Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/CP0L82nHktpo2m2I5oiMbBUlDPk.roa
File: CP0L82nHktpo2m2I5oiMbBUlDPk.roa (raw, json)
Hash identifier: VgwP1ycAZ0kwbeF1tHtj5QCFfYPwH8n7hreuVkb+Pos=
Subject key identifier: 08:FD:0B:F3:69:C7:92:DA:68:DA:6D:88:E6:88:8C:6C:15:25:0C:F9
Certificate issuer: /CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Certificate serial: 09E07D26
Authority key identifier: E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/CP0L82nHktpo2m2I5oiMbBUlDPk.roa
Signing time: Sat 01 Jan 2022 05:53:30 +0000
ROA not before: Sat 01 Jan 2022 05:53:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 185.43.192.0/24 maxlen: 24
185.43.193.0/24 maxlen: 24
185.43.194.0/24 maxlen: 24
185.43.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165707046 (0x9e07d26)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9d2721f2e2bd011b8a6860ad2572c405c0b540f
Validity
Not Before: Jan 1 05:53:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08fd0bf369c792da68da6d88e6888c6c15250cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:4b:26:49:1f:66:8a:1b:66:36:e4:5c:a3:c8:
f2:d5:3b:5a:3e:9d:ce:d2:72:99:92:3e:c5:18:ee:
96:84:2d:a0:c6:65:9b:d4:77:4d:8e:2e:1c:db:5a:
47:d6:1b:fd:1b:a5:27:89:8f:f1:55:ee:a4:ba:33:
2e:16:43:c2:a1:cb:a4:2d:06:52:40:25:25:c7:b5:
1e:11:c8:b6:99:0b:79:69:4c:7f:0b:a3:ec:25:2e:
76:2f:72:a1:5a:e9:33:62:48:67:0f:f7:a0:d4:21:
74:a5:02:62:3e:0e:3c:f9:ee:39:67:0f:5e:e7:a3:
b4:80:73:f7:c7:11:98:ce:9c:37:9c:e0:4f:01:39:
e5:8c:16:d0:0b:6d:53:9f:c3:e2:54:ef:f2:b9:a4:
dd:02:f9:cf:44:4c:83:d1:88:33:74:43:3d:4f:6b:
2b:39:d7:33:05:02:62:45:80:76:06:53:a5:c8:ba:
e4:3b:47:1e:ef:68:1a:6c:eb:72:14:b4:ff:18:47:
63:56:3b:d4:d2:33:89:4f:5d:6e:ff:15:bb:66:04:
32:64:a0:67:c2:74:5e:a6:0c:bd:6c:b0:89:e1:84:
a2:9d:fd:9b:4d:53:f4:8a:2b:3a:2d:1c:0c:9d:28:
d0:0f:66:30:77:5b:c4:30:72:a0:6c:66:59:ed:63:
20:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:FD:0B:F3:69:C7:92:DA:68:DA:6D:88:E6:88:8C:6C:15:25:0C:F9
X509v3 Authority Key Identifier:
keyid:E9:D2:72:1F:2E:2B:D0:11:B8:A6:86:0A:D2:57:2C:40:5C:0B:54:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6dJyHy4r0BG4poYK0lcsQFwLVA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/CP0L82nHktpo2m2I5oiMbBUlDPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/368df0-5c41-49d3-a9a9-c45903c3b329/1/6dJyHy4r0BG4poYK0lcsQFwLVA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.192.0/22
Signature Algorithm: sha256WithRSAEncryption
82:fa:2c:92:68:b6:0e:02:3a:44:28:d0:26:80:4e:f5:c5:04:
