Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/kIop0tBQQaAxJlz1tfXWespIdtY.roa
File: kIop0tBQQaAxJlz1tfXWespIdtY.roa (raw, json)
Hash identifier: 39izjJN7TbEyHMNfULWArFtHFH5MJSBrea0qw2VHZyI=
Subject key identifier: 90:8A:29:D2:D0:50:41:A0:31:26:5C:F5:B5:F5:D6:7A:CA:48:76:D6
Certificate issuer: /CN=f57331288d908dd762e4b56f003b448f01881d24
Certificate serial: 01851A85811CA19654BCB838FEE30D037D97
Authority key identifier: F5:73:31:28:8D:90:8D:D7:62:E4:B5:6F:00:3B:44:8F:01:88:1D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/kIop0tBQQaAxJlz1tfXWespIdtY.roa
Signing time: Fri 16 Dec 2022 10:40:34 +0000
ROA not before: Fri 16 Dec 2022 10:40:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42244
IP address blocks: 185.191.196.0/22 maxlen: 22
2a0a:2540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:85:81:1c:a1:96:54:bc:b8:38:fe:e3:0d:03:7d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57331288d908dd762e4b56f003b448f01881d24
Validity
Not Before: Dec 16 10:40:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=908a29d2d05041a031265cf5b5f5d67aca4876d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d8:24:75:ae:60:ac:7d:08:e7:68:bb:24:5d:
12:28:23:69:9e:6a:d0:64:87:0a:6f:75:72:89:8f:
66:ff:70:21:8a:fe:b7:89:b0:2b:81:a9:14:17:7c:
ee:85:75:b6:11:c6:a3:bc:5a:59:a2:42:47:78:93:
60:60:70:79:f7:60:13:19:e9:87:12:35:67:20:ce:
53:48:33:2b:5d:e3:0a:aa:ea:67:5f:0d:2e:07:8f:
7c:28:27:8e:c1:eb:39:00:2c:5e:5c:bd:b3:92:d0:
e8:84:40:05:0d:80:2c:03:07:ee:41:7d:df:fe:81:
02:68:53:48:e6:3a:7a:db:de:83:ea:60:81:9c:71:
2f:82:84:e8:56:ef:f0:42:62:ea:f8:10:11:cb:e8:
84:47:c6:b5:7a:15:32:8a:c6:3d:ac:7e:b0:01:65:
e3:5d:3c:a3:aa:5a:9f:8e:12:1f:c5:bd:9d:1f:15:
b6:4c:ac:26:9a:64:45:72:b7:e9:e0:92:32:d4:93:
16:88:12:ca:85:d6:c9:c3:c4:4d:20:2f:63:1b:81:
6d:a4:40:11:f2:96:65:a9:9e:15:3f:94:5f:9e:cf:
14:08:78:1d:35:20:56:dc:7c:eb:fa:d9:8f:c1:8b:
91:ee:c3:43:6e:4b:54:c1:77:7d:5a:85:ce:28:5b:
79:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:8A:29:D2:D0:50:41:A0:31:26:5C:F5:B5:F5:D6:7A:CA:48:76:D6
X509v3 Authority Key Identifier:
keyid:F5:73:31:28:8D:90:8D:D7:62:E4:B5:6F:00:3B:44:8F:01:88:1D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/kIop0tBQQaAxJlz1tfXWespIdtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/9XMxKI2Qjddi5LVvADtEjwGIHSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.196.0/22
IPv6:
2a0a:2540::/29
Signature Algorithm: sha256WithRSAEncryption
a6:b6:3a:c7:44:60:a6:e3:2e:f8:5f:5b:77:da:41:5f:ca:19:
7a:ee:60:11:4c:4c:1b:cc:89:25:7b:36:8e:28:07:ab:40:68:
5c:b6:d5:40:22:1c:f2:52:ad:93:04:12:b4:bb:9c:8b:1e:b1:
e1:11:41:71:11:5b:21:fe:77:43:ee:17:67:13:79:30:6f:9f:
fe:3a:96:df:19:ea:44:7a:02:1f:a8:38:5a:f5:37:19:6b:1b:
82:a1:d4:b8:cd:75:05:85:e2:7c:45:94:37:d0:9a:cc:87:83:
4a:4a:d8:39:82:3a:ba:7b:ee:5f:eb:ec:76:ed:74:54:8b:d1:
67:3b:e9:34:ac:f0:91:99:fb:72:da:f4:8c:fb:80:5c:f0:79:
ea:55:08:44:91:28:6f:4a:db:95:c0:a0:d0:ad:74:4c:bf:43:
76:17:a6:5a:96:54:4e:68:02:13:01:e8:0d:47:4f:bb:20:f0:
8c:bd:99:9a:30:4e:06:3c:eb:4b:65:4a:b4:c0:cf:13:1d:fa:
76:c6:35:a8:6b:b7:87:3e:d9:75:01:21:80:07:e2:7a:89:28:
89:3f:7e:ed:9d:fa:7f:c5:e7:16:82:28:ba:e2:c8:76:be:0b:
d3:30:a6:2e:4a:97:6d:cb:7d:60:4b:47:4b:9e:b2:ab:3e:2e:
25:04:53:00
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUahYEcoZZUvLg4/uMNA32XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzMzMTI4OGQ5MDhkZDc2MmU0YjU2ZjAwM2I0NDhmMDE4
ODFkMjQwHhcNMjIxMjE2MTA0MDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDhhMjlkMmQwNTA0MWEwMzEyNjVjZjViNWY1ZDY3YWNhNDg3NmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdgkda5grH0I52i7JF0SKCNpnmrQ
ZIcKb3VyiY9m/3Ahiv63ibArgakUF3zuhXW2EcajvFpZokJHeJNgYHB592ATGemH
EjVnIM5TSDMrXeMKqupnXw0uB498KCeOwes5ACxeXL2zktDohEAFDYAsAwfuQX3f
/oECaFNI5jp6296D6mCBnHEvgoToVu/wQmLq+BARy+iER8a1ehUyisY9rH6wAWXj
XTyjqlqfjhIfxb2dHxW2TKwmmmRFcrfp4JIy1JMWiBLKhdbJw8RNIC9jG4FtpEAR
8pZlqZ4VP5Rfns8UCHgdNSBW3Hzr+tmPwYuR7sNDbktUwXd9WoXOKFt5CQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJCKKdLQUEGgMSZc9bX11nrKSHbWMB8GA1UdIwQY
MBaAFPVzMSiNkI3XYuS1bwA7RI8BiB0kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhNeEtJMlFqZGRpNUxWdkFEdEVqd0dJSFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81YWJiM2EtYjFiNi00ZDcwLWIwOTgt
OGFlYTFmNjhiNzliLzEva0lvcDB0QlFRYUF4Smx6MXRmWFdlc3BJZHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81YWJiM2EtYjFiNi00ZDcwLWIwOTgtOGFlYTFmNjhiNzli
LzEvOVhNeEtJMlFqZGRpNUxWdkFEdEVqd0dJSFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub/EMA0E
AgACMAcDBQMqCiVAMA0GCSqGSIb3DQEBCwUAA4IBAQCmtjrHRGCm4y74X1t32kFf
yhl67mARTEwbzIklezaOKAerQGhcttVAIhzyUq2TBBK0u5yLHrHhEUFxEVsh/ndD
7hdnE3kwb5/+OpbfGepEegIfqDha9TcZaxuCodS4zXUFheJ8RZQ30JrMh4NKStg5
gjq6e+5f6+x27XRUi9FnO+k0rPCRmfty2vSM+4Bc8HnqVQhEkShvStuVwKDQrXRM
v0N2F6ZallROaAITAegNR0+7IPCMvZmaME4GPOtLZUq0wM8THfp2xjWoa7eHPtl1
ASGAB+J6iSiJP37tnfp/xecWgii64sh2vgvTMKYuSpdty31gS0dLnrKrPi4lBFMA
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:20 2024 by rpki-client on console-ams.rpki-client.org