Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/Cx3bRLuFNwnNTdPDb9MlEIrUpSE.roa
File: Cx3bRLuFNwnNTdPDb9MlEIrUpSE.roa (raw, json)
Hash identifier: yfg2X4nJDAEBKDkcidA3FgROT4wkYlSm5HmvN/KZh8I=
Subject key identifier: 0B:1D:DB:44:BB:85:37:09:CD:4D:D3:C3:6F:D3:25:10:8A:D4:A5:21
Certificate issuer: /CN=4c1b0c40969080957fccee1fb8a3fb4bb38bf5dc
Certificate serial: 01852ABE80C8D85AD99E7C95B96C348C6B27
Authority key identifier: 4C:1B:0C:40:96:90:80:95:7F:CC:EE:1F:B8:A3:FB:4B:B3:8B:F5:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBsMQJaQgJV_zO4fuKP7S7OL9dw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/Cx3bRLuFNwnNTdPDb9MlEIrUpSE.roa
Signing time: Mon 19 Dec 2022 14:16:45 +0000
ROA not before: Mon 19 Dec 2022 14:16:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60849
IP address blocks: 185.27.117.0/24 maxlen: 24
185.27.118.0/24 maxlen: 24
185.27.116.0/22 maxlen: 22
185.27.116.0/24 maxlen: 24
185.27.119.0/24 maxlen: 24
2a04:2ec1::/32 maxlen: 32
2a04:2ec0::/29 maxlen: 29
2a04:2ec0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:be:80:c8:d8:5a:d9:9e:7c:95:b9:6c:34:8c:6b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c1b0c40969080957fccee1fb8a3fb4bb38bf5dc
Validity
Not Before: Dec 19 14:16:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b1ddb44bb853709cd4dd3c36fd325108ad4a521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:96:68:a4:20:6f:b8:cc:45:da:e2:5e:35:34:
5b:09:0b:aa:ed:64:5f:16:de:56:3f:cc:7e:c7:88:
bc:c5:b4:ba:43:71:3e:95:d4:91:15:3c:a1:69:3c:
17:ec:28:f7:61:af:aa:38:66:79:08:b8:56:aa:b0:
f4:43:e5:be:0f:f3:dd:05:3b:e9:d1:a9:17:61:17:
7f:51:6b:78:1b:51:6f:55:75:9c:f5:2a:a1:22:a8:
23:d4:17:17:49:3b:0e:23:c3:73:1e:c6:2b:d7:ae:
77:ef:f1:6f:e2:9a:ca:0f:f0:c1:77:6f:bb:5e:3a:
b4:f0:29:5a:4a:13:d2:c9:a9:ae:7d:f2:8d:df:bb:
c9:40:c4:1f:1e:d5:ee:a7:e5:e9:58:5d:b5:b3:8a:
25:bb:33:8e:61:02:25:59:78:c2:6e:02:f4:bf:24:
2e:e1:d3:d2:04:bc:16:b4:ed:30:cd:f9:e7:f1:70:
6a:61:f4:dd:64:e0:b1:3a:29:5b:1f:ce:14:1c:f7:
ef:bb:6e:bc:d7:17:43:74:03:26:7d:ca:d1:b7:56:
ac:97:d3:30:04:f0:96:b9:58:98:f7:17:c1:40:6c:
21:e8:1e:dd:e0:0e:98:0a:6b:0e:ae:98:c5:ec:72:
1a:0c:13:ea:40:0f:23:67:21:fe:ed:fb:a3:d1:22:
96:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:1D:DB:44:BB:85:37:09:CD:4D:D3:C3:6F:D3:25:10:8A:D4:A5:21
X509v3 Authority Key Identifier:
keyid:4C:1B:0C:40:96:90:80:95:7F:CC:EE:1F:B8:A3:FB:4B:B3:8B:F5:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBsMQJaQgJV_zO4fuKP7S7OL9dw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/Cx3bRLuFNwnNTdPDb9MlEIrUpSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/ee29a6-691d-4b0c-ad63-94c8254bd3b7/1/TBsMQJaQgJV_zO4fuKP7S7OL9dw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.116.0/22
