Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/996c72-b4a9-4058-bdf8-bd2e77cd4793/1/sKbT2z1VC4KY11Y8q0IvE3CofzI.roa
File: sKbT2z1VC4KY11Y8q0IvE3CofzI.roa (raw, json)
Hash identifier: berhlco5cNlAzCf+R7me6ypPkXxkopRgDLNvOjVKOcU=
Subject key identifier: B0:A6:D3:DB:3D:55:0B:82:98:D7:56:3C:AB:42:2F:13:70:A8:7F:32
Certificate issuer: /CN=14bf00dff8063231bd99676899eabeaba33bc5d9
Certificate serial: 339C6AB2
Authority key identifier: 14:BF:00:DF:F8:06:32:31:BD:99:67:68:99:EA:BE:AB:A3:3B:C5:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL8A3_gGMjG9mWdomeq-q6M7xdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/996c72-b4a9-4058-bdf8-bd2e77cd4793/1/sKbT2z1VC4KY11Y8q0IvE3CofzI.roa
Signing time: Sat 01 Jan 2022 01:53:35 +0000
ROA not before: Sat 01 Jan 2022 01:53:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59455
IP address blocks: 185.23.52.0/22 maxlen: 24
185.33.192.0/22 maxlen: 22
46.17.208.0/21 maxlen: 22
2a04:2340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 865888946 (0x339c6ab2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bf00dff8063231bd99676899eabeaba33bc5d9
Validity
Not Before: Jan 1 01:53:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0a6d3db3d550b8298d7563cab422f1370a87f32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b4:01:e7:a3:25:a2:ac:0f:bd:ea:d6:61:77:
f1:78:11:14:23:b3:32:45:29:43:4a:26:17:7d:0e:
ad:c7:5e:24:9d:f7:64:02:34:f7:f8:fe:39:5e:b8:
6f:29:5a:3f:fd:82:ed:cf:f0:44:1d:11:10:66:05:
58:2a:3d:32:78:1e:0a:34:1c:7a:39:a9:d9:04:b1:
e6:7c:1a:1d:74:37:be:7e:57:40:72:1f:d6:8e:1f:
f7:6a:9b:cd:67:91:e2:e9:48:09:56:ab:e7:0b:27:
6c:3d:dc:37:d3:4c:37:8a:23:26:9c:a9:1a:65:c7:
4f:39:62:22:d5:e1:b2:d0:ca:e7:e6:6d:51:b6:4a:
da:20:41:69:2e:24:37:13:4e:f2:0b:fc:4e:a8:8c:
ee:b1:84:a9:4e:3e:a0:d4:4e:13:83:d9:d8:84:e1:
8e:d7:90:63:03:17:7b:e4:f0:4b:fe:57:9a:f0:2a:
d3:27:1d:e4:42:b4:87:d8:ab:f5:9b:85:ce:10:6e:
fc:52:a3:c8:64:59:09:f7:9b:e4:6e:d1:55:fb:10:
22:50:07:01:c4:37:87:30:f3:22:27:0e:20:74:5a:
af:2b:f1:33:f4:95:47:b9:2c:e0:14:f3:9c:64:a7:
2d:02:0a:41:d1:6b:29:d6:1a:e4:5d:40:84:9b:3a:
b8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A6:D3:DB:3D:55:0B:82:98:D7:56:3C:AB:42:2F:13:70:A8:7F:32
X509v3 Authority Key Identifier:
keyid:14:BF:00:DF:F8:06:32:31:BD:99:67:68:99:EA:BE:AB:A3:3B:C5:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL8A3_gGMjG9mWdomeq-q6M7xdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/996c72-b4a9-4058-bdf8-bd2e77cd4793/1/sKbT2z1VC4KY11Y8q0IvE3CofzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/996c72-b4a9-4058-bdf8-bd2e77cd4793/1/FL8A3_gGMjG9mWdomeq-q6M7xdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.17.208.0/21
