Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/D5_5dF8ozr5wgppAu3-o2SqTSy0.roa
File: D5_5dF8ozr5wgppAu3-o2SqTSy0.roa (raw, json)
Hash identifier: edryfiwt2KDZGDIhKZQ0Zojio1+9KlnuTOkNyACUm0A=
Subject key identifier: 0F:9F:F9:74:5F:28:CE:BE:70:82:9A:40:BB:7F:A8:D9:2A:93:4B:2D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CAF7639
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/D5_5dF8ozr5wgppAu3-o2SqTSy0.roa
Signing time: Sat 01 Jan 2022 05:04:54 +0000
ROA not before: Sat 01 Jan 2022 05:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29066
IP address blocks: 185.217.119.0/24 maxlen: 24
185.198.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212825657 (0xcaf7639)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f9ff9745f28cebe70829a40bb7fa8d92a934b2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d1:28:06:20:d9:31:44:fb:5f:e7:a5:aa:49:
a0:bc:40:a0:53:04:23:c6:02:e4:81:51:80:c5:c9:
2a:92:3c:3c:d1:a0:15:96:5b:82:19:38:ac:61:8d:
41:52:91:e9:20:a4:37:af:48:c4:d8:8e:40:77:72:
d3:58:0d:27:ab:8d:9f:1d:aa:d9:ed:7b:be:0c:8e:
71:1c:9d:8e:a5:e4:de:76:c3:44:3a:fc:c3:ee:12:
19:f5:75:b0:5c:ca:bc:9b:47:9c:de:7e:eb:51:cf:
16:cc:06:f2:56:0f:4b:33:3e:55:a4:4f:a1:c7:eb:
88:80:6b:be:8d:a6:ab:0d:c6:b2:02:bf:99:fd:53:
ed:b2:9c:1b:1a:4c:dc:16:fc:c8:a2:37:fb:46:a5:
fa:a4:9b:b7:c5:ac:e1:a0:73:d5:86:d7:69:a7:ce:
78:04:19:8f:8a:07:f7:6f:82:ac:e1:d0:a3:2a:f8:
da:83:b4:66:9f:50:6b:2a:c2:de:e0:d4:a6:11:67:
ca:4b:1f:39:d9:2b:d7:b2:61:30:fb:23:2e:24:45:
c4:18:87:1a:08:0c:ec:0d:7e:9f:7b:b1:9f:02:cd:
4d:73:0b:11:37:2f:1c:9a:b4:b2:f0:46:a9:67:27:
e5:93:8f:94:21:f6:08:ab:78:0c:5a:e2:b8:de:41:
c7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9F:F9:74:5F:28:CE:BE:70:82:9A:40:BB:7F:A8:D9:2A:93:4B:2D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/D5_5dF8ozr5wgppAu3-o2SqTSy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.198.240.0/24
185.217.119.0/24
Signature Algorithm: sha256WithRSAEncryption
94:aa:0c:57:b4:69:9d:c0:a4:01:0a:3d:05:23:88:ed:cd:ad:
c3:58:e7:2f:50:48:12:c4:5a:b7:f8:6c:ec:76:24:e4:74:e8:
e5:79:d8:59:30:b3:bf:87:cb:bf:b1:22:cb:1a:af:96:14:54:
b8:a6:2d:29:de:e5:7c:d0:f8:26:d5:49:ce:ed:57:ac:83:c3:
12:2b:44:94:2e:60:46:fa:b7:b7:5d:e5:3b:14:29:75:99:1f:
68:b1:72:9f:22:13:41:b6:4c:4e:c3:f8:54:e3:82:77:5b:1c:
69:b6:ad:bb:ec:e7:7c:8d:04:73:d2:76:c3:c9:b2:4a:b7:18:
ce:c5:f3:de:0c:27:6e:08:f8:21:e3:67:24:25:f0:53:42:d1:
83:34:3a:db:59:a7:44:97:f7:38:3d:71:4b:fa:c0:78:cf:46:
f1:8a:59:1a:10:78:0a:14:63:95:ed:f2:a4:cf:4a:5d:f7:d1:
fa:ed:2e:c5:e8:0b:43:a0:bf:e9:c1:b6:2a:8e:74:2a:a9:35:
74:e2:2d:3f:0f:a8:de:f2:3c:58:88:77:be:a6:7c:8d:0d:27:
f6:62:35:ea:53:3f:c4:52:40:d3:6b:6f:ab:bc:6e:7d:6e:ce:
13:ca:d2:46:85:59:a1:1b:bc:7d:4e:f5:da:44:1b:45:f6:a8:
5c:d2:41:23
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDK92OTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGY5ZmY5NzQ1ZjI4
Y2ViZTcwODI5YTQwYmI3ZmE4ZDkyYTkzNGIyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHRKAYg2TFE+1/npapJoLxAoFMEI8YC5IFRgMXJKpI8PNGg
FZZbghk4rGGNQVKR6SCkN69IxNiOQHdy01gNJ6uNnx2q2e17vgyOcRydjqXk3nbD
RDr8w+4SGfV1sFzKvJtHnN5+61HPFswG8lYPSzM+VaRPocfriIBrvo2mqw3GsgK/
mf1T7bKcGxpM3Bb8yKI3+0al+qSbt8Ws4aBz1YbXaafOeAQZj4oH92+CrOHQoyr4
2oO0Zp9QayrC3uDUphFnyksfOdkr17JhMPsjLiRFxBiHGggM7A1+n3uxnwLNTXML
ETcvHJq0svBGqWcn5ZOPlCH2CKt4DFriuN5Bx2ECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQPn/l0XyjOvnCCmkC7f6jZKpNLLTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L0Q1XzVkRjhvenI1d2dwcEF1My1vMlNxVFN5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnG8AMEALnZdzANBgkqhkiG9w0B
AQsFAAOCAQEAlKoMV7RpncCkAQo9BSOI7c2tw1jnL1BIEsRat/hs7HYk5HTo5XnY
WTCzv4fLv7EiyxqvlhRUuKYtKd7lfND4JtVJzu1XrIPDEitElC5gRvq3t13lOxQp
dZkfaLFynyITQbZMTsP4VOOCd1scabatu+znfI0Ec9J2w8mySrcYzsXz3gwnbgj4
IeNnJCXwU0LRgzQ621mnRJf3OD1xS/rAeM9G8YpZGhB4ChRjle3ypM9KXffR+u0u
xegLQ6C/6cG2Ko50Kqk1dOItPw+o3vI8WIh3vqZ8jQ0n9mI16lM/xFJA02tvq7xu
fW7OE8rSRoVZoRu8fU712kQbRfaoXNJBIw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:58 2023 by rpki-client on console-fra.rpki-client.org