Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/PHsza8hUyf0QHtBG8MRXgxiHv3s.roa
File: PHsza8hUyf0QHtBG8MRXgxiHv3s.roa (raw, json)
Hash identifier: lOn5F0TSt8oX31ymHH1H4yLPI8cg5Mt4xagBlc34blg=
Subject key identifier: 3C:7B:33:6B:C8:54:C9:FD:10:1E:D0:46:F0:C4:57:83:18:87:BF:7B
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 055FDDFD
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/PHsza8hUyf0QHtBG8MRXgxiHv3s.roa
Signing time: Sat 01 Jan 2022 15:07:15 +0000
ROA not before: Sat 01 Jan 2022 15:07:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 85.203.52.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90168829 (0x55fddfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 1 15:07:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c7b336bc854c9fd101ed046f0c457831887bf7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a1:f0:99:e1:8b:b3:f8:de:db:7a:04:db:e2:
de:2e:55:d8:e0:0b:f2:69:5b:c5:0e:33:e5:4d:25:
ef:aa:1d:f3:15:bd:b7:fd:0e:8e:9d:6f:36:9c:6e:
48:7a:61:7c:ed:14:87:8a:92:d0:7f:2f:eb:1d:ef:
7f:d7:fb:e1:49:7d:cb:e9:f5:c1:5b:37:12:97:62:
db:8b:c1:46:cf:a7:c8:2f:f6:fe:28:a7:20:e5:a1:
24:7d:b1:25:14:98:c2:1d:26:c8:89:66:5f:69:3e:
bd:82:9b:97:1b:08:7a:0f:de:36:22:a3:d8:12:9f:
e1:48:24:12:84:d3:99:cf:a7:76:0b:7b:f1:cb:75:
83:e2:86:09:0a:c5:cf:f2:f2:1c:46:a1:8b:bf:59:
d9:7c:89:29:d9:24:25:32:0e:e1:cd:bd:fc:4e:31:
71:a4:18:43:70:b7:2e:d0:40:c7:79:46:cd:1f:7a:
03:1a:7c:1a:3a:b1:6b:b0:9c:55:13:f4:fe:68:a4:
56:15:da:b1:e5:0f:0e:ac:da:2c:58:1a:c0:82:60:
62:d5:56:c1:1a:7c:79:87:00:2d:40:7d:67:2f:b1:
fe:41:d0:17:90:dd:9e:fe:14:ba:8c:dd:14:2a:e2:
ea:15:3e:3d:e8:be:f8:1f:6e:53:fb:6b:01:d4:50:
5e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:7B:33:6B:C8:54:C9:FD:10:1E:D0:46:F0:C4:57:83:18:87:BF:7B
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/PHsza8hUyf0QHtBG8MRXgxiHv3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.52.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:21:18:ed:f9:05:14:1d:63:76:c5:64:03:e6:45:a2:d2:6a:
26:cd:63:96:ee:bf:87:69:20:8d:9d:9d:49:aa:8f:1d:f9:11:
31:9a:35:52:df:2f:36:d7:11:df:f4:d4:da:90:e8:0d:32:d2:
9b:8a:89:a2:62:d7:6a:fc:f8:07:12:a6:39:02:31:26:b3:22:
2c:15:9d:fc:87:65:49:41:a3:85:82:55:e5:64:5d:a8:d5:4d:
f6:b0:d4:c9:99:6d:86:0b:d1:a9:0d:42:a0:5d:4b:6b:64:45:
bc:e6:c3:87:e3:38:0f:f5:05:94:db:81:f7:f9:90:be:b0:ba:
dd:28:19:84:6d:df:de:c7:14:15:19:95:06:ef:19:e0:02:c0:
b6:ff:cd:30:5c:ef:35:62:6d:13:3b:52:fc:d8:04:f2:5b:f4:
ed:51:30:c8:ef:91:a0:57:1e:26:e1:cf:f4:7a:17:41:00:9b:
ab:5e:d3:63:89:21:a0:d3:82:31:f3:cc:2c:21:f5:8f:fc:0b:
f4:78:ed:16:40:d4:06:bb:75:8f:46:4f:2f:e3:f4:9d:10:5e:
b8:f1:21:22:bb:14:03:f5:09:1d:02:2c:49:86:6f:05:9a:42:
63:3b:cb:28:89:30:5e:0b:c2:1b:37:ff:87:4a:61:4a:f0:be:
0e:5b:22:8e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBV/d/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDViZGY2ZWVjMDgzNzBhZTFmNjdlODNmOTliNWFjMWZlMjY4NzJjMB4XDTIyMDEw
MTE1MDcxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2M3YjMzNmJjODU0
YzlmZDEwMWVkMDQ2ZjBjNDU3ODMxODg3YmY3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+h8Jnhi7P43tt6BNvi3i5V2OAL8mlbxQ4z5U0l76od8xW9
t/0Ojp1vNpxuSHphfO0Uh4qS0H8v6x3vf9f74Ul9y+n1wVs3Epdi24vBRs+nyC/2
/iinIOWhJH2xJRSYwh0myIlmX2k+vYKblxsIeg/eNiKj2BKf4UgkEoTTmc+ndgt7
8ct1g+KGCQrFz/LyHEahi79Z2XyJKdkkJTIO4c29/E4xcaQYQ3C3LtBAx3lGzR96
Axp8Gjqxa7CcVRP0/mikVhXaseUPDqzaLFgawIJgYtVWwRp8eYcALUB9Zy+x/kHQ
F5Ddnv4UuozdFCri6hU+Pei++B9uU/trAdRQXuECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ8ezNryFTJ/RAe0EbwxFeDGIe/ezAfBgNVHSMEGDAWgBTUW99u7Ag3CuH2
foP5m1rB/iaHLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFGdmZidXdJTndyaDluNkQtWnRhd2Y0bWh5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8x
L1BIc3phOGhVeWYwUUh0Qkc4TVJYZ3hpSHYzcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8xLzFGdmZidXdJTndy
aDluNkQtWnRhd2Y0bWh5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXLNDANBgkqhkiG9w0BAQsFAAOC
AQEAayEY7fkFFB1jdsVkA+ZFotJqJs1jlu6/h2kgjZ2dSaqPHfkRMZo1Ut8vNtcR
3/TU2pDoDTLSm4qJomLXavz4BxKmOQIxJrMiLBWd/IdlSUGjhYJV5WRdqNVN9rDU
yZlthgvRqQ1CoF1La2RFvObDh+M4D/UFlNuB9/mQvrC63SgZhG3f3scUFRmVBu8Z
4ALAtv/NMFzvNWJtEztS/NgE8lv07VEwyO+RoFceJuHP9HoXQQCbq17TY4khoNOC
MfPMLCH1j/wL9HjtFkDUBrt1j0ZPL+P0nRBeuPEhIrsUA/UJHQIsSYZvBZpCYzvL
KIkwXgvCGzf/h0phSvC+Dlsijg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:07 2023 by rpki-client on console-fra.rpki-client.org