Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/188218-9ee7-40cc-8d12-9a8243e84e54/1/AMGFrsaZQPwSYxKUH5F1kldUCrc.roa
File: AMGFrsaZQPwSYxKUH5F1kldUCrc.roa (raw, json)
Hash identifier: zL0IVGEdNfYD8SvuVmMn10l0Kltju7+wuWc40uX9XzY=
Subject key identifier: 00:C1:85:AE:C6:99:40:FC:12:63:12:94:1F:91:75:92:57:54:0A:B7
Certificate issuer: /CN=dcaa274445826e3d795c3ed18c27700eeac1ca62
Certificate serial: 0185704BE7D628265E10073CA380FA1B13C1
Authority key identifier: DC:AA:27:44:45:82:6E:3D:79:5C:3E:D1:8C:27:70:0E:EA:C1:CA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3KonREWCbj15XD7RjCdwDurBymI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/188218-9ee7-40cc-8d12-9a8243e84e54/1/AMGFrsaZQPwSYxKUH5F1kldUCrc.roa
Signing time: Mon 02 Jan 2023 02:25:00 +0000
ROA not before: Mon 02 Jan 2023 02:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207040
IP address blocks: 185.163.132.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:e7:d6:28:26:5e:10:07:3c:a3:80:fa:1b:13:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcaa274445826e3d795c3ed18c27700eeac1ca62
Validity
Not Before: Jan 2 02:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=00c185aec69940fc126312941f91759257540ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:67:63:50:0e:db:cd:f0:1d:f3:fa:f8:58:8f:
72:ed:47:c9:a5:c9:ce:c7:2d:a3:4a:0d:26:f5:1a:
dd:d3:9f:21:1b:36:a1:d2:37:3d:25:23:8c:cd:e1:
76:9a:df:4f:fc:9a:49:fb:3d:4c:39:0c:a3:ed:5f:
78:25:a0:0f:60:e4:d1:ed:0b:32:e8:17:14:b5:69:
f2:95:aa:55:b2:8b:90:3e:dc:ff:37:12:3b:26:d8:
3f:55:7b:12:a9:a1:96:1e:c6:52:33:9c:19:b4:58:
4d:42:21:2d:82:eb:57:76:e4:f9:90:52:f4:64:cd:
82:f6:f4:1b:22:02:37:3d:8c:39:8e:a5:91:cb:c9:
04:7a:c1:ed:10:c2:c1:31:38:cc:59:1a:d0:fc:bf:
db:c0:f7:f6:21:11:52:97:18:f6:31:42:6d:e1:d0:
89:fc:e3:c6:68:d5:7e:f0:b0:88:c1:a8:e5:8e:2d:
6c:54:0e:6d:0b:80:ba:a3:ae:dd:cc:fd:f5:c6:fb:
ca:67:f8:14:79:27:07:c2:1a:de:28:2a:74:4d:a8:
24:51:f5:23:d9:3f:b5:5d:ce:2d:9c:9e:fc:da:71:
46:ca:73:a5:fd:84:b8:f6:49:70:b4:29:5c:76:33:
db:2e:e5:6d:32:f8:db:18:47:fe:af:6b:74:af:7e:
77:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:C1:85:AE:C6:99:40:FC:12:63:12:94:1F:91:75:92:57:54:0A:B7
X509v3 Authority Key Identifier:
keyid:DC:AA:27:44:45:82:6E:3D:79:5C:3E:D1:8C:27:70:0E:EA:C1:CA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3KonREWCbj15XD7RjCdwDurBymI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/188218-9ee7-40cc-8d12-9a8243e84e54/1/AMGFrsaZQPwSYxKUH5F1kldUCrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/188218-9ee7-40cc-8d12-9a8243e84e54/1/3KonREWCbj15XD7RjCdwDurBymI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.132.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:40:f4:a9:9c:e3:b1:3c:0b:e8:f3:e1:b4:b6:88:7d:c7:fe:
