Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/9DBHhnBIDnjTec_jOlhqrYORU74.roa
File: 9DBHhnBIDnjTec_jOlhqrYORU74.roa (raw, json)
Hash identifier: xAimbAnRECRBEPj8ZC486uDm4+Py9jqvUy4O46T7/GE=
Subject key identifier: F4:30:47:86:70:48:0E:78:D3:79:CF:E3:3A:58:6A:AD:83:91:53:BE
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 09C74A9D
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/9DBHhnBIDnjTec_jOlhqrYORU74.roa
Signing time: Tue 28 Jun 2022 14:45:02 +0000
ROA not before: Tue 28 Jun 2022 14:45:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211432
IP address blocks: 185.169.228.0/22 maxlen: 22
85.8.168.0/22 maxlen: 22
2.56.184.0/22 maxlen: 22
193.37.220.0/22 maxlen: 22
31.40.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164055709 (0x9c74a9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jun 28 14:45:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f430478670480e78d379cfe33a586aad839153be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:38:d0:b8:ef:30:4d:89:46:49:d8:12:6c:70:
62:ef:e0:35:12:e0:37:ed:17:9c:3a:73:27:0b:d1:
ed:d8:11:50:c6:54:3f:9c:01:25:70:81:d3:68:04:
e1:56:ec:f2:91:19:81:7d:d2:8a:09:9b:a1:37:aa:
24:a6:9c:bd:8c:bd:73:9e:7d:09:e0:63:62:d5:bf:
14:32:09:0a:15:6b:c9:31:e1:57:bc:16:86:43:fb:
ac:d8:f4:91:16:56:8f:fd:c1:31:5b:e5:ca:20:9c:
58:72:f4:1b:13:50:bd:96:85:20:e0:23:09:41:44:
85:fc:02:09:66:3b:8a:ea:1b:5c:a0:c4:d8:f9:8d:
37:86:b4:da:c6:83:04:b3:00:9a:30:bf:78:e6:19:
cd:01:de:3b:07:96:30:00:30:41:94:59:d8:0d:ce:
62:9f:25:7a:b9:4d:e6:79:07:18:87:a2:2a:4d:4f:
12:39:a6:88:b4:53:3f:bb:c0:22:94:9a:9b:d7:d6:
a4:1c:92:48:fd:80:1a:b2:39:b2:d7:a9:75:64:48:
15:ad:d5:c4:f5:e5:50:c9:cd:cb:f9:7d:ce:e6:45:
43:bc:a6:39:ba:48:50:37:31:f9:2d:74:89:7d:d2:
cf:f1:ea:25:c7:d8:fc:3e:76:78:2e:d6:de:fb:82:
56:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:30:47:86:70:48:0E:78:D3:79:CF:E3:3A:58:6A:AD:83:91:53:BE
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/9DBHhnBIDnjTec_jOlhqrYORU74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.184.0/22
31.40.232.0/22
85.8.168.0/22
185.169.228.0/22
193.37.220.0/22
Signature Algorithm: sha256WithRSAEncryption
55:07:46:53:be:22:5d:fa:51:93:48:75:7d:3b:01:a3:78:9a:
ab:c9:a4:6d:3c:f5:f2:ee:2f:95:54:f7:e7:bb:e1:7a:be:50:
9d:f5:13:be:65:3f:ff:66:9d:2c:72:a9:73:e2:7e:85:76:f6:
55:1a:07:5c:02:c3:91:d8:a6:9f:e8:84:97:a5:e0:04:5e:3b:
15:12:b3:d0:1c:80:15:54:09:0e:c1:a1:01:42:96:33:05:1f:
4f:0b:bb:0c:37:34:51:f1:ca:fc:3a:8f:ca:12:49:3b:6e:05:
28:84:ea:25:c0:db:b0:4f:bd:c6:92:6a:1d:45:02:ff:be:b0:
7b:fc:0e:ea:e3:2f:a9:4a:98:07:ea:56:03:e2:4a:55:14:17:
25:9d:91:2d:01:f1:c5:8e:90:5e:1e:3e:9f:08:cb:b3:53:e9:
7b:ef:4a:d8:8c:89:72:95:62:1b:b8:d9:77:19:ca:84:d9:04:
5e:8f:34:ba:9a:0b:c7:5f:e8:79:3e:48:1a:00:70:a0:39:07:
a3:2d:d5:3c:92:49:54:45:5b:39:a7:85:65:6b:ac:cb:f1:50:
80:85:81:8c:0b:1e:29:1e:17:ce:1a:06:1e:91:b2:88:9f:a2:
8a:25:ca:47:ea:d4:49:0f:dc:d8:a4:27:df:2b:77:25:ca:cd:
60:fa:31:84
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECcdKnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDYy
ODE0NDUwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQzMDQ3ODY3MDQ4
MGU3OGQzNzljZmUzM2E1ODZhYWQ4MzkxNTNiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ840LjvME2JRknYEmxwYu/gNRLgN+0XnDpzJwvR7dgRUMZU
P5wBJXCB02gE4Vbs8pEZgX3SigmboTeqJKacvYy9c559CeBjYtW/FDIJChVryTHh
V7wWhkP7rNj0kRZWj/3BMVvlyiCcWHL0GxNQvZaFIOAjCUFEhfwCCWY7iuobXKDE
2PmNN4a02saDBLMAmjC/eOYZzQHeOweWMAAwQZRZ2A3OYp8lerlN5nkHGIeiKk1P
EjmmiLRTP7vAIpSam9fWpBySSP2AGrI5stepdWRIFa3VxPXlUMnNy/l9zuZFQ7ym
ObpIUDcx+S10iX3Sz/HqJcfY/D52eC7W3vuCVh0CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBT0MEeGcEgOeNN5z+M6WGqtg5FTvjAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
LzlEQkhobkJJRG5qVGVjX2pPbGhxcllPUlU3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAgI4uAMEAh8o6AMEAlUIqAMEArmp
5AMEAsEl3DANBgkqhkiG9w0BAQsFAAOCAQEAVQdGU74iXfpRk0h1fTsBo3iaq8mk
bTz18u4vlVT357vher5QnfUTvmU//2adLHKpc+J+hXb2VRoHXALDkdimn+iEl6Xg
BF47FRKz0ByAFVQJDsGhAUKWMwUfTwu7DDc0UfHK/DqPyhJJO24FKITqJcDbsE+9
xpJqHUUC/76we/wO6uMvqUqYB+pWA+JKVRQXJZ2RLQHxxY6QXh4+nwjLs1Ppe+9K
2IyJcpViG7jZdxnKhNkEXo80upoLx1/oeT5IGgBwoDkHoy3VPJJJVEVbOaeFZWus
y/FQgIWBjAseKR4XzhoGHpGyiJ+iiiXKR+rUSQ/c2KQn3yt3JcrNYPoxhA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org