Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/c2FHOJvyExDD8hyXVZ0izHXA--Q.roa
File: c2FHOJvyExDD8hyXVZ0izHXA--Q.roa (raw, json)
Hash identifier: kH6FnzUE57e5mQxEsktuZ6sUzI0Q795NOD6suSNGy/E=
Subject key identifier: 73:61:47:38:9B:F2:13:10:C3:F2:1C:97:55:9D:22:CC:75:C0:FB:E4
Certificate issuer: /CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
Certificate serial: 14ECC556
Authority key identifier: 95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/c2FHOJvyExDD8hyXVZ0izHXA--Q.roa
Signing time: Fri 11 Feb 2022 11:55:35 +0000
ROA not before: Fri 11 Feb 2022 11:55:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21368
IP address blocks: 185.109.253.0/24 maxlen: 24
185.109.252.0/23 maxlen: 23
185.109.252.0/24 maxlen: 24
185.109.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 351061334 (0x14ecc556)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=955fcf92798a9dbb30abd2b9fa29bfa8804220f3
Validity
Not Before: Feb 11 11:55:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=736147389bf21310c3f21c97559d22cc75c0fbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a9:4c:cc:3c:27:b5:6e:ba:bf:ac:e2:00:3b:
c2:f9:ca:26:b4:48:e1:69:20:5d:bf:38:cb:06:2f:
5c:22:f1:cb:1a:8b:fb:7d:6e:52:d6:3e:1c:a5:11:
0b:14:58:03:da:2b:b2:d5:0c:09:33:53:76:88:c4:
87:84:75:93:c1:af:1c:f5:4c:ae:f0:e4:9e:c5:d3:
e1:ac:9b:2c:cd:ec:04:34:87:02:f4:d9:62:75:4c:
60:16:1e:9b:50:ea:10:43:2b:ae:16:5b:9c:ff:8c:
93:72:74:1d:29:40:da:f9:b7:a6:91:a7:03:59:0b:
4b:57:c6:3e:2b:90:17:ca:fa:82:4c:04:c9:06:98:
fc:a6:53:73:eb:d8:79:28:a9:1b:fd:99:cf:f7:9e:
01:9b:8d:11:57:b4:32:c1:09:0e:24:5f:83:6e:c0:
23:8a:c8:c9:9b:b4:73:ec:34:60:70:88:82:61:52:
b0:5f:be:4a:0e:b2:47:1b:eb:06:23:2f:98:23:aa:
90:25:2c:3e:9d:74:56:25:2e:3d:88:99:b5:7c:15:
66:98:38:ce:53:d0:2e:80:47:21:59:76:fd:95:33:
e3:be:36:ed:17:5c:d4:87:6e:e0:fb:28:96:c0:06:
75:63:cb:97:6b:93:c2:9d:5c:47:f8:29:d4:20:93:
e3:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:61:47:38:9B:F2:13:10:C3:F2:1C:97:55:9D:22:CC:75:C0:FB:E4
X509v3 Authority Key Identifier:
keyid:95:5F:CF:92:79:8A:9D:BB:30:AB:D2:B9:FA:29:BF:A8:80:42:20:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lV_PknmKnbswq9K5-im_qIBCIPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/c2FHOJvyExDD8hyXVZ0izHXA--Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/df140a-0ac3-4105-b83a-051886d0ed4e/1/lV_PknmKnbswq9K5-im_qIBCIPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.252.0/23
185.109.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:d5:3d:e4:60:8b:02:02:49:27:dd:29:90:cb:7e:bf:1c:65:
8b:70:bd:bf:a5:40:81:86:f7:0c:75:fa:cd:28:30:8c:2c:c5:
a3:3e:7d:6a:17:ac:e6:28:74:4d:6e:3a:58:bf:85:6d:d6:92:
1d:33:8b:3f:58:c9:83:53:5c:b0:f1:17:cf:a2:1f:8f:47:3e:
a7:77:d3:80:86:41:bd:15:c5:1e:e9:d4:20:c7:be:91:0c:f1:
70:0e:7a:84:8e:f0:2d:1c:3e:2f:86:da:39:4a:c5:a8:76:46:
a8:62:6a:e5:21:1f:29:fa:92:55:0e:19:33:ae:62:99:bb:60:
2a:20:ba:8c:1c:eb:c4:ee:a5:c2:1a:cc:85:a6:7a:95:b4:4d:
6f:04:f9:77:d6:89:34:54:9c:e8:03:1d:e1:70:b2:07:4a:51:
40:4c:d9:6f:f9:1e:d1:c9:04:62:a9:fb:fc:08:a1:b3:44:31:
4d:0a:56:d7:90:05:b5:61:9f:b3:40:73:ae:8e:c5:dc:51:d4:
e7:16:01:df:d5:8c:23:33:d1:e3:4b:4b:04:17:75:a1:5e:36:
e4:54:5f:b3:52:d1:80:8a:4e:d3:c9:3b:92:29:9c:54:91:9d:
fb:b6:ac:5a:b7:1d:08:97:93:6b:d1:c3:b7:75:36:6c:52:4b:
8b:6d:5a:49
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEFOzFVjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTVmY2Y5Mjc5OGE5ZGJiMzBhYmQyYjlmYTI5YmZhODgwNDIyMGYzMB4XDTIyMDIx
MTExNTUzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzM2MTQ3Mzg5YmYy
MTMxMGMzZjIxYzk3NTU5ZDIyY2M3NWMwZmJlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2pTMw8J7Vuur+s4gA7wvnKJrRI4WkgXb84ywYvXCLxyxqL
+31uUtY+HKURCxRYA9orstUMCTNTdojEh4R1k8GvHPVMrvDknsXT4aybLM3sBDSH
AvTZYnVMYBYem1DqEEMrrhZbnP+Mk3J0HSlA2vm3ppGnA1kLS1fGPiuQF8r6gkwE
yQaY/KZTc+vYeSipG/2Zz/eeAZuNEVe0MsEJDiRfg27AI4rIyZu0c+w0YHCIgmFS
sF++Sg6yRxvrBiMvmCOqkCUsPp10ViUuPYiZtXwVZpg4zlPQLoBHIVl2/ZUz4742
7Rdc1Idu4PsolsAGdWPLl2uTwp1cR/gp1CCT400CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRzYUc4m/ITEMPyHJdVnSLMdcD75DAfBgNVHSMEGDAWgBSVX8+SeYqduzCr
0rn6Kb+ogEIg8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xWX1Brbm1LbmJzd3E5SzUtaW1fcUlCQ0lQTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvZGYxNDBhLTBhYzMtNDEwNS1iODNhLTA1MTg4NmQwZWQ0ZS8x
L2MyRkhPSnZ5RXhERDhoeVhWWjBpekhYQS0tUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
ZGYxNDBhLTBhYzMtNDEwNS1iODNhLTA1MTg4NmQwZWQ0ZS8xL2xWX1Brbm1LbmJz
d3E5SzUtaW1fcUlCQ0lQTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAblt/AMEALlt/zANBgkqhkiG9w0B
AQsFAAOCAQEAatU95GCLAgJJJ90pkMt+vxxli3C9v6VAgYb3DHX6zSgwjCzFoz59
ahes5ih0TW46WL+FbdaSHTOLP1jJg1NcsPEXz6Ifj0c+p3fTgIZBvRXFHunUIMe+
kQzxcA56hI7wLRw+L4baOUrFqHZGqGJq5SEfKfqSVQ4ZM65imbtgKiC6jBzrxO6l
whrMhaZ6lbRNbwT5d9aJNFSc6AMd4XCyB0pRQEzZb/ke0ckEYqn7/Aihs0QxTQpW
15AFtWGfs0Bzro7F3FHU5xYB39WMIzPR40tLBBd1oV425FRfs1LRgIpO08k7kimc
VJGd+7asWrcdCJeTa9HDt3U2bFJLi21aSQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:44 2023 by rpki-client on console-ams.rpki-client.org