Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/_K6QZKvj_kTNMQP01WTMM_ycOZQ.roa
File: _K6QZKvj_kTNMQP01WTMM_ycOZQ.roa (raw, json)
Hash identifier: PSar3pf9OyemmpPzvhFLTl5pS/lFX4JQFIJUQJ3MgDY=
Subject key identifier: FC:AE:90:64:AB:E3:FE:44:CD:31:03:F4:D5:64:CC:33:FC:9C:39:94
Certificate issuer: /CN=1f9e25f4a88b8bb43c54d58f6b4e75089f906fd2
Certificate serial: 01853F02BBAFE9464D2905BD17B9B3F5832C
Authority key identifier: 1F:9E:25:F4:A8:8B:8B:B4:3C:54:D5:8F:6B:4E:75:08:9F:90:6F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H54l9KiLi7Q8VNWPa051CJ-Qb9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/_K6QZKvj_kTNMQP01WTMM_ycOZQ.roa
Signing time: Fri 23 Dec 2022 12:43:41 +0000
ROA not before: Fri 23 Dec 2022 12:43:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209390
IP address blocks: 185.108.64.0/22 maxlen: 22
185.108.64.0/24 maxlen: 24
185.108.65.0/24 maxlen: 24
185.108.66.0/24 maxlen: 24
2a06:6280::/29 maxlen: 29
2a06:6280:200::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:02:bb:af:e9:46:4d:29:05:bd:17:b9:b3:f5:83:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f9e25f4a88b8bb43c54d58f6b4e75089f906fd2
Validity
Not Before: Dec 23 12:43:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fcae9064abe3fe44cd3103f4d564cc33fc9c3994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c3:51:42:ac:9a:57:18:2c:5a:65:95:07:45:
f5:0b:b7:e5:9c:8a:23:64:47:11:f2:a6:f8:dd:d0:
96:77:0f:03:07:25:d5:b9:93:cb:17:8d:9d:9a:9a:
bf:91:ad:62:ae:4a:76:fc:da:b9:61:3a:cd:49:fd:
3b:2f:5b:25:2e:22:9f:79:00:3f:fa:39:06:41:af:
e4:60:e8:d0:29:d0:78:72:95:9a:f7:a2:0f:cf:c0:
14:d3:b8:b5:6a:0c:5f:35:82:9c:33:cd:8c:d0:f0:
df:72:aa:54:19:26:53:9b:d8:9a:cf:cf:5e:97:3e:
14:5e:97:c3:80:25:9e:af:98:50:4c:80:ce:07:05:
28:b8:36:d1:81:af:b8:e2:02:eb:2a:06:2d:a3:c6:
4b:3d:e8:c5:67:0f:40:1a:99:09:e2:6f:aa:ae:13:
56:e7:a8:cd:c9:0d:2b:8c:9b:db:2f:75:b9:e2:01:
46:54:b5:e8:fd:60:35:1e:6a:9c:35:96:4e:00:22:
14:da:3f:d0:8a:e5:65:37:48:a9:f7:f6:f7:b7:f9:
13:32:21:b1:95:67:06:1c:bc:f8:2f:4b:22:10:fc:
61:2f:7c:e4:ab:40:90:93:a3:3b:d0:ef:9f:96:5f:
61:4d:03:56:b0:31:96:82:f4:53:6e:a0:3c:9e:52:
0d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AE:90:64:AB:E3:FE:44:CD:31:03:F4:D5:64:CC:33:FC:9C:39:94
X509v3 Authority Key Identifier:
keyid:1F:9E:25:F4:A8:8B:8B:B4:3C:54:D5:8F:6B:4E:75:08:9F:90:6F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H54l9KiLi7Q8VNWPa051CJ-Qb9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/_K6QZKvj_kTNMQP01WTMM_ycOZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/5b5f20-6ef6-44b9-a691-e554a35e9e77/1/H54l9KiLi7Q8VNWPa051CJ-Qb9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.64.0/22
