Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/K4nH0BfE4m53H5WouXbqdREYf98.roa
File: K4nH0BfE4m53H5WouXbqdREYf98.roa (raw, json)
Hash identifier: pWkn7n6hHKaARK6WlhJgM6b8eZb/PfA3AHSlDAeZCRg=
Subject key identifier: 2B:89:C7:D0:17:C4:E2:6E:77:1F:95:A8:B9:76:EA:75:11:18:7F:DF
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 0183600055F2B38B02D194B8EAB6401D26BF
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/K4nH0BfE4m53H5WouXbqdREYf98.roa
Signing time: Wed 21 Sep 2022 12:22:58 +0000
ROA not before: Wed 21 Sep 2022 12:22:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50941
IP address blocks: 185.172.51.0/24 maxlen: 24
185.172.50.0/24 maxlen: 24
185.88.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:60:00:55:f2:b3:8b:02:d1:94:b8:ea:b6:40:1d:26:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Sep 21 12:22:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b89c7d017c4e26e771f95a8b976ea7511187fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:87:4d:69:e2:31:d9:eb:a0:61:c8:21:59:98:
73:cb:65:93:f9:f6:be:da:0a:3a:13:38:9f:c4:a6:
d8:87:82:42:ed:04:f2:d8:c6:91:43:69:a1:43:e3:
11:80:e9:d3:fd:ff:ad:b0:d9:bc:dd:bc:29:73:1d:
eb:54:e1:4c:91:93:1f:ad:61:cb:71:02:aa:11:c5:
97:ae:cc:a6:52:81:67:4b:ed:87:52:f5:b0:91:a7:
98:e4:3b:a7:19:f1:b7:33:4b:c0:b5:2a:a4:2c:b2:
6f:fc:91:00:e9:d8:a9:d5:bf:71:da:43:2a:d7:0b:
d2:b9:58:7f:f1:da:33:bf:94:3e:93:c1:a4:d5:64:
90:97:dd:42:4c:33:0e:74:ae:df:1c:b4:28:37:2c:
86:2d:fc:88:ab:de:27:82:75:74:b2:bb:f6:3f:ce:
ff:b4:95:b5:75:ef:e3:a2:65:85:47:42:31:8d:00:
10:9d:df:91:ae:1d:c7:1d:dc:06:e7:04:f0:03:bf:
37:7c:ab:85:54:92:b4:55:76:1d:b3:4a:85:ef:2b:
a3:dd:bd:84:07:bf:19:11:17:fa:f9:93:b8:ab:1f:
00:a5:ea:e9:fb:8a:49:c5:a9:7f:ef:55:06:81:8f:
ec:a5:dd:89:08:54:5f:ab:31:77:72:85:b9:63:8f:
60:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:89:C7:D0:17:C4:E2:6E:77:1F:95:A8:B9:76:EA:75:11:18:7F:DF
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/K4nH0BfE4m53H5WouXbqdREYf98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.135.0/24
185.172.50.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:7c:e0:b6:2a:18:e0:8c:dc:68:54:7c:5e:a2:70:0d:00:8b:
db:e1:a4:e6:c5:72:cd:dc:a4:0d:c3:6e:18:1a:e0:9a:9f:86:
55:ac:db:50:c1:06:bd:05:bc:70:58:1d:67:7f:5a:04:22:79:
ae:15:2d:7f:7c:b9:8b:f4:65:25:eb:ad:21:e0:c3:0d:74:76:
23:17:ec:d6:de:9e:be:fd:8f:19:69:71:63:3d:e8:98:10:0a:
29:df:3d:d3:48:90:6e:60:7b:c8:2f:4c:69:88:25:93:45:2f:
f3:34:a4:d5:83:4a:af:1e:30:e9:8b:17:5b:60:1a:80:6b:3a:
38:59:fd:3a:13:b7:27:d2:95:62:1a:7d:aa:cd:ab:a0:31:31:
b5:e9:69:f3:63:00:eb:45:4d:1c:7e:a3:8e:49:44:a7:b1:da:
19:2a:90:eb:48:97:52:42:5c:5c:f5:55:8a:06:35:e7:cf:0b:
27:2f:2f:c7:aa:a6:62:b2:f6:f4:8d:f1:c0:79:04:c9:ae:a8:
55:2b:55:9b:3e:5b:ad:0f:7f:b4:31:a5:79:d6:3e:bc:45:45:
19:d2:9b:8c:8e:ea:db:37:58:e0:50:8b:55:f5:03:00:27:43:
c9:24:0f:31:9a:51:ee:9b:d7:5b:1c:70:6d:2d:ac:df:c5:1f:
bc:5d:a0:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNgAFXys4sC0ZS46rZAHSa/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjIwOTIxMTIyMjU4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjg5YzdkMDE3YzRlMjZlNzcxZjk1YThiOTc2ZWE3NTExMTg3ZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4dNaeIx2eugYcghWZhzy2WT+fa+
2go6EzifxKbYh4JC7QTy2MaRQ2mhQ+MRgOnT/f+tsNm83bwpcx3rVOFMkZMfrWHL
cQKqEcWXrsymUoFnS+2HUvWwkaeY5DunGfG3M0vAtSqkLLJv/JEA6dip1b9x2kMq
1wvSuVh/8dozv5Q+k8Gk1WSQl91CTDMOdK7fHLQoNyyGLfyIq94ngnV0srv2P87/
tJW1de/jomWFR0IxjQAQnd+Rrh3HHdwG5wTwA783fKuFVJK0VXYds0qF7yuj3b2E
B78ZERf6+ZO4qx8Aperp+4pJxal/71UGgY/spd2JCFRfqzF3coW5Y49gKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCuJx9AXxOJudx+VqLl26nURGH/fMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvSzRuSDBCZkU0bTUzSDVXb3VYYnFkUkVZZjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuViHAwQB
uawyMA0GCSqGSIb3DQEBCwUAA4IBAQChfOC2KhjgjNxoVHxeonANAIvb4aTmxXLN
3KQNw24YGuCan4ZVrNtQwQa9BbxwWB1nf1oEInmuFS1/fLmL9GUl660h4MMNdHYj
F+zW3p6+/Y8ZaXFjPeiYEAop3z3TSJBuYHvIL0xpiCWTRS/zNKTVg0qvHjDpixdb
YBqAazo4Wf06E7cn0pViGn2qzaugMTG16WnzYwDrRU0cfqOOSUSnsdoZKpDrSJdS
Qlxc9VWKBjXnzwsnLy/HqqZisvb0jfHAeQTJrqhVK1WbPlutD3+0MaV51j68RUUZ
0puMjurbN1jgUItV9QMAJ0PJJA8xmlHum9dbHHBtLazfxR+8XaAo
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:52 2024 by rpki-client on console-fra.rpki-client.org