Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/kR2gkL_OLOTJsBqMkB7j9jV3uRc.roa
File: kR2gkL_OLOTJsBqMkB7j9jV3uRc.roa (raw, json)
Hash identifier: rRxjqwAcecOhVnQU1u30KzLRH7whlzNRREFyJtzTAHo=
Subject key identifier: 91:1D:A0:90:BF:CE:2C:E4:C9:B0:1A:8C:90:1E:E3:F6:35:77:B9:17
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0A6FD327
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/kR2gkL_OLOTJsBqMkB7j9jV3uRc.roa
Signing time: Tue 05 Jul 2022 05:17:25 +0000
ROA not before: Tue 05 Jul 2022 05:17:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 46562
IP address blocks: 185.253.122.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
2a0c:3ac0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 175100711 (0xa6fd327)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 5 05:17:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=911da090bfce2ce4c9b01a8c901ee3f63577b917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:35:9c:15:82:4f:6d:be:ca:a8:ce:a7:cd:79:
73:47:82:e0:6d:ac:84:60:9f:06:e0:1d:87:95:48:
ac:9f:e6:ac:99:9a:2b:03:f5:32:4d:9b:07:d7:7a:
a1:c9:27:b8:93:26:7b:46:e7:09:d3:03:1f:68:bd:
38:74:d1:36:af:f0:f6:65:98:96:61:cc:c1:ec:ff:
76:c1:49:86:bc:ba:f6:24:ee:af:51:28:bf:dc:ff:
f4:49:3a:cb:54:8e:46:f0:2f:f9:44:fe:f1:57:8a:
ec:06:5e:9b:c7:98:e5:9d:9f:82:23:23:e7:ef:10:
a2:61:9c:a4:9c:35:e6:93:08:ad:7f:6a:4d:a6:97:
b6:af:95:7a:b8:3c:5e:1b:f1:9a:ff:b9:6b:77:95:
fc:d3:4b:a8:7a:15:a9:2e:04:26:c7:05:5b:1f:cc:
db:f7:8a:c7:6e:30:66:93:80:7c:b4:99:6d:86:8f:
05:14:2c:61:ae:63:91:78:67:10:36:4b:6e:bf:a5:
88:49:3e:57:f0:60:d9:14:0e:f9:d3:bf:52:4c:67:
93:fb:6f:f1:e7:98:3a:7b:3d:59:b4:21:9b:3e:51:
7d:75:a8:85:94:80:2e:37:07:25:e7:8d:c4:a0:39:
58:c4:87:78:c1:84:f1:ca:8d:fd:be:64:cb:51:a1:
51:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1D:A0:90:BF:CE:2C:E4:C9:B0:1A:8C:90:1E:E3:F6:35:77:B9:17
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/kR2gkL_OLOTJsBqMkB7j9jV3uRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.232.36.0/24
185.253.122.0/24
IPv6:
2a0c:3ac0::/48
Signature Algorithm: sha256WithRSAEncryption
65:1f:34:66:fa:1d:22:68:d3:51:e1:f8:ba:3f:11:c0:cd:7a:
42:d2:82:36:f9:84:b5:e2:15:aa:3e:4a:ef:56:5c:4f:b5:21:
4f:48:3a:e1:ce:d1:13:75:79:22:46:35:fe:9a:e6:7a:03:9a:
ab:da:fd:65:3a:f5:1d:77:22:04:b4:ee:09:c9:70:b6:05:a3:
e0:7d:17:1f:08:8a:34:c7:55:b1:78:26:28:46:f6:b2:94:fa:
08:78:3e:27:07:71:d1:aa:82:1f:8c:df:cc:19:1b:b9:7e:fa:
3b:aa:70:c1:82:96:f3:c9:67:d9:d3:e8:24:3a:59:bb:0f:92:
cc:e9:f8:1f:fb:97:78:e0:b2:05:7d:c0:0a:80:85:bc:1d:7b:
6f:38:c6:f0:f3:03:d5:ac:ed:2f:5d:b1:3e:c1:c5:b9:78:0b:
83:57:c2:96:20:4d:bf:31:29:70:d3:86:88:25:ce:bc:86:86:
b2:5e:37:cb:3e:bb:ec:e3:74:39:4c:cc:84:0f:48:ba:4d:7a:
fa:ea:8b:a1:78:aa:e4:cf:e2:c9:21:e5:64:51:cf:10:cd:7d:
ce:63:42:4f:36:e7:14:e4:87:ec:f3:00:73:c1:85:f2:68:fa:
74:f0:a0:a6:90:8c:91:6b:15:5b:2d:39:6f:a8:ba:12:cb:18:
80:6f:09:cb
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIECm/TJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MmI3OGY2NjgyZmMzOWM1NWI0MWQ0OGY4MGI4ODM4ZDVkMmRiZjA3MB4XDTIyMDcw
NTA1MTcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTExZGEwOTBiZmNl
MmNlNGM5YjAxYThjOTAxZWUzZjYzNTc3YjkxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL81nBWCT22+yqjOp815c0eC4G2shGCfBuAdh5VIrJ/mrJma
KwP1Mk2bB9d6ocknuJMme0bnCdMDH2i9OHTRNq/w9mWYlmHMwez/dsFJhry69iTu
r1Eov9z/9Ek6y1SORvAv+UT+8VeK7AZem8eY5Z2fgiMj5+8QomGcpJw15pMIrX9q
TaaXtq+Verg8Xhvxmv+5a3eV/NNLqHoVqS4EJscFWx/M2/eKx24wZpOAfLSZbYaP
BRQsYa5jkXhnEDZLbr+liEk+V/Bg2RQO+dO/Ukxnk/tv8eeYOns9WbQhmz5RfXWo
hZSALjcHJeeNxKA5WMSHeMGE8cqN/b5ky1GhUY0CAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSRHaCQv84s5MmwGoyQHuP2NXe5FzAfBgNVHSMEGDAWgBRyt49mgvw5xVtB
1I+AuIONXS2/BzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NyZVBab0w4T2NWYlFkU1BnTGlEalYwdHZ3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvM2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8x
L2tSMmdrTF9PTE9USnNCcU1rQjdqOWpWM3VSYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
M2M0YjhhLWJmYzctNDFlOS05OWUxLWYzZTUwNmFlYWEwMS8xL2NyZVBab0w4T2NW
YlFkU1BnTGlEalYwdHZ3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAGjoJAMEALn9ejAPBAIAAjAJAwcA
Kgw6wAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBlHzRm+h0iaNNR4fi6PxHAzXpC0oI2
+YS14hWqPkrvVlxPtSFPSDrhztETdXkiRjX+muZ6A5qr2v1lOvUddyIEtO4JyXC2
BaPgfRcfCIo0x1WxeCYoRvaylPoIeD4nB3HRqoIfjN/MGRu5fvo7qnDBgpbzyWfZ
0+gkOlm7D5LM6fgf+5d44LIFfcAKgIW8HXtvOMbw8wPVrO0vXbE+wcW5eAuDV8KW
IE2/MSlw04aIJc68hoayXjfLPrvs43Q5TMyED0i6TXr66ouheKrkz+LJIeVkUc8Q
zX3OY0JPNucU5Ifs8wBzwYXyaPp08KCmkIyRaxVbLTlvqLoSyxiAbwnL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:49 2023 by rpki-client on console-ams.rpki-client.org