Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/A7Boj7KSHaPOFppM-HRr7dSK4KE.roa
File: A7Boj7KSHaPOFppM-HRr7dSK4KE.roa (raw, json)
Hash identifier: Gbc6RW42qLWNtOLRp8h9/6B531xF9KCWI0OijCaKOmw=
Subject key identifier: 03:B0:68:8F:B2:92:1D:A3:CE:16:9A:4C:F8:74:6B:ED:D4:8A:E0:A1
Certificate issuer: /CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Certificate serial: 0B772E7B
Authority key identifier: 2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/A7Boj7KSHaPOFppM-HRr7dSK4KE.roa
Signing time: Mon 28 Feb 2022 20:22:09 +0000
ROA not before: Mon 28 Feb 2022 20:22:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208294
IP address blocks: 185.220.101.0/24 maxlen: 24
2a0b:f4c1:2::/48 maxlen: 48
2a0b:f4c1:1::/48 maxlen: 48
2a0b:f4c2::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192360059 (0xb772e7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f1e253977bf583e0e420ec977a8ecf4ed154dbe
Validity
Not Before: Feb 28 20:22:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03b0688fb2921da3ce169a4cf8746bedd48ae0a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ed:c6:c9:3b:af:ce:a0:9b:85:e6:9a:5c:38:
f5:33:ac:59:4b:ba:cd:c2:b3:b9:59:69:cb:d3:11:
b0:83:9b:31:95:ea:a6:03:30:78:a6:a2:6f:f0:bf:
42:41:2d:8e:a6:8c:a6:29:d3:57:18:06:b2:b0:a5:
aa:c0:86:6c:97:c3:79:2d:c2:e8:39:50:52:cf:9b:
52:aa:34:23:3b:d3:ba:00:f8:58:0a:42:e9:cb:d3:
a0:9e:25:79:46:7c:6e:a2:6f:b3:3e:59:9d:c8:57:
9b:f3:f2:be:cd:b2:a2:6c:a7:ae:ff:28:59:41:40:
e0:8f:0c:0d:bc:8a:ef:bb:b3:ec:da:3b:94:5c:89:
f5:7c:eb:93:6b:42:7c:6f:da:6a:c8:9d:eb:0a:1d:
00:98:35:d2:e1:76:b6:c1:ef:d4:c1:05:ce:b9:3a:
56:ec:bb:6c:09:41:70:ca:5f:64:29:68:4e:57:b8:
6d:04:07:cb:31:77:5e:db:1c:cb:50:ee:b4:f0:45:
67:11:8d:a5:91:52:63:a1:a7:55:d8:c2:ff:2e:1c:
0a:a9:f2:dd:7f:45:db:35:f1:c0:dc:ac:a9:22:d3:
49:a6:ea:1f:76:f0:78:be:be:44:1c:3d:29:56:28:
ed:9f:f8:46:e6:5e:78:f5:da:ea:7c:44:1a:9a:03:
51:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:B0:68:8F:B2:92:1D:A3:CE:16:9A:4C:F8:74:6B:ED:D4:8A:E0:A1
X509v3 Authority Key Identifier:
keyid:2F:1E:25:39:77:BF:58:3E:0E:42:0E:C9:77:A8:EC:F4:ED:15:4D:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/A7Boj7KSHaPOFppM-HRr7dSK4KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/3364ed-c5f9-4631-b95c-f26b1551e0f5/1/Lx4lOXe_WD4OQg7Jd6js9O0VTb4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.101.0/24
IPv6:
2a0b:f4c1:1::-2a0b:f4c1:2:ffff:ffff:ffff:ffff:ffff
2a0b:f4c2::/40
Signature Algorithm: sha256WithRSAEncryption
2c:15:94:ca:df:a0:bc:92:be:de:3a:d4:c3:95:a6:32:33:49:
