Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/cw3eIspFYk38lGCrLOfslWyHvcE.roa
File: cw3eIspFYk38lGCrLOfslWyHvcE.roa (raw, json)
Hash identifier: fTcwwR4WHm6ui+jZ6klpfywI68ptrjEHw3bAkoIq65Y=
Subject key identifier: 73:0D:DE:22:CA:45:62:4D:FC:94:60:AB:2C:E7:EC:95:6C:87:BD:C1
Certificate issuer: /CN=1e02b2489f4713962d105112b25276eb81f1ac90
Certificate serial: 0937C991
Authority key identifier: 1E:02:B2:48:9F:47:13:96:2D:10:51:12:B2:52:76:EB:81:F1:AC:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HgKySJ9HE5YtEFESslJ264HxrJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/cw3eIspFYk38lGCrLOfslWyHvcE.roa
Signing time: Sat 01 Jan 2022 07:52:34 +0000
ROA not before: Sat 01 Jan 2022 07:52:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56650
IP address blocks: 85.208.64.0/22 maxlen: 22
85.208.64.0/24 maxlen: 24
85.208.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 154651025 (0x937c991)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e02b2489f4713962d105112b25276eb81f1ac90
Validity
Not Before: Jan 1 07:52:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=730dde22ca45624dfc9460ab2ce7ec956c87bdc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:2a:54:de:b3:8c:5f:99:b7:34:ce:ec:d7:35:
3c:ba:7a:c9:ad:53:ba:78:44:0c:5d:45:71:53:2e:
a1:8b:f0:b4:d3:df:9a:3d:dd:c6:9c:43:a8:0e:d0:
44:ed:7e:a8:27:35:8f:a9:fe:dd:e9:48:3e:a1:e9:
e2:ee:65:64:d6:c4:4e:9b:f3:ab:ee:ee:b6:b1:0b:
74:23:42:5b:3c:d7:38:56:b9:b6:ad:9b:a8:59:18:
ed:06:ae:0f:89:b4:34:fc:c4:42:b5:8b:88:85:ec:
7b:84:75:6a:81:69:45:50:5e:74:f6:05:4c:ff:c9:
a6:2c:25:21:8c:5e:ac:63:65:53:72:8e:d6:27:54:
47:ef:43:2a:d0:46:be:8f:eb:4d:28:18:4c:c3:fc:
be:da:fa:ad:5c:09:9b:55:5b:10:92:7f:6f:27:11:
be:86:6e:94:9a:81:d3:40:b1:82:6a:bb:13:43:04:
1f:53:5a:60:64:9e:03:91:3b:45:f5:47:eb:29:74:
ac:cd:ec:d7:c8:62:ad:a2:3e:b8:66:16:06:82:48:
e9:40:60:48:30:db:a6:6d:46:b9:2d:0c:84:67:e7:
98:d1:fc:90:71:33:4e:fb:46:30:60:4c:a1:27:bc:
bf:a7:73:33:c7:ac:76:a8:9e:8b:5c:ba:44:dd:b4:
09:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:0D:DE:22:CA:45:62:4D:FC:94:60:AB:2C:E7:EC:95:6C:87:BD:C1
X509v3 Authority Key Identifier:
keyid:1E:02:B2:48:9F:47:13:96:2D:10:51:12:B2:52:76:EB:81:F1:AC:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgKySJ9HE5YtEFESslJ264HxrJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/cw3eIspFYk38lGCrLOfslWyHvcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/c0a326-88e1-42b4-9d56-0921d1bbf349/1/HgKySJ9HE5YtEFESslJ264HxrJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.64.0/22
