Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/weQOVGKWicIZOf0G6_tbWYaPt74.roa
File: weQOVGKWicIZOf0G6_tbWYaPt74.roa (raw, json)
Hash identifier: 5gIpjT8RnYan2IaMhpsq4Y5wgSTHShK40CcJUeFf+ks=
Subject key identifier: C1:E4:0E:54:62:96:89:C2:19:39:FD:06:EB:FB:5B:59:86:8F:B7:BE
Certificate issuer: /CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Certificate serial: 01853E0CF63B48F4385F79C0EEC281404EEC
Authority key identifier: BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/weQOVGKWicIZOf0G6_tbWYaPt74.roa
Signing time: Fri 23 Dec 2022 08:15:14 +0000
ROA not before: Fri 23 Dec 2022 08:15:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134512
IP address blocks: 185.63.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:0c:f6:3b:48:f4:38:5f:79:c0:ee:c2:81:40:4e:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Validity
Not Before: Dec 23 08:15:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1e40e54629689c21939fd06ebfb5b59868fb7be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2b:cc:fa:5d:ac:f3:63:ac:6e:16:b6:68:1c:
cf:a8:77:8c:10:62:1e:d3:39:c4:e0:37:a5:55:13:
34:d0:4a:1b:3c:f2:d1:f2:fa:fd:8e:2c:dc:e7:1d:
19:2b:fb:a4:56:29:a5:dc:b2:bd:b6:c4:c2:06:ef:
6c:54:ae:d3:59:8a:10:35:e7:99:ef:60:94:b4:d1:
d9:87:5c:19:91:13:36:3e:df:9f:2a:fd:42:a9:5e:
ef:2d:b3:7e:5e:4f:60:c5:61:77:f5:b7:f1:b9:d2:
51:8f:09:92:6c:4d:c3:b8:09:72:d9:50:f2:29:26:
ac:bd:57:4b:b6:9c:b6:e2:9d:aa:ef:02:a9:3e:98:
8c:29:da:23:dd:bb:ca:3a:4d:1b:46:9f:6d:2b:d3:
57:70:d7:54:b2:04:72:c1:47:4c:c2:ec:94:5d:01:
0a:04:c4:2a:ec:09:df:aa:55:61:c1:ca:50:2f:4f:
2b:fe:fb:de:f0:e7:f5:3a:cc:67:11:bc:20:d1:11:
c0:fd:f9:45:65:b9:32:0f:b4:70:42:cd:3d:86:fa:
59:39:05:8d:e1:4f:5a:ac:ae:51:7a:ed:ae:39:cf:
ed:0f:36:ad:f7:41:bc:65:b5:1d:04:26:e7:7d:51:
69:c1:67:72:67:b9:40:fb:33:3e:d8:98:92:ee:97:
14:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E4:0E:54:62:96:89:C2:19:39:FD:06:EB:FB:5B:59:86:8F:B7:BE
X509v3 Authority Key Identifier:
keyid:BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/weQOVGKWicIZOf0G6_tbWYaPt74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/v6Xw52VHV1lXvJLG3d0ITT6n-GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.252.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:1b:c9:63:fc:e9:fb:c3:a0:12:3a:3c:0d:c9:13:ea:7a:8d:
bf:8c:f1:9d:1e:41:10:9d:63:ef:f1:88:0d:00:22:f4:fc:10:
3e:dc:d0:ca:e3:87:43:49:84:36:aa:2d:28:86:7a:b6:e0:c5:
54:81:1f:ae:a0:21:29:fb:45:2b:63:df:8b:35:47:c3:86:e8:
6a:95:a4:d6:b8:64:03:7b:5a:65:03:98:99:c2:4a:1d:05:65:
1c:1e:6b:b5:9b:0e:dc:f0:2b:c6:b8:84:93:79:b4:9c:ba:69:
5d:99:ef:7e:d6:96:d5:e2:eb:65:78:6a:55:ee:56:82:a8:94:
b7:c9:59:83:1f:f6:7d:05:70:9d:33:fc:25:10:ea:a4:f0:13:
94:04:7a:7d:f3:cb:06:fe:2a:bd:f5:87:28:9b:5d:83:2f:0e:
67:66:36:23:64:86:95:6e:53:84:24:b4:c5:c0:2b:33:c4:7f:
1e:d2:a7:74:92:6e:e8:9e:e6:13:fb:2b:a7:a5:8b:99:80:2f:
4e:57:7a:c8:cb:b9:ff:d2:f8:05:fd:15:57:11:7b:e0:37:29:
1a:d9:e9:5f:60:f7:70:06:ea:e5:48:d5:7e:d0:8d:8b:66:b4:
a6:6c:ad:75:5b:c0:2b:4d:9b:fb:4a:86:57:61:6a:4c:63:fb:
c7:ba:6e:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU+DPY7SPQ4X3nA7sKBQE7sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYTVmMGU3NjU0NzU3NTk1N2JjOTJjNmRkZGQwODRkM2Vh
N2Y4NjMwHhcNMjIxMjIzMDgxNTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWU0MGU1NDYyOTY4OWMyMTkzOWZkMDZlYmZiNWI1OTg2OGZiN2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkivM+l2s82Osbha2aBzPqHeMEGIe
0znE4DelVRM00EobPPLR8vr9jizc5x0ZK/ukViml3LK9tsTCBu9sVK7TWYoQNeeZ
72CUtNHZh1wZkRM2Pt+fKv1CqV7vLbN+Xk9gxWF39bfxudJRjwmSbE3DuAly2VDy
KSasvVdLtpy24p2q7wKpPpiMKdoj3bvKOk0bRp9tK9NXcNdUsgRywUdMwuyUXQEK
BMQq7AnfqlVhwcpQL08r/vve8Of1OsxnEbwg0RHA/flFZbkyD7RwQs09hvpZOQWN
4U9arK5Reu2uOc/tDzat90G8ZbUdBCbnfVFpwWdyZ7lA+zM+2JiS7pcUOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMHkDlRilonCGTn9Buv7W1mGj7e+MB8GA1UdIwQY
MBaAFL+l8OdlR1dZV7ySxt3dCE0+p/hjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYt
MDFkMTlhNzRiZTIzLzEvd2VRT1ZHS1dpY0laT2YwRzZfdGJXWWFQdDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYtMDFkMTlhNzRiZTIz
LzEvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuT/8MA0G
CSqGSIb3DQEBCwUAA4IBAQAsG8lj/On7w6ASOjwNyRPqeo2/jPGdHkEQnWPv8YgN
ACL0/BA+3NDK44dDSYQ2qi0ohnq24MVUgR+uoCEp+0UrY9+LNUfDhuhqlaTWuGQD
e1plA5iZwkodBWUcHmu1mw7c8CvGuISTebScumldme9+1pbV4utleGpV7laCqJS3
yVmDH/Z9BXCdM/wlEOqk8BOUBHp988sG/iq99Ycom12DLw5nZjYjZIaVblOEJLTF
wCszxH8e0qd0km7onuYT+yunpYuZgC9OV3rIy7n/0vgF/RVXEXvgNyka2elfYPdw
BurlSNV+0I2LZrSmbK11W8ArTZv7SoZXYWpMY/vHum7y
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:55 2024 by rpki-client on console-ams.rpki-client.org