Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/Z9rm8ipEsFPLW2WCTYM5hhiDiNw.roa
File: Z9rm8ipEsFPLW2WCTYM5hhiDiNw.roa (raw, json)
Hash identifier: /yp1dgDDowm95uBXr07YEFqink8b2dA2U7CzFUWVdmc=
Subject key identifier: 67:DA:E6:F2:2A:44:B0:53:CB:5B:65:82:4D:83:39:86:18:83:88:DC
Certificate issuer: /CN=b011022187e3395a1524fa1a7541ea793285afc2
Certificate serial: 0DA1C276
Authority key identifier: B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/Z9rm8ipEsFPLW2WCTYM5hhiDiNw.roa
Signing time: Wed 13 Apr 2022 07:14:52 +0000
ROA not before: Wed 13 Apr 2022 07:14:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58224
IP address blocks: 185.56.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228704886 (0xda1c276)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b011022187e3395a1524fa1a7541ea793285afc2
Validity
Not Before: Apr 13 07:14:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67dae6f22a44b053cb5b65824d833986188388dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bd:fc:fe:91:7c:d7:fd:b0:32:93:f9:f4:3a:
ab:77:b1:a7:7d:06:04:7a:b2:51:9b:51:91:5a:79:
3a:c0:90:ed:17:91:12:e6:c7:60:5c:aa:26:3c:06:
a8:3a:12:1f:58:a9:e5:9d:da:1f:17:9b:c6:14:06:
dc:78:e8:90:bc:18:13:4b:20:53:80:92:86:9a:24:
b0:8c:1e:e6:6f:ab:a8:70:16:85:ba:9e:f4:e0:5a:
bc:de:28:ff:c6:13:01:8a:bc:f6:69:f5:18:ad:9c:
e8:11:87:96:85:aa:4c:6c:90:93:0b:16:f0:c4:c4:
f3:fb:9e:0c:21:a3:52:28:f7:ac:e8:ac:a1:ca:e2:
19:b8:df:d9:b1:96:01:ba:57:cf:bc:52:c6:ce:ce:
a0:67:84:7c:58:4e:50:1b:69:40:32:10:42:12:e3:
d8:53:79:44:dc:e6:08:5c:c5:ee:60:0f:af:4a:36:
b7:82:4b:db:30:c0:db:35:89:5f:85:c8:7d:35:c1:
f6:05:5a:01:d0:58:fc:e7:6e:0e:50:18:4c:58:18:
9f:cb:a9:a1:aa:91:dd:48:a2:ee:8b:19:9b:98:3f:
3f:c7:f8:02:71:17:e9:ef:1b:52:1e:07:28:23:78:
8e:70:2e:8d:a7:9d:1b:6f:20:72:31:42:a1:e6:e5:
79:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DA:E6:F2:2A:44:B0:53:CB:5B:65:82:4D:83:39:86:18:83:88:DC
X509v3 Authority Key Identifier:
keyid:B0:11:02:21:87:E3:39:5A:15:24:FA:1A:75:41:EA:79:32:85:AF:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBECIYfjOVoVJPoadUHqeTKFr8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/Z9rm8ipEsFPLW2WCTYM5hhiDiNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/e8bbd2-1361-41a3-90f0-5334e6b8c5fe/1/sBECIYfjOVoVJPoadUHqeTKFr8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.96.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:f0:7a:4d:1d:bc:e9:48:bb:98:dc:8e:63:bd:d0:75:eb:0c:
