Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/db_UNtokZMn03pzf8EOaRvxE4o0.roa
File: db_UNtokZMn03pzf8EOaRvxE4o0.roa (raw, json)
Hash identifier: 6A3MRvo7wj4DCksCt/WNKqTfL+BiC14kwmcPiRCO7zI=
Subject key identifier: 75:BF:D4:36:DA:24:64:C9:F4:DE:9C:DF:F0:43:9A:46:FC:44:E2:8D
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0CB6AC78
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/db_UNtokZMn03pzf8EOaRvxE4o0.roa
Signing time: Sat 01 Jan 2022 05:04:59 +0000
ROA not before: Sat 01 Jan 2022 05:04:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49321
IP address blocks: 185.192.17.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213298296 (0xcb6ac78)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 05:04:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=75bfd436da2464c9f4de9cdff0439a46fc44e28d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e0:46:68:72:42:69:20:df:1a:76:6b:fc:58:
05:da:fe:f8:53:1e:83:94:9f:16:1e:f0:0c:09:23:
02:2a:04:34:92:64:c8:6e:05:ab:bd:e7:78:cb:15:
cb:c7:37:42:ab:b1:41:92:e5:66:4c:35:ba:7a:5c:
e6:ba:72:19:2c:9d:ae:95:c2:8d:ae:15:21:14:e1:
86:ad:bc:20:fd:4a:20:34:da:f0:8d:ff:8e:66:fc:
3e:50:ec:a3:d9:2f:30:5b:81:ac:63:bc:4c:49:c1:
dd:91:67:f8:0c:fa:49:23:b3:66:02:69:ce:1f:99:
f0:d6:49:a0:d5:43:db:af:80:d6:67:95:8e:c2:c1:
12:a3:e9:3c:1e:ea:c4:c3:9f:08:70:8b:83:d8:7b:
d0:cf:09:50:88:13:7d:28:7e:e4:6a:4b:8c:86:c2:
2c:08:48:a7:c1:1c:7b:df:02:fd:3f:c6:a4:3d:36:
6d:f7:b7:34:e7:15:d7:cf:2b:b9:d7:5f:be:d9:c6:
4d:7e:05:4c:cc:ec:29:b8:a4:9d:93:9e:51:b3:24:
cd:a1:a1:cc:36:0a:df:53:b1:40:6c:04:82:72:0a:
16:aa:f1:6b:80:0c:46:28:6f:6e:82:44:1c:47:fd:
be:0e:40:63:f6:44:40:16:54:23:57:67:44:ad:4a:
e7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:BF:D4:36:DA:24:64:C9:F4:DE:9C:DF:F0:43:9A:46:FC:44:E2:8D
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/db_UNtokZMn03pzf8EOaRvxE4o0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.192.17.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:79:59:b4:ef:74:b6:36:4d:df:d6:a8:0d:55:5f:6c:df:e8:
83:75:09:97:7d:d1:d2:13:33:53:34:b4:98:7a:4a:42:9f:d9:
8e:ca:e3:8f:19:f6:50:c3:85:d1:79:7c:cd:16:37:f4:fc:2e:
39:81:4b:55:93:97:25:39:d2:c3:7c:e8:b0:b2:dc:d2:17:c8:
8d:43:b0:22:85:a9:ab:7f:8b:5f:4b:b6:a5:e5:7f:4d:78:47:
1f:fd:49:2a:20:22:1d:c5:ad:e1:5b:f8:77:5b:52:d8:ad:61:
ca:1c:66:82:e7:9f:3e:07:47:07:69:d9:cb:1c:cf:5f:c0:4e:
49:77:f4:4e:96:af:9b:e5:d3:ec:9c:e8:44:6f:13:5b:6c:7e:
c9:6f:1e:76:5c:91:a8:36:0e:b8:a7:77:16:7b:47:13:5f:a6:
fe:d5:7e:ef:94:b3:c2:f2:f1:12:99:c6:21:b2:38:ff:06:c9:
e4:ea:6a:ad:f4:61:ef:ca:d6:b0:28:d6:82:b7:d4:fd:a5:de:
c8:1a:a2:32:80:43:5b:9b:5b:bb:0a:f0:14:92:b2:e8:87:51:
05:c0:83:a1:90:6d:50:4b:51:c1:92:06:72:b4:1d:a4:ae:98:
43:32:41:30:02:4a:a4:bd:9f:95:91:c7:ba:4f:5b:a4:c5:cb:
4a:ae:e5:8c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDLaseDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NmMyYTRiN2Q1ZDczYzViNTcwNDYyMjNiZjMwZWI2NTMwMDViMGUyMB4XDTIyMDEw
MTA1MDQ1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzViZmQ0MzZkYTI0
NjRjOWY0ZGU5Y2RmZjA0MzlhNDZmYzQ0ZTI4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfgRmhyQmkg3xp2a/xYBdr++FMeg5SfFh7wDAkjAioENJJk
yG4Fq73neMsVy8c3QquxQZLlZkw1unpc5rpyGSydrpXCja4VIRThhq28IP1KIDTa
8I3/jmb8PlDso9kvMFuBrGO8TEnB3ZFn+Az6SSOzZgJpzh+Z8NZJoNVD26+A1meV
jsLBEqPpPB7qxMOfCHCLg9h70M8JUIgTfSh+5GpLjIbCLAhIp8Ece98C/T/GpD02
bfe3NOcV188ruddfvtnGTX4FTMzsKbiknZOeUbMkzaGhzDYK31OxQGwEgnIKFqrx
a4AMRihvboJEHEf9vg5AY/ZEQBZUI1dnRK1K5+sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR1v9Q22iRkyfTenN/wQ5pG/ETijTAfBgNVHSMEGDAWgBQ2wqS31dc8W1cE
YiO/MOtlMAWw4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05zS2t0OVhYUEZ0WEJHSWp2ekRyWlRBRnNPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmMvOGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8x
L2RiX1VOdG9rWk1uMDNwemY4RU9hUnZ4RTRvMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmMv
OGRkODVhLWJmOGYtNDI1ZS1hMjRiLTJjY2VkYjk2NmE1OC8xL05zS2t0OVhYUEZ0
WEJHSWp2ekRyWlRBRnNPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnAETANBgkqhkiG9w0BAQsFAAOC
AQEAPHlZtO90tjZN39aoDVVfbN/og3UJl33R0hMzUzS0mHpKQp/Zjsrjjxn2UMOF
0Xl8zRY39PwuOYFLVZOXJTnSw3zosLLc0hfIjUOwIoWpq3+LX0u2peV/TXhHH/1J
KiAiHcWt4Vv4d1tS2K1hyhxmguefPgdHB2nZyxzPX8BOSXf0Tpavm+XT7JzoRG8T
W2x+yW8edlyRqDYOuKd3FntHE1+m/tV+75SzwvLxEpnGIbI4/wbJ5OpqrfRh78rW
sCjWgrfU/aXeyBqiMoBDW5tbuwrwFJKy6IdRBcCDoZBtUEtRwZIGcrQdpK6YQzJB
MAJKpL2flZHHuk9bpMXLSq7ljA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:02 2023 by rpki-client on console-fra.rpki-client.org