Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/0s-k89rqRhp2NGngGsn_SpTwIoo.roa
File: 0s-k89rqRhp2NGngGsn_SpTwIoo.roa (raw, json)
Hash identifier: dKqT4kzd1AgGxl149YfZvVkClq5hXwBXwKv+sXYBBfI=
Subject key identifier: D2:CF:A4:F3:DA:EA:46:1A:76:34:69:E0:1A:C9:FF:4A:94:F0:22:8A
Certificate issuer: /CN=ad3b529c9dc9526f099bf16ac89dcc8adfe18240
Certificate serial: 018516012DC53F63A78C80B199D7DF64664C
Authority key identifier: AD:3B:52:9C:9D:C9:52:6F:09:9B:F1:6A:C8:9D:CC:8A:DF:E1:82:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/0s-k89rqRhp2NGngGsn_SpTwIoo.roa
Signing time: Thu 15 Dec 2022 13:37:33 +0000
ROA not before: Thu 15 Dec 2022 13:37:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48501
IP address blocks: 185.161.141.0/24 maxlen: 24
185.161.140.0/22 maxlen: 22
185.161.140.0/24 maxlen: 24
185.161.142.0/24 maxlen: 24
2a07:c500::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:01:2d:c5:3f:63:a7:8c:80:b1:99:d7:df:64:66:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad3b529c9dc9526f099bf16ac89dcc8adfe18240
Validity
Not Before: Dec 15 13:37:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2cfa4f3daea461a763469e01ac9ff4a94f0228a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6d:b6:45:8c:d9:08:5f:fd:7c:c5:af:64:c1:
7a:f8:ac:2f:4e:69:f8:a0:6b:6c:14:40:99:9b:7b:
19:a7:cc:66:e6:a1:88:86:6c:4e:a8:5e:97:8d:c8:
75:87:96:d3:51:9b:f1:12:f6:d8:58:d8:10:1d:70:
a7:76:67:17:6f:b8:6b:f1:ee:d2:2b:78:6e:2a:b5:
10:88:57:e5:cf:8e:35:86:aa:61:9a:b9:9b:6c:a4:
2b:14:30:d4:aa:a7:56:26:e0:5b:0c:ba:3c:a0:19:
70:b0:c2:29:2f:0c:0c:51:06:74:eb:60:d0:b2:07:
6e:76:98:54:b4:ef:e9:d6:c4:3e:83:21:e7:4b:01:
ec:93:c0:70:a8:e9:d5:c9:52:1d:3b:1b:fd:bd:5d:
42:10:56:b7:4d:a1:d4:3b:d2:44:0c:fd:72:dc:8d:
0c:bb:8d:f5:8a:5e:74:a5:ce:00:c3:d7:00:a7:91:
c9:d2:13:b3:4b:c8:e2:57:d7:08:c6:8e:f3:2c:34:
67:1c:8f:97:a6:df:78:52:fa:5c:95:79:8f:e1:4c:
56:c7:69:90:8d:98:9c:10:f5:e5:44:c4:82:cb:ca:
1b:c1:5d:a1:ac:8e:fa:91:fd:aa:59:21:69:3b:fe:
97:0e:41:b2:f4:7e:11:50:a5:04:81:13:41:87:72:
5f:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:CF:A4:F3:DA:EA:46:1A:76:34:69:E0:1A:C9:FF:4A:94:F0:22:8A
X509v3 Authority Key Identifier:
keyid:AD:3B:52:9C:9D:C9:52:6F:09:9B:F1:6A:C8:9D:CC:8A:DF:E1:82:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/0s-k89rqRhp2NGngGsn_SpTwIoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/a63fd8-9b36-496d-b6e2-b20ebe595475/1/rTtSnJ3JUm8Jm_FqyJ3Mit_hgkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.140.0/22
IPv6:
2a07:c500::/29
Signature Algorithm: sha256WithRSAEncryption
