Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/APmehTS9xcrIjFOOizZWfqRTgFs.roa
File: APmehTS9xcrIjFOOizZWfqRTgFs.roa (raw, json)
Hash identifier: g3JvcUBndvhGb5sd9VsHUVc3oWZYW+cTLXF38h6MlDI=
Subject key identifier: 00:F9:9E:85:34:BD:C5:CA:C8:8C:53:8E:8B:36:56:7E:A4:53:80:5B
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 087681C5
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/APmehTS9xcrIjFOOizZWfqRTgFs.roa
Signing time: Sat 01 Jan 2022 00:53:32 +0000
ROA not before: Sat 01 Jan 2022 00:53:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201096
IP address blocks: 85.206.144.0/23 maxlen: 24
85.206.146.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141984197 (0x87681c5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 1 00:53:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00f99e8534bdc5cac88c538e8b36567ea453805b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:21:60:d1:ab:92:6b:c0:48:35:27:bb:dc:2d:
d1:bc:83:58:56:14:17:d4:f4:ee:e3:a8:6a:1a:fe:
3c:14:7d:30:48:68:57:ca:76:45:09:ba:eb:6c:4e:
cc:bb:fb:cf:40:26:cd:64:85:d1:a7:2a:46:1a:53:
73:15:32:63:71:58:56:f2:49:1b:e9:0d:e4:43:8b:
0a:bc:54:87:02:3b:2d:3b:c5:c3:e7:c8:36:b8:fd:
9c:2d:6c:2b:eb:16:b8:fe:aa:2d:ff:36:54:6d:17:
76:a4:74:c1:bf:7d:d1:ef:35:1a:50:b7:0b:fd:a8:
7b:d1:ba:80:95:dd:1d:1d:bc:fd:b8:d1:54:90:ce:
73:f0:af:03:31:95:47:45:1e:b0:40:d5:be:b5:c6:
c6:47:41:9b:dc:03:9c:92:bd:b8:fd:33:ca:8d:c9:
bd:d7:e2:fc:8c:57:de:e3:49:3d:d3:76:af:50:79:
a3:80:e7:c6:9f:e9:2c:fc:7c:2b:b7:82:36:45:47:
fb:54:2b:7b:c8:95:89:e7:91:50:76:3a:2a:cb:86:
8e:90:60:4f:18:c9:98:f6:bf:6c:67:89:a1:40:10:
1a:37:6f:49:5f:14:90:ad:83:e6:a8:68:86:71:a0:
b6:ac:61:18:05:11:13:36:98:7a:1a:5a:d3:51:8a:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F9:9E:85:34:BD:C5:CA:C8:8C:53:8E:8B:36:56:7E:A4:53:80:5B
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/APmehTS9xcrIjFOOizZWfqRTgFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.144.0/22
Signature Algorithm: sha256WithRSAEncryption
84:09:3c:6e:43:ed:cc:a2:f5:70:e2:f1:39:85:b5:2d:59:77:
c9:f5:89:ae:ec:21:b7:39:67:c4:22:c0:54:90:da:07:a7:26:
b5:02:68:58:5e:56:75:73:d5:25:be:30:29:e2:fe:00:d6:2a:
2e:7a:6f:8c:fd:db:4e:08:96:18:d1:d6:4e:13:31:35:3b:c6:
44:67:3a:ee:dd:91:11:3a:00:dc:44:94:82:3a:3b:4b:65:bf:
63:30:44:a6:dc:9e:a3:18:22:97:93:77:01:c7:55:37:db:d6:
67:de:c8:3f:5f:ec:78:72:7e:87:04:18:52:d0:45:f9:2b:05:
66:81:95:ac:d4:ee:12:aa:80:37:5a:36:f9:8a:75:d6:ff:fe:
d2:c8:21:67:31:bc:d2:ca:db:50:87:94:a2:8e:3e:86:b2:15:
c9:95:c9:d0:50:4d:57:10:a7:ae:09:96:79:13:6e:09:e0:52:
f9:51:a7:eb:98:f7:52:e8:68:7a:0f:2c:50:f6:a9:0d:31:c8:
3a:45:65:8d:87:d1:3f:54:bb:c7:aa:19:a9:d9:43:09:6c:9c:
21:50:7d:7d:6f:14:99:71:4e:07:b0:0e:ce:a8:0a:79:61:54:
98:cc:6d:97:49:57:06:c4:af:b7:ab:5c:05:50:33:28:84:12:
31:bf:c2:2b
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIECHaBxTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjk4NzI0NDYxMWI1MjMwNTM2NzQ0YjZhODlmMDQ0ZjMyZjQ2MmVhMB4XDTIyMDEw
MTAwNTMzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBmOTllODUzNGJk
YzVjYWM4OGM1MzhlOGIzNjU2N2VhNDUzODA1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIhYNGrkmvASDUnu9wt0byDWFYUF9T07uOoahr+PBR9MEho
V8p2RQm662xOzLv7z0AmzWSF0acqRhpTcxUyY3FYVvJJG+kN5EOLCrxUhwI7LTvF
w+fINrj9nC1sK+sWuP6qLf82VG0XdqR0wb990e81GlC3C/2oe9G6gJXdHR28/bjR
VJDOc/CvAzGVR0UesEDVvrXGxkdBm9wDnJK9uP0zyo3Jvdfi/IxX3uNJPdN2r1B5
o4Dnxp/pLPx8K7eCNkVH+1Qre8iVieeRUHY6KsuGjpBgTxjJmPa/bGeJoUAQGjdv
SV8UkK2D5qhohnGgtqxhGAUREzaYehpa01GKEhMCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBQA+Z6FNL3FysiMU46LNlZ+pFOAWzAfBgNVHSMEGDAWgBT7mHJEYRtSMFNn
RLaonwRPMvRi6jAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ0LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEv
MS9BUG1laFRTOXhjcklqRk9PaXpaV2ZxUlRnRnMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0
LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEvMS8xLTVoeVJHRWJV
akJUWjBTMnFKOEVUekwwWXVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVc6QMA0GCSqGSIb3DQEBCwUA
A4IBAQCECTxuQ+3MovVw4vE5hbUtWXfJ9Ymu7CG3OWfEIsBUkNoHpya1AmhYXlZ1
c9UlvjAp4v4A1iouem+M/dtOCJYY0dZOEzE1O8ZEZzru3ZEROgDcRJSCOjtLZb9j
MESm3J6jGCKXk3cBx1U329Zn3sg/X+x4cn6HBBhS0EX5KwVmgZWs1O4SqoA3Wjb5
inXW//7SyCFnMbzSyttQh5Sijj6GshXJlcnQUE1XEKeuCZZ5E24J4FL5UafrmPdS
6Gh6DyxQ9qkNMcg6RWWNh9E/VLvHqhmp2UMJbJwhUH19bxSZcU4HsA7OqAp5YVSY
zG2XSVcGxK+3q1wFUDMohBIxv8Ir
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:56 2023 by rpki-client on console-ams.rpki-client.org