Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/m2XrXHhSZgQI601fmu9_M22kxZE.roa
File: m2XrXHhSZgQI601fmu9_M22kxZE.roa (raw, json)
Hash identifier: 9YRINa1/Vhwt78g3jJUTXwkdXlT2Xo/qAZwTGA4/8CE=
Subject key identifier: 9B:65:EB:5C:78:52:66:04:08:EB:4D:5F:9A:EF:7F:33:6D:A4:C5:91
Certificate issuer: /CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Certificate serial: 018AC283
Authority key identifier: 1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/m2XrXHhSZgQI601fmu9_M22kxZE.roa
Signing time: Sat 01 Jan 2022 05:00:44 +0000
ROA not before: Sat 01 Jan 2022 05:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200845
IP address blocks: 185.251.213.0/24 maxlen: 24
185.251.212.0/24 maxlen: 24
185.251.215.0/24 maxlen: 24
185.171.107.0/24 maxlen: 24
185.171.106.0/24 maxlen: 24
185.251.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25870979 (0x18ac283)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Validity
Not Before: Jan 1 05:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b65eb5c7852660408eb4d5f9aef7f336da4c591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:b7:b4:c8:ac:1c:40:4b:1a:c5:ce:59:1e:ca:
72:9f:5f:d4:a9:98:3e:94:09:4c:95:17:24:2c:8e:
d8:c0:d9:f4:16:6d:b8:dd:ec:de:3c:d4:c0:29:bc:
b8:f1:55:c3:0b:cd:79:97:3b:04:e5:a6:c3:e2:f6:
04:ae:26:18:7f:30:d0:c9:19:57:d1:39:78:66:c4:
29:a9:61:c3:41:20:3c:c3:04:5d:84:1f:b2:7b:75:
e9:c9:4a:d7:73:44:5b:e0:c1:97:aa:5a:5e:fd:f7:
78:73:77:c2:df:1d:2f:1d:dd:c2:19:88:27:64:96:
fb:76:5e:6f:21:a5:b5:4d:ad:b5:72:72:13:4f:48:
e8:1a:62:c0:b3:18:e6:02:67:56:87:ff:4a:cd:d0:
08:8c:f3:c8:3d:e8:c7:d1:d8:4b:0d:6b:69:90:35:
54:80:27:40:b5:d2:f8:ac:00:e9:a0:4c:c5:97:89:
3e:bc:36:80:b0:d7:12:02:ea:a4:c7:ac:2a:12:dd:
e2:d1:9e:7a:64:ea:c4:92:64:4c:72:f6:71:45:70:
54:62:71:20:65:86:31:7d:42:d8:80:3e:bd:3e:db:
81:2e:3f:3c:94:24:1c:aa:ca:3a:a8:67:c7:43:18:
0c:0b:a5:f0:27:2a:61:7a:d1:d5:fe:06:91:87:c0:
71:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:65:EB:5C:78:52:66:04:08:EB:4D:5F:9A:EF:7F:33:6D:A4:C5:91
X509v3 Authority Key Identifier:
keyid:1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/m2XrXHhSZgQI601fmu9_M22kxZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.106.0/23
185.251.212.0/22
Signature Algorithm: sha256WithRSAEncryption
93:62:9c:d5:ba:7a:66:68:19:b0:6e:22:8d:4c:9f:1c:95:f6:
21:aa:2d:bb:4d:73:76:fe:0c:d2:f6:52:20:87:26:81:43:28:
6c:03:42:cf:03:d7:b1:c5:1f:8a:be:ee:e4:40:92:05:39:53:
53:1d:4c:b3:12:27:3b:95:2c:d5:c8:ef:06:d2:27:9a:30:a1:
80:e6:8f:57:1c:ae:00:36:25:56:a9:9a:66:53:ac:2f:5f:bf:
f3:98:8b:92:bf:94:88:c0:65:51:69:0e:27:06:29:c6:63:63:
38:81:b4:72:7d:46:ec:4c:e7:d5:82:2e:9d:4b:48:17:af:7c:
a0:72:4a:c9:99:2a:69:80:3d:e7:53:79:1f:af:38:4f:73:fa:
0e:64:76:d5:ab:0f:c3:07:ce:66:76:11:1d:b6:f3:96:73:89:
b3:8e:bd:36:19:60:ae:69:74:9e:51:fb:62:41:6a:70:b3:35:
20:79:39:2e:8a:9f:29:4b:57:2b:24:77:66:bd:ba:9c:7d:c4:
37:b8:03:3c:8f:dc:ee:fe:e9:ac:a4:1c:9e:59:1a:e1:72:43:
7f:ee:7c:b6:2a:87:49:e1:c2:ac:7d:5b:e6:f6:de:f5:b9:d5:
be:a2:28:96:e9:fb:b0:17:bd:56:b5:eb:84:13:80:09:df:7d:
cc:09:07:50
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAYrCgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGRmNTk1MWM5YWU3OTk3NmQ5N2UxZDI4ZTQ2NmE2MTUxMTk4OThiMB4XDTIyMDEw
MTA1MDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWI2NWViNWM3ODUy
NjYwNDA4ZWI0ZDVmOWFlZjdmMzM2ZGE0YzU5MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIe3tMisHEBLGsXOWR7Kcp9f1KmYPpQJTJUXJCyO2MDZ9BZt
uN3s3jzUwCm8uPFVwwvNeZc7BOWmw+L2BK4mGH8w0MkZV9E5eGbEKalhw0EgPMME
XYQfsnt16clK13NEW+DBl6paXv33eHN3wt8dLx3dwhmIJ2SW+3ZebyGltU2ttXJy
E09I6BpiwLMY5gJnVof/Ss3QCIzzyD3ox9HYSw1raZA1VIAnQLXS+KwA6aBMxZeJ
Prw2gLDXEgLqpMesKhLd4tGeemTqxJJkTHL2cUVwVGJxIGWGMX1C2IA+vT7bgS4/
PJQkHKrKOqhnx0MYDAul8CcqYXrR1f4GkYfAcYcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSbZetceFJmBAjrTV+a738zbaTFkTAfBgNVHSMEGDAWgBQd31lRya55l22X
4dKORmphURmJizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hkOVpVY211ZVpkdGwtSFNqa1pxWVZFWmlZcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvMmRmNzg2LTUyZDUtNDM4Yi04YjU2LTBlOTZiMWZmYjI0Ny8x
L20yWHJYSGhTWmdRSTYwMWZtdTlfTTIya3haRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
MmRmNzg2LTUyZDUtNDM4Yi04YjU2LTBlOTZiMWZmYjI0Ny8xL0hkOVpVY211ZVpk
dGwtSFNqa1pxWVZFWmlZcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAbmragMEArn71DANBgkqhkiG9w0B
AQsFAAOCAQEAk2Kc1bp6ZmgZsG4ijUyfHJX2Iaotu01zdv4M0vZSIIcmgUMobANC
zwPXscUfir7u5ECSBTlTUx1MsxInO5Us1cjvBtInmjChgOaPVxyuADYlVqmaZlOs
L1+/85iLkr+UiMBlUWkOJwYpxmNjOIG0cn1G7Ezn1YIunUtIF698oHJKyZkqaYA9
51N5H684T3P6DmR21asPwwfOZnYRHbbzlnOJs469Nhlgrml0nlH7YkFqcLM1IHk5
LoqfKUtXKyR3Zr26nH3EN7gDPI/c7v7prKQcnlka4XJDf+58tiqHSeHCrH1b5vbe
9bnVvqIolun7sBe9VrXrhBOACd99zAkHUA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:10 2023 by rpki-client on console-fra.rpki-client.org