Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AEDDghF0vdjyR8zYtEC8eJN8tQk.roa
File: AEDDghF0vdjyR8zYtEC8eJN8tQk.roa (raw, json)
Hash identifier: PFBK+YZlvGSrSoeBW/DgtAICnfsCmjlP80U6f3L/VT0=
Subject key identifier: 00:40:C3:82:11:74:BD:D8:F2:47:CC:D8:B4:40:BC:78:93:7C:B5:09
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01845138890BCD41687BEDC8BD62C50F9EAB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AEDDghF0vdjyR8zYtEC8eJN8tQk.roa
Signing time: Mon 07 Nov 2022 08:32:50 +0000
ROA not before: Mon 07 Nov 2022 08:32:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 81.161.238.0/23 maxlen: 24
193.168.196.0/22 maxlen: 24
88.218.76.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:51:38:89:0b:cd:41:68:7b:ed:c8:bd:62:c5:0f:9e:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 7 08:32:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0040c3821174bdd8f247ccd8b440bc78937cb509
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:57:69:33:25:ae:ac:df:60:81:39:2c:1f:68:
bd:36:04:59:b6:d3:74:95:de:73:02:02:61:f5:9d:
ec:65:18:ca:4b:48:ed:26:9f:6e:27:3e:cd:2b:40:
e9:04:48:c4:86:a0:d2:94:6a:bd:26:92:fc:a7:17:
fa:e4:af:45:d8:ed:bf:a6:5f:b9:ce:f9:7a:ec:20:
bd:83:7d:2a:f2:6b:bb:02:74:f0:7d:7a:21:16:89:
bb:bf:b3:8a:6b:b4:92:52:74:31:99:72:31:c7:4c:
b6:22:05:25:ec:60:23:ea:a4:6e:39:e3:b6:dd:20:
13:8e:ac:6a:a5:c6:de:ac:c9:50:2d:8a:4d:ff:66:
5e:98:9a:fd:2c:d2:04:e8:14:09:2b:16:11:3d:48:
28:b1:eb:f0:d3:f8:06:45:19:3e:e9:46:e3:bb:60:
10:75:9b:a4:56:3b:7f:65:d8:64:2d:fa:35:4e:9e:
e3:35:b3:ba:b0:85:3a:1f:63:72:c6:f8:09:02:e0:
04:c4:c7:ec:69:ae:a7:1d:02:c7:28:ae:93:4b:dc:
92:90:0a:4c:f3:ac:34:4c:69:7a:37:6a:8b:92:36:
24:4f:5d:75:30:14:a3:58:36:38:cd:50:98:2d:99:
88:0a:84:82:60:a9:f7:1a:67:a3:36:2f:7f:1c:2b:
5c:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:40:C3:82:11:74:BD:D8:F2:47:CC:D8:B4:40:BC:78:93:7C:B5:09
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AEDDghF0vdjyR8zYtEC8eJN8tQk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/23
88.218.76.0/22
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:66:85:36:1d:f4:e6:62:da:68:a4:d9:8b:30:a6:02:62:a2:
dd:7a:a2:03:8d:f4:f1:cc:18:6d:16:77:1d:04:26:6b:2e:56:
e0:fe:87:fe:2b:7a:eb:fc:3b:a6:d3:90:c1:40:2b:86:60:bf:
a2:2a:ee:ce:52:ba:7c:b9:f0:29:b5:04:cc:88:90:e8:26:69:
4e:a2:ca:e9:62:ae:f9:3c:5f:60:af:ee:97:03:be:60:9b:1f:
68:cc:b5:8d:4a:58:70:41:af:57:c7:c9:04:0e:8b:15:c8:60:
37:cc:70:62:fb:11:f5:c8:3f:53:67:3e:26:d5:29:e1:e6:97:
27:22:87:0a:1c:ac:c6:ba:e0:0f:ca:33:e7:b2:e5:51:5f:f7:
af:eb:9b:de:0c:47:5e:72:6e:d1:6b:1d:13:3b:a7:10:c6:ef:
cf:50:f0:11:38:da:ad:02:f0:4e:70:6d:09:5a:c4:27:3c:71:
9b:dd:9c:2e:37:2e:8a:79:04:80:ef:eb:ef:c0:29:0f:b6:d6:
f8:3e:a2:45:d5:ac:63:51:04:d4:d1:ff:11:9b:e8:b0:33:da:
da:a2:02:14:34:1d:63:ba:0d:e6:be:61:05:73:0d:15:45:e3:
b2:60:29:cb:87:42:34:4d:84:54:0f:50:50:7d:cb:1b:40:af:
fc:cf:63:9e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRROIkLzUFoe+3IvWLFD56rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTA3MDgzMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDQwYzM4MjExNzRiZGQ4ZjI0N2NjZDhiNDQwYmM3ODkzN2NiNTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlldpMyWurN9ggTksH2i9NgRZttN0
ld5zAgJh9Z3sZRjKS0jtJp9uJz7NK0DpBEjEhqDSlGq9JpL8pxf65K9F2O2/pl+5
zvl67CC9g30q8mu7AnTwfXohFom7v7OKa7SSUnQxmXIxx0y2IgUl7GAj6qRuOeO2
3SATjqxqpcberMlQLYpN/2ZemJr9LNIE6BQJKxYRPUgosevw0/gGRRk+6Ubju2AQ
dZukVjt/ZdhkLfo1Tp7jNbO6sIU6H2NyxvgJAuAExMfsaa6nHQLHKK6TS9ySkApM
86w0TGl6N2qLkjYkT111MBSjWDY4zVCYLZmICoSCYKn3GmejNi9/HCtc3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFABAw4IRdL3Y8kfM2LRAvHiTfLUJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQUVERGdoRjB2ZGp5Ujh6WXRFQzhlSk44dFFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUaHuAwQC
WNpMAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQC1ZoU2HfTmYtpopNmLMKYCYqLd
eqIDjfTxzBhtFncdBCZrLlbg/of+K3rr/Dum05DBQCuGYL+iKu7OUrp8ufAptQTM
iJDoJmlOosrpYq75PF9gr+6XA75gmx9ozLWNSlhwQa9Xx8kEDosVyGA3zHBi+xH1
yD9TZz4m1Snh5pcnIocKHKzGuuAPyjPnsuVRX/ev65veDEdecm7Rax0TO6cQxu/P
UPARONqtAvBOcG0JWsQnPHGb3ZwuNy6KeQSA7+vvwCkPttb4PqJF1axjUQTU0f8R
m+iwM9raogIUNB1jug3mvmEFcw0VReOyYCnLh0I0TYRUD1BQfcsbQK/8z2Oe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org