31:22:1b:9a:6d:67:72:e3:39:43:41:37:01:3d:20:c7:a6:3b:
90:5d:46:4c:65:6e:1e:8d:27:f8:b6:bc:10:f1:af:8e:3f:a0:
9b:f4:66:50:eb:a1:f8:4a:0a:fd:0c:77:a2:38:94:35:b7:0c:
38:e8:01:fd:ab:da:49:00:d3:6a:15:a5:3b:69:02:c2:60:aa:
92:40:6a:55:1b:6b:2c:d3:72:13:f3:b0:53:2c:19:f5:c5:f2:
1c:66:56:99:4f:a4:24:61:fa:8a:bd:0c:b3:b6:a0:73:f1:91:
d0:a7:19:5a:9b:7c:33:29:50:e6:3f:6a:eb:de:09:5f:ab:c5:
0c:00:b5:8b:5b:bc:bf:a5:71:96:0e:d3:75:d2:24:b3:96:18:
cb:b9:1d:a9:43:00:de:b7:8c:eb:2c:7f:eb:e1:80:61:6d:8a:
b4:c3:9c:12:39:7d:14:ee:da:bc:27:04:b8:82:35:18:bf:02:
6a:ae:00:94:e6:56:85:8a:eb:6d:20:18:d3:81:c0:3e:5f:9f:
4a:1d:e2:e7:cc:9a:3b:b8:08:e4:62:48:b3:70:7f:f7:be:6d:
83:0c:22:04:35:92:cf:1c:e6:e8:98:a9:6d:5a:1b:6b:1a:db:
b1:36:32:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECeB9JjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OWQyNzIxZjJlMmJkMDExYjhhNjg2MGFkMjU3MmM0MDVjMGI1NDBmMB4XDTIyMDEw
MTA1NTMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDhmZDBiZjM2OWM3
OTJkYTY4ZGE2ZDg4ZTY4ODhjNmMxNTI1MGNmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlLJkkfZoobZjbkXKPI8tU7Wj6dztJymZI+xRjuloQtoMZl
m9R3TY4uHNtaR9Yb/RulJ4mP8VXupLozLhZDwqHLpC0GUkAlJce1HhHItpkLeWlM
fwuj7CUudi9yoVrpM2JIZw/3oNQhdKUCYj4OPPnuOWcPXuejtIBz98cRmM6cN5zg
TwE55YwW0AttU5/D4lTv8rmk3QL5z0RMg9GIM3RDPU9rKznXMwUCYkWAdgZTpci6
5DtHHu9oGmzrchS0/xhHY1Y71NIziU9dbv8Vu2YEMmSgZ8J0XqYMvWywieGEop39
m01T9IorOi0cDJ0o0A9mMHdbxDByoGxmWe1jIE0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQI/QvzaceS2mjabYjmiIxsFSUM+TAfBgNVHSMEGDAWgBTp0nIfLivQEbim
hgrSVyxAXAtUDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZkSnlIeTRyMEJHNHBvWUswbGNzUUZ3TFZBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvMzY4ZGYwLTVjNDEtNDlkMy1hOWE5LWM0NTkwM2MzYjMyOS8x
L0NQMEw4Mm5Ia3RwbzJtMkk1b2lNYkJVbERQay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
MzY4ZGYwLTVjNDEtNDlkMy1hOWE5LWM0NTkwM2MzYjMyOS8xLzZkSnlIeTRyMEJH
NHBvWUswbGNzUUZ3TFZBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkrwDANBgkqhkiG9w0BAQsFAAOC
AQEAgvoskmi2DgI6RCjQJoBO9cUEMSIbmm1ncuM5Q0E3AT0gx6Y7kF1GTGVuHo0n
+La8EPGvjj+gm/RmUOuh+EoK/Qx3ojiUNbcMOOgB/avaSQDTahWlO2kCwmCqkkBq
VRtrLNNyE/OwUywZ9cXyHGZWmU+kJGH6ir0Ms7agc/GR0KcZWpt8MylQ5j9q694J
X6vFDAC1i1u8v6Vxlg7TddIks5YYy7kdqUMA3reM6yx/6+GAYW2KtMOcEjl9FO7a
vCcEuII1GL8Caq4AlOZWhYrrbSAY04HAPl+fSh3i58yaO7gI5GJIs3B/975tgwwi
BDWSzxzm6JipbVobaxrbsTYyfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:55 2024 by rpki-client on console-fra.rpki-client.org