Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/8dd2-8bvGSvvIwH2GQcwudWRnDs.roa
File: 8dd2-8bvGSvvIwH2GQcwudWRnDs.roa (raw, json)
Hash identifier: dDXP/bu0QbQTE3YWGd9ZFswed97sc7qMmRvxwC+Q+nQ=
Subject key identifier: F1:D7:76:FB:C6:EF:19:2B:EF:23:01:F6:19:07:30:B9:D5:91:9C:3B
Certificate issuer: /CN=897c1a88c9c89ae94254e2241c788e97c1ff3e48
Certificate serial: 1AC7CE4D
Authority key identifier: 89:7C:1A:88:C9:C8:9A:E9:42:54:E2:24:1C:78:8E:97:C1:FF:3E:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iXwaiMnImulCVOIkHHiOl8H_Pkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/8dd2-8bvGSvvIwH2GQcwudWRnDs.roa
Signing time: Sat 01 Jan 2022 14:56:44 +0000
ROA not before: Sat 01 Jan 2022 14:56:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199289
IP address blocks: 185.21.233.0/24 maxlen: 24
185.21.232.0/24 maxlen: 24
185.21.234.0/24 maxlen: 24
185.21.235.0/24 maxlen: 24
2a00:5a20:5::/48 maxlen: 48
2a00:5a20::/32 maxlen: 32
2a00:5a20:3a10::/48 maxlen: 48
2a00:5a20:3::/48 maxlen: 48
2a00:5a20:9::/48 maxlen: 48
2a00:5a20:4::/48 maxlen: 48
2a00:5a20:7::/48 maxlen: 48
2a00:5a20:2::/48 maxlen: 48
2a00:5a20:8::/48 maxlen: 48
2a00:5a20:6::/48 maxlen: 48
2a00:5a20:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 449302093 (0x1ac7ce4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=897c1a88c9c89ae94254e2241c788e97c1ff3e48
Validity
Not Before: Jan 1 14:56:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f1d776fbc6ef192bef2301f6190730b9d5919c3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:68:26:6c:2f:28:2f:08:3e:a9:94:ec:bd:5c:
92:7d:ce:fb:13:82:a6:83:03:e9:c5:4c:60:49:ee:
5c:bc:2d:2e:f2:20:48:c5:68:cc:95:27:c0:7e:5f:
d2:6e:35:64:c8:ba:38:b1:f6:8a:42:8b:58:8a:aa:
9e:ff:01:b9:8f:f1:fb:8c:72:9d:c5:9d:25:65:2b:
b7:cd:98:7f:6d:14:1f:79:96:f7:07:ea:7f:20:0b:
a2:70:dc:94:95:7f:3f:be:3b:16:23:78:16:e9:92:
03:0c:29:6f:13:84:46:fb:1b:a0:3f:ce:99:5f:ba:
2e:49:b9:f2:d1:5f:98:1e:c2:f4:ac:6d:4a:c5:ed:
4c:b5:ae:ee:48:36:a7:fa:9b:0b:96:ab:d8:89:18:
30:1a:ac:b1:56:3d:b8:06:65:02:b9:03:52:82:b0:
94:3f:6f:97:43:e3:18:02:aa:aa:08:21:43:f8:3e:
69:97:97:7e:d9:00:5e:26:6e:4b:c6:1f:62:d0:c7:
17:70:c6:fb:3d:75:34:72:14:c8:68:fe:50:75:33:
b4:6b:dc:73:00:e9:e6:6b:c2:00:dd:4a:81:4b:84:
71:72:69:c9:d4:69:87:12:b7:7d:a8:8e:a6:ce:34:
30:8c:ed:e9:42:e4:32:59:f0:be:63:15:2f:16:08:
b8:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D7:76:FB:C6:EF:19:2B:EF:23:01:F6:19:07:30:B9:D5:91:9C:3B
X509v3 Authority Key Identifier:
keyid:89:7C:1A:88:C9:C8:9A:E9:42:54:E2:24:1C:78:8E:97:C1:FF:3E:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXwaiMnImulCVOIkHHiOl8H_Pkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/8dd2-8bvGSvvIwH2GQcwudWRnDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/eb3e03-3968-4db2-bf80-43f6ae520b1a/1/iXwaiMnImulCVOIkHHiOl8H_Pkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.232.0/22
