Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/c1fHm-4zMa_ITOmsMSvJopm1yeY.roa
File: c1fHm-4zMa_ITOmsMSvJopm1yeY.roa (raw, json)
Hash identifier: Di0JsARp59q7s0QX7ACwX/4pp4VIY6Jsj5QuAiC6jdU=
Subject key identifier: 73:57:C7:9B:EE:33:31:AF:C8:4C:E9:AC:31:2B:C9:A2:99:B5:C9:E6
Certificate issuer: /CN=1a2474ce5b5e220b9f431afc86af4ec140f5f16c
Certificate serial: 0183F9B40A7DB6595F0FFD6836B4EEB0E962
Authority key identifier: 1A:24:74:CE:5B:5E:22:0B:9F:43:1A:FC:86:AF:4E:C1:40:F5:F1:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GiR0zlteIgufQxr8hq9OwUD18Ww.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/c1fHm-4zMa_ITOmsMSvJopm1yeY.roa
Signing time: Fri 21 Oct 2022 08:41:09 +0000
ROA not before: Fri 21 Oct 2022 08:41:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198930
IP address blocks: 85.202.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:b4:0a:7d:b6:59:5f:0f:fd:68:36:b4:ee:b0:e9:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2474ce5b5e220b9f431afc86af4ec140f5f16c
Validity
Not Before: Oct 21 08:41:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7357c79bee3331afc84ce9ac312bc9a299b5c9e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:eb:d6:c9:1a:c8:96:cf:d1:11:f2:f5:14:91:
46:d6:ae:65:ae:96:79:c8:0a:af:a7:ea:72:45:22:
cc:03:f3:70:a5:58:1d:79:bd:1f:66:05:37:57:1c:
dd:e1:3f:46:0f:11:3f:f4:4b:32:90:a1:58:37:1a:
dd:10:ad:d8:ba:a3:85:54:c9:b5:72:bc:73:e4:0e:
bb:a0:6b:a1:ec:e1:0f:72:5e:91:9d:30:6c:fe:36:
b7:e2:05:ec:84:34:db:fd:83:7c:ab:e3:59:41:ba:
fc:ad:14:52:9b:77:da:fb:3d:20:f9:d9:a8:21:fd:
8f:bb:a2:e9:3a:b9:6d:73:8b:11:87:f1:f4:dd:02:
96:ea:63:5d:7d:79:90:e3:d3:46:95:ac:a3:0d:81:
f8:65:1f:34:47:c2:29:5a:80:ba:76:b4:d5:f3:29:
83:21:13:8e:13:3e:f0:08:74:6e:f7:f7:a6:be:3c:
56:3b:73:72:bf:0e:31:94:8d:aa:f9:47:55:9c:05:
d7:84:43:d0:79:33:4c:97:2b:55:82:22:f9:89:65:
b4:fb:5d:f5:95:86:4c:a1:73:aa:a0:0a:15:c2:8f:
30:d0:4d:99:79:a0:79:a3:7b:07:df:12:16:b5:3a:
60:d7:b4:d1:32:c0:4b:26:0c:7d:e0:9d:6f:07:bf:
ef:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:57:C7:9B:EE:33:31:AF:C8:4C:E9:AC:31:2B:C9:A2:99:B5:C9:E6
X509v3 Authority Key Identifier:
keyid:1A:24:74:CE:5B:5E:22:0B:9F:43:1A:FC:86:AF:4E:C1:40:F5:F1:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GiR0zlteIgufQxr8hq9OwUD18Ww.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/c1fHm-4zMa_ITOmsMSvJopm1yeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c04359-4ae4-4e47-91cb-d7d02e97e25d/1/GiR0zlteIgufQxr8hq9OwUD18Ww.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.88.0/22