IPv6:
2a04:2ec0::/29
Signature Algorithm: sha256WithRSAEncryption
28:d1:74:e7:00:2d:53:3f:c2:08:6c:6d:06:60:58:91:ea:f4:
8e:62:98:7e:fe:24:bb:26:af:7b:a0:ca:a7:6c:69:0a:7b:7f:
da:f3:07:9d:e4:4f:91:8f:42:00:bc:c9:1e:a7:72:a6:2a:30:
c6:b5:ac:5c:ba:99:49:f5:64:b5:b4:db:52:dc:7b:18:29:c9:
a3:11:c8:49:04:c1:02:d4:8b:7a:2d:0b:2a:d3:6e:e6:12:ee:
e7:1f:8e:75:95:ad:a5:67:40:72:e4:22:1f:f2:6e:62:8d:5a:
32:dd:5f:62:f1:6c:69:6a:46:71:a9:1d:b1:b5:af:b1:7a:5e:
3f:bf:74:e5:14:3b:31:ae:3d:30:6b:b2:18:39:65:e5:6b:31:
46:33:12:3c:3a:d4:81:0f:b5:d4:e9:3c:d5:45:ee:58:97:be:
a0:59:35:95:a1:0e:7f:38:70:60:31:d8:50:91:bf:7e:3d:ee:
19:ed:73:df:d0:9b:be:49:30:e3:62:78:bf:34:af:cf:59:74:
e1:d8:1f:95:2e:ba:8c:f7:59:b2:6e:28:e4:fe:40:26:62:e4:
fe:30:a4:e7:8a:97:2a:b7:8b:33:63:c3:93:84:93:c4:c6:20:
ee:a5:0d:f0:d7:28:ff:d6:d3:ca:f1:58:0f:4b:cc:ba:ba:5e:
7e:d1:a1:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUqvoDI2FrZnnyVuWw0jGsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMWIwYzQwOTY5MDgwOTU3ZmNjZWUxZmI4YTNmYjRiYjM4
YmY1ZGMwHhcNMjIxMjE5MTQxNjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjFkZGI0NGJiODUzNzA5Y2Q0ZGQzYzM2ZmQzMjUxMDhhZDRhNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpZopCBvuMxF2uJeNTRbCQuq7WRf
Ft5WP8x+x4i8xbS6Q3E+ldSRFTyhaTwX7Cj3Ya+qOGZ5CLhWqrD0Q+W+D/PdBTvp
0akXYRd/UWt4G1FvVXWc9SqhIqgj1BcXSTsOI8NzHsYr16537/Fv4prKD/DBd2+7
Xjq08ClaShPSyamuffKN37vJQMQfHtXup+XpWF21s4oluzOOYQIlWXjCbgL0vyQu
4dPSBLwWtO0wzfnn8XBqYfTdZOCxOilbH84UHPfvu2681xdDdAMmfcrRt1asl9Mw
BPCWuViY9xfBQGwh6B7d4A6YCmsOrpjF7HIaDBPqQA8jZyH+7fuj0SKWyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAsd20S7hTcJzU3Tw2/TJRCK1KUhMB8GA1UdIwQY
MBaAFEwbDECWkICVf8zuH7ij+0uzi/XcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEJzTVFKYVFnSlZfek80ZnVLUDdTN09MOWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9lZTI5YTYtNjkxZC00YjBjLWFkNjMt
OTRjODI1NGJkM2I3LzEvQ3gzYlJMdUZOd25OVGRQRGI5TWxFSXJVcFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9lZTI5YTYtNjkxZC00YjBjLWFkNjMtOTRjODI1NGJkM2I3
LzEvVEJzTVFKYVFnSlZfek80ZnVLUDdTN09MOWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRt0MA0E
AgACMAcDBQMqBC7AMA0GCSqGSIb3DQEBCwUAA4IBAQAo0XTnAC1TP8IIbG0GYFiR
6vSOYph+/iS7Jq97oMqnbGkKe3/a8wed5E+Rj0IAvMkep3KmKjDGtaxcuplJ9WS1
tNtS3HsYKcmjEchJBMEC1It6LQsq027mEu7nH451la2lZ0By5CIf8m5ijVoy3V9i
8WxpakZxqR2xta+xel4/v3TlFDsxrj0wa7IYOWXlazFGMxI8OtSBD7XU6TzVRe5Y
l76gWTWVoQ5/OHBgMdhQkb9+Pe4Z7XPf0Ju+STDjYni/NK/PWXTh2B+VLrqM91my
bijk/kAmYuT+MKTnipcqt4szY8OThJPExiDupQ3w1yj/1tPK8VgPS8y6ul5+0aF+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:12 2024 by rpki-client on console-ams.rpki-client.org