Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/i1ZdI6Ybv1DFmDe3efhkxt6YYns.roa
File: i1ZdI6Ybv1DFmDe3efhkxt6YYns.roa (raw, json)
Hash identifier: 9q+ONDXcpbeTJujWuun1H2CW81ou529MRHjLdaBCGvs=
Subject key identifier: 8B:56:5D:23:A6:1B:BF:50:C5:98:37:B7:79:F8:64:C6:DE:98:62:7B
Certificate issuer: /CN=46ccab7479a4e0d8a4177350a00a69bd883b048d
Certificate serial: 09A80874
Authority key identifier: 46:CC:AB:74:79:A4:E0:D8:A4:17:73:50:A0:0A:69:BD:88:3B:04:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RsyrdHmk4NikF3NQoAppvYg7BI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/i1ZdI6Ybv1DFmDe3efhkxt6YYns.roa
Signing time: Sat 01 Jan 2022 14:04:36 +0000
ROA not before: Sat 01 Jan 2022 14:04:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206894
IP address blocks: 185.212.232.0/22 maxlen: 22
2a0b:7e40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162007156 (0x9a80874)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ccab7479a4e0d8a4177350a00a69bd883b048d
Validity
Not Before: Jan 1 14:04:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b565d23a61bbf50c59837b779f864c6de98627b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:d9:c8:65:f0:3a:a0:59:16:cb:8f:20:fb:d2:
41:9b:03:33:f6:c6:35:9e:74:b4:25:94:6a:ea:e6:
a2:24:41:43:e1:af:75:c7:52:86:29:5e:88:7d:9d:
0d:5c:cc:20:41:9e:d4:c5:6c:df:c9:ea:2e:4f:58:
8b:f1:b1:0e:a6:34:31:43:46:a4:25:e2:b3:de:d0:
d6:c6:7c:c5:b5:50:bf:6c:b5:ae:c5:f8:5b:c6:69:
16:2a:95:76:9f:09:8d:a7:ce:d7:95:16:61:80:5a:
7f:92:a7:f7:d2:b1:0f:ed:fb:3d:17:03:1d:65:ea:
b9:67:76:72:8e:80:4b:bd:81:e0:f6:6a:7d:63:e5:
d8:66:ff:fb:c0:ad:78:fa:71:6b:b8:b3:f3:f6:ce:
c7:8e:35:7f:61:ca:03:dc:1b:b7:71:82:3b:2d:13:
3d:24:8a:0b:47:3e:01:f9:b2:e1:9c:c9:16:a7:f1:
c5:c8:be:25:66:ab:2a:0c:a5:07:8b:8b:8c:08:64:
a9:c4:05:4d:9a:e3:14:be:4c:65:ff:58:f1:31:67:
a2:79:e3:98:24:08:2b:5d:2d:67:ec:fd:dd:1d:3b:
69:70:06:28:0a:05:88:85:b8:a7:a2:76:7a:a7:12:
22:26:14:ac:ea:26:a0:ed:9d:7e:3a:cd:47:2f:76:
b7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:56:5D:23:A6:1B:BF:50:C5:98:37:B7:79:F8:64:C6:DE:98:62:7B
X509v3 Authority Key Identifier:
keyid:46:CC:AB:74:79:A4:E0:D8:A4:17:73:50:A0:0A:69:BD:88:3B:04:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RsyrdHmk4NikF3NQoAppvYg7BI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/i1ZdI6Ybv1DFmDe3efhkxt6YYns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/dc5243-bba4-4acf-a218-2f30252eb442/1/RsyrdHmk4NikF3NQoAppvYg7BI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.232.0/22
IPv6:
2a0b:7e40::/32
Signature Algorithm: sha256WithRSAEncryption
