Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/hSGMoyA4I7gi42Yet3SiLA0wClU.roa
File: hSGMoyA4I7gi42Yet3SiLA0wClU.roa (raw, json)
Hash identifier: 1zjrTgb06JOnEs5bYkEZvAWUrV1HYjyqc8PR28DgpSw=
Subject key identifier: 85:21:8C:A3:20:38:23:B8:22:E3:66:1E:B7:74:A2:2C:0D:30:0A:55
Certificate issuer: /CN=4b48cf146b4c73d274096d705708d24b729329f8
Certificate serial: 1C4B39FC
Authority key identifier: 4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/hSGMoyA4I7gi42Yet3SiLA0wClU.roa
Signing time: Tue 26 Apr 2022 07:49:04 +0000
ROA not before: Tue 26 Apr 2022 07:49:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12989
IP address blocks: 85.12.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 474692092 (0x1c4b39fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b48cf146b4c73d274096d705708d24b729329f8
Validity
Not Before: Apr 26 07:49:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85218ca3203823b822e3661eb774a22c0d300a55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:59:6d:45:35:5a:d1:52:d7:0d:12:5c:a8:2e:
d5:65:3e:46:34:7a:c9:6e:a5:c2:80:4e:c2:f4:21:
bb:ca:d5:03:1e:5d:f6:3c:7f:65:30:97:76:4c:79:
91:dc:1b:f0:44:e3:ed:f7:08:9b:65:6e:d5:55:33:
ea:69:41:24:f4:c0:c2:41:9c:f3:f7:d4:a3:ea:ac:
de:4d:d6:92:f6:b9:e6:7c:ae:38:44:3a:25:1f:c4:
39:e5:02:b2:9c:d3:6e:60:ab:43:7f:6c:79:15:40:
c6:68:93:5e:16:df:b6:50:3a:ab:9e:66:5b:c4:57:
93:77:86:fa:15:21:7b:86:cd:61:c6:3d:90:c0:ba:
3c:de:22:74:20:c8:a2:b3:bf:42:07:62:ef:8b:b3:
05:a9:de:d6:cf:61:67:83:99:c7:5c:2b:16:31:3a:
cd:d6:21:f4:69:3a:9f:45:43:55:b4:59:d1:c1:65:
1c:b8:d0:d0:0f:9e:d2:78:38:df:dd:34:73:d3:12:
3e:82:68:08:c5:63:68:0a:76:d3:32:4b:33:b5:0b:
9a:46:0e:c8:f0:56:f6:fc:ae:7d:41:96:20:5f:09:
9f:2f:79:d3:13:b9:d0:64:ca:81:29:40:61:5d:c4:
f9:2e:31:92:47:5b:60:45:63:1e:49:bb:0e:98:5e:
1e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:21:8C:A3:20:38:23:B8:22:E3:66:1E:B7:74:A2:2C:0D:30:0A:55
X509v3 Authority Key Identifier:
keyid:4B:48:CF:14:6B:4C:73:D2:74:09:6D:70:57:08:D2:4B:72:93:29:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S0jPFGtMc9J0CW1wVwjSS3KTKfg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/hSGMoyA4I7gi42Yet3SiLA0wClU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/3bbb52-393e-4762-a70c-64a6a05b9905/1/S0jPFGtMc9J0CW1wVwjSS3KTKfg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.12.1.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:a7:b8:03:63:22:d6:10:f0:26:9d:23:94:6a:01:0e:87:de:
f3:5c:8c:6c:a0:7c:01:39:7f:3c:d6:69:16:07:62:b9:a2:85:
08:a1:fe:25:49:76:3c:ca:2d:04:4c:80:0b:5c:84:97:64:77:
2d:2c:b2:54:c2:55:49:25:26:cf:18:a9:93:a6:38:be:8f:0f:
a4:f2:8c:73:17:c6:dd:f5:41:cd:6c:9b:a0:ff:2b:b9:d1:c3:
7a:16:52:10:33:dd:69:f5:c0:3f:af:9b:97:67:11:51:ee:0d:
0c:0f:eb:4b:5d:8b:f4:fc:b2:d0:8e:42:60:f5:35:f8:5a:2e:
36:4c:06:62:67:b0:e8:1a:55:fe:01:89:c0:fd:88:14:31:14:
a3:ae:a0:01:05:d0:a0:d3:59:4c:a6:e4:ad:96:e8:cb:f2:25:
74:83:1c:cd:41:82:52:39:7d:40:3c:af:7e:cb:2b:1c:24:c4:
6e:8f:b8:09:64:54:07:aa:6b:cb:36:b1:31:00:f2:1e:3f:42:
fc:0b:d5:8f:b4:b3:3b:e6:e9:ad:80:ba:4b:e4:b3:df:58:8a:
9b:e9:8b:27:8e:80:13:d8:94:e4:fc:cc:f2:4d:fd:29:1f:48:
9a:fc:60:20:94:90:cb:28:df:70:67:36:e8:88:d4:88:dc:b5:
a6:ff:ae:d2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHEs5/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjQ4Y2YxNDZiNGM3M2QyNzQwOTZkNzA1NzA4ZDI0YjcyOTMyOWY4MB4XDTIyMDQy
NjA3NDkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUyMThjYTMyMDM4
MjNiODIyZTM2NjFlYjc3NGEyMmMwZDMwMGE1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNZbUU1WtFS1w0SXKgu1WU+RjR6yW6lwoBOwvQhu8rVAx5d
9jx/ZTCXdkx5kdwb8ETj7fcIm2Vu1VUz6mlBJPTAwkGc8/fUo+qs3k3Wkva55nyu
OEQ6JR/EOeUCspzTbmCrQ39seRVAxmiTXhbftlA6q55mW8RXk3eG+hUhe4bNYcY9
kMC6PN4idCDIorO/Qgdi74uzBane1s9hZ4OZx1wrFjE6zdYh9Gk6n0VDVbRZ0cFl
HLjQ0A+e0ng43900c9MSPoJoCMVjaAp20zJLM7ULmkYOyPBW9vyufUGWIF8Jny95
0xO50GTKgSlAYV3E+S4xkkdbYEVjHkm7DpheHscCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSFIYyjIDgjuCLjZh63dKIsDTAKVTAfBgNVHSMEGDAWgBRLSM8Ua0xz0nQJ
bXBXCNJLcpMp+DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MwalBGR3RNYzlKMENXMXdWd2pTUzNLVEtmZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjYvM2JiYjUyLTM5M2UtNDc2Mi1hNzBjLTY0YTZhMDViOTkwNS8x
L2hTR01veUE0STdnaTQyWWV0M1NpTEEwd0NsVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjYv
M2JiYjUyLTM5M2UtNDc2Mi1hNzBjLTY0YTZhMDViOTkwNS8xL1MwalBGR3RNYzlK
MENXMXdWd2pTUzNLVEtmZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFUMATANBgkqhkiG9w0BAQsFAAOC
AQEAs6e4A2Mi1hDwJp0jlGoBDofe81yMbKB8ATl/PNZpFgdiuaKFCKH+JUl2PMot
BEyAC1yEl2R3LSyyVMJVSSUmzxipk6Y4vo8PpPKMcxfG3fVBzWyboP8rudHDehZS
EDPdafXAP6+bl2cRUe4NDA/rS12L9Pyy0I5CYPU1+FouNkwGYmew6BpV/gGJwP2I
FDEUo66gAQXQoNNZTKbkrZboy/IldIMczUGCUjl9QDyvfssrHCTEbo+4CWRUB6pr
yzaxMQDyHj9C/AvVj7SzO+bprYC6S+Sz31iKm+mLJ46AE9iU5PzM8k39KR9Imvxg
IJSQyyjfcGc26IjUiNy1pv+u0g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:27 2023 by rpki-client on console-fra.rpki-client.org