Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1202e2-0b54-42ee-933a-2b1dc992eca2/1/dtkzPj0JAnSQdvyS3yrq2TrePvk.roa
File: dtkzPj0JAnSQdvyS3yrq2TrePvk.roa (raw, json)
Hash identifier: vw9I3/2SPDZModzlk8Ykg0yrvp1pL/C0ZuSndKSZiGU=
Subject key identifier: 76:D9:33:3E:3D:09:02:74:90:76:FC:92:DF:2A:EA:D9:3A:DE:3E:F9
Certificate issuer: /CN=a7e70a05b98639cd7ae57feb1a40b367ec9c43ad
Certificate serial: 0185066B4C3D96026E32EE467FF12ED11463
Authority key identifier: A7:E7:0A:05:B9:86:39:CD:7A:E5:7F:EB:1A:40:B3:67:EC:9C:43:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-cKBbmGOc165X_rGkCzZ-ycQ60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1202e2-0b54-42ee-933a-2b1dc992eca2/1/dtkzPj0JAnSQdvyS3yrq2TrePvk.roa
Signing time: Mon 12 Dec 2022 12:59:32 +0000
ROA not before: Mon 12 Dec 2022 12:59:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205222
IP address blocks: 185.225.58.0/24 maxlen: 24
185.225.57.0/24 maxlen: 24
185.225.56.0/24 maxlen: 24
185.225.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:6b:4c:3d:96:02:6e:32:ee:46:7f:f1:2e:d1:14:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7e70a05b98639cd7ae57feb1a40b367ec9c43ad
Validity
Not Before: Dec 12 12:59:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76d9333e3d0902749076fc92df2aead93ade3ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:7b:e3:72:f5:cc:25:f9:e4:db:cc:0e:34:8c:
63:6e:65:6f:02:c5:15:53:13:38:ca:96:eb:ed:0c:
3f:96:a7:c5:82:5d:a0:f9:7e:63:3b:f0:9f:4f:d5:
ce:7e:d6:10:1c:b9:a8:3b:70:c9:d4:41:9a:89:15:
43:49:0d:50:7a:70:dc:c6:ab:a3:f7:59:52:0e:dd:
0c:af:b2:97:37:e7:b5:0c:54:39:4a:81:1f:2f:a0:
d9:6a:81:85:d2:60:10:57:a1:9c:b7:07:16:cc:84:
0e:60:01:fa:d9:af:bb:a4:8a:e5:a6:0b:f2:ce:fe:
da:54:a8:8f:42:77:54:87:51:c9:4a:79:bb:61:e9:
d6:24:10:9a:57:5c:77:a1:91:40:01:be:4f:23:6c:
78:6f:da:dd:ec:42:fc:e7:cc:34:ff:ee:c5:ce:f8:
59:8f:33:7d:39:7b:65:2f:71:ae:1f:d6:8b:d9:02:
fc:3c:92:41:cd:2c:b7:96:07:ea:a6:b9:f1:02:26:
1b:3a:b8:5d:5c:8c:d5:cc:b9:14:bb:52:58:22:e6:
7a:6a:f8:d3:24:d3:ca:f7:2b:7a:0c:30:9e:d7:8b:
1b:fd:8e:c9:fe:85:3b:c3:0a:67:af:22:6c:82:e2:
4c:1c:7a:4e:15:b2:cd:d7:8f:05:7f:c0:67:cf:94:
b1:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:D9:33:3E:3D:09:02:74:90:76:FC:92:DF:2A:EA:D9:3A:DE:3E:F9
X509v3 Authority Key Identifier:
keyid:A7:E7:0A:05:B9:86:39:CD:7A:E5:7F:EB:1A:40:B3:67:EC:9C:43:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-cKBbmGOc165X_rGkCzZ-ycQ60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1202e2-0b54-42ee-933a-2b1dc992eca2/1/dtkzPj0JAnSQdvyS3yrq2TrePvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1202e2-0b54-42ee-933a-2b1dc992eca2/1/p-cKBbmGOc165X_rGkCzZ-ycQ60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.56.0/22
