Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/J9KytHUL4qkV4KgFejjOKGTEkvw.roa
File: J9KytHUL4qkV4KgFejjOKGTEkvw.roa (raw, json)
Hash identifier: hG4vCCcG/3bUE1cS4xIlX1ctdpStpmdcnJHx958X/cc=
Subject key identifier: 27:D2:B2:B4:75:0B:E2:A9:15:E0:A8:05:7A:38:CE:28:64:C4:92:FC
Certificate issuer: /CN=1f9e25f4a88b8bb43c54d58f6b4e75089f906fd2
Certificate serial: 018217273D84805660F52E4E503FD4E1FBEE
Authority key identifier: 1F:9E:25:F4:A8:8B:8B:B4:3C:54:D5:8F:6B:4E:75:08:9F:90:6F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H54l9KiLi7Q8VNWPa051CJ-Qb9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/J9KytHUL4qkV4KgFejjOKGTEkvw.roa
Signing time: Tue 19 Jul 2022 15:50:23 +0000
ROA not before: Tue 19 Jul 2022 15:50:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209390
IP address blocks: 185.108.64.0/22 maxlen: 22
185.108.64.0/24 maxlen: 24
185.108.66.0/24 maxlen: 24
2a06:6280::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:17:27:3d:84:80:56:60:f5:2e:4e:50:3f:d4:e1:fb:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f9e25f4a88b8bb43c54d58f6b4e75089f906fd2
Validity
Not Before: Jul 19 15:50:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=27d2b2b4750be2a915e0a8057a38ce2864c492fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:48:98:12:09:fa:21:35:41:68:51:58:49:87:
66:4e:df:09:2a:a5:f3:a4:c0:25:21:6d:7a:87:4f:
1f:d6:e4:76:f6:6b:88:dc:e8:1d:ca:c6:56:cc:d1:
0e:f2:df:ef:db:dc:0a:66:a3:94:d4:33:a2:15:fe:
8c:87:57:61:b9:80:8a:93:35:00:ed:ed:59:53:92:
0d:c1:76:b2:d3:6e:c3:0e:2c:20:c0:52:67:05:2f:
1d:57:da:47:ae:9a:f2:fd:18:e1:bf:16:b3:60:48:
c4:ac:05:bd:09:f7:44:5c:b7:cb:40:00:16:18:a0:
ee:54:63:25:6e:9b:eb:ab:f8:63:c1:3f:79:56:8b:
a7:6c:27:f8:02:50:f6:18:a9:72:49:01:49:e0:4d:
ae:e3:42:60:3e:3d:31:2c:ba:b0:87:0b:be:21:6e:
2f:6e:7d:bc:db:22:87:a8:49:89:fb:c5:e2:58:12:
67:8e:c0:95:cb:0b:2b:77:43:5f:ec:aa:52:94:cb:
bb:a3:18:c5:46:fb:0c:fa:ad:ed:c1:99:fe:c5:6c:
b7:df:f1:8c:c4:05:3e:61:9d:a1:5b:db:d0:5d:f4:
c2:a7:ab:d7:5d:af:59:05:04:4e:5d:1c:44:4d:a7:
a9:0f:40:4f:07:d0:c1:00:be:0c:ba:be:69:69:c4:
10:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:D2:B2:B4:75:0B:E2:A9:15:E0:A8:05:7A:38:CE:28:64:C4:92:FC
X509v3 Authority Key Identifier:
keyid:1F:9E:25:F4:A8:8B:8B:B4:3C:54:D5:8F:6B:4E:75:08:9F:90:6F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H54l9KiLi7Q8VNWPa051CJ-Qb9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/J9KytHUL4qkV4KgFejjOKGTEkvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/H54l9KiLi7Q8VNWPa051CJ-Qb9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.64.0/22
IPv6:
2a06:6280::/29
