Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/pmpQFKi3igyOC68ujFjyE-8Yfxc.roa
File: pmpQFKi3igyOC68ujFjyE-8Yfxc.roa (raw, json)
Hash identifier: SfhRDC9oe6ynCurpGd+sRqzByTWkihgjkAisDgGzgV0=
Subject key identifier: A6:6A:50:14:A8:B7:8A:0C:8E:0B:AF:2E:8C:58:F2:13:EF:18:7F:17
Certificate issuer: /CN=833e0e480411b9c88e916def90fc3a901026394a
Certificate serial: 0183836096433FCA0AFD0DAC686192D24666
Authority key identifier: 83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/pmpQFKi3igyOC68ujFjyE-8Yfxc.roa
Signing time: Wed 28 Sep 2022 09:14:48 +0000
ROA not before: Wed 28 Sep 2022 09:14:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.7.73.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:83:60:96:43:3f:ca:0a:fd:0d:ac:68:61:92:d2:46:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e0e480411b9c88e916def90fc3a901026394a
Validity
Not Before: Sep 28 09:14:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a66a5014a8b78a0c8e0baf2e8c58f213ef187f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:22:39:c7:7e:0f:7e:95:42:db:63:3d:d4:42:
31:bf:de:8d:ca:76:70:b2:73:3c:9c:19:47:e3:87:
14:9f:fe:a6:66:ee:66:07:73:bd:37:2c:10:0c:ec:
71:e8:f6:16:a7:f0:09:95:1c:28:3d:ef:82:b5:7a:
2e:91:40:d6:89:ba:6b:29:04:40:e1:17:36:f4:c1:
65:0c:99:d1:37:fa:04:f7:e2:0c:66:68:c0:7a:ce:
9c:db:e2:32:54:80:59:c4:a3:5f:48:7a:2c:b7:8e:
a9:08:b2:dc:84:b4:f5:7c:91:0e:b3:9b:fc:77:02:
29:d7:e6:cb:f8:e6:ae:fc:95:31:1b:67:b9:8e:59:
5a:e9:ab:98:2a:b8:db:fb:cd:19:4a:77:35:8c:ac:
34:c6:93:1a:41:dc:cc:8e:c6:ff:14:0b:0d:d9:cf:
87:6e:97:53:f9:aa:67:44:8b:27:02:01:cc:61:63:
84:6d:04:90:e7:70:22:88:2c:86:da:c7:78:27:4d:
1b:f3:97:e5:65:39:df:7f:3a:b8:8a:a9:92:79:91:
0d:67:2f:2b:98:90:f0:02:22:fb:36:63:39:dc:bc:
7b:33:3e:ef:e5:1b:02:2e:62:16:9f:13:98:81:93:
75:74:cd:4f:8b:8c:e8:b9:56:2e:8e:f4:b0:45:bd:
07:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6A:50:14:A8:B7:8A:0C:8E:0B:AF:2E:8C:58:F2:13:EF:18:7F:17
X509v3 Authority Key Identifier:
keyid:83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/pmpQFKi3igyOC68ujFjyE-8Yfxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.73.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:55:b7:df:d0:70:66:18:cb:49:b1:68:1d:31:aa:1f:3e:ae:
2a:2b:3f:f9:7b:34:ca:f7:ef:6f:4f:ff:d9:59:22:88:07:cc:
c8:29:60:54:77:49:f6:c1:b7:1d:39:80:9e:46:59:7d:ff:df:
a8:39:c4:1d:de:18:85:e9:aa:e2:15:4f:96:08:45:f3:56:b6:
e4:c1:29:5f:a4:42:52:56:8e:08:62:10:7c:8d:29:9f:ef:ff:
e5:3b:5f:bc:0b:12:42:6a:0e:ce:00:70:d9:0d:53:4e:d4:86:
bb:c7:97:2a:32:33:94:b9:43:cd:b9:29:cc:63:cf:7e:18:e5:
c6:42:14:af:28:b2:83:25:d8:08:7d:0c:aa:72:2d:3c:d6:1c:
5d:45:42:b2:b4:43:1a:10:50:a4:c5:75:c9:c6:0b:d5:f2:62:
6d:96:00:f6:69:4e:91:ee:23:0c:47:f5:ac:eb:81:db:94:e2:
fb:ac:75:f5:6b:c9:80:9b:64:86:6c:44:bc:78:84:2a:64:a3:
dc:21:2d:c3:ba:0a:12:ec:c9:7b:8c:c1:49:8f:63:8d:84:10:
29:7b:d5:83:5f:a3:e5:48:55:da:85:a3:b0:87:0a:01:13:b4:
6b:71:f7:2a:8d:bc:c8:55:80:83:07:0a:d4:b6:3f:8d:d7:23:
d2:c1:e0:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYODYJZDP8oK/Q2saGGS0kZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UwZTQ4MDQxMWI5Yzg4ZTkxNmRlZjkwZmMzYTkwMTAy
NjM5NGEwHhcNMjIwOTI4MDkxNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZhNTAxNGE4Yjc4YTBjOGUwYmFmMmU4YzU4ZjIxM2VmMTg3ZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCI5x34PfpVC22M91EIxv96NynZw
snM8nBlH44cUn/6mZu5mB3O9NywQDOxx6PYWp/AJlRwoPe+CtXoukUDWibprKQRA
4Rc29MFlDJnRN/oE9+IMZmjAes6c2+IyVIBZxKNfSHost46pCLLchLT1fJEOs5v8
dwIp1+bL+Oau/JUxG2e5jlla6auYKrjb+80ZSnc1jKw0xpMaQdzMjsb/FAsN2c+H
bpdT+apnRIsnAgHMYWOEbQSQ53AiiCyG2sd4J00b85flZTnffzq4iqmSeZENZy8r
mJDwAiL7NmM53Lx7Mz7v5RsCLmIWnxOYgZN1dM1Pi4zouVYujvSwRb0H3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKZqUBSot4oMjguvLoxY8hPvGH8XMB8GA1UdIwQY
MBaAFIM+DkgEEbnIjpFt75D8OpAQJjlKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMt
NmMyMGViYWYzMGE5LzEvcG1wUUZLaTNpZ3lPQzY4dWpGanlFLThZZnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9hNzgyY2MtMWUwOS00NDgwLWE2ZGMtNmMyMGViYWYzMGE5
LzEvZ3o0T1NBUVJ1Y2lPa1czdmtQdzZrQkFtT1VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQdJMA0G
CSqGSIb3DQEBCwUAA4IBAQB9Vbff0HBmGMtJsWgdMaofPq4qKz/5ezTK9+9vT//Z
WSKIB8zIKWBUd0n2wbcdOYCeRll9/9+oOcQd3hiF6ariFU+WCEXzVrbkwSlfpEJS
Vo4IYhB8jSmf7//lO1+8CxJCag7OAHDZDVNO1Ia7x5cqMjOUuUPNuSnMY89+GOXG
QhSvKLKDJdgIfQyqci081hxdRUKytEMaEFCkxXXJxgvV8mJtlgD2aU6R7iMMR/Ws
64HblOL7rHX1a8mAm2SGbES8eIQqZKPcIS3DugoS7Ml7jMFJj2ONhBApe9WDX6Pl
SFXahaOwhwoBE7RrcfcqjbzIVYCDBwrUtj+N1yPSweBj
-----END CERTIFICATE-----