Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/43f607-a7f4-4985-b6eb-9f4fe4cd0246/1/cipnDaEyLefTLejYcSB0NZgOURU.roa
File: cipnDaEyLefTLejYcSB0NZgOURU.roa (raw, json)
Hash identifier: BJnWEaKDBX10nD2KjLqe97Dz5qSZaES77HHur48HLJc=
Subject key identifier: 72:2A:67:0D:A1:32:2D:E7:D3:2D:E8:D8:71:20:74:35:98:0E:51:15
Certificate issuer: /CN=c53435f4be2c543bf3483e377f80314d28230184
Certificate serial: 13FF8161
Authority key identifier: C5:34:35:F4:BE:2C:54:3B:F3:48:3E:37:7F:80:31:4D:28:23:01:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTQ19L4sVDvzSD43f4AxTSgjAYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/43f607-a7f4-4985-b6eb-9f4fe4cd0246/1/cipnDaEyLefTLejYcSB0NZgOURU.roa
Signing time: Sat 01 Jan 2022 12:02:36 +0000
ROA not before: Sat 01 Jan 2022 12:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8639
IP address blocks: 185.121.20.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 335511905 (0x13ff8161)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53435f4be2c543bf3483e377f80314d28230184
Validity
Not Before: Jan 1 12:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=722a670da1322de7d32de8d871207435980e5115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6b:e2:64:b0:6a:80:b2:68:01:d5:58:29:39:
05:d8:b9:aa:21:88:44:35:e2:67:ea:f0:76:6b:09:
7d:33:75:75:73:ad:db:1c:cc:a3:5a:01:63:35:2a:
6c:9c:86:c6:1d:c0:b0:42:8d:0b:5a:28:15:4b:08:
36:32:de:5e:0d:68:fe:a2:f2:66:0e:ea:c4:1a:fc:
32:90:3b:2d:17:6c:e6:a8:5f:ed:92:32:58:ca:54:
7a:2f:25:59:b6:2a:0d:5d:69:ee:3f:76:09:7b:97:
bb:0d:50:27:3f:0a:a4:6b:14:be:08:99:6f:53:4c:
63:f1:50:fc:49:aa:53:1b:65:8b:d5:23:c2:da:61:
0d:32:6d:08:c3:27:bb:ad:61:83:45:e8:32:75:de:
15:e0:7b:93:56:58:d9:fe:18:cf:45:88:4c:55:9a:
fe:25:ae:86:e0:2f:cb:9b:5c:a6:e6:24:ca:0f:89:
f4:da:85:40:7b:75:e9:99:14:23:d2:2f:b7:51:ea:
4b:cc:c2:e1:a7:35:c9:ab:38:12:69:46:5b:f3:a0:
14:dc:45:b8:9d:02:e9:ad:33:56:1d:d0:18:52:13:
56:c5:e1:61:d9:46:0d:2a:93:bc:e9:06:4b:8a:c8:
8e:69:c2:8c:f8:c2:1a:12:2a:e8:de:48:61:8c:9e:
18:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:2A:67:0D:A1:32:2D:E7:D3:2D:E8:D8:71:20:74:35:98:0E:51:15
X509v3 Authority Key Identifier:
keyid:C5:34:35:F4:BE:2C:54:3B:F3:48:3E:37:7F:80:31:4D:28:23:01:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTQ19L4sVDvzSD43f4AxTSgjAYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/43f607-a7f4-4985-b6eb-9f4fe4cd0246/1/cipnDaEyLefTLejYcSB0NZgOURU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/43f607-a7f4-4985-b6eb-9f4fe4cd0246/1/xTQ19L4sVDvzSD43f4AxTSgjAYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.20.0/22
