Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/2ea928-d996-4c4d-b13b-5d596d00de9c/1/AQ0vOxMhjzhVzsT2M4WLN0XVlYI.roa
File: AQ0vOxMhjzhVzsT2M4WLN0XVlYI.roa (raw, json)
Hash identifier: y8c+aD0754Drb0zzG6f7LwBb5vQ9Rvy5ThITgVw5Ry8=
Subject key identifier: 01:0D:2F:3B:13:21:8F:38:55:CE:C4:F6:33:85:8B:37:45:D5:95:82
Certificate issuer: /CN=ce65c2f958a7e21a3135916eed1a4d9786e09da3
Certificate serial: 0366A562
Authority key identifier: CE:65:C2:F9:58:A7:E2:1A:31:35:91:6E:ED:1A:4D:97:86:E0:9D:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmXC-Vin4hoxNZFu7RpNl4bgnaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/2ea928-d996-4c4d-b13b-5d596d00de9c/1/AQ0vOxMhjzhVzsT2M4WLN0XVlYI.roa
Signing time: Sat 01 Jan 2022 10:59:38 +0000
ROA not before: Sat 01 Jan 2022 10:59:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8646
IP address blocks: 185.120.68.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57058658 (0x366a562)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce65c2f958a7e21a3135916eed1a4d9786e09da3
Validity
Not Before: Jan 1 10:59:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=010d2f3b13218f3855cec4f633858b3745d59582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:44:4f:59:e3:95:85:b6:73:3d:b0:19:3a:a9:
3d:b3:f5:d4:7a:1d:01:9f:a9:25:4f:8f:62:c2:1a:
c3:b0:7a:a9:61:2d:b0:f3:8e:15:0b:50:b9:73:64:
6b:33:cf:5f:f6:43:9f:5c:ba:53:7d:56:80:d2:e2:
32:07:32:91:f8:c7:74:c1:e7:cb:43:10:67:e2:23:
eb:90:66:18:30:af:6d:1f:f9:f8:c8:9c:9a:33:85:
08:c6:19:d2:fd:f2:a8:47:e3:9b:37:22:37:d0:14:
08:5d:fd:4b:bf:e7:57:a4:fb:9a:38:af:73:88:a0:
0c:52:16:9c:52:0a:ac:b9:d8:3d:69:bb:82:f2:16:
b7:73:23:f8:d8:30:d7:16:29:7c:ba:07:1a:e2:ce:
47:e1:ec:88:4c:01:d7:64:f9:29:76:82:53:3d:85:
17:58:1a:ad:df:f4:0f:0e:67:34:9e:8a:aa:35:3e:
35:2a:27:13:7b:84:5f:38:63:6c:fd:2f:3f:ca:1d:
15:e1:44:de:b7:0b:75:ef:6f:c7:f5:93:ad:35:8f:
64:e4:47:91:c4:db:68:fa:11:82:78:71:d8:c3:67:
0f:60:c1:15:b0:7e:82:03:72:63:32:d5:08:18:b8:
20:af:0e:06:0d:b5:f2:5e:6c:2f:ad:3c:4c:1c:12:
c8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:0D:2F:3B:13:21:8F:38:55:CE:C4:F6:33:85:8B:37:45:D5:95:82
X509v3 Authority Key Identifier:
keyid:CE:65:C2:F9:58:A7:E2:1A:31:35:91:6E:ED:1A:4D:97:86:E0:9D:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmXC-Vin4hoxNZFu7RpNl4bgnaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2ea928-d996-4c4d-b13b-5d596d00de9c/1/AQ0vOxMhjzhVzsT2M4WLN0XVlYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/2ea928-d996-4c4d-b13b-5d596d00de9c/1/zmXC-Vin4hoxNZFu7RpNl4bgnaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.68.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:2a:55:61:c8:23:13:f7:db:9f:84:8f:b5:fb:c9:ad:09:31:
