Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/usmz-dYIt41v-K1LPat0fGBOk5Y.roa
File: usmz-dYIt41v-K1LPat0fGBOk5Y.roa (raw, json)
Hash identifier: FU0JX95GvfYr92WWReJesOQRYpL/dtazFPxlR01cjck=
Subject key identifier: BA:C9:B3:F9:D6:08:B7:8D:6F:F8:AD:4B:3D:AB:74:7C:60:4E:93:96
Certificate issuer: /CN=10af800ce95bfbb1f473b0b5f9f7b93175930e89
Certificate serial: 01849A5D4C4232A8B8D5C0FB4FDFC97583C5
Authority key identifier: 10:AF:80:0C:E9:5B:FB:B1:F4:73:B0:B5:F9:F7:B9:31:75:93:0E:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EK-ADOlb-7H0c7C1-fe5MXWTDok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/usmz-dYIt41v-K1LPat0fGBOk5Y.roa
Signing time: Mon 21 Nov 2022 13:25:16 +0000
ROA not before: Mon 21 Nov 2022 13:25:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201265
IP address blocks: 185.32.160.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9a:5d:4c:42:32:a8:b8:d5:c0:fb:4f:df:c9:75:83:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10af800ce95bfbb1f473b0b5f9f7b93175930e89
Validity
Not Before: Nov 21 13:25:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bac9b3f9d608b78d6ff8ad4b3dab747c604e9396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:44:e5:0a:17:33:b6:c1:b3:71:69:25:cf:d1:
a9:e0:65:25:c8:d7:aa:13:22:af:f5:a2:01:11:22:
b3:cf:ce:99:fa:c7:06:fb:ee:50:15:43:5a:b7:62:
d7:c7:42:b1:60:48:0f:c5:57:b4:51:60:aa:fe:20:
a0:63:47:29:33:71:33:1a:a1:92:f7:31:c3:66:49:
87:32:6e:98:57:1a:af:3a:38:4e:11:bf:42:61:74:
51:3f:6b:e1:de:ae:82:e2:b4:ba:f9:10:de:e9:f2:
7a:20:d2:48:b3:db:48:79:34:70:da:6c:f5:d9:7c:
13:f8:52:22:86:92:05:bd:8c:bf:96:9e:f5:3f:a6:
88:35:3d:98:19:93:26:f9:df:84:b1:1d:71:6a:54:
7a:80:a1:c3:d1:c0:84:e3:b6:fc:83:2c:73:11:33:
81:fc:79:35:d7:59:a0:ab:bd:c9:c4:e0:4d:34:83:
30:4a:ae:7e:d3:c0:d6:2a:a4:d6:5c:b2:8a:ce:e8:
d1:bf:4a:97:0f:27:10:42:e1:a6:bb:3a:51:03:54:
0a:c3:18:b3:63:5f:f8:c4:7a:04:65:3d:f7:db:16:
f6:f8:c6:25:ca:f0:c9:a3:3c:14:26:f9:1c:a2:5b:
4e:79:54:c2:38:60:93:db:ba:81:b8:00:08:c8:54:
71:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C9:B3:F9:D6:08:B7:8D:6F:F8:AD:4B:3D:AB:74:7C:60:4E:93:96
X509v3 Authority Key Identifier:
keyid:10:AF:80:0C:E9:5B:FB:B1:F4:73:B0:B5:F9:F7:B9:31:75:93:0E:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EK-ADOlb-7H0c7C1-fe5MXWTDok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/usmz-dYIt41v-K1LPat0fGBOk5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9a78e6-3bf7-42b6-8cbf-119942f3d7a7/1/EK-ADOlb-7H0c7C1-fe5MXWTDok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.32.160.0/22