Signature Algorithm: sha256WithRSAEncryption
39:55:66:70:ef:bb:f8:94:51:cf:01:f7:63:b1:d5:b1:f3:9e:
b2:a0:2e:43:89:dd:89:ac:2c:0d:05:1a:8f:fa:c9:b1:76:6c:
fb:69:ca:0d:f0:e0:5a:0c:a1:1b:27:d5:db:6b:8e:cb:ed:09:
ae:bd:c1:60:6d:25:4e:7b:e4:d8:e4:78:78:25:a8:46:fe:f3:
6f:4d:fd:3f:9d:1c:d5:c6:a1:26:18:e6:b0:28:8d:47:a4:c7:
c6:42:a5:a1:01:bd:b4:75:a4:8b:01:86:25:dd:6c:4d:9a:4a:
94:26:c5:74:2e:cc:0d:b5:2e:03:45:a2:0b:c0:dc:5e:76:e3:
3e:12:d5:da:a5:77:ca:c1:04:c5:6c:e1:1e:da:92:66:d5:e3:
16:0d:ac:24:ef:94:c9:77:5e:40:16:a2:2c:fa:9e:fe:e0:b4:
57:4f:20:c4:b8:5a:d4:f4:94:6c:0f:91:23:88:9a:b5:fc:30:
61:31:78:49:d9:73:46:8e:43:9e:50:03:05:53:d6:a5:aa:b7:
e7:2b:56:8a:30:e1:96:6e:01:0d:e3:f0:9b:d8:da:38:2a:e5:
4a:8b:5f:2e:41:42:f5:c5:3e:5d:b1:78:59:f4:0b:f8:07:2f:
bf:d1:85:61:ad:5a:11:5d:e4:91:dd:5f:77:bb:7c:76:c0:82:
cc:4c:05:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP5tAp9tllfD/1oNrTusOliMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMjQ3NGNlNWI1ZTIyMGI5ZjQzMWFmYzg2YWY0ZWMxNDBm
NWYxNmMwHhcNMjIxMDIxMDg0MTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzU3Yzc5YmVlMzMzMWFmYzg0Y2U5YWMzMTJiYzlhMjk5YjVjOWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAievWyRrIls/REfL1FJFG1q5lrpZ5
yAqvp+pyRSLMA/NwpVgdeb0fZgU3Vxzd4T9GDxE/9EsykKFYNxrdEK3YuqOFVMm1
crxz5A67oGuh7OEPcl6RnTBs/ja34gXshDTb/YN8q+NZQbr8rRRSm3fa+z0g+dmo
If2Pu6LpOrltc4sRh/H03QKW6mNdfXmQ49NGlayjDYH4ZR80R8IpWoC6drTV8ymD
IROOEz7wCHRu9/emvjxWO3Nyvw4xlI2q+UdVnAXXhEPQeTNMlytVgiL5iWW0+131
lYZMoXOqoAoVwo8w0E2ZeaB5o3sH3xIWtTpg17TRMsBLJgx94J1vB7/vpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHNXx5vuMzGvyEzprDEryaKZtcnmMB8GA1UdIwQY
MBaAFBokdM5bXiILn0Ma/IavTsFA9fFsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lSMHpsdGVJZ3VmUXhyOGhxOU93VUQxOFd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMDQzNTktNGFlNC00ZTQ3LTkxY2It
ZDdkMDJlOTdlMjVkLzEvYzFmSG0tNHpNYV9JVE9tc01TdkpvcG0xeWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMDQzNTktNGFlNC00ZTQ3LTkxY2ItZDdkMDJlOTdlMjVk
LzEvR2lSMHpsdGVJZ3VmUXhyOGhxOU93VUQxOFd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVcpYMA0G
CSqGSIb3DQEBCwUAA4IBAQA5VWZw77v4lFHPAfdjsdWx856yoC5Did2JrCwNBRqP
+smxdmz7acoN8OBaDKEbJ9Xba47L7QmuvcFgbSVOe+TY5Hh4JahG/vNvTf0/nRzV
xqEmGOawKI1HpMfGQqWhAb20daSLAYYl3WxNmkqUJsV0LswNtS4DRaILwNxeduM+
EtXapXfKwQTFbOEe2pJm1eMWDawk75TJd15AFqIs+p7+4LRXTyDEuFrU9JRsD5Ej
iJq1/DBhMXhJ2XNGjkOeUAMFU9alqrfnK1aKMOGWbgEN4/Cb2No4KuVKi18uQUL1
xT5dsXhZ9Av4By+/0YVhrVoRXeSR3V93u3x2wILMTAUp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:58 2024 by rpki-client on console-fra.rpki-client.org