IPv6:
2a06:6280::/29
Signature Algorithm: sha256WithRSAEncryption
48:a1:89:de:55:80:42:b4:8e:83:c4:12:c6:cf:01:a4:c5:0b:
3a:32:2b:d3:8e:bb:22:99:1a:b4:06:90:90:4a:d2:61:29:82:
8a:8a:2b:04:a3:79:5c:7e:13:c1:35:78:30:f6:cd:3e:1e:71:
d2:bc:47:cf:7a:c4:8f:10:60:3e:35:6e:76:94:45:ac:f0:c1:
3d:61:40:d6:cc:42:30:76:91:4f:31:31:cc:5a:c1:b6:ca:86:
09:a5:18:a7:24:f1:4f:f7:0f:c9:74:c8:54:ef:01:08:c2:56:
a1:a6:cd:40:e0:32:7d:a6:9f:cf:db:45:fd:7b:0f:96:67:ef:
65:8e:77:72:22:46:1d:93:45:a9:cc:d4:2b:60:da:2a:fd:d0:
98:54:a9:f3:29:ef:be:b5:03:e9:0d:57:a9:f4:52:c7:b3:0c:
9d:fa:e5:bd:69:be:c9:41:b3:ac:fe:c3:0e:93:65:f4:6f:2f:
f1:03:3c:89:ca:f2:83:cb:17:dd:9a:9a:99:3a:0e:31:b5:90:
1e:82:3c:ae:10:a2:51:5d:70:fa:75:d0:55:6d:7d:f0:65:b9:
25:e9:21:4b:37:e9:d3:e8:e3:78:20:62:de:bc:97:13:5e:50:
63:09:62:4a:3a:0d:b1:0a:2f:11:71:52:f4:b3:83:4e:a6:32:
29:cf:ab:6b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYU/Aruv6UZNKQW9F7mz9YMsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmOWUyNWY0YTg4YjhiYjQzYzU0ZDU4ZjZiNGU3NTA4OWY5
MDZmZDIwHhcNMjIxMjIzMTI0MzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2FlOTA2NGFiZTNmZTQ0Y2QzMTAzZjRkNTY0Y2MzM2ZjOWMzOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsNRQqyaVxgsWmWVB0X1C7flnIoj
ZEcR8qb43dCWdw8DByXVuZPLF42dmpq/ka1irkp2/Nq5YTrNSf07L1slLiKfeQA/
+jkGQa/kYOjQKdB4cpWa96IPz8AU07i1agxfNYKcM82M0PDfcqpUGSZTm9iaz89e
lz4UXpfDgCWer5hQTIDOBwUouDbRga+44gLrKgYto8ZLPejFZw9AGpkJ4m+qrhNW
56jNyQ0rjJvbL3W54gFGVLXo/WA1HmqcNZZOACIU2j/QiuVlN0ip9/b3t/kTMiGx
lWcGHLz4L0siEPxhL3zkq0CQk6M70O+fll9hTQNWsDGWgvRTbqA8nlINiQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPyukGSr4/5EzTED9NVkzDP8nDmUMB8GA1UdIwQY
MBaAFB+eJfSoi4u0PFTVj2tOdQifkG/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDU0bDlLaUxpN1E4Vk5XUGEwNTFDSi1RYjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi81YjVmMjAtNmVmNi00NGI5LWE2OTEt
ZTU1NGEzNWU5ZTc3LzEvX0s2UVpLdmpfa1ROTVFQMDFXVE1NX3ljT1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi81YjVmMjAtNmVmNi00NGI5LWE2OTEtZTU1NGEzNWU5ZTc3
LzEvSDU0bDlLaUxpN1E4Vk5XUGEwNTFDSi1RYjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWxAMA0E
AgACMAcDBQMqBmKAMA0GCSqGSIb3DQEBCwUAA4IBAQBIoYneVYBCtI6DxBLGzwGk
xQs6MivTjrsimRq0BpCQStJhKYKKiisEo3lcfhPBNXgw9s0+HnHSvEfPesSPEGA+
NW52lEWs8ME9YUDWzEIwdpFPMTHMWsG2yoYJpRinJPFP9w/JdMhU7wEIwlahps1A
4DJ9pp/P20X9ew+WZ+9ljndyIkYdk0WpzNQrYNoq/dCYVKnzKe++tQPpDVep9FLH
swyd+uW9ab7JQbOs/sMOk2X0by/xAzyJyvKDyxfdmpqZOg4xtZAegjyuEKJRXXD6
ddBVbX3wZbkl6SFLN+nT6ON4IGLevJcTXlBjCWJKOg2xCi8RcVL0s4NOpjIpz6tr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:54 2023 by rpki-client on console-fra.rpki-client.org