Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/MdI6QhoU4uEFho2Ulg2ZhEj4QaY.roa
File: MdI6QhoU4uEFho2Ulg2ZhEj4QaY.roa (raw, json)
Hash identifier: AoE650NxHGtwCU5RdO26iLqp/jTF9EJFO6XRLOh2yIY=
Subject key identifier: 31:D2:3A:42:1A:14:E2:E1:05:86:8D:94:96:0D:99:84:48:F8:41:A6
Certificate issuer: /CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Certificate serial: 0B1E71E2
Authority key identifier: 1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/MdI6QhoU4uEFho2Ulg2ZhEj4QaY.roa
Signing time: Sat 01 Jan 2022 05:03:59 +0000
ROA not before: Sat 01 Jan 2022 05:03:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49100
IP address blocks: 185.153.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186544610 (0xb1e71e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f896cd3d8d1a0699da521055dfb58dc06dddf35
Validity
Not Before: Jan 1 05:03:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=31d23a421a14e2e105868d94960d998448f841a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:90:d2:d7:50:a1:26:4a:2f:51:40:d0:eb:50:
a1:e6:f1:dc:07:04:3d:ea:d8:a7:f6:34:7e:ed:4d:
17:3e:61:a2:9e:9f:a7:b4:5d:1b:48:14:72:77:c0:
d0:ff:5e:6f:11:af:01:81:42:40:92:1e:da:d2:ef:
b6:65:ba:f3:2a:ba:ab:1c:ed:28:ad:76:0f:35:3f:
f8:7b:69:f7:c0:71:d2:91:83:f6:d7:80:de:ad:9b:
68:9a:4b:44:fb:b1:77:d5:09:2f:0a:4f:7c:02:6f:
3d:90:8f:74:d7:48:bc:93:d7:f7:4e:86:52:f3:97:
8f:70:b7:d5:b7:01:36:83:0b:65:87:0e:0e:fd:e9:
bf:38:94:b9:73:6c:c2:97:e0:97:51:e1:51:8b:df:
e0:a0:ae:f8:72:da:6d:30:76:84:f3:21:0d:d8:89:
44:d8:d8:af:ca:86:89:9e:7e:69:08:ad:52:f2:1c:
03:ee:64:d1:0f:24:ab:66:ec:5e:3d:37:62:1e:cd:
44:84:cc:a3:46:b1:e4:a6:a6:f5:77:56:62:de:75:
40:c6:28:24:9a:18:11:dd:86:53:86:69:f5:ae:f7:
c3:05:a4:02:40:fc:62:9d:b3:fb:97:e9:46:af:aa:
b6:64:cc:0e:43:83:43:5d:e4:a3:7f:14:e4:b1:87:
10:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:D2:3A:42:1A:14:E2:E1:05:86:8D:94:96:0D:99:84:48:F8:41:A6
X509v3 Authority Key Identifier:
keyid:1F:89:6C:D3:D8:D1:A0:69:9D:A5:21:05:5D:FB:58:DC:06:DD:DF:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H4ls09jRoGmdpSEFXftY3Abd3zU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/MdI6QhoU4uEFho2Ulg2ZhEj4QaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/fab49a-91f4-460c-827b-c3327822a138/1/H4ls09jRoGmdpSEFXftY3Abd3zU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.208.0/22
Signature Algorithm: sha256WithRSAEncryption
91:aa:35:94:04:a8:6e:47:20:6d:09:97:9c:17:bd:53:1a:4f:
72:e3:e5:b0:bf:b3:98:fc:b7:b9:81:84:0d:b4:81:3c:24:92:
48:e1:6f:b9:c2:54:8c:ea:14:c0:31:f1:7a:28:c3:f9:80:62:
6d:d0:dd:05:1b:34:9f:a6:cb:54:f9:9c:ae:b0:62:98:0b:a5:
22:11:6f:b6:ee:b3:75:20:d4:bf:1b:da:d6:92:3c:a7:0f:f4:
34:77:a8:4d:ea:1d:be:aa:8a:c8:b1:a1:d4:07:41:e4:09:fb:
1d:e6:95:2a:20:2b:9a:93:af:cd:1f:df:96:11:a4:cb:1f:b0:
96:f1:9e:cf:5d:4e:34:9f:d1:99:68:d8:e8:32:8b:6c:a9:cf:
22:7d:36:54:14:a3:a4:12:84:9d:41:9b:c2:58:b5:3e:0c:1b:
14:96:72:68:12:b9:41:2c:2f:9e:b5:76:35:93:79:fa:97:10:
cb:18:d2:15:2e:7a:6c:fe:63:86:33:10:3e:47:90:bd:e1:f4:
e2:ae:77:4a:2c:b6:5a:9e:0e:4c:95:a5:b5:1e:82:c2:c1:6b:
2e:c0:cd:21:ee:7a:12:f3:ad:f8:b9:d8:6c:f0:9a:6b:22:8b:
9e:c4:7d:18:99:11:88:ec:a2:43:fb:e9:80:11:4a:d6:1e:02:
af:02:34:bd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECx5x4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Zjg5NmNkM2Q4ZDFhMDY5OWRhNTIxMDU1ZGZiNThkYzA2ZGRkZjM1MB4XDTIyMDEw
MTA1MDM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzFkMjNhNDIxYTE0
ZTJlMTA1ODY4ZDk0OTYwZDk5ODQ0OGY4NDFhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqQ0tdQoSZKL1FA0OtQoebx3AcEPerYp/Y0fu1NFz5hop6f
p7RdG0gUcnfA0P9ebxGvAYFCQJIe2tLvtmW68yq6qxztKK12DzU/+Htp98Bx0pGD
9teA3q2baJpLRPuxd9UJLwpPfAJvPZCPdNdIvJPX906GUvOXj3C31bcBNoMLZYcO
Dv3pvziUuXNswpfgl1HhUYvf4KCu+HLabTB2hPMhDdiJRNjYr8qGiZ5+aQitUvIc
A+5k0Q8kq2bsXj03Yh7NRITMo0ax5Kam9XdWYt51QMYoJJoYEd2GU4Zp9a73wwWk
AkD8Yp2z+5fpRq+qtmTMDkODQ13ko38U5LGHEOMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQx0jpCGhTi4QWGjZSWDZmESPhBpjAfBgNVHSMEGDAWgBQfiWzT2NGgaZ2l
IQVd+1jcBt3fNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0g0bHMwOWpSb0dtZHBTRUZYZnRZM0FiZDN6VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvZmFiNDlhLTkxZjQtNDYwYy04MjdiLWMzMzI3ODIyYTEzOC8x
L01kSTZRaG9VNHVFRmhvMlVsZzJaaEVqNFFhWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
ZmFiNDlhLTkxZjQtNDYwYy04MjdiLWMzMzI3ODIyYTEzOC8xL0g0bHMwOWpSb0dt
ZHBTRUZYZnRZM0FiZDN6VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmZ0DANBgkqhkiG9w0BAQsFAAOC
AQEAkao1lASobkcgbQmXnBe9UxpPcuPlsL+zmPy3uYGEDbSBPCSSSOFvucJUjOoU
wDHxeijD+YBibdDdBRs0n6bLVPmcrrBimAulIhFvtu6zdSDUvxva1pI8pw/0NHeo
TeodvqqKyLGh1AdB5An7HeaVKiArmpOvzR/flhGkyx+wlvGez11ONJ/RmWjY6DKL
bKnPIn02VBSjpBKEnUGbwli1PgwbFJZyaBK5QSwvnrV2NZN5+pcQyxjSFS56bP5j
hjMQPkeQveH04q53Siy2Wp4OTJWltR6CwsFrLsDNIe56EvOt+LnYbPCaayKLnsR9
GJkRiOyiQ/vpgBFK1h4CrwI0vQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:17 2024 by rpki-client on console-ams.rpki-client.org