Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/2UaK6GbKKEU3oMC2gNGuQPd1rg8.roa
File: 2UaK6GbKKEU3oMC2gNGuQPd1rg8.roa (raw, json)
Hash identifier: YnfJp1Oz1EeQOTEo+yIOR2PSa2N/U0MNt1bsc8ftgdw=
Subject key identifier: D9:46:8A:E8:66:CA:28:45:37:A0:C0:B6:80:D1:AE:40:F7:75:AE:0F
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 0A906481
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/2UaK6GbKKEU3oMC2gNGuQPd1rg8.roa
Signing time: Sat 01 Jan 2022 16:05:31 +0000
ROA not before: Sat 01 Jan 2022 16:05:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202297
IP address blocks: 185.165.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177235073 (0xa906481)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Jan 1 16:05:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d9468ae866ca284537a0c0b680d1ae40f775ae0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2b:4d:51:cd:06:db:8e:2f:40:ae:5b:e5:a9:
3b:4e:13:a9:05:8e:a3:95:f1:0c:a6:b8:7c:96:37:
b9:a5:7d:10:c6:99:bf:ac:e4:04:72:67:1c:a3:c1:
a1:c1:85:73:ee:a6:c8:40:ee:5e:8c:f9:47:96:d2:
27:aa:e2:66:c9:30:7c:f7:8b:17:b6:d7:5e:8e:b2:
62:22:a7:40:a6:a8:09:f9:3c:b2:e7:9f:88:7a:67:
f3:af:4c:0f:cb:9a:e5:5c:ad:9c:bf:d7:25:11:5f:
f8:97:5b:fa:f5:d7:96:99:0a:26:cd:4c:44:a3:8a:
34:f8:81:09:54:2c:cf:4e:04:ea:dd:c2:f2:0b:ae:
6e:c4:92:d1:10:1c:70:d5:2a:dd:63:22:f8:6c:4d:
39:a0:92:b1:37:61:07:91:50:51:3a:fa:7b:0d:d6:
56:fb:bd:8b:79:b9:e7:2a:58:b8:b9:71:84:63:8a:
c7:25:5c:a3:0e:cc:27:9b:76:83:17:57:29:c4:84:
77:41:b7:03:04:91:6a:fb:4e:72:95:ee:5f:b9:0f:
2c:c7:07:9c:91:ff:1e:f7:eb:fc:16:04:c0:ef:84:
78:b0:b3:dc:a6:32:6f:6a:fe:80:1f:70:bb:b6:94:
32:d0:d1:0b:81:96:23:0b:34:71:88:ed:0b:ca:0a:
f0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:46:8A:E8:66:CA:28:45:37:A0:C0:B6:80:D1:AE:40:F7:75:AE:0F
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/2UaK6GbKKEU3oMC2gNGuQPd1rg8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.153.0/24
Signature Algorithm: sha256WithRSAEncryption
47:20:2e:c3:8a:c1:2d:92:b3:0e:6c:e4:b1:b5:76:31:ae:8b:
95:ea:cf:f8:77:cb:39:87:df:3f:f7:98:b8:22:64:88:34:16:
79:bf:a1:5c:01:73:9b:73:27:98:99:c1:dc:64:b6:2f:86:7f:
48:2b:3e:d6:5d:79:fe:6b:40:b1:70:26:5c:bb:87:09:b7:58:
42:7f:ba:0d:23:5e:f9:15:1f:8d:f0:63:ee:9f:16:e0:14:28:
ec:50:5e:33:41:57:2a:64:06:21:eb:b3:66:cd:d2:7e:5e:71:
3a:b0:89:9f:8f:99:54:03:51:f5:02:52:1c:af:1a:f4:e4:36:
ce:bf:5f:8a:8a:7a:b2:3c:ff:1d:82:9b:cd:df:72:00:54:5f:
ae:5e:a5:0a:f7:ec:28:24:81:e3:1b:2f:eb:5b:f6:18:6d:50:
13:77:df:bb:37:cf:e2:48:d0:10:ca:1b:00:ae:b4:b4:15:15:
e5:bd:d5:d5:fe:20:8c:dc:37:f3:60:9c:58:60:1f:b9:b8:90:
5a:af:38:60:5c:6a:17:4a:0b:15:15:33:62:fc:41:0c:36:72:
d6:8a:bc:99:48:8b:ae:7e:d7:20:92:0d:aa:ba:d0:b0:9b:b5:
d9:9e:fc:67:81:d5:4a:e9:7d:57:f5:7c:e4:a8:a6:d0:f6:2b:
ad:7b:a3:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECpBkgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWNlNTY5YTE0YzJkYjM3NzJmMjMxODdjZTY4ZTY1NDFlYzAwNDhlMB4XDTIyMDEw
MTE2MDUzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDk0NjhhZTg2NmNh
Mjg0NTM3YTBjMGI2ODBkMWFlNDBmNzc1YWUwZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwrTVHNBtuOL0CuW+WpO04TqQWOo5XxDKa4fJY3uaV9EMaZ
v6zkBHJnHKPBocGFc+6myEDuXoz5R5bSJ6riZskwfPeLF7bXXo6yYiKnQKaoCfk8
suefiHpn869MD8ua5VytnL/XJRFf+Jdb+vXXlpkKJs1MRKOKNPiBCVQsz04E6t3C
8guubsSS0RAccNUq3WMi+GxNOaCSsTdhB5FQUTr6ew3WVvu9i3m55ypYuLlxhGOK
xyVcow7MJ5t2gxdXKcSEd0G3AwSRavtOcpXuX7kPLMcHnJH/Hvfr/BYEwO+EeLCz
3KYyb2r+gB9wu7aUMtDRC4GWIws0cYjtC8oK8KMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZRoroZsooRTegwLaA0a5A93WuDzAfBgNVHSMEGDAWgBSZzlaaFMLbN3Ly
MYfOaOZUHsAEjjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21jNVdtaFRDMnpkeThqR0h6bWptVkI3QUJJNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvY2M2ZTk5LTZlNWYtNDAxYi05MTJkLTEwOTU1NDRjNmM1MC8x
LzJVYUs2R2JLS0VVM29NQzJnTkd1UVBkMXJnOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
Y2M2ZTk5LTZlNWYtNDAxYi05MTJkLTEwOTU1NDRjNmM1MC8xL21jNVdtaFRDMnpk
eThqR0h6bWptVkI3QUJJNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmlmTANBgkqhkiG9w0BAQsFAAOC
AQEARyAuw4rBLZKzDmzksbV2Ma6LlerP+HfLOYffP/eYuCJkiDQWeb+hXAFzm3Mn
mJnB3GS2L4Z/SCs+1l15/mtAsXAmXLuHCbdYQn+6DSNe+RUfjfBj7p8W4BQo7FBe
M0FXKmQGIeuzZs3Sfl5xOrCJn4+ZVANR9QJSHK8a9OQ2zr9fiop6sjz/HYKbzd9y
AFRfrl6lCvfsKCSB4xsv61v2GG1QE3ffuzfP4kjQEMobAK60tBUV5b3V1f4gjNw3
82CcWGAfubiQWq84YFxqF0oLFRUzYvxBDDZy1oq8mUiLrn7XIJINqrrQsJu12Z78
Z4HVSul9V/V85Kim0PYrrXuj+A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:21 2023 by rpki-client on console-fra.rpki-client.org