Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/H85Ws98SoAnyQWrAx-qdZwmRd6g.roa
File: H85Ws98SoAnyQWrAx-qdZwmRd6g.roa (raw, json)
Hash identifier: fc0olu9N2hpiL/YRvoj+rHNcYaIZlYCKOIoXqgbGYTA=
Subject key identifier: 1F:CE:56:B3:DF:12:A0:09:F2:41:6A:C0:C7:EA:9D:67:09:91:77:A8
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 08F771E0
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/H85Ws98SoAnyQWrAx-qdZwmRd6g.roa
Signing time: Sat 01 Jan 2022 08:59:04 +0000
ROA not before: Sat 01 Jan 2022 08:59:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3549
IP address blocks: 192.109.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150434272 (0x8f771e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 08:59:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fce56b3df12a009f2416ac0c7ea9d67099177a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:86:c2:7d:98:84:d5:e0:82:11:f3:6a:be:1e:
78:37:8d:dc:de:86:71:b9:d7:b2:ad:e3:69:18:39:
98:ee:da:10:a0:1e:7c:46:a7:4b:3e:49:27:30:87:
32:e2:fb:e7:60:af:db:a1:30:73:b8:3d:3b:df:9a:
49:ef:86:79:40:a4:9b:14:43:1c:d3:8a:76:5e:1d:
bd:a1:a2:45:d2:e4:34:57:f8:b5:2a:e8:1e:df:9b:
62:c2:16:e9:40:d1:f2:0b:dd:23:49:7b:d1:8e:bc:
68:39:3b:aa:25:9b:42:4a:bc:24:bf:92:a0:aa:15:
ae:4f:ef:be:98:18:6f:93:c7:17:25:0e:a3:aa:38:
ed:6e:a6:4c:67:c4:5a:dc:7a:44:d1:53:45:2c:35:
c0:2f:2b:e4:02:c0:0c:76:f1:8a:6d:06:2d:1e:ba:
10:65:05:43:46:c1:4b:59:36:de:4c:25:f2:fc:9c:
22:0a:9b:1e:22:8b:8d:b3:35:5d:ff:d7:74:86:65:
28:cc:26:13:ce:ac:17:6a:c2:3a:9c:5b:a9:16:bc:
94:97:74:cb:7e:78:ff:8a:f6:68:9f:75:16:b4:96:
1a:ec:e6:8b:c5:b9:d2:0a:36:21:a4:2c:ff:44:a4:
9c:18:e3:d7:0c:24:98:d9:2c:96:44:df:56:8d:a2:
6c:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:CE:56:B3:DF:12:A0:09:F2:41:6A:C0:C7:EA:9D:67:09:91:77:A8
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/H85Ws98SoAnyQWrAx-qdZwmRd6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.148.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:e7:48:d3:f9:bf:b8:48:49:96:62:70:98:86:a3:bd:70:38:
ff:88:c7:50:87:e4:3b:25:1f:42:d9:fb:96:be:d8:10:55:7d:
66:af:52:12:d3:90:8b:f0:cd:f5:f4:8b:69:f8:3a:58:ee:38:
07:86:fc:ed:79:27:58:e5:cb:89:a7:07:2c:f5:d5:e5:5b:67:
5e:f3:3a:7c:24:42:b9:02:8b:a0:8a:78:98:aa:75:7e:9a:b9:
ac:87:a4:ee:3d:37:87:37:3a:37:6b:14:c3:9e:7b:f9:e9:39:
3f:37:c9:7d:56:16:f4:3a:19:9e:42:17:f6:5d:09:21:19:5c:
68:e7:e7:f1:f4:07:8b:e7:20:53:00:85:a6:0f:0d:bb:60:ec:
c0:71:9b:29:a4:31:78:62:d3:76:b3:39:74:1d:4b:06:25:df:
0b:3b:c9:df:11:a5:0f:e2:d4:ce:52:c3:49:12:75:5b:93:4e:
25:50:79:02:3d:bc:7f:6e:95:aa:b6:85:43:58:0e:53:1a:7d:
f1:da:b0:d9:a1:39:2b:92:dc:26:a8:e5:1e:3d:f2:cb:d3:f5:
0b:54:00:8a:c3:7b:2c:fc:75:db:45:fd:81:b5:55:00:a1:7c:
d1:78:70:f3:e0:40:1c:f4:9e:99:ba:35:2b:3f:9a:69:99:c7:
2b:b7:0c:d1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECPdx4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTM3ZDgwN2Q0ZjdjZGQzZTBhZmU0YWJjOGVlNWE4ODBjNjA5MGYxMB4XDTIyMDEw
MTA4NTkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZjZTU2YjNkZjEy
YTAwOWYyNDE2YWMwYzdlYTlkNjcwOTkxNzdhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiGwn2YhNXgghHzar4eeDeN3N6GcbnXsq3jaRg5mO7aEKAe
fEanSz5JJzCHMuL752Cv26Ewc7g9O9+aSe+GeUCkmxRDHNOKdl4dvaGiRdLkNFf4
tSroHt+bYsIW6UDR8gvdI0l70Y68aDk7qiWbQkq8JL+SoKoVrk/vvpgYb5PHFyUO
o6o47W6mTGfEWtx6RNFTRSw1wC8r5ALADHbxim0GLR66EGUFQ0bBS1k23kwl8vyc
IgqbHiKLjbM1Xf/XdIZlKMwmE86sF2rCOpxbqRa8lJd0y354/4r2aJ91FrSWGuzm
i8W50go2IaQs/0SknBjj1wwkmNkslkTfVo2ibKECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQfzlaz3xKgCfJBasDH6p1nCZF3qDAfBgNVHSMEGDAWgBQKN9gH1PfN0+Cv
5KvI7lqIDGCQ8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqZllCOVQzemRQZ3ItU3J5TzVhaUF4Z2tQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8x
L0g4NVdzOThTb0FueVFXckF4LXFkWndtUmQ2Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8xL0NqZllCOVQzemRQ
Z3ItU3J5TzVhaUF4Z2tQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBtlDANBgkqhkiG9w0BAQsFAAOC
AQEAjudI0/m/uEhJlmJwmIajvXA4/4jHUIfkOyUfQtn7lr7YEFV9Zq9SEtOQi/DN
9fSLafg6WO44B4b87XknWOXLiacHLPXV5VtnXvM6fCRCuQKLoIp4mKp1fpq5rIek
7j03hzc6N2sUw557+ek5PzfJfVYW9DoZnkIX9l0JIRlcaOfn8fQHi+cgUwCFpg8N
u2DswHGbKaQxeGLTdrM5dB1LBiXfCzvJ3xGlD+LUzlLDSRJ1W5NOJVB5Aj28f26V
qraFQ1gOUxp98dqw2aE5K5LcJqjlHj3yy9P1C1QAisN7LPx120X9gbVVAKF80Xhw
8+BAHPSembo1Kz+aaZnHK7cM0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:54 2024 by rpki-client on console-fra.rpki-client.org