Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/b40f26-4af4-439d-a3d0-5c30734acb38/1/_JQhlAhlbg_plXQHGlpM_keIhtg.roa
File: _JQhlAhlbg_plXQHGlpM_keIhtg.roa (raw, json)
Hash identifier: HfC/OcV/Bgl8kJ0MrmsJ1D1v3YRz4cuLc8TpCDid/WQ=
Subject key identifier: FC:94:21:94:08:65:6E:0F:E9:95:74:07:1A:5A:4C:FE:47:88:86:D8
Certificate issuer: /CN=67a14f24304875ff154fe2b2b2cb6eba0af94523
Certificate serial: 0184EB633C30678CE8EBEFC26BBFC4594B75
Authority key identifier: 67:A1:4F:24:30:48:75:FF:15:4F:E2:B2:B2:CB:6E:BA:0A:F9:45:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z6FPJDBIdf8VT-Kysstuugr5RSM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/b40f26-4af4-439d-a3d0-5c30734acb38/1/_JQhlAhlbg_plXQHGlpM_keIhtg.roa
Signing time: Wed 07 Dec 2022 07:01:00 +0000
ROA not before: Wed 07 Dec 2022 07:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202105
IP address blocks: 185.11.121.0/24 maxlen: 24
185.11.122.0/24 maxlen: 24
185.11.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:63:3c:30:67:8c:e8:eb:ef:c2:6b:bf:c4:59:4b:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67a14f24304875ff154fe2b2b2cb6eba0af94523
Validity
Not Before: Dec 7 07:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc94219408656e0fe99574071a5a4cfe478886d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ba:65:74:45:cc:3f:66:20:25:bf:95:f5:7a:
a1:82:21:fe:51:66:7a:d5:7b:a6:5f:31:6c:dd:d5:
02:3e:1d:32:57:36:aa:cc:10:f7:7b:d1:f9:a4:e1:
7e:81:7c:e4:5b:e1:ca:62:11:1c:9e:d7:ec:34:da:
12:83:d1:49:e0:e0:10:57:1b:8d:4f:1e:f3:ba:20:
66:a0:8d:47:bb:19:ad:07:88:d4:36:d8:d7:25:64:
91:85:7e:4b:02:d2:02:88:8a:fd:00:6b:7c:c4:88:
b8:b3:b3:db:3b:35:f7:0b:54:07:6b:09:f6:c3:fb:
6f:4b:e1:3a:ba:44:eb:0a:10:c6:0e:be:45:01:ac:
1a:02:04:f4:bb:55:d8:9d:d1:2a:43:ba:75:d9:3a:
4a:92:ef:d0:b7:b9:47:3d:42:ef:15:ba:56:c6:80:
0b:84:64:af:57:3e:fc:c0:6b:3a:70:eb:42:fe:b9:
a5:8a:d5:99:e1:0d:7c:62:30:ad:cc:10:21:b3:64:
2f:1a:9e:8a:b1:67:3b:77:f9:06:a9:60:08:be:fe:
df:bc:62:31:76:d1:45:63:3b:93:95:51:27:9b:aa:
5a:a5:6e:88:91:9d:f0:9b:14:87:0a:70:26:f7:92:
9b:e4:35:5a:c2:a4:76:9e:78:e9:d5:32:60:5c:f1:
4e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:94:21:94:08:65:6E:0F:E9:95:74:07:1A:5A:4C:FE:47:88:86:D8
X509v3 Authority Key Identifier:
keyid:67:A1:4F:24:30:48:75:FF:15:4F:E2:B2:B2:CB:6E:BA:0A:F9:45:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z6FPJDBIdf8VT-Kysstuugr5RSM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/b40f26-4af4-439d-a3d0-5c30734acb38/1/_JQhlAhlbg_plXQHGlpM_keIhtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/b40f26-4af4-439d-a3d0-5c30734acb38/1/Z6FPJDBIdf8VT-Kysstuugr5RSM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.121.0-185.11.123.255
