Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/2KdI-9oQ7_os1sR6R8z2tJfRaxQ.roa
File: 2KdI-9oQ7_os1sR6R8z2tJfRaxQ.roa (raw, json)
Hash identifier: hcPa2/QmuUZfWCJIaMIKtHjPtShwrMUb7W9SrXTDYFc=
Subject key identifier: D8:A7:48:FB:DA:10:EF:FA:2C:D6:C4:7A:47:CC:F6:B4:97:D1:6B:14
Certificate issuer: /CN=f69527a06a035cbcaecf00daca2fd88399cf9d12
Certificate serial: 01825E9B774F94A7E1BAE748450787E6D398
Authority key identifier: F6:95:27:A0:6A:03:5C:BC:AE:CF:00:DA:CA:2F:D8:83:99:CF:9D:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9pUnoGoDXLyuzwDayi_Yg5nPnRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/2KdI-9oQ7_os1sR6R8z2tJfRaxQ.roa
Signing time: Tue 02 Aug 2022 12:50:23 +0000
ROA not before: Tue 02 Aug 2022 12:50:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44407
IP address blocks: 185.235.104.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:9b:77:4f:94:a7:e1:ba:e7:48:45:07:87:e6:d3:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f69527a06a035cbcaecf00daca2fd88399cf9d12
Validity
Not Before: Aug 2 12:50:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8a748fbda10effa2cd6c47a47ccf6b497d16b14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:db:aa:dd:b4:fc:47:c4:94:cb:41:2e:1f:dc:
38:2d:2e:00:c0:86:15:e4:90:43:82:15:b0:c1:4b:
08:ee:6b:aa:36:ba:f4:eb:6a:ef:24:65:7b:5f:a8:
77:93:4b:e6:94:74:2f:f7:ad:7e:89:34:16:19:9a:
a4:80:f6:44:89:09:06:7e:87:56:5e:92:71:71:c4:
1c:d4:18:a6:dc:77:24:31:aa:c4:73:47:82:8e:95:
b1:19:d4:c6:bc:c5:9d:00:4e:ff:27:ad:01:43:7a:
c0:08:10:78:03:74:fb:37:0f:0c:70:c1:54:3d:7e:
07:80:c7:0c:a3:39:91:9e:d9:57:9a:9c:ca:81:c4:
8f:20:1f:0f:e1:15:89:6c:be:06:e5:3f:13:58:90:
43:b3:b2:ca:2d:4a:dc:53:1f:b7:6d:b9:de:46:cc:
e5:6a:02:b6:67:fb:72:06:fb:b7:d0:14:76:13:8b:
14:8e:88:56:50:c3:75:89:60:e4:c9:ae:e1:eb:eb:
81:59:bf:70:9e:65:48:8c:d0:43:71:b6:59:9c:82:
84:58:75:77:44:1f:2f:6c:bc:a0:97:9b:b5:fc:a7:
36:a7:9d:f1:19:ce:cd:2e:8d:d3:6b:2e:b7:b8:26:
da:25:8a:a9:d0:c9:a0:87:fd:95:82:ca:24:8f:03:
09:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:A7:48:FB:DA:10:EF:FA:2C:D6:C4:7A:47:CC:F6:B4:97:D1:6B:14
X509v3 Authority Key Identifier:
keyid:F6:95:27:A0:6A:03:5C:BC:AE:CF:00:DA:CA:2F:D8:83:99:CF:9D:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9pUnoGoDXLyuzwDayi_Yg5nPnRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/2KdI-9oQ7_os1sR6R8z2tJfRaxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d45531-d6c8-4dce-b606-85c855227b23/1/9pUnoGoDXLyuzwDayi_Yg5nPnRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.104.0/22
