Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/aOy7UdgY5CpFhjbeiDAWOGqti8c.roa
File: aOy7UdgY5CpFhjbeiDAWOGqti8c.roa (raw, json)
Hash identifier: I5Jppv3lpQEx+zQH+19+t6JqXUMoIIJpzAFcUh+c1sc=
Subject key identifier: 68:EC:BB:51:D8:18:E4:2A:45:86:36:DE:88:30:16:38:6A:AD:8B:C7
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 19891C40
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/aOy7UdgY5CpFhjbeiDAWOGqti8c.roa
Signing time: Sat 01 Jan 2022 09:56:59 +0000
ROA not before: Sat 01 Jan 2022 09:56:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199627
IP address blocks: 185.9.20.0/24 maxlen: 24
2a03:42c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 428416064 (0x19891c40)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Jan 1 09:56:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68ecbb51d818e42a458636de883016386aad8bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:08:00:da:c0:02:7b:83:3b:d7:60:97:2b:6e:
4d:93:e1:57:77:82:48:ac:17:8c:38:5c:fd:d1:11:
63:97:1d:a4:b1:98:cb:86:1d:80:b7:51:60:dc:1c:
77:09:34:53:25:7c:c5:df:21:4c:5a:d7:45:14:00:
de:c8:81:99:83:b5:8c:f2:b1:bc:64:84:9e:85:b2:
5c:69:dd:33:1c:08:be:a8:0c:12:20:95:a5:0e:9b:
05:e7:aa:a4:f6:58:75:95:89:ce:84:21:a5:c0:6f:
16:62:c7:56:98:76:f5:70:ee:89:58:4b:e7:21:a4:
5b:c8:f4:ff:46:08:a4:7c:5d:5c:16:de:9c:3b:bf:
dd:d9:20:9c:72:6d:a9:30:5d:e0:60:bc:ab:8d:27:
e9:47:f4:14:b2:e8:c8:84:ed:0c:73:96:34:85:3c:
b4:77:1a:a5:f1:2e:85:76:49:92:35:47:79:ec:e0:
e4:50:f1:c4:0c:36:a1:38:0c:e1:7e:4b:63:53:52:
29:d8:c1:39:f5:05:28:5b:c9:02:89:36:d2:ff:c6:
f7:a2:79:1b:25:66:23:b8:c5:93:c6:4d:fd:c3:9c:
83:7f:d3:bb:b1:9c:12:64:de:1f:5a:71:a2:b0:12:
99:a5:2c:9d:1c:42:f0:5a:09:0c:29:59:25:5d:13:
c2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:EC:BB:51:D8:18:E4:2A:45:86:36:DE:88:30:16:38:6A:AD:8B:C7
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/aOy7UdgY5CpFhjbeiDAWOGqti8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.20.0/24
IPv6:
2a03:42c0::/32
Signature Algorithm: sha256WithRSAEncryption
6b:32:57:d2:e7:11:3e:c7:39:da:c5:84:e1:a0:df:00:03:59:
2c:99:2c:fc:0d:96:f7:ee:c6:ae:43:4c:fb:08:da:34:7a:56:
a4:c6:85:8d:fd:2d:85:dd:6d:65:a9:5a:d2:bf:62:a3:28:e5:
ff:7f:1a:c5:8c:77:85:9e:26:9a:92:47:69:b0:8c:e7:94:96:
f3:81:0d:e3:0b:d6:4c:1a:96:a2:1f:1e:8f:43:45:2c:7e:0c:
3c:3f:74:33:13:90:3e:88:b6:59:e1:a1:b8:ef:54:8d:d6:85:
c3:39:46:86:aa:87:04:c8:8c:69:e9:62:66:04:97:d9:93:cb:
b0:1a:71:b5:60:c0:ae:e2:be:71:b7:a5:31:f8:ff:91:4e:46:
ac:de:fa:57:93:13:d0:3c:27:f9:0f:d9:2f:35:fa:f1:a7:d2:
ce:d4:89:d8:9c:c2:1b:3b:e4:39:02:5f:d1:f5:d6:f3:b6:a1:
67:82:da:1f:6c:05:38:65:64:2d:3b:72:e9:91:d7:01:d2:c0:
b1:b5:d2:05:d1:93:9b:28:cc:23:87:44:aa:fc:36:e1:ee:f8:
9d:4d:7a:08:9a:2b:15:d1:55:f4:ab:01:aa:ee:61:c0:3f:da:
fe:d4:88:5c:e9:d0:fd:a8:ba:3e:18:96:f8:5c:a9:14:72:d2:
cf:f5:6f:be
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGYkcQDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODVhZTZjNTljMzVlNDYwMzg3ZGFlYmNmYjg2NmY4YTFlYmIzNjg2MB4XDTIyMDEw
MTA5NTY1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhlY2JiNTFkODE4
ZTQyYTQ1ODYzNmRlODgzMDE2Mzg2YWFkOGJjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAIANrAAnuDO9dglytuTZPhV3eCSKwXjDhc/dERY5cdpLGY
y4YdgLdRYNwcdwk0UyV8xd8hTFrXRRQA3siBmYO1jPKxvGSEnoWyXGndMxwIvqgM
EiCVpQ6bBeeqpPZYdZWJzoQhpcBvFmLHVph29XDuiVhL5yGkW8j0/0YIpHxdXBbe
nDu/3dkgnHJtqTBd4GC8q40n6Uf0FLLoyITtDHOWNIU8tHcapfEuhXZJkjVHeezg
5FDxxAw2oTgM4X5LY1NSKdjBOfUFKFvJAok20v/G96J5GyVmI7jFk8ZN/cOcg3/T
u7GcEmTeH1pxorASmaUsnRxC8FoJDClZJV0TwiUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRo7LtR2BjkKkWGNt6IMBY4aq2LxzAfBgNVHSMEGDAWgBSYWubFnDXkYDh9
rrz7hm+KHrs2hjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21Gcm14WncxNUdBNGZhNjgtNFp2aWg2N05vWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvOGI5MDZiLTljMWQtNDVkOS04NmJhLWM3ZmU2MjIyN2RmMy8x
L2FPeTdVZGdZNUNwRmhqYmVpREFXT0dxdGk4Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
OGI5MDZiLTljMWQtNDVkOS04NmJhLWM3ZmU2MjIyN2RmMy8xL21Gcm14WncxNUdB
NGZhNjgtNFp2aWg2N05vWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALkJFDANBAIAAjAHAwUAKgNCwDAN
BgkqhkiG9w0BAQsFAAOCAQEAazJX0ucRPsc52sWE4aDfAANZLJks/A2W9+7GrkNM
+wjaNHpWpMaFjf0thd1tZala0r9ioyjl/38axYx3hZ4mmpJHabCM55SW84EN4wvW
TBqWoh8ej0NFLH4MPD90MxOQPoi2WeGhuO9UjdaFwzlGhqqHBMiMaeliZgSX2ZPL
sBpxtWDAruK+cbelMfj/kU5GrN76V5MT0Dwn+Q/ZLzX68afSztSJ2JzCGzvkOQJf
0fXW87ahZ4LaH2wFOGVkLTty6ZHXAdLAsbXSBdGTmyjMI4dEqvw24e74nU16CJor
FdFV9KsBqu5hwD/a/tSIXOnQ/ai6PhiW+FypFHLSz/Vvvg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:07 2023 by rpki-client on console-fra.rpki-client.org