Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/DAyPsKvvAcjxE32d9hRod9RWD5g.roa
File: DAyPsKvvAcjxE32d9hRod9RWD5g.roa (raw, json)
Hash identifier: NF5kfzlBNZhwk/UbGsKaMQYxNQJza1CURj6ZrvwUwo8=
Subject key identifier: 0C:0C:8F:B0:AB:EF:01:C8:F1:13:7D:9D:F6:14:68:77:D4:56:0F:98
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 13FC21BD
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/DAyPsKvvAcjxE32d9hRod9RWD5g.roa
Signing time: Tue 01 Mar 2022 22:43:58 +0000
ROA not before: Tue 01 Mar 2022 22:43:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213136
IP address blocks: 185.218.4.0/24 maxlen: 24
185.218.4.0/23 maxlen: 23
185.218.5.0/24 maxlen: 24
185.217.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 335290813 (0x13fc21bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Mar 1 22:43:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c0c8fb0abef01c8f1137d9df6146877d4560f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ee:57:e3:57:30:68:64:ee:3b:ae:fc:b6:8b:
da:1a:cc:38:a6:f7:b5:f8:42:80:12:dd:96:78:44:
1a:25:17:e1:f2:69:01:8e:b6:6f:c0:b5:dc:89:cc:
da:48:b5:f9:4d:f7:a1:35:68:c7:fd:a2:58:98:00:
68:dd:6d:9a:b1:ed:7b:f7:86:8a:38:9a:8a:44:81:
f0:12:08:20:09:dc:4a:0b:8b:0c:73:88:79:8a:7f:
6c:8d:db:cc:2f:cf:a7:8f:64:ec:43:d1:ff:63:0f:
5b:1b:8e:b6:5b:30:ee:f3:c1:73:76:eb:1f:af:5d:
2d:96:a4:6a:65:be:18:95:8e:28:19:d1:18:31:d3:
ea:e4:25:8e:f1:96:79:60:50:da:97:d7:9e:5a:28:
7c:2f:7a:d9:45:fa:c0:38:9f:cf:0d:31:50:e0:10:
a1:86:78:18:e4:d8:0d:71:42:1a:da:c6:74:0d:59:
49:27:13:58:8e:f6:9c:9e:dc:43:c8:af:e4:c3:c8:
67:de:a9:61:bb:4a:9c:94:90:22:b9:21:5e:06:23:
f3:4a:f6:6c:9a:f5:9a:83:0a:8f:f1:2b:c3:54:f1:
12:4c:61:97:db:92:2f:fd:d9:b7:11:49:cc:8c:bc:
5b:99:60:0a:6c:d5:8c:8b:ff:ba:c5:67:07:dd:47:
d4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:0C:8F:B0:AB:EF:01:C8:F1:13:7D:9D:F6:14:68:77:D4:56:0F:98
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/DAyPsKvvAcjxE32d9hRod9RWD5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.109.0/24
185.218.4.0/23
Signature Algorithm: sha256WithRSAEncryption
13:9c:ff:00:67:d6:77:3d:4a:39:8f:b4:2e:7e:7b:51:66:a3:
d8:cc:80:48:9e:39:ce:b5:c3:dc:df:4d:8b:17:31:e8:8b:4d:
e7:20:85:9a:a3:8e:14:6b:8b:5c:09:20:fc:fc:2d:24:46:12:
1a:4b:cb:d3:1f:74:ad:9a:ed:2a:05:d1:7b:a8:47:99:c6:7f:
86:0b:de:35:bb:b8:b3:14:a8:42:22:48:81:fe:39:29:42:e4:
c4:74:d1:d1:3c:2e:51:51:42:20:39:97:df:1a:6e:68:a3:68:
ec:58:fb:d9:90:8d:bd:79:15:bb:ca:bf:ec:16:25:9e:9e:f2:
13:78:b6:ca:e9:e9:5a:5d:f6:93:0a:15:ac:bd:ed:2f:b2:30:
b9:fc:28:c4:0b:a0:9c:c3:5e:d7:2f:62:d9:06:4a:27:14:c4:
e8:76:a0:75:90:36:06:ef:a5:c4:59:3d:7e:04:55:1a:a5:a3:
38:37:90:98:0a:17:db:ba:8b:56:4d:61:35:7b:39:26:a1:55:
22:75:e6:d9:35:64:8b:4a:31:1d:e7:80:df:2b:98:7d:ee:8f:
30:6d:20:7a:d9:ef:45:09:58:32:0a:c9:2c:fc:42:3e:23:39:
58:69:11:32:08:22:7d:6a:96:3d:c3:8b:d7:11:1e:74:49:b6:
5f:01:d7:73
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEE/whvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDMw
MTIyNDM1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGMwYzhmYjBhYmVm
MDFjOGYxMTM3ZDlkZjYxNDY4NzdkNDU2MGY5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPuV+NXMGhk7juu/LaL2hrMOKb3tfhCgBLdlnhEGiUX4fJp
AY62b8C13InM2ki1+U33oTVox/2iWJgAaN1tmrHte/eGijiaikSB8BIIIAncSguL
DHOIeYp/bI3bzC/Pp49k7EPR/2MPWxuOtlsw7vPBc3brH69dLZakamW+GJWOKBnR
GDHT6uQljvGWeWBQ2pfXnloofC962UX6wDifzw0xUOAQoYZ4GOTYDXFCGtrGdA1Z
SScTWI72nJ7cQ8iv5MPIZ96pYbtKnJSQIrkhXgYj80r2bJr1moMKj/Erw1TxEkxh
l9uSL/3ZtxFJzIy8W5lgCmzVjIv/usVnB91H1L0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQMDI+wq+8ByPETfZ32FGh31FYPmDAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L0RBeVBzS3Z2QWNqeEUzMmQ5aFJvZDlSV0Q1Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnZbQMEAbnaBDANBgkqhkiG9w0B
AQsFAAOCAQEAE5z/AGfWdz1KOY+0Ln57UWaj2MyASJ45zrXD3N9Nixcx6ItN5yCF
mqOOFGuLXAkg/PwtJEYSGkvL0x90rZrtKgXRe6hHmcZ/hgveNbu4sxSoQiJIgf45
KULkxHTR0TwuUVFCIDmX3xpuaKNo7Fj72ZCNvXkVu8q/7BYlnp7yE3i2yunpWl32
kwoVrL3tL7IwufwoxAugnMNe1y9i2QZKJxTE6HagdZA2Bu+lxFk9fgRVGqWjODeQ
mAoX27qLVk1hNXs5JqFVInXm2TVki0oxHeeA3yuYfe6PMG0getnvRQlYMgrJLPxC
PiM5WGkRMggifWqWPcOL1xEedEm2XwHXcw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:42 2023 by rpki-client on console-fra.rpki-client.org