01:24:50:7f:b0:2a:1c:ef:d2:55:15:24:ff:d1:40:1f:3f:e1:
1b:af:cc:3a:c6:ae:43:86:ee:ed:a8:85:a4:01:36:09:c6:8c:
e8:ab:2c:53:2d:07:c2:bb:17:9b:3e:b7:30:c8:e0:a8:f2:43:
4b:91:23:f6:c5:ca:26:2e:27:3e:29:c1:f6:84:10:2d:d0:9a:
4a:91:0b:5e:1d:c6:3c:75:f7:83:56:3b:ac:a6:ec:33:92:25:
16:b2:4b:b9:5b:6d:a5:ac:c6:97:2f:d4:97:7c:04:92:82:d1:
33:5f:71:53:6f:d8:b4:74:37:ae:bf:aa:42:58:96:00:fc:a5:
8a:51:4e:ae:85:76:5c:48:40:3f:2f:29:3c:08:f9:71:ff:48:
34:a3:5a:c6:b1:aa:cc:a8:0c:73:eb:7f:9b:fa:dc:b4:56:ca:
f4:ff:18:db:5b:45:d6:86:47:df:3a:05:de:3f:50:3f:e8:55:
7b:13:85:5c:7c:31:c7:ef:e7:b4:7d:37:f9:9a:5e:a6:08:c8:
6a:86:0e:ee:5f:ff:b8:bd:07:94:22:a9:6f:af:b2:0d:99:16:
9f:17:25:de:06:7e:ad:db:a7:24:51:6c:f7:07:f7:4c:e2:63:
08:33:32:8f:a8:97:0b:62:21:97:41:53:b8:4d:ea:67:95:70:
fb:cd:d8:d5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUWAS3FP2OnjICxmdffZGZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkM2I1MjljOWRjOTUyNmYwOTliZjE2YWM4OWRjYzhhZGZl
MTgyNDAwHhcNMjIxMjE1MTMzNzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmNmYTRmM2RhZWE0NjFhNzYzNDY5ZTAxYWM5ZmY0YTk0ZjAyMjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo222RYzZCF/9fMWvZMF6+KwvTmn4
oGtsFECZm3sZp8xm5qGIhmxOqF6Xjch1h5bTUZvxEvbYWNgQHXCndmcXb7hr8e7S
K3huKrUQiFflz441hqphmrmbbKQrFDDUqqdWJuBbDLo8oBlwsMIpLwwMUQZ062DQ
sgdudphUtO/p1sQ+gyHnSwHsk8BwqOnVyVIdOxv9vV1CEFa3TaHUO9JEDP1y3I0M
u431il50pc4Aw9cAp5HJ0hOzS8jiV9cIxo7zLDRnHI+Xpt94UvpclXmP4UxWx2mQ
jZicEPXlRMSCy8obwV2hrI76kf2qWSFpO/6XDkGy9H4RUKUEgRNBh3JftwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNLPpPPa6kYadjRp4BrJ/0qU8CKKMB8GA1UdIwQY
MBaAFK07UpydyVJvCZvxasidzIrf4YJAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclR0U25KM0pVbThKbV9GcXlKM01pdF9oZ2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hNjNmZDgtOWIzNi00OTZkLWI2ZTIt
YjIwZWJlNTk1NDc1LzEvMHMtazg5cnFSaHAyTkduZ0dzbl9TcFR3SW9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hNjNmZDgtOWIzNi00OTZkLWI2ZTItYjIwZWJlNTk1NDc1
LzEvclR0U25KM0pVbThKbV9GcXlKM01pdF9oZ2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaGMMA0E
AgACMAcDBQMqB8UAMA0GCSqGSIb3DQEBCwUAA4IBAQABJFB/sCoc79JVFST/0UAf
P+Ebr8w6xq5Dhu7tqIWkATYJxozoqyxTLQfCuxebPrcwyOCo8kNLkSP2xcomLic+
KcH2hBAt0JpKkQteHcY8dfeDVjuspuwzkiUWsku5W22lrMaXL9SXfASSgtEzX3FT
b9i0dDeuv6pCWJYA/KWKUU6uhXZcSEA/Lyk8CPlx/0g0o1rGsarMqAxz63+b+ty0
Vsr0/xjbW0XWhkffOgXeP1A/6FV7E4VcfDHH7+e0fTf5ml6mCMhqhg7uX/+4vQeU
Iqlvr7INmRafFyXeBn6t26ckUWz3B/dM4mMIMzKPqJcLYiGXQVO4TepnlXD7zdjV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:47 2023 by rpki-client on console-ams.rpki-client.org