Signature Algorithm: sha256WithRSAEncryption
66:29:20:78:54:cf:61:cf:bf:f9:ca:08:05:81:56:1f:47:8c:
3a:c3:14:29:b7:89:b8:d0:55:35:84:a6:40:c5:0e:ce:e1:ea:
45:57:5e:f1:3c:13:78:72:80:75:fb:69:a6:70:86:8f:85:52:
5d:6c:1d:16:50:d1:86:e6:28:0b:4a:79:00:d1:f7:c8:23:9a:
d5:ef:04:ea:f5:2c:58:5f:4e:62:35:a4:65:21:1d:26:e9:0a:
87:17:ba:7e:4b:f0:d8:73:12:9b:92:fe:f4:f1:5e:ae:38:e3:
f6:b8:86:7d:20:69:5c:25:32:23:e6:6e:17:60:e1:34:12:99:
fe:8a:45:69:b7:9a:5a:fa:ce:9c:8a:ef:1b:f0:e2:e2:c4:c9:
a9:29:10:e7:d4:47:07:54:cf:8a:b1:f7:8a:0d:bd:49:bb:ed:
e4:8c:11:01:96:35:f2:f3:32:31:c7:e5:74:d3:8e:93:3e:77:
c5:4a:9a:de:a2:57:f2:ff:4b:80:94:72:40:e1:22:d3:cd:10:
ad:37:58:28:9d:02:3c:c6:08:24:0d:e8:e9:3f:49:a6:c0:1c:
28:e8:95:51:2d:a8:78:f0:48:d2:50:be:4e:51:37:5a:02:a2:
75:b6:86:ea:2c:53:9f:cd:0c:4c:c0:c9:ae:1f:33:c6:03:b6:
dc:04:97:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJem3dPlKfhuudIRQeH5tOYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2OTUyN2EwNmEwMzVjYmNhZWNmMDBkYWNhMmZkODgzOTlj
ZjlkMTIwHhcNMjIwODAyMTI1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGE3NDhmYmRhMTBlZmZhMmNkNmM0N2E0N2NjZjZiNDk3ZDE2YjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtduq3bT8R8SUy0EuH9w4LS4AwIYV
5JBDghWwwUsI7muqNrr062rvJGV7X6h3k0vmlHQv961+iTQWGZqkgPZEiQkGfodW
XpJxccQc1Bim3HckMarEc0eCjpWxGdTGvMWdAE7/J60BQ3rACBB4A3T7Nw8McMFU
PX4HgMcMozmRntlXmpzKgcSPIB8P4RWJbL4G5T8TWJBDs7LKLUrcUx+3bbneRszl
agK2Z/tyBvu30BR2E4sUjohWUMN1iWDkya7h6+uBWb9wnmVIjNBDcbZZnIKEWHV3
RB8vbLygl5u1/Kc2p53xGc7NLo3Tay63uCbaJYqp0Mmgh/2VgsokjwMJ3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNinSPvaEO/6LNbEekfM9rSX0WsUMB8GA1UdIwQY
MBaAFPaVJ6BqA1y8rs8A2sov2IOZz50SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXBVbm9Hb0RYTHl1endEYXlpX1lnNW5QblJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNDU1MzEtZDZjOC00ZGNlLWI2MDYt
ODVjODU1MjI3YjIzLzEvMktkSS05b1E3X29zMXNSNlI4ejJ0SmZSYXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNDU1MzEtZDZjOC00ZGNlLWI2MDYtODVjODU1MjI3YjIz
LzEvOXBVbm9Hb0RYTHl1endEYXlpX1lnNW5QblJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuetoMA0G
CSqGSIb3DQEBCwUAA4IBAQBmKSB4VM9hz7/5yggFgVYfR4w6wxQpt4m40FU1hKZA
xQ7O4epFV17xPBN4coB1+2mmcIaPhVJdbB0WUNGG5igLSnkA0ffII5rV7wTq9SxY
X05iNaRlIR0m6QqHF7p+S/DYcxKbkv708V6uOOP2uIZ9IGlcJTIj5m4XYOE0Epn+
ikVpt5pa+s6ciu8b8OLixMmpKRDn1EcHVM+KsfeKDb1Ju+3kjBEBljXy8zIxx+V0
046TPnfFSpreolfy/0uAlHJA4SLTzRCtN1gonQI8xggkDejpP0mmwBwo6JVRLah4
8EjSUL5OUTdaAqJ1tobqLFOfzQxMwMmuHzPGA7bcBJci
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:37 2023 by rpki-client on console-fra.rpki-client.org