Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/I_CwDL_25g_EjhTE_WE9QUzhYcQ.roa
File: I_CwDL_25g_EjhTE_WE9QUzhYcQ.roa (raw, json)
Hash identifier: wuDnPWmO65p/NHdj//9Yo2LZBf0MyR5ssI8U15B56AA=
Subject key identifier: 23:F0:B0:0C:BF:F6:E6:0F:C4:8E:14:C4:FD:61:3D:41:4C:E1:61:C4
Certificate issuer: /CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Certificate serial: 19DA22B3
Authority key identifier: FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/I_CwDL_25g_EjhTE_WE9QUzhYcQ.roa
Signing time: Sat 01 Jan 2022 04:55:08 +0000
ROA not before: Sat 01 Jan 2022 04:55:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35545
IP address blocks: 185.42.222.0/24 maxlen: 24
2a06:bdc7::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 433726131 (0x19da22b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffdec4a46a6e6e4f9a92d0ba2e0b3ab5658be1bd
Validity
Not Before: Jan 1 04:55:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=23f0b00cbff6e60fc48e14c4fd613d414ce161c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:07:be:47:c4:a4:e1:8f:65:1c:1f:83:be:0a:
79:e1:38:09:71:3a:ba:22:56:c5:a3:af:3a:07:45:
8a:1a:e8:c3:ee:ff:b6:75:cd:9f:28:78:c4:f1:90:
71:0c:c8:87:71:0c:2f:66:11:18:6d:40:87:f5:e2:
77:8a:18:3c:95:56:5b:04:1a:23:8f:7f:bb:30:a1:
d0:d4:0c:ac:b5:95:ec:ff:4f:bc:99:30:b3:3c:4a:
5a:a5:92:85:e3:22:f8:e2:70:57:17:55:b0:7c:83:
9e:da:86:f4:23:38:63:99:5f:fc:28:ab:15:4e:de:
72:ec:d2:cc:e6:60:e5:c5:c0:cd:5b:27:3f:e2:0f:
62:65:2a:b1:50:a3:4a:a8:bb:82:28:69:7b:95:49:
aa:f6:4c:a4:e8:0e:d0:db:92:2f:ec:82:a6:89:58:
1e:22:db:8e:72:ee:c8:15:90:a1:e0:02:d2:d0:df:
af:df:42:73:a6:d0:fb:2c:87:79:a6:82:fd:e6:40:
aa:a8:c4:02:f0:3a:6c:9b:6f:bb:c3:13:b1:0e:12:
32:61:3d:44:3f:8c:5f:84:e5:f3:86:80:92:b1:17:
c3:83:16:bb:e5:fa:fc:f4:ab:ce:63:57:44:ed:a2:
b8:50:46:6d:aa:f4:45:8b:07:23:2f:b2:ae:ae:5a:
f6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F0:B0:0C:BF:F6:E6:0F:C4:8E:14:C4:FD:61:3D:41:4C:E1:61:C4
X509v3 Authority Key Identifier:
keyid:FF:DE:C4:A4:6A:6E:6E:4F:9A:92:D0:BA:2E:0B:3A:B5:65:8B:E1:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_97EpGpubk-aktC6Lgs6tWWL4b0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/I_CwDL_25g_EjhTE_WE9QUzhYcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/11e5b3-43aa-4279-9441-7e8c6d4d9bef/1/_97EpGpubk-aktC6Lgs6tWWL4b0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.42.222.0/24
IPv6:
2a06:bdc7::/32
Signature Algorithm: sha256WithRSAEncryption
64:4c:78:97:88:f5:36:36:c8:9b:de:50:f2:40:70:86:e2:29:
