Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/CjME8Lkd7avADT85XGcN6hTNB-0.roa
File: CjME8Lkd7avADT85XGcN6hTNB-0.roa (raw, json)
Hash identifier: xv3jwzHztRx8j1qZA2BMJUEZ8zGQ2GMG4uazrwEeAAI=
Subject key identifier: 0A:33:04:F0:B9:1D:ED:AB:C0:0D:3F:39:5C:67:0D:EA:14:CD:07:ED
Certificate issuer: /CN=3ab79a94103c03e99b5201a798d338865be63574
Certificate serial: 010235
Authority key identifier: 3A:B7:9A:94:10:3C:03:E9:9B:52:01:A7:98:D3:38:86:5B:E6:35:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OrealBA8A-mbUgGnmNM4hlvmNXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/CjME8Lkd7avADT85XGcN6hTNB-0.roa
Signing time: Fri 11 Mar 2022 23:55:11 +0000
ROA not before: Fri 11 Mar 2022 23:55:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398464
IP address blocks: 185.140.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66101 (0x10235)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ab79a94103c03e99b5201a798d338865be63574
Validity
Not Before: Mar 11 23:55:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a3304f0b91dedabc00d3f395c670dea14cd07ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fd:85:71:7a:95:cb:bd:1a:83:42:d0:7f:b6:
ee:2f:30:41:a6:aa:26:d6:35:a6:6c:f8:a0:5c:35:
a5:6e:c3:aa:22:6c:8e:0e:c2:c9:5b:4a:ec:55:36:
fc:37:fa:84:6d:60:50:7d:a9:4a:c5:81:f5:5b:33:
b7:8d:e5:a8:45:15:64:cd:e4:84:b5:f1:91:4e:7f:
7d:59:7a:56:90:77:6c:da:49:4b:6b:43:2e:f3:dc:
59:a5:a2:12:d1:86:97:f0:31:fa:70:83:1a:85:04:
cf:15:b5:ab:a4:9e:54:84:14:ac:87:1b:ab:34:6d:
b7:7d:ea:7e:fc:bf:85:3c:3b:c0:45:cc:21:3f:d3:
8e:e6:49:ad:37:1a:73:7f:ed:a6:2a:da:c7:27:3a:
ff:69:de:1d:ad:ad:46:8b:36:12:31:4f:0d:93:d0:
a5:09:dd:68:c2:5c:fe:3b:43:42:47:c6:e5:de:67:
97:88:7a:9d:e6:d0:cb:5d:24:bd:75:8b:92:83:5a:
6b:b3:61:7c:8b:72:dc:1c:60:4e:18:87:fe:07:ef:
11:1f:a3:e8:01:75:f5:f0:23:c0:a3:ee:06:04:95:
e6:8a:92:8c:02:2d:f9:80:cd:ba:bf:9d:86:f0:81:
93:5f:e6:6f:45:5c:8d:99:69:fe:1c:ef:bf:69:f4:
6d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:33:04:F0:B9:1D:ED:AB:C0:0D:3F:39:5C:67:0D:EA:14:CD:07:ED
X509v3 Authority Key Identifier:
keyid:3A:B7:9A:94:10:3C:03:E9:9B:52:01:A7:98:D3:38:86:5B:E6:35:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OrealBA8A-mbUgGnmNM4hlvmNXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/CjME8Lkd7avADT85XGcN6hTNB-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/91dd41-0090-4679-9dbf-ee3b581aaa07/1/OrealBA8A-mbUgGnmNM4hlvmNXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.140.173.0/24
Signature Algorithm: sha256WithRSAEncryption
