Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d00210-d685-48b2-8e53-bb2fdca78245/1/Ml2iFckSJkTvxTtqazqme0z8Mjo.roa
File: Ml2iFckSJkTvxTtqazqme0z8Mjo.roa (raw, json)
Hash identifier: O/OQPY9TwyHbbRFDDzVT/bbx1tImqnsfearnB8HofQQ=
Subject key identifier: 32:5D:A2:15:C9:12:26:44:EF:C5:3B:6A:6B:3A:A6:7B:4C:FC:32:3A
Certificate issuer: /CN=133f456d2b82cc6d80b7b1ac571b4787f1569b60
Certificate serial: 018419732108A5DB4A74F23923CB96B6A7D7
Authority key identifier: 13:3F:45:6D:2B:82:CC:6D:80:B7:B1:AC:57:1B:47:87:F1:56:9B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ez9FbSuCzG2At7GsVxtHh_FWm2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d00210-d685-48b2-8e53-bb2fdca78245/1/Ml2iFckSJkTvxTtqazqme0z8Mjo.roa
Signing time: Thu 27 Oct 2022 12:38:06 +0000
ROA not before: Thu 27 Oct 2022 12:38:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210585
IP address blocks: 185.23.211.0/24 maxlen: 24
185.23.208.0/24 maxlen: 24
185.23.209.0/24 maxlen: 24
185.23.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:19:73:21:08:a5:db:4a:74:f2:39:23:cb:96:b6:a7:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=133f456d2b82cc6d80b7b1ac571b4787f1569b60
Validity
Not Before: Oct 27 12:38:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=325da215c9122644efc53b6a6b3aa67b4cfc323a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bc:21:fe:5d:c0:21:ae:2a:f7:74:ca:19:a0:
61:b0:d0:03:3a:ca:25:09:25:07:36:12:72:b8:9b:
30:f4:36:9a:9e:15:22:0f:ec:3b:70:2c:f7:50:23:
bc:a7:56:19:fa:08:02:76:49:25:49:69:d9:3f:aa:
62:c8:e0:50:fd:0e:f9:1f:ab:2f:5d:24:60:64:0f:
7e:fa:7d:76:ee:67:d2:d1:94:f4:d3:33:bc:72:e5:
09:39:9a:51:94:e1:cc:46:2e:d2:a8:c6:10:f9:e0:
7a:03:95:15:c5:73:2d:df:47:ba:4c:38:81:b2:3c:
9c:ac:ba:62:6e:ff:34:54:21:4b:d2:8a:5d:7e:03:
44:45:74:b5:ee:f4:78:e0:7b:42:58:46:43:fb:12:
85:4e:9f:54:38:70:59:63:bc:dd:21:e3:53:7d:5c:
58:d7:bd:73:fe:31:f2:4f:63:27:7d:7d:09:72:94:
2d:b3:f1:d5:0e:e7:58:8f:84:d5:54:be:6b:65:60:
26:69:42:3c:22:c2:65:0f:79:86:a6:a7:24:99:77:
35:5b:79:9f:e2:e9:32:9f:fa:2a:e4:10:47:a6:37:
18:4e:a2:eb:54:89:38:66:37:45:ec:7e:bb:55:34:
45:86:74:40:18:80:c8:28:44:f2:7c:4e:ce:c2:71:
cf:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:5D:A2:15:C9:12:26:44:EF:C5:3B:6A:6B:3A:A6:7B:4C:FC:32:3A
X509v3 Authority Key Identifier:
keyid:13:3F:45:6D:2B:82:CC:6D:80:B7:B1:AC:57:1B:47:87:F1:56:9B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ez9FbSuCzG2At7GsVxtHh_FWm2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d00210-d685-48b2-8e53-bb2fdca78245/1/Ml2iFckSJkTvxTtqazqme0z8Mjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d00210-d685-48b2-8e53-bb2fdca78245/1/Ez9FbSuCzG2At7GsVxtHh_FWm2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.208.0/22
