:59:10:3c:14:15:
88:dd:d8:fc:fd:d9:85:e9:58:e3:84:93:11:6b:ac:
d9:67:96:69:73:59:12:ab:db:6f:41:b6:89:02:b0:
97:2c:77:ca:be:d9:0e:6b:a7:cd:58:b8:e8:9b:8d:
e8:6b:f7:31:38:ba:eb:51:99:ac:70:36:e3:5b:4f:
e5:f8:b7:69:c2:00:f6:a8:42:e5:b6:c1:6c:39:64:
39:46:c1:6f:98:6e:6f:77:61:ef:0f:aa:4f:dd:02:
ea:5a:ed:a4:09:ef:49:bb:95:f5:f7:e7:e2:a6:45:
79:84:b8:a6:ef:e8:8d:45:d4:00:88:aa:a1:f1:83:
d6:e3:2a:27:d2:f6:e0:b6:9a:a9:55:d0:02:ed:b8:
f7:b1:49:26:81:aa:14:6f:41:bb:d6:eb:9d:de:dc:
95:dc:b6:72:1b:0b:6c:da:ff:8b:62:90:8f:83:b6:
33:31:fd:21:b9:36:3d:15:c8:53:07:86:10:61:b2:
f9:b0:76:9a:56:17:80:46:f8:b6:39:ac:3d:65:eb:
cd:87:1d:43:6a:2d:62:0d:a3:df:d2:75:9d:fa:61:
2a:b2:13:20:1b:64:fa:c6:6f:45:6f:11:94:77:ec:
bb:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E4:19:E2:E9:79:2B:3A:81:7B:6F:1B:EF:53:61:6C:2A:4D:67:02
X509v3 Authority Key Identifier:
keyid:C9:B7:0D:97:ED:F2:8C:76:07:6C:0F:06:9B:52:BC:D8:E2:6A:E0:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ybcNl-3yjHYHbA8Gm1K82OJq4L0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5e29b5-f217-4b6b-8d2f-8973b2d7062c/1/9uQZ4ul5KzqBe28b71NhbCpNZwI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/5e29b5-f217-4b6b-8d2f-8973b2d7062c/1/ybcNl-3yjHYHbA8Gm1K82OJq4L0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.36.0/22
IPv6:
2a00:6860::/32
Signature Algorithm: sha256WithRSAEncryption
44:20:ea:17:db:a7:c4:2f:03:98:2a:89:13:82:a2:d4:9d:68:
6c:ce:e0:7c:eb:17:f8:da:4d:3c:ae:8d:db:7b:ac:e7:73:d5:
d4:bb:ad:1e:6f:b1:14:80:fd:af:79:9f:03:33:40:ad:82:d8:
08:7d:1e:7c:8f:51:49:54:37:ee:0d:b7:91:24:b0:fc:52:53:
99:3e:59:0c:f3:b4:6b:b7:8d:4c:f6:7d:df:b5:38:76:80:76:
52:05:dc:3a:bf:9e:ea:36:88:d5:cd:7c:de:36:ab:2a:5a:91:
66:92:1e:34:b9:88:f3:82:46:e5:58:68:26:16:e0:bf:ce:d7:
78:3d:4c:70:22:1c:73:63:c7:b0:92:ff:49:ee:8c:4e:c1:67:
1a:20:b0:47:b4:c4:20:85:34:41:a3:fe:53:a5:5f:44:de:a5:
cc:a1:a7:34:3d:7d:f5:6b:ba:e2:2e:16:ac:6d:b7:ba:fc:7e:
ba:9a:c7:31:e5:73:d9:5a:4f:68:60:3f:81:d2:79:bb:3d:ac:
41:69:1f:4d:c8:99:e6:c2:64:72:b0:5c:98:e9:ee:52:07:79:
60:fb:50:25:5c:67:f0:62:97:9a:59:9a:6e:6f:e4:64:fe:6d:
37:31:19:4d:c0:1a:d7:ed:37:c8:6d:47:6f:df:36:c6:f9:db:
03:5b:ca:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGsR49jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OWI3MGQ5N2VkZjI4Yzc2MDc2YzBmMDY5YjUyYmNkOGUyNmFlMGJkMB4XDTIyMDEw
MTA5MDAyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjZlNDE5ZTJlOTc5
MmIzYTgxN2I2ZjFiZWY1MzYxNmMyYTRkNjcwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbG88S1Ta6Kl/fXdcdBm6KhwOIDZer94lkQPBQViN3Y/P3Z
helY44STEWus2WeWaXNZEqvbb0G2iQKwlyx3yr7ZDmunzVi46JuN6Gv3MTi661GZ
rHA241tP5fi3acIA9qhC5bbBbDlkOUbBb5hub3dh7w+qT90C6lrtpAnvSbuV9ffn
4qZFeYS4pu/ojUXUAIiqofGD1uMqJ9L24LaaqVXQAu2497FJJoGqFG9Bu9brnd7c
ldy2chsLbNr/i2KQj4O2MzH9Ibk2PRXIUweGEGGy+bB2mlYXgEb4tjmsPWXrzYcd
Q2otYg2j39J1nfphKrITIBtk+sZvRW8RlHfsu8UCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT25Bni6XkrOoF7bxvvU2FsKk1nAjAfBgNVHSMEGDAWgBTJtw2X7fKMdgds
DwabUrzY4mrgvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3liY05sLTN5akhZSGJBOEdtMUs4Mk9KcTRMMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvNWUyOWI1LWYyMTctNGI2Yi04ZDJmLTg5NzNiMmQ3MDYyYy8x
Lzl1UVo0dWw1S3pxQmUyOGI3MU5oYkNwTlp3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
NWUyOWI1LWYyMTctNGI2Yi04ZDJmLTg5NzNiMmQ3MDYyYy8xL3liY05sLTN5akhZ
SGJBOEdtMUs4Mk9KcTRMMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkXJDANBAIAAjAHAwUAKgBoYDAN
BgkqhkiG9w0BAQsFAAOCAQEARCDqF9unxC8DmCqJE4Ki1J1obM7gfOsX+NpNPK6N
23us53PV1LutHm+xFID9r3mfAzNArYLYCH0efI9RSVQ37g23kSSw/FJTmT5ZDPO0
a7eNTPZ937U4doB2UgXcOr+e6jaI1c183jarKlqRZpIeNLmI84JG5VhoJhbgv87X
eD1McCIcc2PHsJL/Se6MTsFnGiCwR7TEIIU0QaP+U6VfRN6lzKGnND199Wu64i4W
rG23uvx+uprHMeVz2VpPaGA/gdJ5uz2sQWkfTciZ5sJkcrBcmOnuUgd5YPtQJVxn
8GKXmlmabm/kZP5tNzEZTcAa1+03yG1Hb982xvnbA1vKyw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:41 2024 by rpki-client on console-fra.rpki-client.org