IPv6:
2a00:5a20::/32
Signature Algorithm: sha256WithRSAEncryption
17:d2:c6:4e:c8:d8:2f:ca:2b:10:69:f8:d5:82:6f:48:8e:16:
32:f9:41:4c:6d:42:07:4f:5b:57:02:b8:d6:a7:f2:59:36:21:
b2:9f:bb:10:bb:82:c0:b7:b9:7d:bf:7c:d0:42:4e:4e:ad:18:
26:2a:15:44:67:67:1f:32:91:35:01:28:2c:ee:06:5d:2f:3f:
7a:2c:c2:bc:cf:54:01:93:fa:ed:64:5c:92:51:35:50:6c:70:
91:3f:23:da:22:65:fc:60:50:49:2c:a9:0c:4a:ce:78:76:8c:
37:bc:f5:f6:60:17:d4:f2:16:2d:cf:1a:6c:dc:d7:e2:94:f6:
87:5a:52:19:f4:71:7f:fb:7e:63:3a:75:dd:3a:7c:ea:42:12:
86:a3:26:5c:0a:57:3c:91:54:73:fb:b3:60:11:62:59:e9:f7:
e5:12:5f:68:46:78:0e:06:15:df:52:3e:ff:f1:cc:e3:a8:8e:
63:6f:98:5c:f2:cc:b4:e0:42:d1:b7:6d:6d:de:7c:1d:16:21:
cc:0c:84:2b:54:9c:64:62:fa:fb:44:be:00:42:c5:82:65:27:
05:89:b5:37:84:68:b8:08:76:13:7b:f0:fc:ce:fb:42:cc:e2:
d8:ff:95:7b:fa:bd:8c:4f:83:55:42:c2:37:8d:1e:4f:39:7d:
24:83:42:4e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGsfOTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTdjMWE4OGM5Yzg5YWU5NDI1NGUyMjQxYzc4OGU5N2MxZmYzZTQ4MB4XDTIyMDEw
MTE0NTY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjFkNzc2ZmJjNmVm
MTkyYmVmMjMwMWY2MTkwNzMwYjlkNTkxOWMzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOloJmwvKC8IPqmU7L1ckn3O+xOCpoMD6cVMYEnuXLwtLvIg
SMVozJUnwH5f0m41ZMi6OLH2ikKLWIqqnv8BuY/x+4xyncWdJWUrt82Yf20UH3mW
9wfqfyALonDclJV/P747FiN4FumSAwwpbxOERvsboD/OmV+6Lkm58tFfmB7C9Kxt
SsXtTLWu7kg2p/qbC5ar2IkYMBqssVY9uAZlArkDUoKwlD9vl0PjGAKqqgghQ/g+
aZeXftkAXiZuS8YfYtDHF3DG+z11NHIUyGj+UHUztGvccwDp5mvCAN1KgUuEcXJp
ydRphxK3faiOps40MIzt6ULkMlnwvmMVLxYIuI0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTx13b7xu8ZK+8jAfYZBzC51ZGcOzAfBgNVHSMEGDAWgBSJfBqIycia6UJU
4iQceI6Xwf8+SDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lYd2FpTW5JbXVsQ1ZPSWtISGlPbDhIX1BrZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTUvZWIzZTAzLTM5NjgtNGRiMi1iZjgwLTQzZjZhZTUyMGIxYS8x
LzhkZDItOGJ2R1N2dkl3SDJHUWN3dWRXUm5Ecy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTUv
ZWIzZTAzLTM5NjgtNGRiMi1iZjgwLTQzZjZhZTUyMGIxYS8xL2lYd2FpTW5JbXVs
Q1ZPSWtISGlPbDhIX1BrZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkV6DANBAIAAjAHAwUAKgBaIDAN
BgkqhkiG9w0BAQsFAAOCAQEAF9LGTsjYL8orEGn41YJvSI4WMvlBTG1CB09bVwK4
1qfyWTYhsp+7ELuCwLe5fb980EJOTq0YJioVRGdnHzKRNQEoLO4GXS8/eizCvM9U
AZP67WRcklE1UGxwkT8j2iJl/GBQSSypDErOeHaMN7z19mAX1PIWLc8abNzX4pT2
h1pSGfRxf/t+Yzp13Tp86kIShqMmXApXPJFUc/uzYBFiWen35RJfaEZ4DgYV31I+
//HM46iOY2+YXPLMtOBC0bdtbd58HRYhzAyEK1ScZGL6+0S+AELFgmUnBYm1N4Ro
uAh2E3vw/M77Qszi2P+Ve/q9jE+DVULCN40eTzl9JINCTg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:24 2024 by rpki-client on console-ams.rpki-client.org