Signature Algorithm: sha256WithRSAEncryption
4e:42:48:66:94:1d:97:c7:9d:39:05:e6:4f:01:22:be:49:28:
d5:1d:41:0a:4d:d3:4c:61:1f:4f:34:a7:30:89:02:9b:c7:75:
a5:fb:78:fd:8d:68:9c:a3:b0:a8:9b:22:c7:c3:5d:c2:3d:ef:
b4:d5:6f:a7:8c:93:ac:b9:fe:1d:fd:3d:47:5c:56:63:98:f2:
12:04:1b:b4:af:b8:8f:44:bb:62:63:76:fd:70:54:68:db:58:
4b:60:7a:ed:58:be:dc:a2:60:be:81:b8:4a:3f:71:ee:bf:76:
de:da:2e:42:f9:47:03:32:42:a5:fd:16:32:fd:10:d9:26:4d:
15:42:93:b0:23:3e:a6:56:80:c4:54:45:79:da:f7:62:9f:11:
3f:e6:4d:20:54:ea:5a:86:0a:84:32:d2:a1:99:0a:d2:5b:a9:
67:04:db:32:ef:f7:35:4d:35:af:c2:12:10:9d:39:7c:28:95:
05:36:e0:83:40:21:92:77:d0:bb:8a:a8:a7:a3:84:ea:8e:a7:
bc:37:ac:69:c8:ba:5b:8e:0f:78:0e:96:f3:d9:81:18:fe:8c:
85:ac:61:f7:fe:19:fe:2f:4d:cf:d2:9c:8c:72:5d:a7:11:32:
d6:88:4f:41:95:c9:f3:94:ac:9c:75:60:ed:16:02:d3:fa:7b:
46:07:5c:2c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECTfJkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTAyYjI0ODlmNDcxMzk2MmQxMDUxMTJiMjUyNzZlYjgxZjFhYzkwMB4XDTIyMDEw
MTA3NTIzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzMwZGRlMjJjYTQ1
NjI0ZGZjOTQ2MGFiMmNlN2VjOTU2Yzg3YmRjMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIMqVN6zjF+ZtzTO7Nc1PLp6ya1TunhEDF1FcVMuoYvwtNPf
mj3dxpxDqA7QRO1+qCc1j6n+3elIPqHp4u5lZNbETpvzq+7utrELdCNCWzzXOFa5
tq2bqFkY7QauD4m0NPzEQrWLiIXse4R1aoFpRVBedPYFTP/JpiwlIYxerGNlU3KO
1idUR+9DKtBGvo/rTSgYTMP8vtr6rVwJm1VbEJJ/bycRvoZulJqB00Cxgmq7E0ME
H1NaYGSeA5E7RfVH6yl0rM3s18hiraI+uGYWBoJI6UBgSDDbpm1GuS0MhGfnmNH8
kHEzTvtGMGBMoSe8v6dzM8esdqiei1y6RN20CcUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRzDd4iykViTfyUYKss5+yVbIe9wTAfBgNVHSMEGDAWgBQeArJIn0cTli0Q
URKyUnbrgfGskDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hnS3lTSjlIRTVZdEVGRVNzbEoyNjRIeHJKQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvYzBhMzI2LTg4ZTEtNDJiNC05ZDU2LTA5MjFkMWJiZjM0OS8x
L2N3M2VJc3BGWWszOGxHQ3JMT2ZzbFd5SHZjRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
YzBhMzI2LTg4ZTEtNDJiNC05ZDU2LTA5MjFkMWJiZjM0OS8xL0hnS3lTSjlIRTVZ
dEVGRVNzbEoyNjRIeHJKQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlXQQDANBgkqhkiG9w0BAQsFAAOC
AQEATkJIZpQdl8edOQXmTwEivkko1R1BCk3TTGEfTzSnMIkCm8d1pft4/Y1onKOw
qJsix8Ndwj3vtNVvp4yTrLn+Hf09R1xWY5jyEgQbtK+4j0S7YmN2/XBUaNtYS2B6
7Vi+3KJgvoG4Sj9x7r923touQvlHAzJCpf0WMv0Q2SZNFUKTsCM+plaAxFRFedr3
Yp8RP+ZNIFTqWoYKhDLSoZkK0lupZwTbMu/3NU01r8ISEJ05fCiVBTbgg0AhknfQ
u4qop6OE6o6nvDesaci6W44PeA6W89mBGP6Mhaxh9/4Z/i9Nz9KcjHJdpxEy1ohP
QZXJ85SsnHVg7RYC0/p7RgdcLA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:42 2023 by rpki-client on console-ams.rpki-client.org