Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/51608f-fd4b-4268-a6e3-5ecb21fcfa75/1/K02SL8aV6WePS5E9xnwSvyNefHo.roa
File: K02SL8aV6WePS5E9xnwSvyNefHo.roa (raw, json)
Hash identifier: 5ram9o+jW+zqgEQZU3GmypwdcQIQgjhEN9n28o+uocg=
Subject key identifier: 2B:4D:92:2F:C6:95:E9:67:8F:4B:91:3D:C6:7C:12:BF:23:5E:7C:7A
Certificate issuer: /CN=f25d9db2448fe97b9d17a44be5d644848fa018e1
Certificate serial: 12B6F67E
Authority key identifier: F2:5D:9D:B2:44:8F:E9:7B:9D:17:A4:4B:E5:D6:44:84:8F:A0:18:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8l2dskSP6XudF6RL5dZEhI-gGOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/51608f-fd4b-4268-a6e3-5ecb21fcfa75/1/K02SL8aV6WePS5E9xnwSvyNefHo.roa
Signing time: Sat 01 Jan 2022 02:55:48 +0000
ROA not before: Sat 01 Jan 2022 02:55:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57090
IP address blocks: 194.53.208.0/22 maxlen: 24
194.53.209.0/24 maxlen: 24
194.53.210.0/23 maxlen: 24
194.53.211.0/24 maxlen: 24
185.143.30.0/23 maxlen: 24
185.143.31.0/24 maxlen: 24
185.143.28.0/22 maxlen: 24
185.143.29.0/24 maxlen: 24
2a03:a8e0::/32 maxlen: 48
2001:67c:28f0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 313980542 (0x12b6f67e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f25d9db2448fe97b9d17a44be5d644848fa018e1
Validity
Not Before: Jan 1 02:55:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b4d922fc695e9678f4b913dc67c12bf235e7c7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:73:b2:ea:db:9e:f3:cc:85:4e:09:ae:f6:13:
54:b8:f6:77:1e:dd:c6:aa:69:ff:6e:47:df:62:77:
36:33:30:88:d6:48:3a:35:b2:bd:cb:ce:93:66:4c:
31:d4:fc:04:59:80:1b:a7:f5:73:68:cd:da:17:df:
71:d4:bf:1e:f1:1c:5c:be:f3:3e:86:28:ef:27:7d:
41:df:38:89:94:df:81:49:09:73:27:f8:4f:cf:96:
3e:2a:f5:95:7b:57:63:5f:b9:28:01:51:d9:92:ec:
05:91:21:80:d3:01:30:ab:6b:ec:5a:d4:b7:ef:7f:
ad:12:56:47:d8:e3:2f:69:34:97:46:69:c9:37:38:
f6:b1:ef:7d:d2:2d:b7:54:f9:00:4d:a2:a9:16:90:
f2:56:3f:39:5c:53:e4:23:4d:09:e4:21:f7:a3:51:
8d:57:d4:9a:52:c7:f6:55:08:47:e6:35:8f:95:9b:
2f:8a:ec:f4:c5:5e:8d:c4:91:1c:1e:7a:04:49:e6:
6c:88:ef:29:13:90:d4:31:c7:d7:7e:a2:a0:4a:15:
df:ca:cb:ce:a4:e3:e2:f0:68:85:bb:7b:96:b4:84:
54:94:60:68:8f:08:63:d1:98:e2:20:65:59:a7:9a:
9c:8f:79:61:c2:d1:30:ce:00:0f:1f:c0:45:91:52:
f1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:4D:92:2F:C6:95:E9:67:8F:4B:91:3D:C6:7C:12:BF:23:5E:7C:7A
X509v3 Authority Key Identifier:
keyid:F2:5D:9D:B2:44:8F:E9:7B:9D:17:A4:4B:E5:D6:44:84:8F:A0:18:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8l2dskSP6XudF6RL5dZEhI-gGOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/51608f-fd4b-4268-a6e3-5ecb21fcfa75/1/K02SL8aV6WePS5E9xnwSvyNefHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/51608f-fd4b-4268-a6e3-5ecb21fcfa75/1/8l2dskSP6XudF6RL5dZEhI-gGOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.143.28.0/22
