Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/616c00-fbeb-4b30-9e25-9e91fca78f47/1/uVCsKRN4tbBHKGr2NZqPT-hN1to.roa
File: uVCsKRN4tbBHKGr2NZqPT-hN1to.roa (raw, json)
Hash identifier: RwVk3/B9LBz0rGoTIao9cmCikxJT/n/tNKQAE1Gbqcw=
Subject key identifier: B9:50:AC:29:13:78:B5:B0:47:28:6A:F6:35:9A:8F:4F:E8:4D:D6:DA
Certificate issuer: /CN=48167dc1dd2bf991d70cf6ee87f4361e75cef20d
Certificate serial: 0184CD7D220B89AE15095CFDCD5362A12C44
Authority key identifier: 48:16:7D:C1:DD:2B:F9:91:D7:0C:F6:EE:87:F4:36:1E:75:CE:F2:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBZ9wd0r-ZHXDPbuh_Q2HnXO8g0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/616c00-fbeb-4b30-9e25-9e91fca78f47/1/uVCsKRN4tbBHKGr2NZqPT-hN1to.roa
Signing time: Thu 01 Dec 2022 11:40:40 +0000
ROA not before: Thu 01 Dec 2022 11:40:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 185.85.208.0/22 maxlen: 24
2a0d:9c80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:7d:22:0b:89:ae:15:09:5c:fd:cd:53:62:a1:2c:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48167dc1dd2bf991d70cf6ee87f4361e75cef20d
Validity
Not Before: Dec 1 11:40:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b950ac291378b5b047286af6359a8f4fe84dd6da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e0:d1:be:39:8d:e4:ee:61:2a:4d:ba:5a:99:
d9:7e:33:5f:97:31:9d:64:af:11:27:14:05:a3:05:
7f:9d:ef:b4:c9:69:fa:89:71:d6:22:e3:25:73:8d:
dd:a8:77:98:fd:f5:f3:25:c1:e1:ac:67:e1:ac:3f:
8e:d4:9b:e0:0d:f0:74:a2:75:22:fd:35:e1:54:8f:
89:5d:4e:78:46:d9:d8:da:0a:4c:56:50:85:f1:d8:
12:0c:ad:c5:9a:8e:2a:08:82:fe:5a:b0:8d:6e:58:
cc:b2:42:a0:e8:2a:fc:80:a2:c1:d0:1f:47:1f:b9:
e4:ba:71:b1:a0:4a:6e:a0:be:7d:43:07:16:2a:1e:
91:d5:19:9f:31:df:43:f7:44:35:48:3a:84:59:a0:
bb:b6:09:9d:6e:5e:43:4c:30:d2:58:07:8a:36:e3:
25:c2:cf:f7:84:99:83:de:72:b7:e4:94:01:d9:ce:
7e:9d:94:bd:43:09:89:ea:5f:ed:99:04:a4:3f:8f:
1a:24:8d:e8:cb:9c:7d:5a:4f:a6:b6:96:bd:fc:dd:
c3:5a:0a:2f:92:ed:21:22:22:e8:39:e9:77:7d:25:
f5:d3:76:d1:f6:99:ec:a0:a1:e4:71:ab:ae:e1:d4:
ab:25:4f:c9:34:47:e0:09:51:4e:8d:ea:08:7a:60:
e2:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:50:AC:29:13:78:B5:B0:47:28:6A:F6:35:9A:8F:4F:E8:4D:D6:DA
X509v3 Authority Key Identifier:
keyid:48:16:7D:C1:DD:2B:F9:91:D7:0C:F6:EE:87:F4:36:1E:75:CE:F2:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBZ9wd0r-ZHXDPbuh_Q2HnXO8g0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/616c00-fbeb-4b30-9e25-9e91fca78f47/1/uVCsKRN4tbBHKGr2NZqPT-hN1to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/616c00-fbeb-4b30-9e25-9e91fca78f47/1/SBZ9wd0r-ZHXDPbuh_Q2HnXO8g0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.208.0/22
