Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/dHL9T6XRiaHdJzucbfqPiBQQSoU.roa
File: dHL9T6XRiaHdJzucbfqPiBQQSoU.roa (raw, json)
Hash identifier: eMUmpbaLXVULKvwhBC4mHg9SvDliEcMshf9rIVsXkIA=
Subject key identifier: 74:72:FD:4F:A5:D1:89:A1:DD:27:3B:9C:6D:FA:8F:88:14:10:4A:85
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0574321E
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/dHL9T6XRiaHdJzucbfqPiBQQSoU.roa
Signing time: Sat 01 Jan 2022 15:07:25 +0000
ROA not before: Sat 01 Jan 2022 15:07:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 85.203.4.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91501086 (0x574321e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 1 15:07:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7472fd4fa5d189a1dd273b9c6dfa8f8814104a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a4:f3:2d:1d:9d:31:d9:81:2c:d7:e2:e8:63:
9a:08:fb:db:35:52:ae:50:4c:4a:a3:7b:f9:84:d1:
03:66:59:9f:43:5c:08:76:b9:a2:21:79:3f:21:07:
01:d4:64:12:c9:b7:77:f8:78:d3:0d:59:da:c9:66:
5d:b0:43:5e:08:8a:97:90:91:24:08:ba:97:ce:41:
21:29:be:bf:0d:23:eb:e3:95:52:93:55:34:95:dc:
e9:a6:14:47:49:1d:19:a7:3c:e2:65:4b:32:32:e3:
ce:6a:70:b1:08:d2:35:81:8c:36:a8:84:90:72:64:
f3:e9:b0:41:a7:91:17:ec:c1:fa:42:b8:a1:1c:bb:
e3:f1:1d:40:a1:2b:80:a8:c5:68:a9:eb:4c:bf:e7:
38:c5:2f:5f:e9:2b:ab:2e:e3:31:41:3b:e8:cd:73:
ed:b9:e8:8a:ef:43:9e:dc:4b:8a:c7:ef:52:6b:69:
b3:16:96:10:ee:58:a9:6e:61:02:b9:be:0e:ce:52:
6f:86:2d:3b:3d:10:36:7b:54:fa:c2:4c:96:b4:41:
20:f6:d4:94:66:d6:a6:08:b7:76:f9:a3:f1:22:95:
c6:31:e1:ba:2b:fc:72:f6:ca:c6:33:3c:04:5e:e9:
e6:5d:a9:51:73:ac:21:6f:fa:a6:a7:c3:e3:85:93:
46:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:72:FD:4F:A5:D1:89:A1:DD:27:3B:9C:6D:FA:8F:88:14:10:4A:85
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/dHL9T6XRiaHdJzucbfqPiBQQSoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.4.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:7c:4e:9f:46:e1:f1:33:7a:a7:db:f6:a2:b7:64:0a:46:ee:
ec:84:cf:4f:be:61:63:01:07:63:23:ea:5b:44:b9:82:97:65:
d9:f6:60:1f:1e:a0:6e:20:ef:b3:2a:fd:10:59:49:65:f7:ae:
47:ec:f9:63:46:85:96:e2:a1:26:c1:37:d1:30:b7:2d:da:ea:
c8:db:da:e7:1c:f9:1b:68:3a:3b:a9:cb:ec:42:38:37:68:7e:
5f:b2:8e:e3:a1:39:ce:b0:3e:f9:87:ae:db:95:8a:7b:2c:eb:
f7:59:b2:8e:c5:c9:b6:3d:a2:ee:c4:02:8c:0c:42:87:68:fd:
88:7c:4a:5d:18:8f:a6:c4:d8:90:50:22:e6:3a:ae:48:d5:08:
2b:1f:0d:50:6d:2e:11:60:43:4f:fa:31:64:cd:0c:ad:34:7a:
5f:d6:86:b9:97:00:a2:66:e4:72:e2:90:a5:11:9a:c1:f4:6a:
9b:dd:83:f9:67:53:37:54:b4:0b:f2:b2:aa:6c:42:a2:75:76:
53:f1:39:5a:39:5f:bf:b5:26:f5:90:de:ad:72:16:09:f6:f7:
92:44:69:45:e1:81:75:64:b6:93:b8:a7:28:0a:c5:7d:75:a6:
11:6b:c3:18:76:db:cc:94:ac:6f:48:cf:bf:8d:55:b4:41:2f:
1b:0c:95:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBXQyHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDViZGY2ZWVjMDgzNzBhZTFmNjdlODNmOTliNWFjMWZlMjY4NzJjMB4XDTIyMDEw
MTE1MDcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ3MmZkNGZhNWQx
ODlhMWRkMjczYjljNmRmYThmODgxNDEwNGE4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyk8y0dnTHZgSzX4uhjmgj72zVSrlBMSqN7+YTRA2ZZn0Nc
CHa5oiF5PyEHAdRkEsm3d/h40w1Z2slmXbBDXgiKl5CRJAi6l85BISm+vw0j6+OV
UpNVNJXc6aYUR0kdGac84mVLMjLjzmpwsQjSNYGMNqiEkHJk8+mwQaeRF+zB+kK4
oRy74/EdQKErgKjFaKnrTL/nOMUvX+krqy7jMUE76M1z7bnoiu9DntxLisfvUmtp
sxaWEO5YqW5hArm+Ds5Sb4YtOz0QNntU+sJMlrRBIPbUlGbWpgi3dvmj8SKVxjHh
uiv8cvbKxjM8BF7p5l2pUXOsIW/6pqfD44WTRv8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR0cv1PpdGJod0nO5xt+o+IFBBKhTAfBgNVHSMEGDAWgBTUW99u7Ag3CuH2
foP5m1rB/iaHLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFGdmZidXdJTndyaDluNkQtWnRhd2Y0bWh5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8x
L2RITDlUNlhSaWFIZEp6dWNiZnFQaUJRUVNvVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8xLzFGdmZidXdJTndy
aDluNkQtWnRhd2Y0bWh5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXLBDANBgkqhkiG9w0BAQsFAAOC
AQEAPnxOn0bh8TN6p9v2ordkCkbu7ITPT75hYwEHYyPqW0S5gpdl2fZgHx6gbiDv
syr9EFlJZfeuR+z5Y0aFluKhJsE30TC3LdrqyNva5xz5G2g6O6nL7EI4N2h+X7KO
46E5zrA++Yeu25WKeyzr91myjsXJtj2i7sQCjAxCh2j9iHxKXRiPpsTYkFAi5jqu
SNUIKx8NUG0uEWBDT/oxZM0MrTR6X9aGuZcAombkcuKQpRGawfRqm92D+WdTN1S0
C/KyqmxConV2U/E5Wjlfv7Um9ZDerXIWCfb3kkRpReGBdWS2k7inKArFfXWmEWvD
GHbbzJSsb0jPv41VtEEvGwyVBg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:50 2023 by rpki-client on console-ams.rpki-client.org