69:4d:f8:8a:5a:3e:e7:57:e7:dc:08:da:3b:db:a6:76:02:a6:
2a:44:81:34:e9:34:77:e2:54:23:5e:8a:ca:1f:70:b2:cb:e6:
b0:c8:bb:42:93:f1:f2:fc:95:de:e6:ff:ab:6c:cf:a6:d2:aa:
dd:00:33:ad:3c:98:14:96:f9:27:11:56:80:01:b4:1f:cf:a7:
89:94:3d:06:db:7a:94:ca:b7:43:a2:a3:96:17:6a:a3:b7:5e:
30:e7:7d:8b:43:e7:47:36:24:04:8e:af:56:b6:3a:4a:d1:41:
55:82:a9:d4:25:c4:de:2a:3c:34:3c:ee:1e:de:5b:44:12:f9:
c2:98:f9:e8:40:37:cf:bd:d5:d9:65:9c:16:44:76:61:4d:f7:
bd:8e:eb:f0:3f:eb:62:9b:1a:07:9a:6c:bd:bc:13:08:c7:43:
62:3e:06:23:15:fc:96:65:22:0c:20:e1:40:67:7b:2d:74:39:
4e:8f:eb:d7:89:76:38:63:d1:3c:81:ec:e3:5b:ad:fd:7c:93:
61:41:aa:1f:de:7b:aa:d2:49:0d:51:af:e4:a4:49:23:23:9d:
51:0e:01:8b:bd:6b:72:ff:c5:47:47:a9:7b:41:20:f9:3e:a4:
da:ad:36:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDaHCdjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDExMDIyMTg3ZTMzOTVhMTUyNGZhMWE3NTQxZWE3OTMyODVhZmMyMB4XDTIyMDQx
MzA3MTQ1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdkYWU2ZjIyYTQ0
YjA1M2NiNWI2NTgyNGQ4MzM5ODYxODgzODhkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJS9/P6RfNf9sDKT+fQ6q3exp30GBHqyUZtRkVp5OsCQ7ReR
EubHYFyqJjwGqDoSH1ip5Z3aHxebxhQG3HjokLwYE0sgU4CShpoksIwe5m+rqHAW
hbqe9OBavN4o/8YTAYq89mn1GK2c6BGHloWqTGyQkwsW8MTE8/ueDCGjUij3rOis
ocriGbjf2bGWAbpXz7xSxs7OoGeEfFhOUBtpQDIQQhLj2FN5RNzmCFzF7mAPr0o2
t4JL2zDA2zWJX4XIfTXB9gVaAdBY/OduDlAYTFgYn8upoaqR3Uii7osZm5g/P8f4
AnEX6e8bUh4HKCN4jnAujaedG28gcjFCoeblebcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRn2ubyKkSwU8tbZYJNgzmGGIOI3DAfBgNVHSMEGDAWgBSwEQIhh+M5WhUk
+hp1Qep5MoWvwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NCRUNJWWZqT1ZvVkpQb2FkVUhxZVRLRnI4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvZThiYmQyLTEzNjEtNDFhMy05MGYwLTUzMzRlNmI4YzVmZS8x
L1o5cm04aXBFc0ZQTFcyV0NUWU01aGhpRGlOdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
ZThiYmQyLTEzNjEtNDFhMy05MGYwLTUzMzRlNmI4YzVmZS8xL3NCRUNJWWZqT1Zv
VkpQb2FkVUhxZVRLRnI4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArk4YDANBgkqhkiG9w0BAQsFAAOC
AQEAW/B6TR286Ui7mNyOY73QdesMaU34ilo+51fn3AjaO9umdgKmKkSBNOk0d+JU
I16Kyh9wssvmsMi7QpPx8vyV3ub/q2zPptKq3QAzrTyYFJb5JxFWgAG0H8+niZQ9
Btt6lMq3Q6Kjlhdqo7deMOd9i0PnRzYkBI6vVrY6StFBVYKp1CXE3io8NDzuHt5b
RBL5wpj56EA3z73V2WWcFkR2YU33vY7r8D/rYpsaB5psvbwTCMdDYj4GIxX8lmUi
DCDhQGd7LXQ5To/r14l2OGPRPIHs41ut/XyTYUGqH957qtJJDVGv5KRJIyOdUQ4B
i71rcv/FR0epe0Eg+T6k2q02RA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:55 2023 by rpki-client on console-fra.rpki-client.org