Signature Algorithm: sha256WithRSAEncryption
69:56:ff:79:6a:94:ed:b4:63:7f:a7:a4:9e:f1:f7:d9:76:8f:
b8:35:cd:1c:44:4d:5f:cf:5b:70:da:f8:66:28:90:aa:38:55:
af:f7:91:2f:57:bc:60:03:3d:3f:0d:6d:fb:ac:e7:fc:8c:4d:
d1:63:bb:96:b5:be:2e:7b:07:99:e0:2a:e8:1c:7d:77:3b:ff:
e6:68:5b:c4:1d:70:81:62:2a:df:b3:59:df:11:65:03:91:5b:
4b:c9:93:7b:b7:df:20:ab:1a:7c:8f:b9:47:ab:40:08:40:e7:
b0:08:c5:72:e0:c4:3c:db:24:ea:64:71:36:f2:8b:ba:75:2f:
30:bc:bd:c5:a9:a2:e4:1c:f1:29:72:45:35:e7:34:e7:c3:42:
96:b9:c8:e6:82:fd:91:b1:49:46:c2:e3:96:90:85:33:d6:f6:
39:c7:67:32:db:d1:39:8f:21:ed:e2:d1:5e:15:66:fd:37:c5:
6b:77:db:56:a4:08:23:cd:c4:96:ad:f4:0f:ad:4e:a3:87:7e:
be:39:9b:cd:5b:b1:d5:e2:50:32:ab:d3:ed:a3:29:e8:93:c6:
a9:c2:f3:58:b7:03:6c:73:8c:7f:83:83:a1:b2:fa:cc:ef:5b:
15:c7:c8:2f:a8:c7:a9:ba:4c:bd:45:9d:75:ca:0d:9b:66:18:
dc:60:d7:3f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE/+BYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NTM0MzVmNGJlMmM1NDNiZjM0ODNlMzc3ZjgwMzE0ZDI4MjMwMTg0MB4XDTIyMDEw
MTEyMDIzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzIyYTY3MGRhMTMy
MmRlN2QzMmRlOGQ4NzEyMDc0MzU5ODBlNTExNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdr4mSwaoCyaAHVWCk5Bdi5qiGIRDXiZ+rwdmsJfTN1dXOt
2xzMo1oBYzUqbJyGxh3AsEKNC1ooFUsINjLeXg1o/qLyZg7qxBr8MpA7LRds5qhf
7ZIyWMpUei8lWbYqDV1p7j92CXuXuw1QJz8KpGsUvgiZb1NMY/FQ/EmqUxtli9Uj
wtphDTJtCMMnu61hg0XoMnXeFeB7k1ZY2f4Yz0WITFWa/iWuhuAvy5tcpuYkyg+J
9NqFQHt16ZkUI9Ivt1HqS8zC4ac1yas4EmlGW/OgFNxFuJ0C6a0zVh3QGFITVsXh
YdlGDSqTvOkGS4rIjmnCjPjCGhIq6N5IYYyeGNECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRyKmcNoTIt59Mt6NhxIHQ1mA5RFTAfBgNVHSMEGDAWgBTFNDX0vixUO/NI
Pjd/gDFNKCMBhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hUUTE5TDRzVkR2elNENDNmNEF4VFNnakFZUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNDNmNjA3LWE3ZjQtNDk4NS1iNmViLTlmNGZlNGNkMDI0Ni8x
L2NpcG5EYUV5TGVmVExlalljU0IwTlpnT1VSVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NDNmNjA3LWE3ZjQtNDk4NS1iNmViLTlmNGZlNGNkMDI0Ni8xL3hUUTE5TDRzVkR2
elNENDNmNEF4VFNnakFZUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl5FDANBgkqhkiG9w0BAQsFAAOC
AQEAaVb/eWqU7bRjf6eknvH32XaPuDXNHERNX89bcNr4ZiiQqjhVr/eRL1e8YAM9
Pw1t+6zn/IxN0WO7lrW+LnsHmeAq6Bx9dzv/5mhbxB1wgWIq37NZ3xFlA5FbS8mT
e7ffIKsafI+5R6tACEDnsAjFcuDEPNsk6mRxNvKLunUvMLy9xami5BzxKXJFNec0
58NClrnI5oL9kbFJRsLjlpCFM9b2OcdnMtvROY8h7eLRXhVm/TfFa3fbVqQII83E
lq30D61Oo4d+vjmbzVux1eJQMqvT7aMp6JPGqcLzWLcDbHOMf4ODobL6zO9bFcfI
L6jHqbpMvUWddcoNm2YY3GDXPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:45 2024 by rpki-client on console-ams.rpki-client.org