Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/VkNzH2fHaKBuLO2orAxX0ljYuxE.roa
File: VkNzH2fHaKBuLO2orAxX0ljYuxE.roa (raw, json)
Hash identifier: qU9KM2wlqGihzna/uW7h5cmWfzw3DmGMgUXtm/IcVZs=
Subject key identifier: 56:43:73:1F:67:C7:68:A0:6E:2C:ED:A8:AC:0C:57:D2:58:D8:BB:11
Certificate issuer: /CN=31db847d1db1e0b2c2c25502210ff5a719967a19
Certificate serial: D072ED
Authority key identifier: 31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/VkNzH2fHaKBuLO2orAxX0ljYuxE.roa
Signing time: Sun 13 Mar 2022 15:52:02 +0000
ROA not before: Sun 13 Mar 2022 15:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.238.212.0/23 maxlen: 24
185.238.214.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13660909 (0xd072ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31db847d1db1e0b2c2c25502210ff5a719967a19
Validity
Not Before: Mar 13 15:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5643731f67c768a06e2ceda8ac0c57d258d8bb11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8a:25:9a:65:d2:c6:19:df:ab:a9:42:a7:eb:
a4:30:64:db:80:ea:50:ca:f2:92:2e:e3:c8:cc:72:
e1:f3:f3:d0:e6:d8:ca:a2:c3:5e:75:23:e6:24:ca:
55:b3:f3:7b:37:61:b2:27:b1:ae:80:f2:a0:d9:38:
c9:50:b6:8c:d5:41:8c:69:a0:5f:72:0b:9d:58:03:
ce:6b:11:e9:7b:99:0b:f8:63:a0:79:60:18:f3:41:
36:4b:69:fe:a3:12:e2:27:a2:02:ce:9f:30:6d:14:
57:fa:a4:46:25:50:59:7a:a2:86:e2:c3:af:a8:93:
86:f6:8c:70:cd:cb:95:a1:c8:83:5d:65:d7:e2:d3:
7e:87:d3:48:39:0a:85:97:12:81:57:08:2d:db:56:
fc:e3:57:90:35:bf:24:7b:00:1f:70:d8:09:27:9d:
e2:b9:2f:4f:91:74:b0:d1:cc:6f:11:e1:bb:be:55:
77:dd:9b:4b:d0:c5:a4:38:a5:41:14:fd:8a:20:47:
1b:1f:eb:2e:72:30:37:84:32:42:56:5e:a3:3d:52:
6a:53:bf:0c:7a:5d:af:aa:23:d4:7f:c7:d4:a0:3e:
75:b7:89:22:ad:0e:69:7e:88:1d:dc:69:70:1a:ac:
ec:32:53:9e:6b:8d:20:9e:8f:ec:16:65:90:6b:00:
5a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:43:73:1F:67:C7:68:A0:6E:2C:ED:A8:AC:0C:57:D2:58:D8:BB:11
X509v3 Authority Key Identifier:
keyid:31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/VkNzH2fHaKBuLO2orAxX0ljYuxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/MduEfR2x4LLCwlUCIQ_1pxmWehk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.212.0/22
Signature Algorithm: sha256WithRSAEncryption
a3:0d:e1:12:9e:f2:67:cc:56:e4:e9:55:4d:ca:da:af:df:72:
ce:98:0d:8c:58:e5:28:7c:38:db:3d:a6:95:bf:83:92:4b:bf:
1a:f5:69:a6:00:d1:23:c9:1e:05:2d:77:54:cc:78:d7:fb:f4:
f0:1c:66:b7:48:aa:d9:87:ed:3d:e0:a0:93:00:5d:79:85:e8:
52:96:0d:26:81:a8:5e:24:c8:33:98:ea:90:08:fc:44:cc:30:
1a:c8:4c:86:44:db:e3:d6:79:bd:1e:8a:a9:85:c5:18:c6:f1:
25:02:b2:8f:d9:8f:d8:26:e6:11:70:91:91:ff:c7:97:7c:46:
9b:70:96:74:dd:ee:8b:5f:6d:b3:ad:d6:2f:b7:4a:ed:57:7d:
b8:1a:53:b0:bb:66:8f:cd:f9:fe:96:9b:df:ae:1b:7b:b1:fd:
e8:3a:54:86:59:c1:c3:86:5c:32:6e:9a:8f:0f:d3:85:a1:db:
39:dd:92:db:ea:c7:46:2a:5b:fb:a9:28:26:2b:91:40:6d:f8:
ac:c9:19:b2:db:b7:d5:18:63:a0:e0:7b:38:e5:20:82:ad:f9:
55:93:fd:b0:d8:c7:01:70:d5:52:5c:6a:74:ea:46:26:7c:bd:
26:13:33:53:92:61:79:22:90:10:39:5a:13:62:b5:62:a3:0d:
5a:f5:57:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANBy7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MWRiODQ3ZDFkYjFlMGIyYzJjMjU1MDIyMTBmZjVhNzE5OTY3YTE5MB4XDTIyMDMx
MzE1NTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTY0MzczMWY2N2M3
NjhhMDZlMmNlZGE4YWMwYzU3ZDI1OGQ4YmIxMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMqKJZpl0sYZ36upQqfrpDBk24DqUMryki7jyMxy4fPz0ObY
yqLDXnUj5iTKVbPzezdhsiexroDyoNk4yVC2jNVBjGmgX3ILnVgDzmsR6XuZC/hj
oHlgGPNBNktp/qMS4ieiAs6fMG0UV/qkRiVQWXqihuLDr6iThvaMcM3LlaHIg11l
1+LTfofTSDkKhZcSgVcILdtW/ONXkDW/JHsAH3DYCSed4rkvT5F0sNHMbxHhu75V
d92bS9DFpDilQRT9iiBHGx/rLnIwN4QyQlZeoz1SalO/DHpdr6oj1H/H1KA+dbeJ
Iq0OaX6IHdxpcBqs7DJTnmuNIJ6P7BZlkGsAWrMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRWQ3MfZ8dooG4s7aisDFfSWNi7ETAfBgNVHSMEGDAWgBQx24R9HbHgssLC
VQIhD/WnGZZ6GTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01kdUVmUjJ4NExMQ3dsVUNJUV8xcHhtV2Voay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvM2RiZDM5LTVmOWYtNDhmYi05YzAxLWJkNmUzYjAyNmMzNy8x
L1ZrTnpIMmZIYUtCdUxPMm9yQXhYMGxqWXV4RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
M2RiZDM5LTVmOWYtNDhmYi05YzAxLWJkNmUzYjAyNmMzNy8xL01kdUVmUjJ4NExM
Q3dsVUNJUV8xcHhtV2Voay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnu1DANBgkqhkiG9w0BAQsFAAOC
AQEAow3hEp7yZ8xW5OlVTcrar99yzpgNjFjlKHw42z2mlb+Dkku/GvVppgDRI8ke
BS13VMx41/v08Bxmt0iq2YftPeCgkwBdeYXoUpYNJoGoXiTIM5jqkAj8RMwwGshM
hkTb49Z5vR6KqYXFGMbxJQKyj9mP2CbmEXCRkf/Hl3xGm3CWdN3ui19ts63WL7dK
7Vd9uBpTsLtmj835/pab364be7H96DpUhlnBw4ZcMm6ajw/ThaHbOd2S2+rHRipb
+6koJiuRQG34rMkZstu31RhjoOB7OOUggq35VZP9sNjHAXDVUlxqdOpGJny9JhMz
U5JheSKQEDlaE2K1YqMNWvVX+A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:02 2023 by rpki-client on console-fra.rpki-client.org