Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/4DuXJ9vIT-dKW1-xmvwoTaVMf0k.roa
File: 4DuXJ9vIT-dKW1-xmvwoTaVMf0k.roa (raw, json)
Hash identifier: /TpXSpKp8R+9ULJZLA7btgEL8JSMEOIwxFFqFzjuRLI=
Subject key identifier: E0:3B:97:27:DB:C8:4F:E7:4A:5B:5F:B1:9A:FC:28:4D:A5:4C:7F:49
Certificate issuer: /CN=f1605d09ad2c6c437b6c2f8683ffffbe2174fe6c
Certificate serial: EA8204
Authority key identifier: F1:60:5D:09:AD:2C:6C:43:7B:6C:2F:86:83:FF:FF:BE:21:74:FE:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8WBdCa0sbEN7bC-Gg___viF0_mw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/4DuXJ9vIT-dKW1-xmvwoTaVMf0k.roa
Signing time: Sat 01 Jan 2022 10:00:51 +0000
ROA not before: Sat 01 Jan 2022 10:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202330
IP address blocks: 185.255.21.0/24 maxlen: 24
185.255.20.0/22 maxlen: 22
185.255.22.0/24 maxlen: 24
185.255.23.0/24 maxlen: 24
185.255.20.0/24 maxlen: 24
185.25.105.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15368708 (0xea8204)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1605d09ad2c6c437b6c2f8683ffffbe2174fe6c
Validity
Not Before: Jan 1 10:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e03b9727dbc84fe74a5b5fb19afc284da54c7f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a3:0a:c3:e9:bd:78:e6:99:86:6f:10:69:4d:
00:ce:19:7b:68:10:d9:3c:97:2d:e3:61:0b:b4:2c:
38:8b:fb:9f:e5:06:b1:d4:b3:15:6f:c6:d9:33:78:
e1:30:ba:6f:d7:78:db:98:26:10:77:79:d7:27:92:
7f:31:66:89:8f:26:2d:3d:f5:6a:32:a9:ec:50:08:
bd:7c:fd:d3:31:05:1e:ce:80:f6:b7:14:11:3e:1a:
c9:a9:fa:c4:ba:51:2a:0f:bb:c8:55:45:36:a1:f3:
88:46:2b:00:ac:cc:0e:f5:a6:6f:21:b5:7a:01:46:
9e:00:74:f4:78:23:a1:d0:50:5f:6c:e0:3f:62:87:
6b:5f:42:b6:4d:0a:f8:0e:34:95:85:6c:27:60:fe:
1d:4d:ff:65:07:84:22:fe:4e:87:72:52:da:d9:57:
ee:cc:28:cd:40:29:44:77:c1:23:3e:0e:8d:24:0d:
8e:b9:7d:d6:a0:fc:d1:b5:5a:c7:7a:a1:0a:3a:ce:
ca:5b:ba:5c:c8:9a:1c:ab:d2:cb:19:28:26:c8:22:
f7:e7:2f:80:83:13:21:5d:d6:43:04:4b:4b:3d:2f:
e0:38:9e:9c:82:82:59:7f:cc:b6:bd:d3:41:24:5e:
63:f9:ad:11:0d:14:a8:4a:90:ea:98:ae:ce:c6:dc:
45:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:3B:97:27:DB:C8:4F:E7:4A:5B:5F:B1:9A:FC:28:4D:A5:4C:7F:49
X509v3 Authority Key Identifier:
keyid:F1:60:5D:09:AD:2C:6C:43:7B:6C:2F:86:83:FF:FF:BE:21:74:FE:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8WBdCa0sbEN7bC-Gg___viF0_mw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/4DuXJ9vIT-dKW1-xmvwoTaVMf0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/36b040-f57b-4ae2-ab42-228733245cd1/1/8WBdCa0sbEN7bC-Gg___viF0_mw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.105.0/24