Signature Algorithm: sha256WithRSAEncryption
70:f4:94:33:87:e1:7a:c0:76:ea:e2:7c:d4:03:d7:57:9e:61:
9b:89:2c:ae:69:98:55:0b:e2:d4:6f:63:77:46:73:31:80:77:
7e:e6:5f:9f:7e:d4:69:20:da:c1:ac:f6:53:11:5a:90:22:5e:
72:01:99:a1:32:78:ab:bd:a8:49:77:17:45:1f:2b:13:89:2b:
c5:cf:df:9d:64:d2:61:a6:c4:ee:d6:e2:dd:f3:b8:0c:d5:83:
94:d7:80:c5:ad:fc:1a:26:ab:50:2b:f7:5d:5b:35:8f:02:e7:
74:70:4c:2e:32:c3:03:e1:71:eb:ef:68:d1:d9:97:9e:58:6b:
12:0b:ec:a0:8f:bb:a3:6a:22:31:37:ea:f3:ef:c8:5f:f6:a8:
41:64:88:db:69:d9:fd:3b:8f:1c:ed:0b:45:dc:3c:ff:ac:58:
37:6c:7c:f2:c4:bb:6c:fc:41:cf:5f:6b:b6:28:63:2b:42:d2:
67:eb:36:eb:47:18:88:b8:4f:30:08:a0:32:5e:21:43:74:81:
7f:80:e8:98:e9:d8:89:42:2d:97:44:ae:78:be:c0:3d:85:a2:
54:cf:af:a4:f4:4e:32:f3:97:c0:dd:97:74:cb:2f:dc:bc:3d:
46:76:63:75:0a:e2:8a:ce:a1:3d:b9:31:21:2c:44:28:9f:c9:
b1:c0:60:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSaXUxCMqi41cD7T9/JdYPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwYWY4MDBjZTk1YmZiYjFmNDczYjBiNWY5ZjdiOTMxNzU5
MzBlODkwHhcNMjIxMTIxMTMyNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWM5YjNmOWQ2MDhiNzhkNmZmOGFkNGIzZGFiNzQ3YzYwNGU5Mzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUTlChcztsGzcWklz9Gp4GUlyNeq
EyKv9aIBESKzz86Z+scG++5QFUNat2LXx0KxYEgPxVe0UWCq/iCgY0cpM3EzGqGS
9zHDZkmHMm6YVxqvOjhOEb9CYXRRP2vh3q6C4rS6+RDe6fJ6INJIs9tIeTRw2mz1
2XwT+FIihpIFvYy/lp71P6aINT2YGZMm+d+EsR1xalR6gKHD0cCE47b8gyxzETOB
/Hk111mgq73JxOBNNIMwSq5+08DWKqTWXLKKzujRv0qXDycQQuGmuzpRA1QKwxiz
Y1/4xHoEZT332xb2+MYlyvDJozwUJvkcoltOeVTCOGCT27qBuAAIyFRxSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrJs/nWCLeNb/itSz2rdHxgTpOWMB8GA1UdIwQY
MBaAFBCvgAzpW/ux9HOwtfn3uTF1kw6JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUstQURPbGItN0gwYzdDMS1mZTVNWFdURG9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85YTc4ZTYtM2JmNy00MmI2LThjYmYt
MTE5OTQyZjNkN2E3LzEvdXNtei1kWUl0NDF2LUsxTFBhdDBmR0JPazVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85YTc4ZTYtM2JmNy00MmI2LThjYmYtMTE5OTQyZjNkN2E3
LzEvRUstQURPbGItN0gwYzdDMS1mZTVNWFdURG9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSCgMA0G
CSqGSIb3DQEBCwUAA4IBAQBw9JQzh+F6wHbq4nzUA9dXnmGbiSyuaZhVC+LUb2N3
RnMxgHd+5l+fftRpINrBrPZTEVqQIl5yAZmhMnirvahJdxdFHysTiSvFz9+dZNJh
psTu1uLd87gM1YOU14DFrfwaJqtQK/ddWzWPAud0cEwuMsMD4XHr72jR2ZeeWGsS
C+ygj7ujaiIxN+rz78hf9qhBZIjbadn9O48c7QtF3Dz/rFg3bHzyxLts/EHPX2u2
KGMrQtJn6zbrRxiIuE8wCKAyXiFDdIF/gOiY6diJQi2XRK54vsA9haJUz6+k9E4y
85fA3Zd0yy/cvD1GdmN1CuKKzqE9uTEhLEQon8mxwGCD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:39 2024 by rpki-client on console-ams.rpki-client.org