Signature Algorithm: sha256WithRSAEncryption
30:ee:85:88:50:de:8d:56:c8:4a:32:0a:10:e2:2b:0f:6d:5c:
23:bc:a0:96:f3:40:69:03:aa:57:24:43:b0:b2:a1:40:73:6a:
0b:f8:e9:9c:ba:1f:0c:ed:41:23:e9:4d:89:4e:50:76:97:f0:
51:ac:ed:d6:bc:1b:62:3e:33:bb:42:31:58:3c:47:13:1b:6c:
1c:42:6c:93:fb:3e:25:aa:08:49:8e:f5:b3:c0:3c:63:8e:d8:
ca:44:48:12:32:59:eb:f6:6e:d1:85:26:55:06:76:07:f6:a6:
e0:3f:8e:a1:a0:14:45:36:4a:07:1a:e8:07:fc:ec:51:27:9d:
f1:75:c8:33:3b:42:29:06:56:af:81:01:3c:26:f1:54:ba:65:
ba:82:bb:fa:16:f1:0e:a3:fe:2d:55:77:09:6d:df:cb:2f:df:
26:dd:6c:3b:82:2e:f3:2c:5f:33:92:c4:6b:03:61:2c:15:03:
6e:87:89:70:c9:2a:77:a1:58:21:d3:5d:17:62:5e:16:a3:ae:
f7:6b:55:ef:22:50:ea:6b:72:46:e3:cb:35:96:89:e8:7d:6a:
75:83:64:0d:1f:ad:a4:3c:00:47:5a:da:8e:21:ea:21:49:89:
1e:95:0d:c9:20:0b:02:86:60:88:95:0e:73:c8:3c:c9:5c:99:
fc:0f:5c:b7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYIXJz2EgFZg9S5OUD/U4fvuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOWUyNWY0YTg4YjhiYjQzYzU0ZDU4ZjZiNGU3NTA4OWY5
MDZmZDIwHhcNMjIwNzE5MTU1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyN2QyYjJiNDc1MGJlMmE5MTVlMGE4MDU3YTM4Y2UyODY0YzQ5MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0iYEgn6ITVBaFFYSYdmTt8JKqXz
pMAlIW16h08f1uR29muI3OgdysZWzNEO8t/v29wKZqOU1DOiFf6Mh1dhuYCKkzUA
7e1ZU5INwXay027DDiwgwFJnBS8dV9pHrpry/RjhvxazYEjErAW9CfdEXLfLQAAW
GKDuVGMlbpvrq/hjwT95VounbCf4AlD2GKlySQFJ4E2u40JgPj0xLLqwhwu+IW4v
bn282yKHqEmJ+8XiWBJnjsCVywsrd0Nf7KpSlMu7oxjFRvsM+q3twZn+xWy33/GM
xAU+YZ2hW9vQXfTCp6vXXa9ZBQROXRxETaepD0BPB9DBAL4Mur5pacQQrQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCfSsrR1C+KpFeCoBXo4zihkxJL8MB8GA1UdIwQY
MBaAFB+eJfSoi4u0PFTVj2tOdQifkG/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDU0bDlLaUxpN1E4Vk5XUGEwNTFDSi1RYjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi81YjVmMjAtNmVmNi00NGI5LWE2OTEt
ZTU1NGEzNWU5ZTc3LzEvSjlLeXRIVUw0cWtWNEtnRmVqak9LR1RFa3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi81YjVmMjAtNmVmNi00NGI5LWE2OTEtZTU1NGEzNWU5ZTc3
LzEvSDU0bDlLaUxpN1E4Vk5XUGEwNTFDSi1RYjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWxAMA0E
AgACMAcDBQMqBmKAMA0GCSqGSIb3DQEBCwUAA4IBAQAw7oWIUN6NVshKMgoQ4isP
bVwjvKCW80BpA6pXJEOwsqFAc2oL+Omcuh8M7UEj6U2JTlB2l/BRrO3WvBtiPjO7
QjFYPEcTG2wcQmyT+z4lqghJjvWzwDxjjtjKREgSMlnr9m7RhSZVBnYH9qbgP46h
oBRFNkoHGugH/OxRJ53xdcgzO0IpBlavgQE8JvFUumW6grv6FvEOo/4tVXcJbd/L
L98m3Ww7gi7zLF8zksRrA2EsFQNuh4lwySp3oVgh010XYl4Wo673a1XvIlDqa3JG
48s1lonofWp1g2QNH62kPABHWtqOIeohSYkelQ3JIAsChmCIlQ5zyDzJXJn8D1y3
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:54 2023 by rpki-client on console-fra.rpki-client.org