Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/oqg8Jm8M1Eb3mIp2pSKSpG47RxQ.roa
File: oqg8Jm8M1Eb3mIp2pSKSpG47RxQ.roa (raw, json)
Hash identifier: iPZt0A+Cz6z0mesEWZEq2U4zYBFWnKRmS9SjOqVXyXU=
Subject key identifier: A2:A8:3C:26:6F:0C:D4:46:F7:98:8A:76:A5:22:92:A4:6E:3B:47:14
Certificate issuer: /CN=b6d68436a76339f671441cfbd50ad401d3c00fff
Certificate serial: 03EC5DF6
Authority key identifier: B6:D6:84:36:A7:63:39:F6:71:44:1C:FB:D5:0A:D4:01:D3:C0:0F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttaENqdjOfZxRBz71QrUAdPAD_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/oqg8Jm8M1Eb3mIp2pSKSpG47RxQ.roa
Signing time: Sat 01 Jan 2022 06:55:03 +0000
ROA not before: Sat 01 Jan 2022 06:55:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204411
IP address blocks: 185.235.160.0/24 maxlen: 24
185.235.160.0/22 maxlen: 22
185.235.163.0/24 maxlen: 24
185.235.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65822198 (0x3ec5df6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d68436a76339f671441cfbd50ad401d3c00fff
Validity
Not Before: Jan 1 06:55:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2a83c266f0cd446f7988a76a52292a46e3b4714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:44:7e:d3:88:39:0c:0f:a9:b7:dc:97:12:2a:
09:63:5e:8b:9c:8f:83:1d:66:31:72:7b:3c:62:4b:
32:e4:a5:6c:04:14:db:b3:1a:5f:86:6e:61:f8:89:
90:00:a5:eb:28:99:b4:57:af:9c:91:4d:11:e2:cf:
86:44:a0:26:e3:fd:7e:15:23:4d:a6:6e:05:49:32:
25:63:4a:2a:98:40:6b:28:a2:f1:3e:43:03:17:5b:
08:91:0c:f4:cc:13:79:d7:70:b8:7e:f9:7e:f4:cc:
3d:24:aa:20:e5:ba:81:dc:c9:8d:08:79:a3:c2:6c:
30:16:64:e4:ac:5d:b4:c9:61:7a:db:8e:d4:42:de:
58:7e:c6:de:28:b3:b9:d8:fd:f0:11:a1:b5:91:f7:
ff:3c:69:f6:88:2d:a2:41:d6:1c:e8:74:4b:a1:7b:
94:f6:02:49:49:94:14:d8:cc:c4:b2:6b:d0:30:16:
4a:3e:82:f6:9d:5d:e1:73:0e:c7:68:84:de:f0:79:
77:f0:08:e4:24:73:db:08:9e:85:77:e8:bb:60:be:
45:c8:5e:2d:68:13:94:d6:7a:98:e8:2e:aa:b4:51:
ec:2f:b2:5b:56:70:7a:6e:e5:96:74:d8:5a:46:36:
51:39:35:d5:60:d7:7e:9d:af:4a:b7:c5:32:67:6e:
01:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A8:3C:26:6F:0C:D4:46:F7:98:8A:76:A5:22:92:A4:6E:3B:47:14
X509v3 Authority Key Identifier:
keyid:B6:D6:84:36:A7:63:39:F6:71:44:1C:FB:D5:0A:D4:01:D3:C0:0F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttaENqdjOfZxRBz71QrUAdPAD_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/oqg8Jm8M1Eb3mIp2pSKSpG47RxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/84a5dd-5cf2-4857-bd93-3c711a15fa5c/1/ttaENqdjOfZxRBz71QrUAdPAD_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.160.0/22