76:85:f6:ec:90:e4:db:e3:4b:f8:35:78:04:47:82:ff:a3:68:
77:b6:11:23:45:16:da:ef:6c:96:77:6e:80:4d:9c:4f:64:13:
d5:3f:32:30:ff:dc:0d:5e:8b:1f:4c:7b:58:a0:cc:8b:48:73:
c0:f3:fb:f2:1f:f7:56:f6:7c:8e:23:33:9d:c7:4d:2b:17:e7:
2f:18:4e:4d:93:01:b7:c7:33:45:00:b7:93:19:4c:a9:ab:33:
c7:57:d0:6f:04:b7:c7:6d:0a:32:04:28:5f:10:36:6d:8c:a5:
69:ce:52:44:74:1f:3d:8b:7d:a1:ad:b1:c9:6a:bc:6e:98:2f:
b3:47:37:5e:35:f0:89:38:10:f7:2d:51:dc:c6:16:6e:55:c1:
d3:50:35:75:17:00:24:91:9c:66:9b:e7:ef:17:b4:86:de:73:
d2:f0:67:65:f6:11:66:37:99:34:68:28:ad:01:c1:16:d8:65:
ca:37:39:8b:ba:ca:a9:63:88:fc:b3:df:6d:93:0e:a3:c2:12:
fc:fc:9b:b2:96:28:87:f7:2f:30:39:0e:35:94:4b:d7:a2:3e:
72:c7:e1:21:1a:e4:3e:67:93:b4:34:78:cc:37:de:d9:02:de:
fc:d9:d5:22
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA2alYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZTY1YzJmOTU4YTdlMjFhMzEzNTkxNmVlZDFhNGQ5Nzg2ZTA5ZGEzMB4XDTIyMDEw
MTEwNTkzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDEwZDJmM2IxMzIx
OGYzODU1Y2VjNGY2MzM4NThiMzc0NWQ1OTU4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdET1njlYW2cz2wGTqpPbP11HodAZ+pJU+PYsIaw7B6qWEt
sPOOFQtQuXNkazPPX/ZDn1y6U31WgNLiMgcykfjHdMHny0MQZ+Ij65BmGDCvbR/5
+MicmjOFCMYZ0v3yqEfjmzciN9AUCF39S7/nV6T7mjivc4igDFIWnFIKrLnYPWm7
gvIWt3Mj+Ngw1xYpfLoHGuLOR+HsiEwB12T5KXaCUz2FF1gard/0Dw5nNJ6KqjU+
NSonE3uEXzhjbP0vP8odFeFE3rcLde9vx/WTrTWPZORHkcTbaPoRgnhx2MNnD2DB
FbB+ggNyYzLVCBi4IK8OBg218l5sL608TBwSyO0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQBDS87EyGPOFXOxPYzhYs3RdWVgjAfBgNVHSMEGDAWgBTOZcL5WKfiGjE1
kW7tGk2XhuCdozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ptWEMtVmluNGhveE5aRnU3UnBObDRiZ25hTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvMmVhOTI4LWQ5OTYtNGM0ZC1iMTNiLTVkNTk2ZDAwZGU5Yy8x
L0FRMHZPeE1oanpoVnpzVDJNNFdMTjBYVmxZSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
MmVhOTI4LWQ5OTYtNGM0ZC1iMTNiLTVkNTk2ZDAwZGU5Yy8xL3ptWEMtVmluNGhv
eE5aRnU3UnBObDRiZ25hTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl4RDANBgkqhkiG9w0BAQsFAAOC
AQEAuipVYcgjE/fbn4SPtfvJrQkxdoX27JDk2+NL+DV4BEeC/6Nod7YRI0UW2u9s
lndugE2cT2QT1T8yMP/cDV6LH0x7WKDMi0hzwPP78h/3VvZ8jiMzncdNKxfnLxhO
TZMBt8czRQC3kxlMqaszx1fQbwS3x20KMgQoXxA2bYylac5SRHQfPYt9oa2xyWq8
bpgvs0c3XjXwiTgQ9y1R3MYWblXB01A1dRcAJJGcZpvn7xe0ht5z0vBnZfYRZjeZ
NGgorQHBFthlyjc5i7rKqWOI/LPfbZMOo8IS/PybspYoh/cvMDkONZRL16I+csfh
IRrkPmeTtDR4zDfe2QLe/NnVIg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:42 2024 by rpki-client on console-ams.rpki-client.org