f1:12:00:07:3d:74:2c:65:7d:d6:f4:15:6a:22:ec:57:59:35:
4a:bb:9e:75:38:90:9f:46:b8:b2:0d:78:6b:ff:a3:53:04:87:
8f:4e:32:54:06:da:91:13:b8:d2:97:81:b4:95:83:6b:04:dc:
b9:dc:00:be:26:47:0b:b5:cd:bd:98:a3:81:db:b3:8f:83:fc:
83:1c:fe:89:8a:60:e1:7a:ae:e6:a5:3d:61:86:70:18:02:5e:
8a:e9:ac:af:e0:24:00:e6:47:16:20:b6:ee:ff:c3:e4:a0:3d:
6b:bb:97:b9:c9:f2:6d:15:8f:1b:0d:1e:6c:5b:b0:ea:e4:f7:
7b:36:98:25:b5:56:33:38:0d:9e:0f:6e:e5:63:73:3e:05:1f:
b9:8f:87:f7:b0:a9:fe:7e:24:39:a7:5d:e3:8e:6c:cd:1e:c0:
29:93:f7:24:7b:7b:c4:d8:58:bd:1a:b6:44:bb:54:d4:a2:ed:
bc:9a:87:cc:2f:d0:c2:69:7c:b3:1a:a3:8d:01:57:3d:02:7a:
d9:c1:ed:9d:f2:00:91:a7:a8:3c:ca:3d:35:d0:76:dc:96:09:
44:d3:d1:02:fb:cb:76:b0:05:54:aa:f2:29:60:9e:48:fa:91:
7a:15:e3:40
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGdoiszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZmRlYzRhNDZhNmU2ZTRmOWE5MmQwYmEyZTBiM2FiNTY1OGJlMWJkMB4XDTIyMDEw
MTA0NTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjNmMGIwMGNiZmY2
ZTYwZmM0OGUxNGM0ZmQ2MTNkNDE0Y2UxNjFjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIHvkfEpOGPZRwfg74KeeE4CXE6uiJWxaOvOgdFihrow+7/
tnXNnyh4xPGQcQzIh3EML2YRGG1Ah/Xid4oYPJVWWwQaI49/uzCh0NQMrLWV7P9P
vJkwszxKWqWSheMi+OJwVxdVsHyDntqG9CM4Y5lf/CirFU7ecuzSzOZg5cXAzVsn
P+IPYmUqsVCjSqi7gihpe5VJqvZMpOgO0NuSL+yCpolYHiLbjnLuyBWQoeAC0tDf
r99Cc6bQ+yyHeaaC/eZAqqjEAvA6bJtvu8MTsQ4SMmE9RD+MX4Tl84aAkrEXw4MW
u+X6/PSrzmNXRO2iuFBGbar0RYsHIy+yrq5a9ocCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQj8LAMv/bmD8SOFMT9YT1BTOFhxDAfBgNVHSMEGDAWgBT/3sSkam5uT5qS
0LouCzq1ZYvhvTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L185N0VwR3B1YmstYWt0QzZMZ3M2dFdXTDRiMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvMTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8x
L0lfQ3dETF8yNWdfRWpoVEVfV0U5UVV6aFljUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
MTFlNWIzLTQzYWEtNDI3OS05NDQxLTdlOGM2ZDRkOWJlZi8xL185N0VwR3B1Ymst
YWt0QzZMZ3M2dFdXTDRiMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALkq3jANBAIAAjAHAwUAKga9xzAN
BgkqhkiG9w0BAQsFAAOCAQEAZEx4l4j1NjbIm95Q8kBwhuIp8RIABz10LGV91vQV
aiLsV1k1SruedTiQn0a4sg14a/+jUwSHj04yVAbakRO40peBtJWDawTcudwAviZH
C7XNvZijgduzj4P8gxz+iYpg4Xqu5qU9YYZwGAJeiumsr+AkAOZHFiC27v/D5KA9
a7uXucnybRWPGw0ebFuw6uT3ezaYJbVWMzgNng9u5WNzPgUfuY+H97Cp/n4kOadd
445szR7AKZP3JHt7xNhYvRq2RLtU1KLtvJqHzC/Qwml8sxqjjQFXPQJ62cHtnfIA
kaeoPMo9NdB23JYJRNPRAvvLdrAFVKryKWCeSPqRehXjQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:56 2024 by rpki-client on console-fra.rpki-client.org