Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/304e3d-1f0e-44eb-b2c1-e792f89cbce2/1/j3xU21OEk_pyDiO7sXe-oUdpfts.roa
File: j3xU21OEk_pyDiO7sXe-oUdpfts.roa (raw, json)
Hash identifier: NVnrw3M0O/DMGhOeN0MVJIUanWtiGT6z8L51VJnb9Bk=
Subject key identifier: 8F:7C:54:DB:53:84:93:FA:72:0E:23:BB:B1:77:BE:A1:47:69:7E:DB
Certificate issuer: /CN=fad0fb39d6b11fd15fcbb4163403155d1d455c05
Certificate serial: 02924E72
Authority key identifier: FA:D0:FB:39:D6:B1:1F:D1:5F:CB:B4:16:34:03:15:5D:1D:45:5C:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tD7OdaxH9Ffy7QWNAMVXR1FXAU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/304e3d-1f0e-44eb-b2c1-e792f89cbce2/1/j3xU21OEk_pyDiO7sXe-oUdpfts.roa
Signing time: Sat 01 Jan 2022 14:54:57 +0000
ROA not before: Sat 01 Jan 2022 14:54:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205685
IP address blocks: 185.209.68.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43142770 (0x2924e72)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad0fb39d6b11fd15fcbb4163403155d1d455c05
Validity
Not Before: Jan 1 14:54:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f7c54db538493fa720e23bbb177bea147697edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b1:20:cc:35:73:06:a8:e4:eb:fa:81:a6:71:
a5:31:23:04:7f:ed:3d:9a:50:2c:fd:de:05:b4:ea:
64:60:58:65:d2:28:6e:63:6a:a9:c4:d5:f8:5b:fc:
a1:7d:0f:6b:a8:0b:9b:16:de:bf:36:39:b9:f6:1d:
44:f3:46:29:d3:d0:af:35:3b:8f:a3:95:ce:80:a3:
13:6c:cb:52:0a:e7:6e:12:aa:6b:82:13:f9:60:90:
c4:8e:94:2c:14:24:05:65:d4:27:26:bb:6f:cf:22:
7d:f4:56:51:80:00:2f:93:53:30:f4:c7:00:6c:5b:
48:15:20:da:de:15:b7:cd:15:bb:6f:b2:13:b9:3b:
dc:07:f8:6b:0d:3a:d1:09:5f:12:d6:ba:6f:cb:fa:
13:18:77:9c:c8:22:d0:a3:d1:a7:2e:9b:56:2b:dd:
23:e9:e6:b3:45:77:cb:8d:5a:48:df:b2:1a:4f:6a:
8a:fb:6c:bf:a2:b1:3f:04:c0:be:2a:a5:e5:97:b5:
e1:a9:ae:cd:15:62:40:a2:04:ce:fe:26:25:4f:ab:
cf:5d:40:c0:6d:74:15:fa:3d:c8:de:2a:76:84:65:
99:d8:8b:98:21:52:8c:c3:6c:5b:83:cb:4e:ba:cc:
41:33:8a:66:18:d2:c4:bd:08:12:a0:53:b5:4b:51:
83:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:7C:54:DB:53:84:93:FA:72:0E:23:BB:B1:77:BE:A1:47:69:7E:DB
X509v3 Authority Key Identifier:
keyid:FA:D0:FB:39:D6:B1:1F:D1:5F:CB:B4:16:34:03:15:5D:1D:45:5C:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tD7OdaxH9Ffy7QWNAMVXR1FXAU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/304e3d-1f0e-44eb-b2c1-e792f89cbce2/1/j3xU21OEk_pyDiO7sXe-oUdpfts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/304e3d-1f0e-44eb-b2c1-e792f89cbce2/1/1-tD7OdaxH9Ffy7QWNAMVXR1FXAU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.68.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:61:c3:09:a9:06:11:8c:99:5f:ee:89:01:81:90:1a:6d:4b:
7b:e0:9e:66:9f:c8:a2:56:f8:17:6c:81:a5:b6:92:fc:67:ea:
e3:31:19:38:62:ed:75:57:c7:3b:72:fe:a9:9f:07:a0:de:b4:
30:68:e8:f3:fd:a1:d3:07:18:5a:06:e4:ed:aa:7c:15:ed:54:
92:89:d5:df:30:96:37:c2:f5:ac:13:04:9c:07:98:94:ce:03:
7a:4b:93:02:c7:8b:64:d0:92:61:0c:01:1d:65:da:ee:7d:f4:
4f:38:57:1a:bf:38:c2:5e:3f:4e:e4:8a:2c:04:86:5f:5b:4c:
6b:0c:40:6b:73:c3:de:88:12:46:84:63:f7:d9:5e:0e:a2:ca:
24:9a:86:89:5f:67:12:2d:ef:e1:06:00:9a:cd:1f:ca:a7:37:
ea:a0:d5:3f:7a:1a:70:48:a0:b7:63:4e:84:7c:b8:14:d2:1d:
95:e9:54:17:28:2e:bc:bc:74:dc:73:a7:34:46:d6:3b:fe:91:
e3:05:a6:ea:39:dd:c6:1c:14:af:95:bf:86:0f:36:3a:c4:1d:
6e:4b:d6:ec:e2:94:8a:82:b4:12:fa:9f:39:07:65:05:c7:52:
03:0a:7e:43:ea:e1:ba:e6:7c:fc:56:ee:f1:db:b6:40:38:cf:
7b:ed:34:92
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEApJOcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWQwZmIzOWQ2YjExZmQxNWZjYmI0MTYzNDAzMTU1ZDFkNDU1YzA1MB4XDTIyMDEw
MTE0NTQ1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGY3YzU0ZGI1Mzg0
OTNmYTcyMGUyM2JiYjE3N2JlYTE0NzY5N2VkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWxIMw1cwao5Ov6gaZxpTEjBH/tPZpQLP3eBbTqZGBYZdIo
bmNqqcTV+Fv8oX0Pa6gLmxbevzY5ufYdRPNGKdPQrzU7j6OVzoCjE2zLUgrnbhKq
a4IT+WCQxI6ULBQkBWXUJya7b88iffRWUYAAL5NTMPTHAGxbSBUg2t4Vt80Vu2+y
E7k73Af4aw060QlfEta6b8v6Exh3nMgi0KPRpy6bVivdI+nms0V3y41aSN+yGk9q
ivtsv6KxPwTAviql5Ze14amuzRViQKIEzv4mJU+rz11AwG10Ffo9yN4qdoRlmdiL
mCFSjMNsW4PLTrrMQTOKZhjSxL0IEqBTtUtRg80CAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSPfFTbU4ST+nIOI7uxd76hR2l+2zAfBgNVHSMEGDAWgBT60Ps51rEf0V/L
tBY0AxVdHUVcBTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtdEQ3T2RheEg5RmZ5N1FXTkFNVlhSMUZYQVUuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2VkLzMwNGUzZC0xZjBlLTQ0ZWItYjJjMS1lNzkyZjg5Y2JjZTIv
MS9qM3hVMjFPRWtfcHlEaU83c1hlLW9VZHBmdHMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Vk
LzMwNGUzZC0xZjBlLTQ0ZWItYjJjMS1lNzkyZjg5Y2JjZTIvMS8xLXREN09kYXhI
OUZmeTdRV05BTVZYUjFGWEFVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudFEMA0GCSqGSIb3DQEBCwUA
A4IBAQA/YcMJqQYRjJlf7okBgZAabUt74J5mn8iiVvgXbIGltpL8Z+rjMRk4Yu11
V8c7cv6pnweg3rQwaOjz/aHTBxhaBuTtqnwV7VSSidXfMJY3wvWsEwScB5iUzgN6
S5MCx4tk0JJhDAEdZdruffRPOFcavzjCXj9O5IosBIZfW0xrDEBrc8PeiBJGhGP3
2V4OosokmoaJX2cSLe/hBgCazR/KpzfqoNU/ehpwSKC3Y06EfLgU0h2V6VQXKC68
vHTcc6c0RtY7/pHjBabqOd3GHBSvlb+GDzY6xB1uS9bs4pSKgrQS+p85B2UFx1ID
Cn5D6uG65nz8Vu7x27ZAOM977TSS
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-fra.rpki-client.org