Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/88d3b3-8257-47aa-a227-d02aafb832c4/1/miZB9yjNU-G3YkNoYb4j4n6ebbc.roa
File: miZB9yjNU-G3YkNoYb4j4n6ebbc.roa (raw, json)
Hash identifier: miRCDhfvb4Zu6iI5OROzdwYX/rNqIvcYECiqTNTwF0M=
Subject key identifier: 9A:26:41:F7:28:CD:53:E1:B7:62:43:68:61:BE:23:E2:7E:9E:6D:B7
Certificate issuer: /CN=05df1ca3b665f24cbe101cfc2f38344da8b1768d
Certificate serial: 01843CEFAE6F8D93A254C8392B810D1D36F1
Authority key identifier: 05:DF:1C:A3:B6:65:F2:4C:BE:10:1C:FC:2F:38:34:4D:A8:B1:76:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bd8co7Zl8ky-EBz8Lzg0Taixdo0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/88d3b3-8257-47aa-a227-d02aafb832c4/1/miZB9yjNU-G3YkNoYb4j4n6ebbc.roa
Signing time: Thu 03 Nov 2022 10:00:51 +0000
ROA not before: Thu 03 Nov 2022 10:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197190
IP address blocks: 185.209.217.0/24 maxlen: 24
185.209.219.0/24 maxlen: 24
185.209.216.0/24 maxlen: 24
185.209.218.0/24 maxlen: 24
2a0b:5240::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:ef:ae:6f:8d:93:a2:54:c8:39:2b:81:0d:1d:36:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05df1ca3b665f24cbe101cfc2f38344da8b1768d
Validity
Not Before: Nov 3 10:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a2641f728cd53e1b762436861be23e27e9e6db7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b8:d1:3f:5b:54:be:10:ed:45:18:08:a2:89:
ed:21:19:97:27:80:6e:1b:6b:40:3e:f9:e5:17:56:
83:7b:ce:50:bc:f4:6d:5d:67:a2:8e:5f:53:1a:0a:
ab:37:ef:ad:02:54:94:8c:91:48:01:63:66:63:38:
82:bf:26:7b:31:a5:8f:ec:b1:fd:6f:46:a4:68:98:
bc:39:be:56:1f:21:a7:2a:8a:75:9a:0d:4d:10:c6:
ba:ff:f3:28:5d:9b:3d:9f:d5:52:40:a9:b5:05:e9:
17:1f:b3:25:b0:60:c4:70:b8:2f:72:d2:6b:53:99:
8a:b3:f2:85:ed:c7:e8:85:43:30:c8:f1:cd:8d:2c:
3b:d0:7a:69:1d:13:d2:95:8c:0e:0e:d6:04:44:42:
49:ce:90:0c:65:27:12:20:eb:1e:41:81:05:a7:12:
23:51:35:12:37:31:b1:bb:71:c6:c0:36:a9:1c:d8:
97:a1:26:94:80:51:48:68:32:ba:e9:7d:bb:d0:b7:
c6:74:ac:b5:12:c7:dd:18:bf:d5:07:81:e8:f4:83:
24:12:96:08:e3:a5:cc:ee:ab:1a:96:c0:a0:1e:9b:
c4:55:d0:08:3e:a3:f4:01:64:c0:69:e1:92:b7:8f:
2b:56:b9:7d:84:b7:23:e8:a8:df:0e:ef:bb:57:1b:
6d:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:26:41:F7:28:CD:53:E1:B7:62:43:68:61:BE:23:E2:7E:9E:6D:B7
X509v3 Authority Key Identifier:
keyid:05:DF:1C:A3:B6:65:F2:4C:BE:10:1C:FC:2F:38:34:4D:A8:B1:76:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bd8co7Zl8ky-EBz8Lzg0Taixdo0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/88d3b3-8257-47aa-a227-d02aafb832c4/1/miZB9yjNU-G3YkNoYb4j4n6ebbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/88d3b3-8257-47aa-a227-d02aafb832c4/1/Bd8co7Zl8ky-EBz8Lzg0Taixdo0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.216.0/22