16:a9:2a:6a:f3:95:a4:ed:35:0c:d6:dc:f5:11:dd:cc:d0:32:
c2:e1:0f:92:22:2b:d9:83:c0:81:b0:f2:99:f2:53:1c:9a:cc:
cb:d7:da:d5:35:18:38:08:fb:67:2e:a8:19:e9:82:84:44:18:
90:ca:ee:64:fa:7f:41:d7:fc:91:96:fd:57:ff:a7:c0:2e:bf:
44:58:0f:44:e4:04:7f:42:c3:7e:18:5e:41:2d:80:20:f2:6f:
12:3c:02:7b:c5:c7:a9:b6:6c:ff:6b:f2:2c:8e:be:e9:ad:87:
96:06:f5:33:f1:cd:a8:f0:75:9c:98:3e:19:32:91:fc:7a:15:
5a:60:cf:31:40:a4:94:e7:0b:5a:68:f3:33:a3:0e:aa:7e:9e:
78:71:40:56:52:21:2e:5c:b1:20:ae:cb:e5:b9:83:4a:78:aa:
99:35:f7:1e:80:70:eb:6a:ae:c7:45:6e:83:8f:06:82:aa:5f:
ca:29:ae:6c:20:11:70:36:d0:ad:9b:1c:4f:e2:10:78:05:ca:
77:58:3f:28:3f:31:f3:54:b7:4a:5a:d9:44:4d:f8:f9:31:85:
6c:2a:d8:6c:be:54:ee:fc:b8:9f:2f:b8:fb:f7:2d:29:72:ff:
33:14:44:79:0f:ae:f7:3f:58:90:16:6f:6e:67:08:bb:20:e6:
c6:e0:a2:31
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAQI1MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNh
Yjc5YTk0MTAzYzAzZTk5YjUyMDFhNzk4ZDMzODg2NWJlNjM1NzQwHhcNMjIwMzEx
MjM1NTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwYTMzMDRmMGI5MWRl
ZGFiYzAwZDNmMzk1YzY3MGRlYTE0Y2QwN2VkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzP2FcXqVy70ag0LQf7buLzBBpqom1jWmbPigXDWlbsOqImyO
DsLJW0rsVTb8N/qEbWBQfalKxYH1WzO3jeWoRRVkzeSEtfGRTn99WXpWkHds2klL
a0Mu89xZpaIS0YaX8DH6cIMahQTPFbWrpJ5UhBSshxurNG23fep+/L+FPDvARcwh
P9OO5kmtNxpzf+2mKtrHJzr/ad4dra1GizYSMU8Nk9ClCd1owlz+O0NCR8bl3meX
iHqd5tDLXSS9dYuSg1prs2F8i3LcHGBOGIf+B+8RH6PoAXX18CPAo+4GBJXmipKM
Ai35gM26v52G8IGTX+ZvRVyNmWn+HO+/afRt0QIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFAozBPC5He2rwA0/OVxnDeoUzQftMB8GA1UdIwQYMBaAFDq3mpQQPAPpm1IB
p5jTOIZb5jV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
T3JlYWxCQThBLW1iVWdHbm1OTTRobHZtTlhRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Mi85MWRkNDEtMDA5MC00Njc5LTlkYmYtZWUzYjU4MWFhYTA3LzEv
Q2pNRThMa2Q3YXZBRFQ4NVhHY042aFROQi0wLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85
MWRkNDEtMDA5MC00Njc5LTlkYmYtZWUzYjU4MWFhYTA3LzEvT3JlYWxCQThBLW1i
VWdHbm1OTTRobHZtTlhRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYytMA0GCSqGSIb3DQEBCwUAA4IB
AQAWqSpq85Wk7TUM1tz1Ed3M0DLC4Q+SIivZg8CBsPKZ8lMcmszL19rVNRg4CPtn
LqgZ6YKERBiQyu5k+n9B1/yRlv1X/6fALr9EWA9E5AR/QsN+GF5BLYAg8m8SPAJ7
xceptmz/a/Isjr7prYeWBvUz8c2o8HWcmD4ZMpH8ehVaYM8xQKSU5wtaaPMzow6q
fp54cUBWUiEuXLEgrsvluYNKeKqZNfcegHDraq7HRW6DjwaCql/KKa5sIBFwNtCt
mxxP4hB4Bcp3WD8oPzHzVLdKWtlETfj5MYVsKthsvlTu/LifL7j79y0pcv8zFER5
D673P1iQFm9uZwi7IObG4KIx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:52 2023 by rpki-client on console-ams.rpki-client.org