03:0c:75:55:37:86:f8:5f:94:18:21:2c:af:9e:2f:f9:09:ef:
35:0c:4d:c7:0d:dd:5b:e6:8d:49:79:2f:77:1f:02:06:a2:3a:
7f:db:be:c0:f3:8f:5d:65:a4:95:f4:74:8d:ba:79:47:80:e4:
d6:9d:04:ae:94:3a:35:3d:5e:48:79:12:37:a0:94:ef:59:f8:
e8:62:fc:06:3e:25:66:11:e3:57:20:a1:37:41:41:8a:e3:53:
c0:97:ea:39:66:7e:55:70:e8:39:c1:c4:f1:16:ae:b6:8c:d4:
a0:26:ba:ed:4f:4d:15:21:e5:4b:fd:dc:e9:46:33:62:31:74:
c4:20:02:c5:8c:b2:88:34:07:6f:51:9b:99:ac:0d:ff:0e:10:
d4:bd:49:23:1d:66:d4:74:e0:33:8c:b0:c1:77:04:6b:fe:7c:
cf:b9:47:ff:7d:da:bb:84:42:8e:2a:33:e5:6f:20:c6:f2:28:
67:3f:bc:a0:d5:bc:4f:8f:3d:86:f0:61:ef:76:5c:52:56:ad:
25:73:5f:1d:74:8a:95:19:78:65:8e:50:98:a0:43:39:92:d8:
9b:b2:5d:e2:a5:17:a9:89:1f:4d:75:7e:1d:70:a5:2d:77:04:
f5:7b:32:6e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEC3cuezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjFlMjUzOTc3YmY1ODNlMGU0MjBlYzk3N2E4ZWNmNGVkMTU0ZGJlMB4XDTIyMDIy
ODIwMjIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDNiMDY4OGZiMjky
MWRhM2NlMTY5YTRjZjg3NDZiZWRkNDhhZTBhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPLtxsk7r86gm4Xmmlw49TOsWUu6zcKzuVlpy9MRsIObMZXq
pgMweKaib/C/QkEtjqaMpinTVxgGsrClqsCGbJfDeS3C6DlQUs+bUqo0IzvTugD4
WApC6cvToJ4leUZ8bqJvsz5ZnchXm/Pyvs2yomynrv8oWUFA4I8MDbyK77uz7No7
lFyJ9Xzrk2tCfG/aasid6wodAJg10uF2tsHv1MEFzrk6Vuy7bAlBcMpfZCloTle4
bQQHyzF3Xtscy1DutPBFZxGNpZFSY6GnVdjC/y4cCqny3X9F2zXxwNysqSLTSabq
H3bweL6+RBw9KVYo7Z/4RuZeePXa6nxEGpoDUbcCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQDsGiPspIdo84Wmkz4dGvt1IrgoTAfBgNVHSMEGDAWgBQvHiU5d79YPg5C
Dsl3qOz07RVNvjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x4NGxPWGVfV0Q0T1FnN0pkNmpzOU8wVlRiNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvMzM2NGVkLWM1ZjktNDYzMS1iOTVjLWYyNmIxNTUxZTBmNS8x
L0E3Qm9qN0tTSGFQT0ZwcE0tSFJyN2RTSzRLRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzIv
MzM2NGVkLWM1ZjktNDYzMS1iOTVjLWYyNmIxNTUxZTBmNS8xL0x4NGxPWGVfV0Q0
T1FnN0pkNmpzOU8wVlRiNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwDAQCAAEwBgMEALncZTAiBAIAAjAcMBIDBwAqC/TB
AAEDBwAqC/TBAAIDBgAqC/TCADANBgkqhkiG9w0BAQsFAAOCAQEALBWUyt+gvJK+
3jrUw5WmMjNJAwx1VTeG+F+UGCEsr54v+QnvNQxNxw3dW+aNSXkvdx8CBqI6f9u+
wPOPXWWklfR0jbp5R4Dk1p0ErpQ6NT1eSHkSN6CU71n46GL8Bj4lZhHjVyChN0FB
iuNTwJfqOWZ+VXDoOcHE8RautozUoCa67U9NFSHlS/3c6UYzYjF0xCACxYyyiDQH
b1GbmawN/w4Q1L1JIx1m1HTgM4ywwXcEa/58z7lH/33au4RCjioz5W8gxvIoZz+8
oNW8T489hvBh73ZcUlatJXNfHXSKlRl4ZY5QmKBDOZLYm7Jd4qUXqYkfTXV+HXCl
LXcE9Xsybg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:51 2023 by rpki-client on console-fra.rpki-client.org