185.255.20.0/22
Signature Algorithm: sha256WithRSAEncryption
af:6c:3c:5a:bd:53:d4:aa:96:62:e1:4c:a3:7b:6f:e3:e3:b9:
db:a2:c0:37:78:c7:31:74:a1:bc:ab:10:f9:7c:8d:cb:eb:87:
1b:94:ec:04:6c:db:6f:2f:02:67:97:b4:36:de:ba:c2:3a:d0:
c1:57:6f:af:ed:06:3c:1d:b3:7a:d2:01:37:10:9f:e7:6a:b6:
8a:1a:e0:32:0d:df:c5:d8:57:3a:4c:fb:eb:18:98:d9:56:c2:
82:dd:db:78:f3:b8:36:d0:10:94:0d:cd:d5:64:bb:b6:14:50:
1d:59:b4:40:7a:cd:b2:5c:f7:e0:1a:dc:df:93:b2:20:b3:8d:
22:8d:f0:e7:4d:be:6b:ce:ae:10:42:78:fd:66:ca:5d:2a:c8:
21:0b:a3:11:3c:93:10:30:18:18:b1:df:3a:9d:88:6a:5d:5e:
13:8b:30:a3:5f:c5:71:a2:c9:36:43:31:60:a2:ab:e9:8c:33:
cd:3f:94:75:67:48:6a:40:a4:3a:57:02:f3:f1:75:77:eb:cf:
e1:ce:80:d7:7c:f3:7d:be:33:87:69:a9:be:49:69:90:ba:03:
b0:0e:71:bb:c0:7a:29:d7:cc:36:66:2a:9a:b0:01:9f:c1:35:
ea:40:9b:4e:d0:49:d4:e7:c4:d8:37:51:07:17:cc:35:97:6f:
b7:10:54:23
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAOqCBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTYwNWQwOWFkMmM2YzQzN2I2YzJmODY4M2ZmZmZiZTIxNzRmZTZjMB4XDTIyMDEw
MTEwMDA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTAzYjk3MjdkYmM4
NGZlNzRhNWI1ZmIxOWFmYzI4NGRhNTRjN2Y0OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK+jCsPpvXjmmYZvEGlNAM4Ze2gQ2TyXLeNhC7QsOIv7n+UG
sdSzFW/G2TN44TC6b9d425gmEHd51yeSfzFmiY8mLT31ajKp7FAIvXz90zEFHs6A
9rcUET4ayan6xLpRKg+7yFVFNqHziEYrAKzMDvWmbyG1egFGngB09HgjodBQX2zg
P2KHa19Ctk0K+A40lYVsJ2D+HU3/ZQeEIv5Oh3JS2tlX7swozUApRHfBIz4OjSQN
jrl91qD80bVax3qhCjrOylu6XMiaHKvSyxkoJsgi9+cvgIMTIV3WQwRLSz0v4Die
nIKCWX/Mtr3TQSReY/mtEQ0UqEqQ6piuzsbcRWsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTgO5cn28hP50pbX7Ga/ChNpUx/STAfBgNVHSMEGDAWgBTxYF0JrSxsQ3ts
L4aD//++IXT+bDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhXQmRDYTBzYkVON2JDLUdnX19fdmlGMF9tdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvMzZiMDQwLWY1N2ItNGFlMi1hYjQyLTIyODczMzI0NWNkMS8x
LzREdVhKOXZJVC1kS1cxLXhtdndvVGFWTWYway5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
MzZiMDQwLWY1N2ItNGFlMi1hYjQyLTIyODczMzI0NWNkMS8xLzhXQmRDYTBzYkVO
N2JDLUdnX19fdmlGMF9tdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALkZaQMEArn/FDANBgkqhkiG9w0B
AQsFAAOCAQEAr2w8Wr1T1KqWYuFMo3tv4+O526LAN3jHMXShvKsQ+XyNy+uHG5Ts
BGzbby8CZ5e0Nt66wjrQwVdvr+0GPB2zetIBNxCf52q2ihrgMg3fxdhXOkz76xiY
2VbCgt3bePO4NtAQlA3N1WS7thRQHVm0QHrNslz34Brc35OyILONIo3w502+a86u
EEJ4/WbKXSrIIQujETyTEDAYGLHfOp2Ial1eE4swo1/FcaLJNkMxYKKr6YwzzT+U
dWdIakCkOlcC8/F1d+vP4c6A13zzfb4zh2mpvklpkLoDsA5xu8B6KdfMNmYqmrAB
n8E16kCbTtBJ1OfE2DdRBxfMNZdvtxBUIw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:26 2023 by rpki-client on console-ams.rpki-client.org