Signature Algorithm: sha256WithRSAEncryption
66:3e:9d:fe:94:38:11:5f:c8:89:69:f1:47:83:9d:74:e9:2b:
a0:c5:6d:6d:74:ce:59:06:c9:72:ac:5f:4f:c0:6b:e7:05:ca:
92:7e:de:ba:31:7c:f4:96:3b:74:1a:30:af:ff:78:50:9f:7e:
54:25:6d:61:d9:7b:c6:95:a8:2a:45:ea:25:2b:88:83:0e:92:
f6:33:de:7d:00:df:3b:85:78:a4:8a:db:28:4d:78:79:89:ef:
b9:22:e9:e1:2b:3c:fc:b2:30:64:dd:e0:77:98:42:b5:37:4e:
6b:60:8f:aa:d5:0b:1d:b7:6d:7b:06:3c:fb:7a:bf:db:94:a8:
24:0d:c7:b0:e8:b9:c9:0b:7c:f9:ef:a8:21:aa:ea:d0:e6:02:
56:29:99:05:db:2a:3f:06:02:71:23:8c:22:35:f2:42:92:e5:
a8:20:1e:67:8b:1b:28:50:7e:43:ce:87:81:ee:18:f6:8b:b4:
13:d2:1d:4f:55:a1:ba:c7:b5:74:1c:d0:a0:25:db:93:d0:e5:
24:71:20:77:30:77:c3:a7:41:fb:08:20:68:59:b8:a8:fa:31:
ec:12:0b:27:6c:e8:94:37:58:f3:74:a8:c1:2d:c5:a6:6d:ee:
44:29:10:b0:ac:58:fe:91:00:b9:ee:a4:ac:cf:9a:cc:93:c5:
a0:24:25:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQZcyEIpdtKdPI5I8uWtqfXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzM2Y0NTZkMmI4MmNjNmQ4MGI3YjFhYzU3MWI0Nzg3ZjE1
NjliNjAwHhcNMjIxMDI3MTIzODA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjVkYTIxNWM5MTIyNjQ0ZWZjNTNiNmE2YjNhYTY3YjRjZmMzMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbwh/l3AIa4q93TKGaBhsNADOsol
CSUHNhJyuJsw9DaanhUiD+w7cCz3UCO8p1YZ+ggCdkklSWnZP6piyOBQ/Q75H6sv
XSRgZA9++n127mfS0ZT00zO8cuUJOZpRlOHMRi7SqMYQ+eB6A5UVxXMt30e6TDiB
sjycrLpibv80VCFL0opdfgNERXS17vR44HtCWEZD+xKFTp9UOHBZY7zdIeNTfVxY
171z/jHyT2MnfX0JcpQts/HVDudYj4TVVL5rZWAmaUI8IsJlD3mGpqckmXc1W3mf
4ukyn/oq5BBHpjcYTqLrVIk4ZjdF7H67VTRFhnRAGIDIKETyfE7OwnHP3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDJdohXJEiZE78U7ams6pntM/DI6MB8GA1UdIwQY
MBaAFBM/RW0rgsxtgLexrFcbR4fxVptgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXo5RmJTdUN6RzJBdDdHc1Z4dEhoX0ZXbTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kMDAyMTAtZDY4NS00OGIyLThlNTMt
YmIyZmRjYTc4MjQ1LzEvTWwyaUZja1NKa1R2eFR0cWF6cW1lMHo4TWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kMDAyMTAtZDY4NS00OGIyLThlNTMtYmIyZmRjYTc4MjQ1
LzEvRXo5RmJTdUN6RzJBdDdHc1Z4dEhoX0ZXbTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRfQMA0G
CSqGSIb3DQEBCwUAA4IBAQBmPp3+lDgRX8iJafFHg5106SugxW1tdM5ZBslyrF9P
wGvnBcqSft66MXz0ljt0GjCv/3hQn35UJW1h2XvGlagqReolK4iDDpL2M959AN87
hXikitsoTXh5ie+5IunhKzz8sjBk3eB3mEK1N05rYI+q1Qsdt217Bjz7er/blKgk
Dcew6LnJC3z576ghqurQ5gJWKZkF2yo/BgJxI4wiNfJCkuWoIB5nixsoUH5DzoeB
7hj2i7QT0h1PVaG6x7V0HNCgJduT0OUkcSB3MHfDp0H7CCBoWbio+jHsEgsnbOiU
N1jzdKjBLcWmbe5EKRCwrFj+kQC57qSsz5rMk8WgJCUz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:28 2023 by rpki-client on console-fra.rpki-client.org