Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/fffee1-bd46-4523-9eca-705563137d7a/1/ofsdRWMOUl-43Nf7zRu2u1PvB-4.roa
File: ofsdRWMOUl-43Nf7zRu2u1PvB-4.roa (raw, json)
Hash identifier: JlEoufaVqePvUcoK984j+b6Q+53vwxSzey4m/EkO8lk=
Subject key identifier: A1:FB:1D:45:63:0E:52:5F:B8:DC:D7:FB:CD:1B:B6:BB:53:EF:07:EE
Certificate issuer: /CN=35d851c114a3f779ea80257b1ee1826acdae4a4e
Certificate serial: 0ECC89A0
Authority key identifier: 35:D8:51:C1:14:A3:F7:79:EA:80:25:7B:1E:E1:82:6A:CD:AE:4A:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NdhRwRSj93nqgCV7HuGCas2uSk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/fffee1-bd46-4523-9eca-705563137d7a/1/ofsdRWMOUl-43Nf7zRu2u1PvB-4.roa
Signing time: Sat 01 Jan 2022 13:07:13 +0000
ROA not before: Sat 01 Jan 2022 13:07:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42143
IP address blocks: 185.207.52.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 248285600 (0xecc89a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35d851c114a3f779ea80257b1ee1826acdae4a4e
Validity
Not Before: Jan 1 13:07:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1fb1d45630e525fb8dcd7fbcd1bb6bb53ef07ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d4:3c:78:49:ed:13:1e:1e:c6:e6:36:88:46:
93:d2:09:3c:34:ae:ee:f2:5f:08:54:bb:f0:31:06:
7c:c6:7d:51:75:5f:f2:57:e6:5a:94:e9:89:31:46:
a0:9a:76:49:25:3a:d5:ad:da:99:27:03:51:2e:e1:
1d:c5:d4:00:8a:a5:2e:f7:fd:c6:c4:32:71:ed:86:
72:02:0f:89:5a:eb:c4:aa:7f:d9:9a:fe:6a:f2:9f:
c6:cb:ff:8b:69:61:79:9e:bf:59:64:68:26:92:0e:
d6:bb:d2:70:41:da:ac:1e:b0:85:21:8e:21:ec:54:
d5:97:86:9e:53:25:0c:99:b1:b9:ca:ba:ba:0c:86:
2f:1e:5f:a6:de:28:b5:b5:6e:88:8d:ae:f7:68:f0:
c7:77:83:8f:1c:f7:9c:de:47:f1:6c:1c:c0:b5:09:
fa:b1:36:e0:16:2a:93:b2:f0:2b:37:9c:e7:ba:d1:
43:85:c3:4f:54:41:73:06:8d:6f:1a:50:9e:f2:fa:
a6:c7:11:91:1a:80:ef:45:97:05:66:32:58:f5:90:
71:a1:ef:21:67:c6:23:ba:2a:64:70:eb:15:01:f6:
88:5b:03:0e:12:70:41:4e:0f:ae:8c:36:33:ef:4d:
be:88:1a:17:26:f4:7d:5c:3c:f7:46:d6:19:b6:ab:
af:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:FB:1D:45:63:0E:52:5F:B8:DC:D7:FB:CD:1B:B6:BB:53:EF:07:EE
X509v3 Authority Key Identifier:
keyid:35:D8:51:C1:14:A3:F7:79:EA:80:25:7B:1E:E1:82:6A:CD:AE:4A:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NdhRwRSj93nqgCV7HuGCas2uSk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fffee1-bd46-4523-9eca-705563137d7a/1/ofsdRWMOUl-43Nf7zRu2u1PvB-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/fffee1-bd46-4523-9eca-705563137d7a/1/NdhRwRSj93nqgCV7HuGCas2uSk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.52.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:1a:30:14:79:ad:a5:f1:c5:ae:49:6b:82:c7:19:d5:6b:02:
45:7d:2a:aa:1d:7a:ad:00:68:bd:02:f9:55:bb:b6:f3:b4:53:
9b:1e:8d:25:02:6e:01:77:7b:a9:af:1a:4f:ee:97:b3:be:03:
fc:f7:05:7c:6e:ba:af:c3:74:c4:45:31:a2:f8:18:0e:32:bc:
65:0b:dd:3d:88:6e:ec:0c:67:13:1e:f1:76:13:81:10:b6:c5:
86:c2:81:cd:7f:21:ff:82:64:6a:fc:15:af:2e:7c:88:4d:b7:
bb:76:e6:d2:9d:8a:3c:a3:21:f9:a5:0f:89:75:30:c3:03:de:
f3:2e:12:62:c1:4e:87:0c:c2:05:2b:b4:76:f4:da:0b:27:ce:
e1:d9:10:ce:88:55:35:ed:06:ab:cd:08:1b:bc:73:74:96:94:
dc:fc:55:33:cc:c2:25:e1:51:31:26:90:fa:07:2d:6e:f4:6f:
6e:1d:0c:d7:fa:66:13:c6:23:9e:ac:51:9e:f8:a6:5a:b8:43:
c2:24:b6:46:cc:37:19:f3:81:04:28:09:0e:a3:e9:5f:8c:e8:
07:2d:0f:5f:c9:fd:ff:35:c6:06:af:08:67:0e:02:2e:09:79:
cb:fd:d5:aa:4a:52:55:1e:0c:73:d8:2a:21:3b:53:6d:dc:49:
79:cc:6b:e9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDsyJoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NWQ4NTFjMTE0YTNmNzc5ZWE4MDI1N2IxZWUxODI2YWNkYWU0YTRlMB4XDTIyMDEw
MTEzMDcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTFmYjFkNDU2MzBl
NTI1ZmI4ZGNkN2ZiY2QxYmI2YmI1M2VmMDdlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbUPHhJ7RMeHsbmNohGk9IJPDSu7vJfCFS78DEGfMZ9UXVf
8lfmWpTpiTFGoJp2SSU61a3amScDUS7hHcXUAIqlLvf9xsQyce2GcgIPiVrrxKp/
2Zr+avKfxsv/i2lheZ6/WWRoJpIO1rvScEHarB6whSGOIexU1ZeGnlMlDJmxucq6
ugyGLx5fpt4otbVuiI2u92jwx3eDjxz3nN5H8WwcwLUJ+rE24BYqk7LwKzec57rR
Q4XDT1RBcwaNbxpQnvL6pscRkRqA70WXBWYyWPWQcaHvIWfGI7oqZHDrFQH2iFsD
DhJwQU4Prow2M+9NvogaFyb0fVw890bWGbarr2MCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSh+x1FYw5SX7jc1/vNG7a7U+8H7jAfBgNVHSMEGDAWgBQ12FHBFKP3eeqA
JXse4YJqza5KTjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05kaFJ3UlNqOTNucWdDVjdIdUdDYXMydVNrNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvZmZmZWUxLWJkNDYtNDUyMy05ZWNhLTcwNTU2MzEzN2Q3YS8x
L29mc2RSV01PVWwtNDNOZjd6UnUydTFQdkItNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
ZmZmZWUxLWJkNDYtNDUyMy05ZWNhLTcwNTU2MzEzN2Q3YS8xL05kaFJ3UlNqOTNu
cWdDVjdIdUdDYXMydVNrNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnPNDANBgkqhkiG9w0BAQsFAAOC
AQEApBowFHmtpfHFrklrgscZ1WsCRX0qqh16rQBovQL5Vbu287RTmx6NJQJuAXd7
qa8aT+6Xs74D/PcFfG66r8N0xEUxovgYDjK8ZQvdPYhu7AxnEx7xdhOBELbFhsKB
zX8h/4JkavwVry58iE23u3bm0p2KPKMh+aUPiXUwwwPe8y4SYsFOhwzCBSu0dvTa
CyfO4dkQzohVNe0Gq80IG7xzdJaU3PxVM8zCJeFRMSaQ+gctbvRvbh0M1/pmE8Yj
nqxRnvimWrhDwiS2Rsw3GfOBBCgJDqPpX4zoBy0PX8n9/zXGBq8IZw4CLgl5y/3V
qkpSVR4Mc9gqITtTbdxJecxr6Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:40 2023 by rpki-client on console-fra.rpki-client.org