Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a3d85e-4335-425a-b0f6-8f54ab134d83/1/AG197lZCqPQwzI4_1meWkEtwZNk.roa
File: AG197lZCqPQwzI4_1meWkEtwZNk.roa (raw, json)
Hash identifier: UPRsbV/MmJwd1wdGoi2pZE+Ci2PVc66nwJJDoginnY8=
Subject key identifier: 00:6D:7D:EE:56:42:A8:F4:30:CC:8E:3F:D6:67:96:90:4B:70:64:D9
Certificate issuer: /CN=14d6927b5a75b7669b1fe2ac8fdc7b61377c9101
Certificate serial: 0181F26ABB78C39C0D196E35FECBCFACB2A5
Authority key identifier: 14:D6:92:7B:5A:75:B7:66:9B:1F:E2:AC:8F:DC:7B:61:37:7C:91:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FNaSe1p1t2abH-Ksj9x7YTd8kQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a3d85e-4335-425a-b0f6-8f54ab134d83/1/AG197lZCqPQwzI4_1meWkEtwZNk.roa
Signing time: Tue 12 Jul 2022 12:38:09 +0000
ROA not before: Tue 12 Jul 2022 12:38:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49544
IP address blocks: 185.77.208.0/22 maxlen: 22
2a05:6440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:6a:bb:78:c3:9c:0d:19:6e:35:fe:cb:cf:ac:b2:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14d6927b5a75b7669b1fe2ac8fdc7b61377c9101
Validity
Not Before: Jul 12 12:38:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=006d7dee5642a8f430cc8e3fd66796904b7064d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:75:3a:64:51:46:1c:ec:70:42:ba:fe:60:36:
2c:1d:0f:f3:ad:e7:18:43:05:e0:f3:bf:5e:1f:c4:
87:e2:84:f0:5f:6f:c8:c3:ec:52:58:50:c9:82:53:
48:d8:4d:91:bf:59:eb:d0:c4:ad:80:c1:a0:b4:a4:
35:56:04:fd:de:0f:0d:f6:fc:ea:3c:47:1e:1f:b5:
bd:7a:cb:30:39:eb:57:73:80:37:19:86:65:ed:d8:
3e:99:44:71:58:54:f6:d1:01:f2:63:7f:fc:c9:11:
47:40:4b:65:4e:96:fa:14:7b:e1:e0:23:c4:de:a2:
6f:1e:12:e7:80:ea:77:11:c3:be:4e:fc:9b:b5:4c:
00:6e:80:ec:71:20:69:9e:9e:e1:68:c0:88:6a:9f:
bd:cd:a5:e3:fd:c9:b0:a3:54:d4:3a:e2:7b:c8:06:
09:66:a3:cb:59:1f:7e:7a:cb:8a:db:31:84:46:9f:
86:1e:16:4c:c2:19:b9:b8:a9:95:ec:6a:d3:fb:a5:
91:57:be:70:e4:42:3b:8c:d6:20:1d:6b:ce:b0:31:
24:94:9b:c0:25:b5:20:22:8b:b7:36:c4:fc:22:16:
2b:86:77:19:ab:40:af:50:f3:30:0c:09:d5:e0:c7:
76:3b:5f:c7:9c:c9:d9:4f:da:16:8e:0b:89:10:fb:
3b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:6D:7D:EE:56:42:A8:F4:30:CC:8E:3F:D6:67:96:90:4B:70:64:D9
X509v3 Authority Key Identifier:
keyid:14:D6:92:7B:5A:75:B7:66:9B:1F:E2:AC:8F:DC:7B:61:37:7C:91:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FNaSe1p1t2abH-Ksj9x7YTd8kQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a3d85e-4335-425a-b0f6-8f54ab134d83/1/AG197lZCqPQwzI4_1meWkEtwZNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a3d85e-4335-425a-b0f6-8f54ab134d83/1/FNaSe1p1t2abH-Ksj9x7YTd8kQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.208.0/22
