Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/0cee19-af0f-4e93-8010-d953f4854757/1/1-gAjWdVjM38v-gQSbLsT80cRWKM.roa
File: 1-gAjWdVjM38v-gQSbLsT80cRWKM.roa (raw, json)
Hash identifier: NKgNTqj52oKiZjZrjn+FImnok8kT/QAcaZIO3UNGJ74=
Subject key identifier: FA:00:23:59:D5:63:33:7F:2F:FA:04:12:6C:BB:13:F3:47:11:58:A3
Certificate issuer: /CN=d188a88d595dc2ed8c2f9239645c4e8c5e737d31
Certificate serial: 030CEEA8
Authority key identifier: D1:88:A8:8D:59:5D:C2:ED:8C:2F:92:39:64:5C:4E:8C:5E:73:7D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0YiojVldwu2ML5I5ZFxOjF5zfTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/0cee19-af0f-4e93-8010-d953f4854757/1/1-gAjWdVjM38v-gQSbLsT80cRWKM.roa
Signing time: Sat 01 Jan 2022 13:59:11 +0000
ROA not before: Sat 01 Jan 2022 13:59:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206238
IP address blocks: 185.232.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 51179176 (0x30ceea8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d188a88d595dc2ed8c2f9239645c4e8c5e737d31
Validity
Not Before: Jan 1 13:59:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa002359d563337f2ffa04126cbb13f3471158a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:85:db:48:f8:25:5e:68:10:74:16:cf:70:c3:
19:88:43:17:31:e7:fa:e1:6a:17:37:08:a1:db:22:
b5:e0:bc:b7:40:4d:c1:d4:89:56:0d:07:52:b1:fc:
7b:96:b1:f8:ff:3d:0b:42:88:69:1a:c9:d6:ad:d1:
0f:5b:2e:6c:0c:63:53:1a:bd:85:20:f4:06:34:9e:
eb:dc:e5:03:b1:30:28:9f:81:e5:74:5c:0d:4d:ef:
d7:50:c0:21:65:21:83:63:73:31:0d:74:33:f6:d9:
40:9e:8d:88:57:48:9b:bc:65:ab:92:aa:a3:c1:9c:
22:e2:6a:41:a1:51:25:56:17:98:14:26:75:30:33:
aa:6b:d0:35:0f:d7:85:cc:1d:f3:2c:47:3b:68:5c:
46:1f:bb:58:0e:a5:c0:3a:3c:6a:05:e1:f9:d3:1b:
e3:86:21:1c:4c:58:9e:a8:fe:79:3e:b3:ea:43:71:
69:e2:ea:9a:65:2c:8e:dd:64:a0:14:7c:c6:57:8a:
ad:fb:82:3e:42:43:8e:f4:53:78:94:a5:a6:cc:bb:
b2:bc:44:0e:e2:e5:b8:3d:f8:70:51:4f:de:35:4c:
eb:d4:38:0d:17:20:ca:a7:b3:41:5b:a6:ea:e5:b1:
f0:c6:06:50:a6:3a:73:3d:24:e6:2b:84:51:a0:45:
dc:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:00:23:59:D5:63:33:7F:2F:FA:04:12:6C:BB:13:F3:47:11:58:A3
X509v3 Authority Key Identifier:
keyid:D1:88:A8:8D:59:5D:C2:ED:8C:2F:92:39:64:5C:4E:8C:5E:73:7D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0YiojVldwu2ML5I5ZFxOjF5zfTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0cee19-af0f-4e93-8010-d953f4854757/1/1-gAjWdVjM38v-gQSbLsT80cRWKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/0cee19-af0f-4e93-8010-d953f4854757/1/0YiojVldwu2ML5I5ZFxOjF5zfTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.98.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:c1:33:d0:43:2b:b5:4f:a0:f6:34:3b:91:54:36:b5:42:5f:
6e:f6:f4:56:7c:68:cc:12:7a:b2:86:47:40:69:95:bd:07:d3:
4e:93:60:a2:82:56:0f:d1:db:bb:e7:2e:d5:af:d9:aa:8e:18:
be:c8:dc:13:23:bf:33:4f:03:af:4a:87:57:31:af:59:aa:40:
b2:9e:1b:d9:7e:c5:a0:c2:f2:18:cb:88:7e:32:6e:30:c1:6d:
72:d6:09:65:02:cb:61:a6:3b:c4:24:5f:2e:2c:3c:78:7d:c4:
a5:82:1d:44:8f:22:2b:2f:0a:cd:48:1e:ee:09:e3:32:bc:9d:
6b:59:30:52:fd:8e:a7:0c:69:6d:97:b7:d9:1a:5e:f9:43:53:
01:e2:59:70:ba:a7:82:53:87:aa:2d:39:17:df:80:c0:dc:73:
a5:86:56:38:28:9c:eb:2b:4e:7f:4b:d9:58:84:a4:c7:c3:52:
7d:46:bd:b4:37:b0:c8:c4:10:5c:fc:13:97:8a:e9:53:70:0e:
8e:11:83:6f:0a:d7:0c:45:c1:a9:48:31:72:be:e7:cf:e6:63:
97:a1:0e:2d:9e:69:42:e3:3a:93:ae:88:c0:27:b7:2f:f5:56:
b3:3c:e7:c8:9a:c8:03:f1:af:ff:7b:66:20:54:ee:9e:05:9d:
81:1f:e1:18
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEAwzuqDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTg4YTg4ZDU5NWRjMmVkOGMyZjkyMzk2NDVjNGU4YzVlNzM3ZDMxMB4XDTIyMDEw
MTEzNTkxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmEwMDIzNTlkNTYz
MzM3ZjJmZmEwNDEyNmNiYjEzZjM0NzExNThhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOGF20j4JV5oEHQWz3DDGYhDFzHn+uFqFzcIodsiteC8t0BN
wdSJVg0HUrH8e5ax+P89C0KIaRrJ1q3RD1subAxjUxq9hSD0BjSe69zlA7EwKJ+B
5XRcDU3v11DAIWUhg2NzMQ10M/bZQJ6NiFdIm7xlq5Kqo8GcIuJqQaFRJVYXmBQm
dTAzqmvQNQ/Xhcwd8yxHO2hcRh+7WA6lwDo8agXh+dMb44YhHExYnqj+eT6z6kNx
aeLqmmUsjt1koBR8xleKrfuCPkJDjvRTeJSlpsy7srxEDuLluD34cFFP3jVM69Q4
DRcgyqezQVum6uWx8MYGUKY6cz0k5iuEUaBF3M0CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT6ACNZ1WMzfy/6BBJsuxPzRxFYozAfBgNVHSMEGDAWgBTRiKiNWV3C7Ywv
kjlkXE6MXnN9MTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBZaW9qVmxkd3UyTUw1STVaRnhPakY1emZURS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTAvMGNlZTE5LWFmMGYtNGU5My04MDEwLWQ5NTNmNDg1NDc1Ny8x
LzEtZ0FqV2RWak0zOHYtZ1FTYkxzVDgwY1JXS00ucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzUw
LzBjZWUxOS1hZjBmLTRlOTMtODAxMC1kOTUzZjQ4NTQ3NTcvMS8wWWlvalZsZHd1
Mk1MNUk1WkZ4T2pGNXpmVEUuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC56GIwDQYJKoZIhvcNAQELBQAD
ggEBAJ/BM9BDK7VPoPY0O5FUNrVCX2729FZ8aMwSerKGR0Bplb0H006TYKKCVg/R
27vnLtWv2aqOGL7I3BMjvzNPA69Kh1cxr1mqQLKeG9l+xaDC8hjLiH4ybjDBbXLW
CWUCy2GmO8QkXy4sPHh9xKWCHUSPIisvCs1IHu4J4zK8nWtZMFL9jqcMaW2Xt9ka
XvlDUwHiWXC6p4JTh6otORffgMDcc6WGVjgonOsrTn9L2ViEpMfDUn1GvbQ3sMjE
EFz8E5eK6VNwDo4Rg28K1wxFwalIMXK+58/mY5ehDi2eaULjOpOuiMAnty/1VrM8
58iayAPxr/97ZiBU7p4FnYEf4Rg=
-----END CERTIFICATE-----