Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/t0I-USjDi-IHLowztEbgIczFmXo.roa
File: t0I-USjDi-IHLowztEbgIczFmXo.roa (raw, json)
Hash identifier: vJoVS/NCEr7J9KHFTwdeUEccAq5gld/lACskEBOdhhg=
Subject key identifier: B7:42:3E:51:28:C3:8B:E2:07:2E:8C:33:B4:46:E0:21:CC:C5:99:7A
Certificate issuer: /CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
Certificate serial: 07E24523
Authority key identifier: 21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/t0I-USjDi-IHLowztEbgIczFmXo.roa
Signing time: Sat 01 Jan 2022 04:53:22 +0000
ROA not before: Sat 01 Jan 2022 04:53:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35314
IP address blocks: 85.31.160.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 132269347 (0x7e24523)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
Validity
Not Before: Jan 1 04:53:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7423e5128c38be2072e8c33b446e021ccc5997a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:00:ea:98:e8:7b:f8:57:cb:5e:4f:94:f6:f3:
d4:39:71:1b:90:7b:4b:79:2a:79:af:26:30:ec:9c:
1c:95:44:13:68:15:8a:f9:8b:31:05:c0:c1:8b:41:
74:9c:b2:8c:55:44:31:e4:99:35:7c:88:ac:03:9e:
2a:19:4b:d5:84:af:6a:64:87:b5:dd:b8:44:01:b7:
e5:03:85:ef:56:52:9c:b0:d2:21:18:50:50:66:c5:
5c:d5:38:52:79:e5:98:14:02:25:ea:2c:88:50:79:
3e:00:ab:e5:ec:44:b2:ea:ad:fe:20:84:1d:75:2f:
b7:f2:33:30:bb:35:a6:6a:c6:37:2a:9d:57:7e:35:
9f:6d:87:fc:aa:89:a3:8a:6d:9c:f2:f6:57:e6:9c:
60:b3:ae:4f:85:74:f7:0f:da:aa:c1:ec:7a:0d:af:
40:19:21:90:4d:71:f0:de:1a:39:6e:14:55:69:0b:
66:64:dd:c3:22:9b:05:6e:19:4d:6c:71:0a:53:87:
a6:33:df:85:03:93:fc:79:2a:6a:9b:97:94:dd:ee:
69:ec:22:94:56:78:99:8a:ba:69:c9:31:b8:b1:67:
88:d8:ae:4b:9b:c3:1f:ad:ed:f8:7b:29:51:ae:ee:
2b:4b:8b:73:4b:ce:af:19:15:21:f9:df:b5:a2:86:
cd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:42:3E:51:28:C3:8B:E2:07:2E:8C:33:B4:46:E0:21:CC:C5:99:7A
X509v3 Authority Key Identifier:
keyid:21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/t0I-USjDi-IHLowztEbgIczFmXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/IcOUybOja2n57l-JNqL1G5XqzrQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.31.160.0/21
Signature Algorithm: sha256WithRSAEncryption
76:b7:fa:d9:d2:f3:97:45:b8:b6:89:35:11:65:80:dd:28:bb:
f1:aa:59:0a:4a:2d:91:ef:76:a2:49:e4:80:77:70:5c:d8:e4:
3f:93:e7:c9:84:98:fd:aa:e6:c4:71:f1:9b:22:ed:4b:92:35:
fd:53:96:d0:f0:9b:9a:09:8f:db:64:84:9e:93:35:e4:e9:be:
cc:33:c6:92:79:b5:14:81:1f:cc:78:fe:b4:6c:58:30:fe:8a:
7b:42:d3:89:76:d4:13:26:b6:4c:06:90:bb:95:6c:3d:14:6a:
0a:ec:46:f2:39:2f:0a:10:26:12:21:e4:35:74:63:12:01:d0:
7e:6a:b1:4c:ab:57:2a:7a:08:64:83:5d:81:c9:59:8f:57:26:
43:08:f6:71:4a:37:44:74:eb:cf:79:7c:c8:0e:45:fb:ef:36:
80:49:25:c3:6a:d9:94:a8:7c:1a:7f:55:2b:22:6c:8e:c5:9e:
33:f5:14:b6:2c:65:87:61:f7:bd:eb:d1:e1:32:01:2d:02:59:
33:9e:3d:13:c8:57:b3:92:6c:29:6f:75:b5:0f:03:c7:d0:71:
0c:37:3c:1e:49:32:89:77:ad:37:96:a7:0d:cb:95:87:bc:97:
28:1a:3d:b1:fa:6a:6f:e1:17:aa:f9:37:b4:30:fb:48:08:55:
54:73:3a:d9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB+JFIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MWMzOTRjOWIzYTM2YjY5ZjllZTVmODkzNmEyZjUxYjk1ZWFjZWI0MB4XDTIyMDEw
MTA0NTMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjc0MjNlNTEyOGMz
OGJlMjA3MmU4YzMzYjQ0NmUwMjFjY2M1OTk3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALkA6pjoe/hXy15PlPbz1DlxG5B7S3kqea8mMOycHJVEE2gV
ivmLMQXAwYtBdJyyjFVEMeSZNXyIrAOeKhlL1YSvamSHtd24RAG35QOF71ZSnLDS
IRhQUGbFXNU4UnnlmBQCJeosiFB5PgCr5exEsuqt/iCEHXUvt/IzMLs1pmrGNyqd
V341n22H/KqJo4ptnPL2V+acYLOuT4V09w/aqsHseg2vQBkhkE1x8N4aOW4UVWkL
ZmTdwyKbBW4ZTWxxClOHpjPfhQOT/HkqapuXlN3uaewilFZ4mYq6ackxuLFniNiu
S5vDH63t+HspUa7uK0uLc0vOrxkVIfnftaKGzU0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS3Qj5RKMOL4gcujDO0RuAhzMWZejAfBgNVHSMEGDAWgBQhw5TJs6Nrafnu
X4k2ovUblerOtDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ljT1V5Yk9qYTJuNTdsLUpOcUwxRzVYcXpyUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvNjFmYWNjLTY2OWYtNDQ1Ni05NjNmLTFlNDM2ZGNiODVjNS8x
L3QwSS1VU2pEaS1JSExvd3p0RWJnSWN6Rm1Yby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
NjFmYWNjLTY2OWYtNDQ1Ni05NjNmLTFlNDM2ZGNiODVjNS8xL0ljT1V5Yk9qYTJu
NTdsLUpOcUwxRzVYcXpyUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1UfoDANBgkqhkiG9w0BAQsFAAOC
AQEAdrf62dLzl0W4tok1EWWA3Si78apZCkotke92oknkgHdwXNjkP5PnyYSY/arm
xHHxmyLtS5I1/VOW0PCbmgmP22SEnpM15Om+zDPGknm1FIEfzHj+tGxYMP6Ke0LT
iXbUEya2TAaQu5VsPRRqCuxG8jkvChAmEiHkNXRjEgHQfmqxTKtXKnoIZINdgclZ
j1cmQwj2cUo3RHTrz3l8yA5F++82gEklw2rZlKh8Gn9VKyJsjsWeM/UUtixlh2H3
vevR4TIBLQJZM549E8hXs5JsKW91tQ8Dx9BxDDc8HkkyiXetN5anDcuVh7yXKBo9
sfpqb+EXqvk3tDD7SAhVVHM62Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org