4a:71:1a:6c:34:eb:64:44:00:60:41:ed:f3:16:1b:05:5f:04:
b2:e1:85:e7:34:b5:d7:d1:54:3e:f0:b4:67:3a:de:f2:2a:88:
d9:a1:94:63:d7:a3:9c:6c:ae:f3:80:d2:3e:eb:1d:33:f3:4d:
98:c1:bf:b8:68:1e:0c:53:15:d6:6e:77:c3:33:41:ef:a3:0c:
b9:d4:42:e7:d9:55:62:b8:c8:2b:0a:30:42:3c:28:e9:36:d1:
62:73:44:8a:82:da:ce:8b:64:4d:0b:2f:cd:72:de:21:02:48:
e9:2a:ea:ac:24:54:b5:57:92:1c:33:f9:4b:83:ea:bb:9e:09:
4c:1b:19:09:b6:8a:f0:cd:df:07:4a:91:09:af:e0:1e:49:7e:
64:d0:7b:b6:89:a2:79:3c:34:f6:50:de:1a:f6:f0:5b:ee:af:
d7:9a:cd:1c:a2:61:c8:0a:e8:f0:4c:97:c6:9c:a8:4a:6e:57:
bd:e0:5f:6a:93:cd:87:34:cd:93:17:4e:dd:32:51:cc:84:f8:
ca:ee:26:7a:a3:af:8f:e3:2a:e6:4e:62:c0:b2:5f:e4:de:21:
5b:ff:fa:9c:96:4b:c2:f9:8f:7f:2f:e0:17:66:fa:4c:3a:23:
cc:ec:75:4b:cd:5f:bc:29:22:43:18:bd:e5:fa:bd:ee:de:59:
9a:d4:cc:d0
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECagIdDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NmNjYWI3NDc5YTRlMGQ4YTQxNzczNTBhMDBhNjliZDg4M2IwNDhkMB4XDTIyMDEw
MTE0MDQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGI1NjVkMjNhNjFi
YmY1MGM1OTgzN2I3NzlmODY0YzZkZTk4NjI3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7ZyGXwOqBZFsuPIPvSQZsDM/bGNZ50tCWUaurmoiRBQ+Gv
dcdShileiH2dDVzMIEGe1MVs38nqLk9Yi/GxDqY0MUNGpCXis97Q1sZ8xbVQv2y1
rsX4W8ZpFiqVdp8JjafO15UWYYBaf5Kn99KxD+37PRcDHWXquWd2co6AS72B4PZq
fWPl2Gb/+8CtePpxa7iz8/bOx441f2HKA9wbt3GCOy0TPSSKC0c+Afmy4ZzJFqfx
xci+JWarKgylB4uLjAhkqcQFTZrjFL5MZf9Y8TFnonnjmCQIK10tZ+z93R07aXAG
KAoFiIW4p6J2eqcSIiYUrOomoO2dfjrNRy92t1sCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSLVl0jphu/UMWYN7d5+GTG3phiezAfBgNVHSMEGDAWgBRGzKt0eaTg2KQX
c1CgCmm9iDsEjTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JzeXJkSG1rNE5pa0YzTlFvQXBwdllnN0JJMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvZGM1MjQzLWJiYTQtNGFjZi1hMjE4LTJmMzAyNTJlYjQ0Mi8x
L2kxWmRJNllidjFERm1EZTNlZmhreHQ2WVlucy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ZGM1MjQzLWJiYTQtNGFjZi1hMjE4LTJmMzAyNTJlYjQ0Mi8xL1JzeXJkSG1rNE5p
a0YzTlFvQXBwdllnN0JJMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnU6DANBAIAAjAHAwUAKgt+QDAN
BgkqhkiG9w0BAQsFAAOCAQEASnEabDTrZEQAYEHt8xYbBV8EsuGF5zS119FUPvC0
Zzre8iqI2aGUY9ejnGyu84DSPusdM/NNmMG/uGgeDFMV1m53wzNB76MMudRC59lV
YrjIKwowQjwo6TbRYnNEioLazotkTQsvzXLeIQJI6SrqrCRUtVeSHDP5S4Pqu54J
TBsZCbaK8M3fB0qRCa/gHkl+ZNB7tomieTw09lDeGvbwW+6v15rNHKJhyAro8EyX
xpyoSm5XveBfapPNhzTNkxdO3TJRzIT4yu4meqOvj+Mq5k5iwLJf5N4hW//6nJZL
wvmPfy/gF2b6TDojzOx1S81fvCkiQxi95fq97t5ZmtTM0A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:40 2023 by rpki-client on console-ams.rpki-client.org