Signature Algorithm: sha256WithRSAEncryption
ab:75:34:b5:1b:c2:9a:4e:39:b8:58:76:60:08:22:bc:1f:7f:
38:69:31:71:63:6f:5c:91:da:cd:a6:c3:5f:c8:72:69:b8:47:
e7:5a:89:89:f0:55:fe:7a:31:6f:28:12:76:5c:20:ac:34:7e:
8c:f5:fa:51:f9:0e:52:c9:3c:f3:5f:a6:6d:8d:c6:5e:b9:bd:
33:3e:a2:b4:18:e4:95:6b:50:50:32:4a:6c:30:a8:72:84:75:
79:6b:f9:a2:f5:25:24:3b:0c:45:ed:70:df:c8:90:b0:ea:94:
85:26:55:e2:1f:38:2e:62:79:22:58:fb:bd:3b:af:5b:4e:96:
15:5f:9a:7d:f3:f8:b2:3d:54:2d:9e:bf:52:a9:29:26:cf:32:
ac:b5:ee:a0:2d:ce:a3:d3:16:89:d4:2b:3d:ad:1b:cd:c5:fe:
f1:44:df:06:74:53:eb:01:05:1d:a5:fc:bc:8b:55:a2:fa:8b:
eb:fd:18:a4:cc:86:8e:b7:6a:9b:25:c4:f4:a2:ce:67:60:6f:
ae:e1:d7:7b:23:c9:e0:1d:b7:0f:44:b5:f4:d3:96:07:87:05:
d1:2a:28:96:06:25:82:6b:29:98:09:7f:8a:72:e1:d7:70:95:
66:9f:77:3b:a7:38:6d:e6:d0:25:0f:f6:df:a2:fd:60:15:a8:
20:bb:d4:0a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYTrYzwwZ4zo6+/Ca7/EWUt1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YTE0ZjI0MzA0ODc1ZmYxNTRmZTJiMmIyY2I2ZWJhMGFm
OTQ1MjMwHhcNMjIxMjA3MDcwMTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzk0MjE5NDA4NjU2ZTBmZTk5NTc0MDcxYTVhNGNmZTQ3ODg4NmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7pldEXMP2YgJb+V9XqhgiH+UWZ6
1XumXzFs3dUCPh0yVzaqzBD3e9H5pOF+gXzkW+HKYhEcntfsNNoSg9FJ4OAQVxuN
Tx7zuiBmoI1HuxmtB4jUNtjXJWSRhX5LAtICiIr9AGt8xIi4s7PbOzX3C1QHawn2
w/tvS+E6ukTrChDGDr5FAawaAgT0u1XYndEqQ7p12TpKku/Qt7lHPULvFbpWxoAL
hGSvVz78wGs6cOtC/rmlitWZ4Q18YjCtzBAhs2QvGp6KsWc7d/kGqWAIvv7fvGIx
dtFFYzuTlVEnm6papW6IkZ3wmxSHCnAm95Kb5DVawqR2nnjp1TJgXPFOWwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPyUIZQIZW4P6ZV0BxpaTP5HiIbYMB8GA1UdIwQY
MBaAFGehTyQwSHX/FU/isrLLbroK+UUjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjZGUEpEQklkZjhWVC1LeXNzdHV1Z3I1UlNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9iNDBmMjYtNGFmNC00MzlkLWEzZDAt
NWMzMDczNGFjYjM4LzEvX0pRaGxBaGxiZ19wbFhRSEdscE1fa2VJaHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9iNDBmMjYtNGFmNC00MzlkLWEzZDAtNWMzMDczNGFjYjM4
LzEvWjZGUEpEQklkZjhWVC1LeXNzdHV1Z3I1UlNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5C3kD
BAK5C3gwDQYJKoZIhvcNAQELBQADggEBAKt1NLUbwppOObhYdmAIIrwffzhpMXFj
b1yR2s2mw1/Icmm4R+daiYnwVf56MW8oEnZcIKw0foz1+lH5DlLJPPNfpm2Nxl65
vTM+orQY5JVrUFAySmwwqHKEdXlr+aL1JSQ7DEXtcN/IkLDqlIUmVeIfOC5ieSJY
+707r1tOlhVfmn3z+LI9VC2ev1KpKSbPMqy17qAtzqPTFonUKz2tG83F/vFE3wZ0
U+sBBR2l/LyLVaL6i+v9GKTMho63apslxPSizmdgb67h13sjyeAdtw9EtfTTlgeH
BdEqKJYGJYJrKZgJf4py4ddwlWafdzunOG3m0CUP9t+i/WAVqCC71Ao=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:28 2024 by rpki-client on console-ams.rpki-client.org