Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/StZSQNNR3LIkhTw_ABe8Z5Eb_nU.roa
File: StZSQNNR3LIkhTw_ABe8Z5Eb_nU.roa (raw, json)
Hash identifier: dmN24u0tEaZXC+PMOUgvCdqkSxtQx2B3BB8Xo8rpUTA=
Subject key identifier: 4A:D6:52:40:D3:51:DC:B2:24:85:3C:3F:00:17:BC:67:91:1B:FE:75
Certificate issuer: /CN=36b55fb34d29f962545132a025b52644fdffbf6f
Certificate serial: 02DC5BCB
Authority key identifier: 36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/StZSQNNR3LIkhTw_ABe8Z5Eb_nU.roa
Signing time: Sat 01 Jan 2022 04:59:12 +0000
ROA not before: Sat 01 Jan 2022 04:59:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212217
IP address blocks: 185.206.123.0/24 maxlen: 24
2a10:ca00:4::/48 maxlen: 48
2a10:ca00:2::/48 maxlen: 48
2a10:ca00:3::/48 maxlen: 48
2a10:ca00:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47995851 (0x2dc5bcb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36b55fb34d29f962545132a025b52644fdffbf6f
Validity
Not Before: Jan 1 04:59:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4ad65240d351dcb224853c3f0017bc67911bfe75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c3:a4:e2:93:56:3d:2e:26:0b:71:f9:f0:9a:
47:30:16:4d:9d:ce:02:a6:d9:ec:63:e0:80:4f:43:
e9:a7:a9:9c:5a:e3:83:50:60:6f:88:d4:94:48:a7:
2f:ef:3a:68:17:81:16:96:f1:3f:13:55:36:a8:bb:
f7:25:41:2d:dd:f4:34:49:67:5b:52:e8:a3:01:f3:
70:08:0b:2d:59:9f:9f:95:89:e3:c0:59:5f:5f:e6:
59:51:a1:3f:41:9e:7b:12:12:b2:51:9b:30:8b:54:
88:16:75:7b:b8:e2:3d:87:cb:cc:fe:98:4e:8b:2e:
cc:14:29:ea:54:8b:85:a4:8d:14:f3:ab:31:04:96:
2f:e7:b9:05:ca:fe:63:a1:c3:aa:1c:cf:19:ff:97:
51:0b:38:98:24:41:21:c6:f2:b2:3b:76:82:c4:0a:
e9:d5:cf:96:b8:0c:9c:5e:12:1c:a4:d5:06:17:fa:
66:c4:bb:b3:df:9c:12:ce:8c:a9:55:a7:bf:c3:f2:
66:c3:60:8b:f4:62:eb:6e:f9:48:b5:d3:3e:fe:6e:
8a:82:33:d0:fa:0e:80:fe:86:43:fd:31:2b:42:07:
88:c4:df:12:79:d9:f0:61:64:eb:c5:f3:b4:a7:8b:
8e:02:f5:e2:9c:2e:09:f7:86:27:3d:28:c3:b9:85:
bd:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:D6:52:40:D3:51:DC:B2:24:85:3C:3F:00:17:BC:67:91:1B:FE:75
X509v3 Authority Key Identifier:
keyid:36:B5:5F:B3:4D:29:F9:62:54:51:32:A0:25:B5:26:44:FD:FF:BF:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NrVfs00p-WJUUTKgJbUmRP3_v28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/StZSQNNR3LIkhTw_ABe8Z5Eb_nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/2bf00b-bfbc-4f6b-a13e-f10f73a9ecb3/1/NrVfs00p-WJUUTKgJbUmRP3_v28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.123.0/24
IPv6:
2a10:ca00:1::-2a10:ca00:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b9:05:7c:dd:b3:68:24:5a:c2:12:d5:a1:56:ea:b4:43:8c:fc:
9a:e9:c6:d8:d4:8e:e7:3e:a3:21:49:25:6e:3e:4a:96:42:c4:
3a:58:4a:3d:67:16:1a:d4:f9:36:92:0e:d3:82:31:8c:f3:5c:
97:04:41:56:34:cb:36:01:91:39:cd:83:58:69:97:75:83:f1:
a4:9d:81:77:96:b7:61:81:ca:85:35:33:29:66:35:ef:e8:e5:
a9:0d:a9:1f:27:54:1f:7f:e0:b7:a6:11:96:16:67:fb:4c:76:
ac:f1:e8:e7:2b:31:36:4b:05:ac:7f:26:d9:e6:14:23:96:cc:
14:d6:ec:e9:b7:ee:91:cd:4b:aa:02:f6:8c:fb:c1:3e:84:b3:
09:41:4b:80:98:4c:01:d1:cb:72:66:5d:ae:83:a2:4d:c3:db:
14:4b:a6:ca:b1:6a:56:15:58:74:61:5f:82:c1:91:5a:a0:fc:
b1:87:c0:12:f7:97:65:79:52:f5:c0:c4:0b:fd:45:4f:6b:54:
6e:85:4f:42:2f:b6:57:c4:6b:21:40:66:68:c1:c0:d7:8d:70:
43:58:69:98:45:34:2f:ad:84:82:c5:0f:1e:6b:3a:a3:17:d8:
86:69:31:4c:f9:5d:70:33:99:b2:17:79:2c:d8:13:ae:ff:0b:
dc:d8:5d:0f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEAtxbyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmI1NWZiMzRkMjlmOTYyNTQ1MTMyYTAyNWI1MjY0NGZkZmZiZjZmMB4XDTIyMDEw
MTA0NTkxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGFkNjUyNDBkMzUx
ZGNiMjI0ODUzYzNmMDAxN2JjNjc5MTFiZmU3NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANzDpOKTVj0uJgtx+fCaRzAWTZ3OAqbZ7GPggE9D6aepnFrj
g1Bgb4jUlEinL+86aBeBFpbxPxNVNqi79yVBLd30NElnW1LoowHzcAgLLVmfn5WJ
48BZX1/mWVGhP0GeexISslGbMItUiBZ1e7jiPYfLzP6YTosuzBQp6lSLhaSNFPOr
MQSWL+e5Bcr+Y6HDqhzPGf+XUQs4mCRBIcbysjt2gsQK6dXPlrgMnF4SHKTVBhf6
ZsS7s9+cEs6MqVWnv8PyZsNgi/Ri6275SLXTPv5uioIz0PoOgP6GQ/0xK0IHiMTf
EnnZ8GFk68XztKeLjgL14pwuCfeGJz0ow7mFvbsCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBRK1lJA01HcsiSFPD8AF7xnkRv+dTAfBgNVHSMEGDAWgBQ2tV+zTSn5YlRR
MqAltSZE/f+/bzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05yVmZzMDBwLVdKVVVUS2dKYlVtUlAzX3YyOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvMmJmMDBiLWJmYmMtNGY2Yi1hMTNlLWYxMGY3M2E5ZWNiMy8x
L1N0WlNRTk5SM0xJa2hUd19BQmU4WjVFYl9uVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
MmJmMDBiLWJmYmMtNGY2Yi1hMTNlLWYxMGY3M2E5ZWNiMy8xL05yVmZzMDBwLVdK
VVVUS2dKYlVtUlAzX3YyOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEALnOezAaBAIAAjAUMBIDBwAqEMoA
AAEDBwAqEMoAAAQwDQYJKoZIhvcNAQELBQADggEBALkFfN2zaCRawhLVoVbqtEOM
/JrpxtjUjuc+oyFJJW4+SpZCxDpYSj1nFhrU+TaSDtOCMYzzXJcEQVY0yzYBkTnN
g1hpl3WD8aSdgXeWt2GByoU1MylmNe/o5akNqR8nVB9/4LemEZYWZ/tMdqzx6Ocr
MTZLBax/JtnmFCOWzBTW7Om37pHNS6oC9oz7wT6EswlBS4CYTAHRy3JmXa6Dok3D
2xRLpsqxalYVWHRhX4LBkVqg/LGHwBL3l2V5UvXAxAv9RU9rVG6FT0IvtlfEayFA
ZmjBwNeNcENYaZhFNC+thILFDx5rOqMX2IZpMUz5XXAzmbIXeSzYE67/C9zYXQ8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:42 2023 by rpki-client on console-ams.rpki-client.org