Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/2wfzFDBZ9-54h_tHliu5U0sN-1k.roa
File: 2wfzFDBZ9-54h_tHliu5U0sN-1k.roa (raw, json)
Hash identifier: a+LB5Ma4YuE9ApsLhIec/eYyGZtGWgMDXUlFQqWZSLE=
Subject key identifier: DB:07:F3:14:30:59:F7:EE:78:87:FB:47:96:2B:B9:53:4B:0D:FB:59
Certificate issuer: /CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Certificate serial: 05F4ED70
Authority key identifier: B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/2wfzFDBZ9-54h_tHliu5U0sN-1k.roa
Signing time: Sun 30 Jan 2022 06:38:38 +0000
ROA not before: Sun 30 Jan 2022 06:38:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 185.231.108.0/24 maxlen: 24
185.231.109.0/24 maxlen: 24
2a0f:aac0:3::/48 maxlen: 48
2a0f:aac0:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99937648 (0x5f4ed70)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4a2085c7de3b598216b89fb0f2b1d930de66c19
Validity
Not Before: Jan 30 06:38:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db07f3143059f7ee7887fb47962bb9534b0dfb59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:46:0e:c0:31:1b:c2:ec:9e:bf:a6:7f:f8:51:
f5:dc:35:39:ce:02:66:15:25:12:8a:25:3f:92:95:
aa:80:cd:19:81:0a:2d:cf:65:8c:51:23:2c:d7:77:
d4:61:a6:1b:ef:a1:27:78:15:3f:8a:09:44:1c:b9:
e9:22:7e:28:f5:cd:ed:0e:6c:d4:2e:29:ac:10:77:
82:ed:d2:e5:7d:14:f0:22:ad:de:67:12:c7:39:56:
d8:f6:19:7d:4b:12:6d:3d:72:2f:83:f3:c0:bb:c1:
22:42:e0:a7:69:12:75:71:4f:e8:12:41:45:11:84:
11:75:5e:98:04:d2:b7:65:b1:2a:5f:61:72:d7:c0:
3c:7f:9e:df:e6:c1:7c:70:1e:80:02:c6:d4:e9:c3:
79:0c:12:9f:b8:4d:5a:83:9d:99:2c:64:10:c9:6b:
76:21:5a:48:59:33:0e:e7:f1:46:7a:e2:84:4f:48:
4a:4d:95:88:45:85:ac:dc:d1:57:f9:57:e8:d4:9c:
41:06:63:44:d1:c0:a3:3d:ac:fb:12:de:62:eb:1e:
82:a7:40:31:84:33:9f:93:05:b5:a9:28:fb:28:1d:
3e:0b:bf:5a:ac:c3:0f:ae:bc:58:df:9c:aa:f9:25:
c1:4b:6c:08:d3:e1:28:3c:23:6f:aa:d7:06:bb:1c:
77:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:07:F3:14:30:59:F7:EE:78:87:FB:47:96:2B:B9:53:4B:0D:FB:59
X509v3 Authority Key Identifier:
keyid:B4:A2:08:5C:7D:E3:B5:98:21:6B:89:FB:0F:2B:1D:93:0D:E6:6C:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKIIXH3jtZgha4n7Dysdkw3mbBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/2wfzFDBZ9-54h_tHliu5U0sN-1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d6513d-2d53-4022-8360-3117989601ad/1/tKIIXH3jtZgha4n7Dysdkw3mbBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.108.0/23
IPv6:
2a0f:aac0:3::-2a0f:aac0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5f:f9:d6:5d:ea:2f:c5:56:12:eb:eb:68:2b:bc:3f:9c:80:0b:
98:5c:5c:56:6b:65:a1:cb:e2:b0:5e:7e:b8:26:d8:e9:a8:0d:
b0:aa:ce:c5:d0:ee:0f:ee:18:53:33:1f:c8:67:92:40:3d:28:
18:f1:11:f6:8a:27:75:18:f0:21:50:9b:0c:1e:9e:a6:64:b6:
fc:a7:41:73:08:31:93:15:bd:c1:b0:13:a1:37:b6:ed:45:41:
53:ce:d3:0a:09:39:cd:31:17:ed:1c:7d:30:de:9d:39:d7:d6:
10:67:be:b5:11:24:f4:52:c5:7e:75:b5:ce:57:16:5a:a4:94:
a5:95:dc:ee:06:01:d6:cd:61:ab:56:be:3f:2c:64:2d:8f:60:
03:35:3d:b8:db:98:06:a0:68:f0:b6:bc:48:eb:a1:4f:90:ff:
3b:08:ab:4c:b8:f9:3c:0c:0b:88:37:b5:a4:e0:cd:aa:49:79:
b0:a3:1f:a6:bc:9b:6e:39:39:6b:71:a1:58:bf:cb:24:fa:54:
59:57:ff:37:8e:37:60:82:f1:de:6d:98:75:59:fe:af:26:96:
da:71:65:9e:d9:99:fc:d3:fc:6a:05:3c:97:f0:4f:e4:18:5b:
f4:11:7d:f1:7a:19:6e:6d:fc:f4:8c:1c:4b:56:f2:82:05:a8:
d1:4f:94:17
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEBfTtcDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGEyMDg1YzdkZTNiNTk4MjE2Yjg5ZmIwZjJiMWQ5MzBkZTY2YzE5MB4XDTIyMDEz
MDA2MzgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIwN2YzMTQzMDU5
ZjdlZTc4ODdmYjQ3OTYyYmI5NTM0YjBkZmI1OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdGDsAxG8Lsnr+mf/hR9dw1Oc4CZhUlEoolP5KVqoDNGYEK
Lc9ljFEjLNd31GGmG++hJ3gVP4oJRBy56SJ+KPXN7Q5s1C4prBB3gu3S5X0U8CKt
3mcSxzlW2PYZfUsSbT1yL4PzwLvBIkLgp2kSdXFP6BJBRRGEEXVemATSt2WxKl9h
ctfAPH+e3+bBfHAegALG1OnDeQwSn7hNWoOdmSxkEMlrdiFaSFkzDufxRnrihE9I
Sk2ViEWFrNzRV/lX6NScQQZjRNHAoz2s+xLeYusegqdAMYQzn5MFtako+ygdPgu/
WqzDD668WN+cqvklwUtsCNPhKDwjb6rXBrscd8ECAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBTbB/MUMFn37niH+0eWK7lTSw37WTAfBgNVHSMEGDAWgBS0oghcfeO1mCFr
ifsPKx2TDeZsGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RLSUlYSDNqdFpnaGE0bjdEeXNka3czbWJCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvZDY1MTNkLTJkNTMtNDAyMi04MzYwLTMxMTc5ODk2MDFhZC8x
LzJ3ZnpGREJaOS01NGhfdEhsaXU1VTBzTi0xay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
ZDY1MTNkLTJkNTMtNDAyMi04MzYwLTMxMTc5ODk2MDFhZC8xL3RLSUlYSDNqdFpn
aGE0bjdEeXNka3czbWJCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowDAQCAAEwBgMEAbnnbDAaBAIAAjAUMBIDBwAqD6rA
AAMDBwAqD6rAAAQwDQYJKoZIhvcNAQELBQADggEBAF/51l3qL8VWEuvraCu8P5yA
C5hcXFZrZaHL4rBefrgm2OmoDbCqzsXQ7g/uGFMzH8hnkkA9KBjxEfaKJ3UY8CFQ
mwwenqZktvynQXMIMZMVvcGwE6E3tu1FQVPO0woJOc0xF+0cfTDenTnX1hBnvrUR
JPRSxX51tc5XFlqklKWV3O4GAdbNYatWvj8sZC2PYAM1PbjbmAagaPC2vEjroU+Q
/zsIq0y4+TwMC4g3taTgzapJebCjH6a8m245OWtxoVi/yyT6VFlX/zeON2CC8d5t
mHVZ/q8mltpxZZ7ZmfzT/GoFPJfwT+QYW/QRffF6GW5t/PSMHEtW8oIFqNFPlBc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:08 2023 by rpki-client on console-fra.rpki-client.org