Signature Algorithm: sha256WithRSAEncryption
97:f2:22:20:a0:c0:41:ff:55:57:75:6e:7e:cd:fe:5e:68:22:
1e:80:87:6b:9f:13:c5:f5:d0:36:62:43:3e:11:27:76:4e:96:
96:5a:49:fb:c7:ad:b1:78:b9:1b:56:f1:d7:d6:c0:d0:db:25:
b6:de:03:a7:29:99:37:9a:8d:36:50:f2:f4:02:4c:a9:33:44:
db:6d:9d:dc:7a:08:17:d8:a6:4d:e2:a3:45:22:1d:96:0a:d6:
6a:27:27:63:39:c9:a6:e8:66:3a:e3:c3:3e:de:d6:d4:7c:37:
31:0d:66:dc:d3:61:23:7f:2b:38:ae:45:03:07:9e:92:f8:e2:
fb:16:c3:b3:60:f8:d8:76:23:85:06:86:93:a2:72:7f:34:b0:
27:5a:75:b8:dd:6d:61:8f:8d:ba:69:98:f4:03:7d:40:9e:f1:
a9:1c:c7:1c:b6:4b:3c:ca:88:b0:af:e4:ba:f9:9a:a0:8c:0e:
d6:61:73:fc:df:85:54:f0:3e:fa:e4:56:40:04:94:e1:81:9b:
01:62:79:9e:2a:9d:1f:b3:23:31:10:c4:db:11:04:69:9e:5e:
76:9e:52:d5:19:a2:58:5f:45:0d:73:04:de:48:4b:f9:19:a5:
52:cd:e6:ea:f9:97:54:42:ff:7f:33:10:4f:47:90:31:8f:ec:
0e:73:49:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUGa0w9lgJuMu5Gf/Eu0RRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZTcwYTA1Yjk4NjM5Y2Q3YWU1N2ZlYjFhNDBiMzY3ZWM5
YzQzYWQwHhcNMjIxMjEyMTI1OTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmQ5MzMzZTNkMDkwMjc0OTA3NmZjOTJkZjJhZWFkOTNhZGUzZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXvjcvXMJfnk28wONIxjbmVvAsUV
UxM4ypbr7Qw/lqfFgl2g+X5jO/CfT9XOftYQHLmoO3DJ1EGaiRVDSQ1QenDcxquj
91lSDt0Mr7KXN+e1DFQ5SoEfL6DZaoGF0mAQV6GctwcWzIQOYAH62a+7pIrlpgvy
zv7aVKiPQndUh1HJSnm7YenWJBCaV1x3oZFAAb5PI2x4b9rd7EL858w0/+7FzvhZ
jzN9OXtlL3GuH9aL2QL8PJJBzSy3lgfqprnxAiYbOrhdXIzVzLkUu1JYIuZ6avjT
JNPK9yt6DDCe14sb/Y7J/oU7wwpnryJsguJMHHpOFbLN148Ff8Bnz5Sx8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbZMz49CQJ0kHb8kt8q6tk63j75MB8GA1UdIwQY
MBaAFKfnCgW5hjnNeuV/6xpAs2fsnEOtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcC1jS0JibUdPYzE2NVhfckdrQ3paLXljUTYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xMjAyZTItMGI1NC00MmVlLTkzM2Et
MmIxZGM5OTJlY2EyLzEvZHRrelBqMEpBblNRZHZ5UzN5cnEyVHJlUHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xMjAyZTItMGI1NC00MmVlLTkzM2EtMmIxZGM5OTJlY2Ey
LzEvcC1jS0JibUdPYzE2NVhfckdrQ3paLXljUTYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueE4MA0G
CSqGSIb3DQEBCwUAA4IBAQCX8iIgoMBB/1VXdW5+zf5eaCIegIdrnxPF9dA2YkM+
ESd2TpaWWkn7x62xeLkbVvHX1sDQ2yW23gOnKZk3mo02UPL0AkypM0TbbZ3ceggX
2KZN4qNFIh2WCtZqJydjOcmm6GY648M+3tbUfDcxDWbc02Ejfys4rkUDB56S+OL7
FsOzYPjYdiOFBoaTonJ/NLAnWnW43W1hj426aZj0A31AnvGpHMcctks8yoiwr+S6
+ZqgjA7WYXP834VU8D765FZABJThgZsBYnmeKp0fsyMxEMTbEQRpnl52nlLVGaJY
X0UNcwTeSEv5GaVSzebq+ZdUQv9/MxBPR5Axj+wOc0nB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:52 2024 by rpki-client on console-fra.rpki-client.org