Signature Algorithm: sha256WithRSAEncryption
81:9b:29:e1:83:6c:b9:24:69:f3:0d:2b:0c:20:e3:a8:94:ed:
d6:35:14:df:44:2e:52:51:0c:58:73:8a:c5:61:1c:47:84:dc:
12:fc:6a:b0:75:34:fa:0e:8e:b9:71:e9:5d:52:9f:cc:ec:de:
ac:24:fd:68:b8:40:a0:97:cf:b0:26:b6:2c:ea:ac:20:53:2e:
3f:64:bc:93:3a:bc:86:ff:60:8c:eb:7c:92:54:f1:cc:4d:01:
74:a2:52:a7:ad:25:57:e7:d4:ad:65:4d:51:d9:74:f8:76:d1:
c1:59:c7:90:ed:c7:12:69:06:6a:09:76:b1:34:82:4d:62:68:
b2:51:a9:0d:4f:c9:15:10:cf:10:03:8b:e4:dc:fd:40:7b:1f:
9d:68:09:00:5d:ec:40:af:a8:d0:9a:cf:85:a5:b5:64:9e:5e:
f1:45:48:f3:04:11:a1:a2:e3:08:ff:05:47:80:82:ac:4f:92:
6d:62:cb:16:af:10:0d:ed:74:1d:2b:69:12:05:78:8f:df:46:
98:a6:b1:f2:25:e9:87:75:2d:e9:06:a5:ca:7d:11:45:13:d3:
7c:41:11:42:04:d0:65:be:69:c6:04:f1:a1:db:d7:a2:53:f7:
81:43:c0:9c:7b:7c:99:e1:85:e4:cf:7d:34:eb:f0:b8:36:47:
cf:aa:74:03
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA+xd9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NmQ2ODQzNmE3NjMzOWY2NzE0NDFjZmJkNTBhZDQwMWQzYzAwZmZmMB4XDTIyMDEw
MTA2NTUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTJhODNjMjY2ZjBj
ZDQ0NmY3OTg4YTc2YTUyMjkyYTQ2ZTNiNDcxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKFEftOIOQwPqbfclxIqCWNei5yPgx1mMXJ7PGJLMuSlbAQU
27MaX4ZuYfiJkACl6yiZtFevnJFNEeLPhkSgJuP9fhUjTaZuBUkyJWNKKphAayii
8T5DAxdbCJEM9MwTeddwuH75fvTMPSSqIOW6gdzJjQh5o8JsMBZk5KxdtMlhetuO
1ELeWH7G3iizudj98BGhtZH3/zxp9ogtokHWHOh0S6F7lPYCSUmUFNjMxLJr0DAW
Sj6C9p1d4XMOx2iE3vB5d/AI5CRz2wiehXfou2C+RcheLWgTlNZ6mOguqrRR7C+y
W1Zwem7llnTYWkY2UTk11WDXfp2vSrfFMmduAdkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSiqDwmbwzURveYinalIpKkbjtHFDAfBgNVHSMEGDAWgBS21oQ2p2M59nFE
HPvVCtQB08AP/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R0YUVOcWRqT2ZaeFJCejcxUXJVQWRQQURfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvODRhNWRkLTVjZjItNDg1Ny1iZDkzLTNjNzExYTE1ZmE1Yy8x
L29xZzhKbThNMUViM21JcDJwU0tTcEc0N1J4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ODRhNWRkLTVjZjItNDg1Ny1iZDkzLTNjNzExYTE1ZmE1Yy8xL3R0YUVOcWRqT2Za
eFJCejcxUXJVQWRQQURfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnroDANBgkqhkiG9w0BAQsFAAOC
AQEAgZsp4YNsuSRp8w0rDCDjqJTt1jUU30QuUlEMWHOKxWEcR4TcEvxqsHU0+g6O
uXHpXVKfzOzerCT9aLhAoJfPsCa2LOqsIFMuP2S8kzq8hv9gjOt8klTxzE0BdKJS
p60lV+fUrWVNUdl0+HbRwVnHkO3HEmkGagl2sTSCTWJoslGpDU/JFRDPEAOL5Nz9
QHsfnWgJAF3sQK+o0JrPhaW1ZJ5e8UVI8wQRoaLjCP8FR4CCrE+SbWLLFq8QDe10
HStpEgV4j99GmKax8iXph3Ut6Qalyn0RRRPTfEERQgTQZb5pxgTxodvXolP3gUPA
nHt8meGF5M99NOvwuDZHz6p0Aw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:15 2024 by rpki-client on console-ams.rpki-client.org