194.53.208.0/22
IPv6:
2001:67c:28f0::/48
2a03:a8e0::/32
Signature Algorithm: sha256WithRSAEncryption
74:3e:a0:f7:5d:bc:d1:56:af:43:9b:2e:fe:76:35:71:63:be:
27:be:b9:d8:b5:33:7a:4b:06:05:1d:f9:29:66:39:cc:8b:7d:
97:7f:b2:ab:bb:c7:7b:72:2e:fc:3b:5d:9f:34:12:87:85:45:
8a:76:10:dd:97:9c:7d:bf:b3:9a:fe:65:0e:e8:ac:26:25:5b:
2e:e9:4b:83:54:bf:04:e6:54:eb:b8:f2:f1:84:7e:dc:dd:18:
c8:05:4d:03:82:ce:59:68:76:d5:74:a5:18:f4:76:fc:c0:94:
ff:00:ea:e7:c1:25:b9:9e:20:71:de:47:c0:62:c3:73:4f:c7:
1c:21:54:99:ff:d4:04:6a:9e:15:ff:1c:2f:0e:93:ee:da:0e:
3f:0e:f3:52:a7:82:4e:4b:e9:0a:23:60:fb:e0:ea:bc:36:8d:
3d:f6:65:9a:ab:7e:04:6c:e0:fb:5b:3d:c9:2e:71:28:80:40:
3f:94:bb:97:98:64:fa:2e:d3:a8:7f:e0:53:27:06:cb:e8:69:
47:0f:c7:4f:ae:93:f2:48:8e:85:98:39:d6:af:29:44:b5:a8:
18:45:87:f3:9d:7a:4f:34:3e:01:d9:ea:dc:bd:93:39:c7:f6:
3f:04:e3:58:75:3c:9d:e1:43:e2:d5:b4:93:6c:27:f7:43:84:
c0:97:09:f3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEErb2fjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MjVkOWRiMjQ0OGZlOTdiOWQxN2E0NGJlNWQ2NDQ4NDhmYTAxOGUxMB4XDTIyMDEw
MTAyNTU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmI0ZDkyMmZjNjk1
ZTk2NzhmNGI5MTNkYzY3YzEyYmYyMzVlN2M3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZzsurbnvPMhU4JrvYTVLj2dx7dxqpp/25H32J3NjMwiNZI
OjWyvcvOk2ZMMdT8BFmAG6f1c2jN2hffcdS/HvEcXL7zPoYo7yd9Qd84iZTfgUkJ
cyf4T8+WPir1lXtXY1+5KAFR2ZLsBZEhgNMBMKtr7FrUt+9/rRJWR9jjL2k0l0Zp
yTc49rHvfdItt1T5AE2iqRaQ8lY/OVxT5CNNCeQh96NRjVfUmlLH9lUIR+Y1j5Wb
L4rs9MVejcSRHB56BEnmbIjvKROQ1DHH136ioEoV38rLzqTj4vBohbt7lrSEVJRg
aI8IY9GY4iBlWaeanI95YcLRMM4ADx/ARZFS8QUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBQrTZIvxpXpZ49LkT3GfBK/I158ejAfBgNVHSMEGDAWgBTyXZ2yRI/pe50X
pEvl1kSEj6AY4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhsMmRza1NQNlh1ZEY2Ukw1ZFpFaEktZ0dPRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvNTE2MDhmLWZkNGItNDI2OC1hNmUzLTVlY2IyMWZjZmE3NS8x
L0swMlNMOGFWNldlUFM1RTl4bndTdnlOZWZIby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
NTE2MDhmLWZkNGItNDI2OC1hNmUzLTVlY2IyMWZjZmE3NS8xLzhsMmRza1NQNlh1
ZEY2Ukw1ZFpFaEktZ0dPRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEArmPHAMEAsI10DAWBAIAAjAQAwcA
IAEGfCjwAwUAKgOo4DANBgkqhkiG9w0BAQsFAAOCAQEAdD6g91280VavQ5su/nY1
cWO+J7652LUzeksGBR35KWY5zIt9l3+yq7vHe3Iu/DtdnzQSh4VFinYQ3Zecfb+z
mv5lDuisJiVbLulLg1S/BOZU67jy8YR+3N0YyAVNA4LOWWh21XSlGPR2/MCU/wDq
58EluZ4gcd5HwGLDc0/HHCFUmf/UBGqeFf8cLw6T7toOPw7zUqeCTkvpCiNg++Dq
vDaNPfZlmqt+BGzg+1s9yS5xKIBAP5S7l5hk+i7TqH/gUycGy+hpRw/HT66T8kiO
hZg51q8pRLWoGEWH8516TzQ+Adnq3L2TOcf2PwTjWHU8neFD4tW0k2wn90OEwJcJ
8w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:16 2023 by rpki-client on console-fra.rpki-client.org