Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/vSskZeBKOonY2P6mg82IwVf5hjI.roa
File: vSskZeBKOonY2P6mg82IwVf5hjI.roa (raw, json)
Hash identifier: gA46fERbTQ0XC7KHByWsdOUMIV7L+Z1VvYVvKdeTnTI=
Subject key identifier: BD:2B:24:65:E0:4A:3A:89:D8:D8:FE:A6:83:CD:88:C1:57:F9:86:32
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0184859D3A909C81F6FDF36DBEAC9D413715
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/vSskZeBKOonY2P6mg82IwVf5hjI.roa
Signing time: Thu 17 Nov 2022 12:43:04 +0000
ROA not before: Thu 17 Nov 2022 12:43:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25369
IP address blocks: 85.121.148.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:9d:3a:90:9c:81:f6:fd:f3:6d:be:ac:9d:41:37:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Nov 17 12:43:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd2b2465e04a3a89d8d8fea683cd88c157f98632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:ac:c0:ed:99:54:07:a5:09:1a:ba:9b:2f:59:
04:8b:27:b8:23:c1:82:62:53:0c:7a:e5:79:0d:0b:
db:72:a2:b4:8f:b4:2a:4c:29:de:5f:e5:25:ff:3e:
2a:fd:22:51:b1:a3:8c:3a:0d:11:ad:c3:30:7b:28:
9c:97:24:4b:06:d6:f9:80:0d:cb:59:53:6c:76:18:
91:96:51:09:a8:67:c8:4c:4d:b8:1f:dc:7d:92:74:
18:c0:be:ae:ce:fb:bf:55:8b:54:a5:3b:52:8e:4e:
da:fd:50:79:ec:ca:6c:0a:5b:69:c8:56:ee:01:3d:
d5:b9:57:06:f9:c3:4c:63:d6:e0:3d:49:32:33:be:
48:5a:d0:93:1e:c0:c9:b4:05:7f:d5:58:87:a5:ae:
b8:d1:c3:36:42:5a:ad:5a:97:7f:42:c2:b5:99:35:
f3:66:07:20:2e:83:50:10:33:f8:45:e9:7f:63:0a:
41:52:7d:bb:e6:3e:90:c5:6b:a1:59:11:fa:a3:b8:
ce:e6:92:e5:c3:59:1b:43:35:4e:46:1e:32:03:f9:
ac:00:6e:94:be:20:34:98:28:aa:e3:ee:28:30:4e:
1a:d2:f9:f4:5e:7f:2e:f5:34:a0:e1:b3:d4:f4:eb:
45:28:85:6c:e1:cb:8d:85:47:29:85:0a:c6:27:46:
f9:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2B:24:65:E0:4A:3A:89:D8:D8:FE:A6:83:CD:88:C1:57:F9:86:32
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/vSskZeBKOonY2P6mg82IwVf5hjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.121.148.0/23
Signature Algorithm: sha256WithRSAEncryption
11:d4:ca:28:d9:ec:50:89:0a:08:2a:27:79:8b:cf:14:63:8a:
b9:4d:6a:1c:db:88:60:06:d3:60:93:94:f9:5b:30:22:48:0f:
c0:05:ee:9a:8d:a7:e6:be:84:b9:a5:17:e7:3d:b5:26:35:47:
d9:8f:fc:4a:0e:41:c3:b9:4b:4c:1b:7f:3f:47:ad:d9:d1:67:
fc:00:0f:82:6f:17:d5:f4:2b:67:a7:12:34:4c:58:05:f4:91:
fc:69:ab:2a:48:3e:a4:0b:8d:f7:9f:09:65:35:4f:1c:0d:8d:
05:13:78:c6:59:82:14:2a:a7:20:16:4d:80:81:ad:c6:71:4c:
d0:1a:5c:7f:a7:4b:c4:98:bb:23:7a:c9:49:e5:2f:d9:a4:c6:
d5:64:3a:2b:6e:c5:3a:29:4c:f9:f8:74:de:a2:16:42:a8:d3:
4d:fe:72:24:63:d9:6e:4c:df:f3:10:91:13:c2:e2:8b:e6:3b:
01:9e:76:5c:6b:92:da:96:33:d4:c9:5c:fc:97:88:7e:6b:0e:
35:81:66:34:a4:1c:ae:af:1f:62:cd:e4:6c:08:55:72:b9:4b:
ea:61:38:e4:33:f4:f7:0c:7c:8c:15:21:e7:a8:6a:e4:fd:be:
76:ba:33:e6:16:73:9c:a1:e2:b9:9f:c1:3a:c5:10:cb:fa:18:
84:a3:e0:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSFnTqQnIH2/fNtvqydQTcVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjIxMTE3MTI0MzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJiMjQ2NWUwNGEzYTg5ZDhkOGZlYTY4M2NkODhjMTU3Zjk4NjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyazA7ZlUB6UJGrqbL1kEiye4I8GC
YlMMeuV5DQvbcqK0j7QqTCneX+Ul/z4q/SJRsaOMOg0RrcMweyiclyRLBtb5gA3L
WVNsdhiRllEJqGfITE24H9x9knQYwL6uzvu/VYtUpTtSjk7a/VB57MpsCltpyFbu
AT3VuVcG+cNMY9bgPUkyM75IWtCTHsDJtAV/1ViHpa640cM2QlqtWpd/QsK1mTXz
ZgcgLoNQEDP4Rel/YwpBUn275j6QxWuhWRH6o7jO5pLlw1kbQzVORh4yA/msAG6U
viA0mCiq4+4oME4a0vn0Xn8u9TSg4bPU9OtFKIVs4cuNhUcphQrGJ0b5VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL0rJGXgSjqJ2Nj+poPNiMFX+YYyMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvdlNza1plQktPb25ZMlA2bWc4Mkl3VmY1aGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVXmUMA0G
CSqGSIb3DQEBCwUAA4IBAQAR1Moo2exQiQoIKid5i88UY4q5TWoc24hgBtNgk5T5
WzAiSA/ABe6ajafmvoS5pRfnPbUmNUfZj/xKDkHDuUtMG38/R63Z0Wf8AA+CbxfV
9CtnpxI0TFgF9JH8aasqSD6kC433nwllNU8cDY0FE3jGWYIUKqcgFk2Aga3GcUzQ
Glx/p0vEmLsjeslJ5S/ZpMbVZDorbsU6KUz5+HTeohZCqNNN/nIkY9luTN/zEJET
wuKL5jsBnnZca5LaljPUyVz8l4h+aw41gWY0pByurx9izeRsCFVyuUvqYTjkM/T3
DHyMFSHnqGrk/b52ujPmFnOcoeK5n8E6xRDL+hiEo+Ak
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:28 2023 by rpki-client on console-fra.rpki-client.org