185.23.52.0/22
185.33.192.0/22
IPv6:
2a04:2340::/29
Signature Algorithm: sha256WithRSAEncryption
90:6c:38:4c:96:1e:93:36:bd:9c:af:69:bc:32:0c:5b:e0:61:
fc:de:98:18:81:30:1c:07:04:fc:89:f8:86:0b:af:d6:fa:09:
80:e5:72:f9:42:f1:c5:b1:2b:24:0f:39:1d:1b:f9:8f:e5:d2:
81:9a:6c:64:60:4a:a5:39:9d:77:1a:cf:6a:71:a3:22:c2:4d:
22:c1:eb:6c:93:05:ba:db:31:2b:f7:7f:5e:84:00:ae:3f:45:
6f:ef:de:7d:3e:07:50:0f:67:51:31:e7:56:b6:2a:a1:ed:81:
48:aa:9c:2a:0f:68:c3:74:f1:31:4e:ac:43:20:69:21:f6:02:
17:7e:27:50:82:b3:43:aa:ea:a8:cf:a8:3c:b0:5d:09:84:6a:
4a:54:df:2b:47:73:69:08:26:b9:4b:b3:5c:69:48:24:57:f7:
6d:72:71:16:8d:e1:18:56:c1:0d:eb:26:cf:ae:98:d7:41:f4:
19:28:39:64:09:4a:97:be:bc:58:6d:89:2a:2b:f2:00:80:f7:
29:2e:38:96:34:7d:5c:51:9f:e1:1d:29:3e:66:85:25:7b:63:
f4:fa:38:c7:d9:b7:46:9c:7b:b3:ef:2c:43:3e:ca:63:0e:d3:
83:09:d5:f5:74:04:02:14:3a:e4:bb:6d:30:d1:5b:95:c1:03:
9e:43:6a:90
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEM5xqsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NGJmMDBkZmY4MDYzMjMxYmQ5OTY3Njg5OWVhYmVhYmEzM2JjNWQ5MB4XDTIyMDEw
MTAxNTMzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjBhNmQzZGIzZDU1
MGI4Mjk4ZDc1NjNjYWI0MjJmMTM3MGE4N2YzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALu0AeejJaKsD73q1mF38XgRFCOzMkUpQ0omF30OrcdeJJ33
ZAI09/j+OV64bylaP/2C7c/wRB0REGYFWCo9MngeCjQcejmp2QSx5nwaHXQ3vn5X
QHIf1o4f92qbzWeR4ulICVar5wsnbD3cN9NMN4ojJpypGmXHTzliItXhstDK5+Zt
UbZK2iBBaS4kNxNO8gv8TqiM7rGEqU4+oNROE4PZ2IThjteQYwMXe+TwS/5XmvAq
0ycd5EK0h9ir9ZuFzhBu/FKjyGRZCfeb5G7RVfsQIlAHAcQ3hzDzIicOIHRaryvx
M/SVR7ks4BTznGSnLQIKQdFrKdYa5F1AhJs6uFkCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSwptPbPVULgpjXVjyrQi8TcKh/MjAfBgNVHSMEGDAWgBQUvwDf+AYyMb2Z
Z2iZ6r6rozvF2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZMOEEzX2dHTWpHOW1XZG9tZXEtcTZNN3hkay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvOTk2YzcyLWI0YTktNDA1OC1iZGY4LWJkMmU3N2NkNDc5My8x
L3NLYlQyejFWQzRLWTExWThxMEl2RTNDb2Z6SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
OTk2YzcyLWI0YTktNDA1OC1iZGY4LWJkMmU3N2NkNDc5My8xL0ZMOEEzX2dHTWpH
OW1XZG9tZXEtcTZNN3hkay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAy4R0AMEArkXNAMEArkhwDANBAIA
AjAHAwUDKgQjQDANBgkqhkiG9w0BAQsFAAOCAQEAkGw4TJYekza9nK9pvDIMW+Bh
/N6YGIEwHAcE/In4hguv1voJgOVy+ULxxbErJA85HRv5j+XSgZpsZGBKpTmddxrP
anGjIsJNIsHrbJMFutsxK/d/XoQArj9Fb+/efT4HUA9nUTHnVrYqoe2BSKqcKg9o
w3TxMU6sQyBpIfYCF34nUIKzQ6rqqM+oPLBdCYRqSlTfK0dzaQgmuUuzXGlIJFf3
bXJxFo3hGFbBDesmz66Y10H0GSg5ZAlKl768WG2JKivyAID3KS44ljR9XFGf4R0p
PmaFJXtj9Po4x9m3Rpx7s+8sQz7KYw7TgwnV9XQEAhQ65LttMNFblcEDnkNqkA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:10 2023 by rpki-client on console-fra.rpki-client.org