Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cpSokFlgSFF-gsP7TCL-Hy5bOZY.roa
File: cpSokFlgSFF-gsP7TCL-Hy5bOZY.roa (raw, json)
Hash identifier: TZLvqpMToP65/jVmaejMU989M0VtRTARhivLBR5DKxw=
Subject key identifier: 72:94:A8:90:59:60:48:51:7E:82:C3:FB:4C:22:FE:1F:2E:5B:39:96
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0181D805B268BCAB2176DDE169C955CB17C0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cpSokFlgSFF-gsP7TCL-Hy5bOZY.roa
Signing time: Thu 07 Jul 2022 09:37:40 +0000
ROA not before: Thu 07 Jul 2022 09:37:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208911
IP address blocks: 164.40.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d8:05:b2:68:bc:ab:21:76:dd:e1:69:c9:55:cb:17:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 7 09:37:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7294a890596048517e82c3fb4c22fe1f2e5b3996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:7e:81:10:f7:32:7b:d2:f5:0c:00:24:29:b9:
55:58:db:77:75:c8:e2:dc:62:a9:5c:53:95:f7:0c:
b0:a1:99:84:ef:fd:f9:05:0a:45:cc:a4:c9:8a:d6:
fd:84:fe:d8:9d:55:e3:6b:f0:46:8b:0c:fa:00:16:
c3:41:89:c0:3b:88:fb:f5:64:3d:05:4a:01:6a:74:
65:db:7d:47:e6:66:82:40:da:6a:9d:cc:b2:df:36:
94:35:2e:f7:5f:0a:db:d8:ea:28:00:2a:e3:49:fd:
6d:c6:d7:cc:d3:71:40:cd:82:bf:ee:31:a1:48:4b:
04:ba:04:39:22:13:e4:68:59:b4:39:50:d1:f1:9c:
4a:87:82:bf:d4:e3:29:29:f0:e6:47:ae:28:2e:8a:
6a:2a:b9:cd:f8:6b:00:ba:65:5b:be:42:39:13:ae:
02:56:dc:72:e3:f1:0f:6f:78:a2:f8:e8:a6:71:af:
c0:d2:fc:87:5c:71:79:3d:13:38:48:40:dd:21:5f:
7f:bb:a3:5f:2e:9b:a1:9f:c6:03:82:0c:6c:51:fb:
f6:54:5d:d1:de:79:9c:73:53:a8:25:bb:74:f9:0a:
6f:d8:92:6e:ee:18:02:73:60:01:6a:3c:05:e5:26:
d1:10:dd:06:b9:d1:64:90:5d:1c:e2:84:99:54:28:
6b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:94:A8:90:59:60:48:51:7E:82:C3:FB:4C:22:FE:1F:2E:5B:39:96
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/cpSokFlgSFF-gsP7TCL-Hy5bOZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:5d:3a:c3:73:4b:75:5c:89:32:55:f0:11:32:0a:e0:bf:ad:
d0:86:2d:d0:cb:39:43:73:b9:f7:2a:8c:14:bb:74:2e:67:51:
3d:a3:04:f4:e0:7f:95:33:48:d4:5f:6f:98:f0:63:4f:cf:84:
0d:81:90:f5:94:f7:ac:02:1e:d8:13:1b:c2:e4:d3:06:a8:9b:
2e:ca:cd:ee:47:54:93:3c:a2:b1:84:da:60:d0:07:79:9d:cb:
1b:57:60:6b:17:4f:be:6f:12:a2:40:ce:c2:f7:e1:6f:3b:fc:
10:64:2e:d6:9b:79:58:ad:b5:ee:3c:0a:99:85:07:3d:c4:57:
f8:07:21:2f:74:41:75:ae:ff:4c:63:81:96:04:59:05:df:7a:
c5:35:05:3d:a5:6f:e1:10:70:f2:cd:9b:a9:5d:2b:91:41:5b:
d7:01:53:cd:61:1c:56:5e:98:26:37:e1:ac:0a:3f:88:fe:74:
c8:32:71:fe:bb:4a:97:36:02:f0:23:34:00:d5:b0:6e:8c:25:
e7:fe:df:d0:69:c1:ef:0f:54:65:52:16:31:29:6f:c1:28:52:
15:6b:20:86:e1:00:75:d4:9b:1c:8b:5b:19:b1:08:19:67:f5:
f5:1c:d5:05:42:f3:2a:c1:e1:85:ee:d3:86:0a:98:59:d9:89:
44:5e:2c:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHYBbJovKshdt3haclVyxfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzA3MDkzNzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjk0YTg5MDU5NjA0ODUxN2U4MmMzZmI0YzIyZmUxZjJlNWIzOTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhH6BEPcye9L1DAAkKblVWNt3dcji
3GKpXFOV9wywoZmE7/35BQpFzKTJitb9hP7YnVXja/BGiwz6ABbDQYnAO4j79WQ9
BUoBanRl231H5maCQNpqncyy3zaUNS73Xwrb2OooACrjSf1txtfM03FAzYK/7jGh
SEsEugQ5IhPkaFm0OVDR8ZxKh4K/1OMpKfDmR64oLopqKrnN+GsAumVbvkI5E64C
Vtxy4/EPb3ii+Oimca/A0vyHXHF5PRM4SEDdIV9/u6NfLpuhn8YDggxsUfv2VF3R
3nmcc1OoJbt0+Qpv2JJu7hgCc2ABajwF5SbREN0GudFkkF0c4oSZVChrLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHKUqJBZYEhRfoLD+0wi/h8uWzmWMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvY3BTb2tGbGdTRkYtZ3NQN1RDTC1IeTViT1pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApCi5MA0G
CSqGSIb3DQEBCwUAA4IBAQAfXTrDc0t1XIkyVfARMgrgv63Qhi3QyzlDc7n3KowU
u3QuZ1E9owT04H+VM0jUX2+Y8GNPz4QNgZD1lPesAh7YExvC5NMGqJsuys3uR1ST
PKKxhNpg0Ad5ncsbV2BrF0++bxKiQM7C9+FvO/wQZC7Wm3lYrbXuPAqZhQc9xFf4
ByEvdEF1rv9MY4GWBFkF33rFNQU9pW/hEHDyzZupXSuRQVvXAVPNYRxWXpgmN+Gs
Cj+I/nTIMnH+u0qXNgLwIzQA1bBujCXn/t/QacHvD1RlUhYxKW/BKFIVayCG4QB1
1Jsci1sZsQgZZ/X1HNUFQvMqweGF7tOGCphZ2YlEXiwC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org