IPv6:
2a0b:5240::/29
Signature Algorithm: sha256WithRSAEncryption
05:e1:fd:7f:69:5a:3e:12:d5:80:26:3c:84:1d:6f:23:6c:ab:
1f:12:58:ae:03:29:bb:7f:ea:67:c8:a5:7a:f9:71:38:1e:72:
d5:e9:c8:b6:74:a7:c2:34:b5:32:40:12:72:08:d5:a2:c2:94:
2d:0a:18:e6:b3:ce:34:b2:53:ab:f7:d5:ee:86:65:1e:dc:cf:
dd:10:68:78:2b:6d:18:a1:46:32:32:81:d3:f3:fc:8c:12:74:
37:9f:db:70:98:33:fd:53:94:9b:28:4c:fa:98:d9:7d:b6:67:
d1:b9:49:21:f9:45:75:59:58:77:ea:11:3d:dc:e1:04:8a:6b:
da:2f:04:e0:d4:a9:65:99:41:c6:a9:f0:04:87:ab:d3:47:35:
46:5b:d9:e7:4a:7d:b2:c4:ab:fe:de:cb:90:a2:b9:0b:eb:d7:
7c:1f:ce:fd:4d:21:d5:6a:32:b8:c7:52:3d:cb:24:de:d5:10:
02:8b:e0:7a:da:7f:a9:aa:a7:96:70:51:f9:ff:e6:cd:57:d2:
dc:24:9a:ff:09:df:e7:a5:63:44:59:e3:ec:a2:5a:6f:7b:09:
a2:05:eb:3e:66:95:73:d7:ca:af:32:e5:86:84:5d:ff:8a:df:
ad:68:73:20:31:b7:8b:5b:1b:5a:ff:98:e5:d4:ad:26:12:88:
3a:a4:46:a6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQ8765vjZOiVMg5K4ENHTbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZGYxY2EzYjY2NWYyNGNiZTEwMWNmYzJmMzgzNDRkYThi
MTc2OGQwHhcNMjIxMTAzMTAwMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTI2NDFmNzI4Y2Q1M2UxYjc2MjQzNjg2MWJlMjNlMjdlOWU2ZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLjRP1tUvhDtRRgIoontIRmXJ4Bu
G2tAPvnlF1aDe85QvPRtXWeijl9TGgqrN++tAlSUjJFIAWNmYziCvyZ7MaWP7LH9
b0akaJi8Ob5WHyGnKop1mg1NEMa6//MoXZs9n9VSQKm1BekXH7MlsGDEcLgvctJr
U5mKs/KF7cfohUMwyPHNjSw70HppHRPSlYwODtYEREJJzpAMZScSIOseQYEFpxIj
UTUSNzGxu3HGwDapHNiXoSaUgFFIaDK66X270LfGdKy1EsfdGL/VB4Ho9IMkEpYI
46XM7qsalsCgHpvEVdAIPqP0AWTAaeGSt48rVrl9hLcj6KjfDu+7Vxtt5QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJomQfcozVPht2JDaGG+I+J+nm23MB8GA1UdIwQY
MBaAFAXfHKO2ZfJMvhAc/C84NE2osXaNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmQ4Y283Wmw4a3ktRUJ6OEx6ZzBUYWl4ZG8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84OGQzYjMtODI1Ny00N2FhLWEyMjct
ZDAyYWFmYjgzMmM0LzEvbWlaQjl5ak5VLUczWWtOb1liNGo0bjZlYmJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84OGQzYjMtODI1Ny00N2FhLWEyMjctZDAyYWFmYjgzMmM0
LzEvQmQ4Y283Wmw4a3ktRUJ6OEx6ZzBUYWl4ZG8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudHYMA0E
AgACMAcDBQMqC1JAMA0GCSqGSIb3DQEBCwUAA4IBAQAF4f1/aVo+EtWAJjyEHW8j
bKsfEliuAym7f+pnyKV6+XE4HnLV6ci2dKfCNLUyQBJyCNWiwpQtChjms840slOr
99XuhmUe3M/dEGh4K20YoUYyMoHT8/yMEnQ3n9twmDP9U5SbKEz6mNl9tmfRuUkh
+UV1WVh36hE93OEEimvaLwTg1KllmUHGqfAEh6vTRzVGW9nnSn2yxKv+3suQorkL
69d8H879TSHVajK4x1I9yyTe1RACi+B62n+pqqeWcFH5/+bNV9LcJJr/Cd/npWNE
WePsolpvewmiBes+ZpVz18qvMuWGhF3/it+taHMgMbeLWxta/5jl1K0mEog6pEam
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:21 2023 by rpki-client on console-fra.rpki-client.org