bc:11:ed:7c:d4:a4:ec:8f:58:ea:e4:37:28:f8:ee:e3:cb:56:
7b:22:43:52:14:19:28:7c:41:e7:7b:fa:29:1e:42:3c:58:07:
a6:78:9d:35:2b:42:37:88:97:39:37:4c:f4:58:b5:6f:d0:29:
d4:32:5f:83:e8:2e:64:f8:db:fc:cd:08:67:4b:9b:f4:37:05:
e3:72:e6:9a:5f:8d:e9:a2:ba:c4:65:28:5b:7b:ba:50:bf:9e:
f6:22:03:44:33:bf:b5:87:db:54:f5:a0:d4:41:c8:1f:39:19:
9a:49:1c:24:52:52:43:f0:a4:e6:44:43:40:f5:f6:15:c6:29:
2a:99:66:2f:5d:64:ef:b8:8b:4e:52:3c:5d:1d:b1:09:c9:d1:
5e:3c:32:f2:98:90:ec:4f:12:ac:40:df:c9:f4:6b:f9:7c:59:
a0:7e:b9:75:25:bd:ff:b2:99:2d:d0:10:1b:aa:e9:54:49:23:
85:60:c3:70:2a:80:13:71:e9:a4:f5:ee:69:d3:7d:cd:1e:46:
5f:af:26:13:f5:81:85:bd:2b:86:2c:b7:cf:91:04:64:16:d7:
0f:81:4a:7e:b3:fc:75:6f:23:bf:61:79:61:c3:ed:c1:be:18:
10:4a:ba:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS+fWKCZeEAc8o4D6GxPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYWEyNzQ0NDU4MjZlM2Q3OTVjM2VkMThjMjc3MDBlZWFj
MWNhNjIwHhcNMjMwMTAyMDIyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGMxODVhZWM2OTk0MGZjMTI2MzEyOTQxZjkxNzU5MjU3NTQwYWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2djUA7bzfAd8/r4WI9y7UfJpcnO
xy2jSg0m9Rrd058hGzah0jc9JSOMzeF2mt9P/JpJ+z1MOQyj7V94JaAPYOTR7Qsy
6BcUtWnylapVsouQPtz/NxI7Jtg/VXsSqaGWHsZSM5wZtFhNQiEtgutXduT5kFL0
ZM2C9vQbIgI3PYw5jqWRy8kEesHtEMLBMTjMWRrQ/L/bwPf2IRFSlxj2MUJt4dCJ
/OPGaNV+8LCIwajlji1sVA5tC4C6o67dzP31xvvKZ/gUeScHwhreKCp0TagkUfUj
2T+1Xc4tnJ782nFGynOl/YS49klwtClcdjPbLuVtMvjbGEf+r2t0r353ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFADBha7GmUD8EmMSlB+RdZJXVAq3MB8GA1UdIwQY
MBaAFNyqJ0RFgm49eVw+0YwncA7qwcpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0tvblJFV0NiajE1WEQ3UmpDZHdEdXJCeW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8xODgyMTgtOWVlNy00MGNjLThkMTIt
OWE4MjQzZTg0ZTU0LzEvQU1HRnJzYVpRUHdTWXhLVUg1RjFrbGRVQ3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8xODgyMTgtOWVlNy00MGNjLThkMTItOWE4MjQzZTg0ZTU0
LzEvM0tvblJFV0NiajE1WEQ3UmpDZHdEdXJCeW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaOEMA0G
CSqGSIb3DQEBCwUAA4IBAQC/QPSpnOOxPAvo8+G0toh9x/68Ee181KTsj1jq5Dco
+O7jy1Z7IkNSFBkofEHne/opHkI8WAemeJ01K0I3iJc5N0z0WLVv0CnUMl+D6C5k
+Nv8zQhnS5v0NwXjcuaaX43porrEZShbe7pQv572IgNEM7+1h9tU9aDUQcgfORma
SRwkUlJD8KTmRENA9fYVxikqmWYvXWTvuItOUjxdHbEJydFePDLymJDsTxKsQN/J
9Gv5fFmgfrl1Jb3/spkt0BAbqulUSSOFYMNwKoATcemk9e5p033NHkZfryYT9YGF
vSuGLLfPkQRkFtcPgUp+s/x1byO/YXlhw+3BvhgQSrrJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:54 2025 by rpki-client