IPv6:
2a0d:9c80::/29
Signature Algorithm: sha256WithRSAEncryption
62:1f:04:c1:56:96:71:76:e7:34:42:03:2c:d5:33:8f:2d:86:
b1:d2:9d:92:51:24:43:42:b3:70:9b:d1:1c:7e:85:99:cd:0a:
a3:58:5a:39:23:b9:44:e9:06:25:a4:55:52:9b:be:a5:d2:e9:
fc:f3:fc:01:7f:4d:4d:0f:29:cd:d9:ef:0d:58:04:95:ad:8f:
0e:b4:ce:b7:4d:b4:17:e7:34:91:73:ef:6a:13:a5:04:3d:6f:
11:26:d2:38:c9:93:3d:f0:4f:b6:4c:cb:71:57:85:34:1f:6e:
91:20:8d:91:d6:39:0a:ec:c5:b4:b1:eb:fd:8f:67:56:5c:c6:
03:f5:6a:b2:e0:55:2b:66:7f:2a:89:80:d9:21:cd:28:46:6d:
c4:09:4f:a7:fe:22:fd:59:59:a2:96:cb:37:84:1c:10:f6:38:
2d:ff:30:11:f0:ae:ef:6a:5e:24:07:aa:85:fe:98:4b:d0:54:
42:3c:54:9f:ee:00:32:83:5d:20:32:82:66:f3:f5:e7:49:3b:
03:c5:78:59:99:3b:9b:4a:83:43:65:46:cb:ac:be:ee:60:6a:
81:07:45:b5:c2:96:87:f9:2b:a6:6c:c1:80:15:60:b8:63:b9:
f8:1a:92:b7:26:7a:35:29:f0:b2:76:85:72:4f:a4:65:a3:0c:
25:88:d9:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTNfSILia4VCVz9zVNioSxEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MTY3ZGMxZGQyYmY5OTFkNzBjZjZlZTg3ZjQzNjFlNzVj
ZWYyMGQwHhcNMjIxMjAxMTE0MDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTUwYWMyOTEzNzhiNWIwNDcyODZhZjYzNTlhOGY0ZmU4NGRkNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgeDRvjmN5O5hKk26WpnZfjNflzGd
ZK8RJxQFowV/ne+0yWn6iXHWIuMlc43dqHeY/fXzJcHhrGfhrD+O1JvgDfB0onUi
/TXhVI+JXU54RtnY2gpMVlCF8dgSDK3Fmo4qCIL+WrCNbljMskKg6Cr8gKLB0B9H
H7nkunGxoEpuoL59QwcWKh6R1RmfMd9D90Q1SDqEWaC7tgmdbl5DTDDSWAeKNuMl
ws/3hJmD3nK35JQB2c5+nZS9QwmJ6l/tmQSkP48aJI3oy5x9Wk+mtpa9/N3DWgov
ku0hIiLoOel3fSX103bR9pnsoKHkcauu4dSrJU/JNEfgCVFOjeoIemDiuQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLlQrCkTeLWwRyhq9jWaj0/oTdbaMB8GA1UdIwQY
MBaAFEgWfcHdK/mR1wz27of0Nh51zvINMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0JaOXdkMHItWkhYRFBidWhfUTJIblhPOGcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi82MTZjMDAtZmJlYi00YjMwLTllMjUt
OWU5MWZjYTc4ZjQ3LzEvdVZDc0tSTjR0YkJIS0dyMk5acVBULWhOMXRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi82MTZjMDAtZmJlYi00YjMwLTllMjUtOWU5MWZjYTc4ZjQ3
LzEvU0JaOXdkMHItWkhYRFBidWhfUTJIblhPOGcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVXQMA0E
AgACMAcDBQMqDZyAMA0GCSqGSIb3DQEBCwUAA4IBAQBiHwTBVpZxduc0QgMs1TOP
LYax0p2SUSRDQrNwm9EcfoWZzQqjWFo5I7lE6QYlpFVSm76l0un88/wBf01NDynN
2e8NWASVrY8OtM63TbQX5zSRc+9qE6UEPW8RJtI4yZM98E+2TMtxV4U0H26RII2R
1jkK7MW0sev9j2dWXMYD9Wqy4FUrZn8qiYDZIc0oRm3ECU+n/iL9WVmilss3hBwQ
9jgt/zAR8K7val4kB6qF/phL0FRCPFSf7gAyg10gMoJm8/XnSTsDxXhZmTubSoND
ZUbLrL7uYGqBB0W1wpaH+SumbMGAFWC4Y7n4GpK3Jno1KfCydoVyT6RlowwliNkO
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:58 2023 by rpki-client on console.sobornost.net