Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/2kdItrI4fUxYxA8QL0seXKqAX9k.roa
File: 2kdItrI4fUxYxA8QL0seXKqAX9k.roa (raw, json)
Hash identifier: M5SNj8NSE/x6xWDs3Ig3+rkD9+mTq9mEf2Yo9J1CAIk=
Subject key identifier: DA:47:48:B6:B2:38:7D:4C:58:C4:0F:10:2F:4B:1E:5C:AA:80:5F:D9
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 07F4A62B
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/2kdItrI4fUxYxA8QL0seXKqAX9k.roa
Signing time: Sat 01 Jan 2022 01:01:37 +0000
ROA not before: Sat 01 Jan 2022 01:01:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211432
IP address blocks: 85.8.168.0/22 maxlen: 22
2.56.184.0/22 maxlen: 22
193.37.220.0/22 maxlen: 22
31.40.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133473835 (0x7f4a62b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 01:01:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da4748b6b2387d4c58c40f102f4b1e5caa805fd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b1:d1:d7:e7:6c:06:f7:8c:c7:cb:78:29:23:
df:61:1e:67:a9:97:78:4c:e6:49:1a:81:47:48:5e:
49:a0:af:e6:02:05:6b:13:06:09:5c:0a:e0:63:64:
c1:7c:37:c2:62:d6:49:8e:ea:e3:28:b9:60:82:b1:
14:d1:0c:9a:83:4c:bc:72:a7:af:41:d6:2c:20:ef:
f2:ca:72:2d:91:c1:e8:2b:63:cc:04:23:31:6f:f6:
5a:09:48:c0:32:fb:a2:03:29:42:7e:bf:f6:42:60:
a1:6d:5a:b9:d6:25:b1:de:c9:bb:fa:af:4d:7e:a0:
6c:61:6a:91:f1:46:6b:29:88:f0:73:76:fc:a9:8f:
9e:6e:39:76:23:af:67:f1:65:28:20:6d:22:9e:3e:
0f:27:c3:5b:ca:18:81:ed:ff:e1:33:95:86:b1:d8:
37:89:01:3b:f3:21:fb:cf:9a:fb:f0:47:33:c6:cb:
c8:1a:b6:8d:d2:7c:57:11:49:f5:20:57:79:59:69:
f7:6d:ac:bb:a9:49:d9:fe:47:83:b5:6b:7e:60:68:
67:e8:bd:cf:76:1a:28:76:ee:c0:b0:b1:e8:a6:1b:
9d:17:94:a9:4e:0f:70:3a:89:bf:f8:d4:73:c4:9e:
43:b6:ec:54:e0:45:27:89:59:54:25:5c:ae:e0:f0:
08:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:47:48:B6:B2:38:7D:4C:58:C4:0F:10:2F:4B:1E:5C:AA:80:5F:D9
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/2kdItrI4fUxYxA8QL0seXKqAX9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.184.0/22
31.40.232.0/22
85.8.168.0/22
193.37.220.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:6d:4b:e2:f6:8e:47:33:25:42:04:64:7d:53:16:83:78:34:
c7:a8:2e:f0:d5:c7:d4:e5:fd:c9:df:fe:b2:5b:a1:e8:db:06:
ea:9e:e3:35:68:77:56:8f:99:3b:fa:0b:7c:4c:98:60:35:39:
40:8b:2b:e7:35:49:54:2b:d8:4c:6f:1c:e2:7d:06:35:ee:0d:
ea:32:03:5a:15:57:d1:1e:29:23:b4:1c:8a:2f:00:74:ad:a9:
f9:ff:f8:a0:6c:fa:27:cd:b0:fe:78:fb:99:5e:50:05:55:5f:
29:9b:16:72:6c:9a:21:9f:0f:81:34:66:bc:aa:0c:23:8e:66:
5c:89:81:22:1e:78:d2:43:d6:af:19:f6:ce:85:2f:33:bf:6e:
8f:11:d8:5e:3e:44:d8:ce:22:3d:66:3d:08:c5:dd:96:7b:4a:
ba:3d:b3:c7:d8:52:83:76:22:f9:6d:f8:23:e2:e7:7a:49:86:
f9:c0:97:b3:26:28:bc:39:43:47:4a:ef:77:64:98:fd:28:86:
74:a2:39:0f:83:5b:81:f6:9c:4f:3a:46:11:0b:59:ef:04:fd:
dd:37:73:c8:97:1f:5e:da:d9:a1:50:fd:b9:f2:13:a4:1e:61:
46:09:5f:8c:af:a5:46:37:86:69:68:5b:c2:75:12:4c:7f:3d:
d0:76:c7:08
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEB/SmKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDEw
MTAxMDEzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGE0NzQ4YjZiMjM4
N2Q0YzU4YzQwZjEwMmY0YjFlNWNhYTgwNWZkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALax0dfnbAb3jMfLeCkj32EeZ6mXeEzmSRqBR0heSaCv5gIF
axMGCVwK4GNkwXw3wmLWSY7q4yi5YIKxFNEMmoNMvHKnr0HWLCDv8spyLZHB6Ctj
zAQjMW/2WglIwDL7ogMpQn6/9kJgoW1audYlsd7Ju/qvTX6gbGFqkfFGaymI8HN2
/KmPnm45diOvZ/FlKCBtIp4+DyfDW8oYge3/4TOVhrHYN4kBO/Mh+8+a+/BHM8bL
yBq2jdJ8VxFJ9SBXeVlp922su6lJ2f5Hg7VrfmBoZ+i9z3YaKHbuwLCx6KYbnReU
qU4PcDqJv/jUc8SeQ7bsVOBFJ4lZVCVcruDwCG0CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTaR0i2sjh9TFjEDxAvSx5cqoBf2TAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
LzJrZEl0ckk0ZlV4WXhBOFFMMHNlWEtxQVg5ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAgI4uAMEAh8o6AMEAlUIqAMEAsEl
3DANBgkqhkiG9w0BAQsFAAOCAQEAfW1L4vaORzMlQgRkfVMWg3g0x6gu8NXH1OX9
yd/+sluh6NsG6p7jNWh3Vo+ZO/oLfEyYYDU5QIsr5zVJVCvYTG8c4n0GNe4N6jID
WhVX0R4pI7Qcii8AdK2p+f/4oGz6J82w/nj7mV5QBVVfKZsWcmyaIZ8PgTRmvKoM
I45mXImBIh540kPWrxn2zoUvM79ujxHYXj5E2M4iPWY9CMXdlntKuj2zx9hSg3Yi
+W34I+LnekmG+cCXsyYovDlDR0rvd2SY/SiGdKI5D4NbgfacTzpGEQtZ7wT93Tdz
yJcfXtrZoVD9ufITpB5hRglfjK+lRjeGaWhbwnUSTH890HbHCA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:44 2023 by rpki-client on console-ams.rpki-client.org