IPv6:
2a05:6440::/29
Signature Algorithm: sha256WithRSAEncryption
22:4b:de:81:7d:77:ca:97:7c:5b:07:27:62:37:56:ce:9e:ae:
92:5a:68:80:cd:db:a1:88:67:e0:6e:a7:5c:0b:40:82:0b:f4:
37:1e:75:df:74:18:18:b1:95:b3:9a:f6:6e:c2:50:aa:5e:fc:
4c:53:72:07:9b:49:37:02:00:22:91:83:da:e8:26:61:09:78:
cc:ab:db:8b:0a:e3:2d:6d:d2:42:01:06:c6:03:9f:8d:73:8d:
c7:2a:c8:af:a9:2b:3a:05:5c:da:82:18:24:aa:57:af:59:d9:
41:f0:20:cf:e5:8f:ab:cb:c7:c6:b6:03:ff:8a:31:fa:9a:4e:
27:9e:fe:7e:3b:31:f3:c4:3b:db:a0:68:62:22:9b:24:19:30:
2c:03:0b:6a:6f:de:05:10:25:1a:2d:11:85:f3:2c:16:fc:05:
89:2e:ec:b2:b5:5e:85:fd:45:2e:cc:69:88:60:63:2b:c1:35:
60:e1:69:51:a6:31:62:c4:1f:65:ab:59:a5:61:e7:26:79:4f:
16:87:ee:8c:1b:ca:0b:77:7e:3b:c0:9d:71:b3:e0:a2:78:fd:
f4:2e:b2:ab:ea:a5:74:a8:0e:36:3b:15:ee:61:cd:be:05:16:
05:01:86:f0:fe:1c:c5:ac:40:27:d3:98:19:69:24:8f:f0:c2:
67:57:fd:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYHyart4w5wNGW41/svPrLKlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0ZDY5MjdiNWE3NWI3NjY5YjFmZTJhYzhmZGM3YjYxMzc3
YzkxMDEwHhcNMjIwNzEyMTIzODA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDZkN2RlZTU2NDJhOGY0MzBjYzhlM2ZkNjY3OTY5MDRiNzA2NGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnU6ZFFGHOxwQrr+YDYsHQ/zrecY
QwXg879eH8SH4oTwX2/Iw+xSWFDJglNI2E2Rv1nr0MStgMGgtKQ1VgT93g8N9vzq
PEceH7W9esswOetXc4A3GYZl7dg+mURxWFT20QHyY3/8yRFHQEtlTpb6FHvh4CPE
3qJvHhLngOp3EcO+TvybtUwAboDscSBpnp7haMCIap+9zaXj/cmwo1TUOuJ7yAYJ
ZqPLWR9+esuK2zGERp+GHhZMwhm5uKmV7GrT+6WRV75w5EI7jNYgHWvOsDEklJvA
JbUgIou3NsT8IhYrhncZq0CvUPMwDAnV4Md2O1/HnMnZT9oWjguJEPs7TQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFABtfe5WQqj0MMyOP9ZnlpBLcGTZMB8GA1UdIwQY
MBaAFBTWkntadbdmmx/irI/ce2E3fJEBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk5hU2UxcDF0MmFiSC1Lc2o5eDdZVGQ4a1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hM2Q4NWUtNDMzNS00MjVhLWIwZjYt
OGY1NGFiMTM0ZDgzLzEvQUcxOTdsWkNxUFF3ekk0XzFtZVdrRXR3Wk5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hM2Q4NWUtNDMzNS00MjVhLWIwZjYtOGY1NGFiMTM0ZDgz
LzEvRk5hU2UxcDF0MmFiSC1Lc2o5eDdZVGQ4a1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuU3QMA0E
AgACMAcDBQMqBWRAMA0GCSqGSIb3DQEBCwUAA4IBAQAiS96BfXfKl3xbBydiN1bO
nq6SWmiAzduhiGfgbqdcC0CCC/Q3HnXfdBgYsZWzmvZuwlCqXvxMU3IHm0k3AgAi
kYPa6CZhCXjMq9uLCuMtbdJCAQbGA5+Nc43HKsivqSs6BVzaghgkqlevWdlB8CDP
5Y+ry8fGtgP/ijH6mk4nnv5+OzHzxDvboGhiIpskGTAsAwtqb94FECUaLRGF8ywW
/AWJLuyytV6F/UUuzGmIYGMrwTVg4WlRpjFixB9lq1mlYecmeU8Wh+6MG8oLd347
wJ1xs+CieP30LrKr6qV0qA42OxXuYc2+BRYFAYbw/hzFrEAn05gZaSSP8MJnV/1O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:26 2024 by rpki-client on console-ams.rpki-client.org