Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/0QH4uGHTy5tFIRM-Miqmzk73t20.roa
File: 0QH4uGHTy5tFIRM-Miqmzk73t20.roa (raw, json)
Hash identifier: Pz7stFVAH4mmHxD0M6IMKoHdBTRP5ipWK8OdnIIVPmo=
Subject key identifier: D1:01:F8:B8:61:D3:CB:9B:45:21:13:3E:32:2A:A6:CE:4E:F7:B7:6D
Certificate issuer: /CN=d1f6e4370111cfbf968404854227b8092851450d
Certificate serial: D2E124
Authority key identifier: D1:F6:E4:37:01:11:CF:BF:96:84:04:85:42:27:B8:09:28:51:45:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fbkNwERz7-WhASFQie4CShRRQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/0QH4uGHTy5tFIRM-Miqmzk73t20.roa
Signing time: Wed 23 Mar 2022 09:05:48 +0000
ROA not before: Wed 23 Mar 2022 09:05:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7155
IP address blocks: 185.21.0.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13820196 (0xd2e124)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f6e4370111cfbf968404854227b8092851450d
Validity
Not Before: Mar 23 09:05:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d101f8b861d3cb9b4521133e322aa6ce4ef7b76d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:aa:47:e1:78:a4:f1:4f:0f:e4:2a:6f:4b:67:
b1:53:1a:87:ec:4a:e0:b6:f7:67:ee:d5:d0:78:33:
dc:f5:fc:3f:35:a9:27:56:83:fa:05:45:f6:aa:17:
cd:25:62:d3:6b:2a:5e:be:67:1d:a5:fa:80:e5:1d:
e2:c2:7e:12:b4:a5:32:06:a1:1e:7e:86:e4:72:23:
62:41:99:c4:64:d4:58:cd:fb:9b:83:d6:3e:1b:28:
cd:53:65:a8:07:66:67:1d:fe:e0:98:8d:ef:96:fb:
ea:ff:81:91:4b:5d:63:cd:ed:cf:3e:9d:7b:bb:e5:
44:14:e1:67:71:36:fe:34:ec:8b:62:26:bd:b8:6d:
51:93:d9:5b:60:a7:8d:65:ff:8e:02:73:dc:48:1e:
a8:4f:b0:44:84:63:e9:c5:d2:2c:e0:49:0a:10:78:
51:15:4b:90:0e:47:ec:6b:ef:13:6e:77:65:aa:6d:
cd:13:65:94:40:0c:f5:dd:36:13:44:c5:ae:90:0c:
d8:66:8b:22:9d:11:f0:95:ac:fa:09:d8:4a:92:8e:
a9:83:d6:37:63:37:7e:70:a7:7c:e9:8b:92:c1:d7:
cd:b7:8d:b2:57:33:9d:ea:52:ff:11:81:d4:e4:38:
3a:4e:88:b5:94:9a:b1:a1:77:20:fd:b3:03:e6:0c:
a0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:01:F8:B8:61:D3:CB:9B:45:21:13:3E:32:2A:A6:CE:4E:F7:B7:6D
X509v3 Authority Key Identifier:
keyid:D1:F6:E4:37:01:11:CF:BF:96:84:04:85:42:27:B8:09:28:51:45:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fbkNwERz7-WhASFQie4CShRRQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/0QH4uGHTy5tFIRM-Miqmzk73t20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/59d4e9-662c-435a-b351-4aa539a30d21/1/0fbkNwERz7-WhASFQie4CShRRQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.0.0/22
Signature Algorithm: sha256WithRSAEncryption
59:fd:28:2f:16:b7:c9:0c:6f:e6:da:5b:f7:9e:5c:b2:b6:19:
33:6e:99:00:93:07:d1:5a:4b:6b:05:05:a0:4d:b1:76:c5:0c:
61:6d:d6:a0:6e:dd:7e:63:74:77:29:f2:35:21:23:ba:52:f0:
fd:ff:69:f4:45:46:1e:76:59:b7:aa:39:60:20:32:63:53:f8:
69:78:c9:83:18:20:d8:3c:5e:fe:a1:fd:c7:71:18:e0:10:1e:
3d:ae:64:21:d0:69:63:ac:1b:53:00:af:d3:eb:ff:cf:60:9a:
ca:62:aa:64:a4:c5:b0:e8:c2:7e:d4:5c:36:9e:f8:1c:8f:68:
c7:ed:e9:40:b6:db:d0:39:37:07:f4:0c:dc:46:e6:99:8e:3e:
79:0f:c6:1a:3f:e3:4d:fc:aa:47:72:db:6e:9e:b3:96:57:fc:
b5:90:a9:24:f2:db:50:5a:eb:4b:fc:6e:5b:1d:c9:20:a1:d5:
ce:09:25:ed:f6:b9:ef:35:07:82:17:e0:80:87:42:0a:68:38:
62:a1:76:ff:8a:57:78:9f:f7:e9:88:59:82:0f:8a:94:35:e8:
e6:4a:7c:c5:ff:8a:ed:f5:34:54:6d:03:52:83:f5:31:6c:50:
77:1a:96:3f:ac:7c:d8:08:14:a1:73:70:13:be:f8:78:bf:16:
9c:a8:e9:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANLhJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MWY2ZTQzNzAxMTFjZmJmOTY4NDA0ODU0MjI3YjgwOTI4NTE0NTBkMB4XDTIyMDMy
MzA5MDU0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDEwMWY4Yjg2MWQz
Y2I5YjQ1MjExMzNlMzIyYWE2Y2U0ZWY3Yjc2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiqR+F4pPFPD+Qqb0tnsVMah+xK4Lb3Z+7V0Hgz3PX8PzWp
J1aD+gVF9qoXzSVi02sqXr5nHaX6gOUd4sJ+ErSlMgahHn6G5HIjYkGZxGTUWM37
m4PWPhsozVNlqAdmZx3+4JiN75b76v+BkUtdY83tzz6de7vlRBThZ3E2/jTsi2Im
vbhtUZPZW2CnjWX/jgJz3EgeqE+wRIRj6cXSLOBJChB4URVLkA5H7GvvE253Zapt
zRNllEAM9d02E0TFrpAM2GaLIp0R8JWs+gnYSpKOqYPWN2M3fnCnfOmLksHXzbeN
slcznepS/xGB1OQ4Ok6ItZSasaF3IP2zA+YMoBMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTRAfi4YdPLm0UhEz4yKqbOTve3bTAfBgNVHSMEGDAWgBTR9uQ3ARHPv5aE
BIVCJ7gJKFFFDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBmYmtOd0VSejctV2hBU0ZRaWU0Q1NoUlJRMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvNTlkNGU5LTY2MmMtNDM1YS1iMzUxLTRhYTUzOWEzMGQyMS8x
LzBRSDR1R0hUeTV0RklSTS1NaXFtems3M3QyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
NTlkNGU5LTY2MmMtNDM1YS1iMzUxLTRhYTUzOWEzMGQyMS8xLzBmYmtOd0VSejct
V2hBU0ZRaWU0Q1NoUlJRMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkVADANBgkqhkiG9w0BAQsFAAOC
AQEAWf0oLxa3yQxv5tpb955csrYZM26ZAJMH0VpLawUFoE2xdsUMYW3WoG7dfmN0
dynyNSEjulLw/f9p9EVGHnZZt6o5YCAyY1P4aXjJgxgg2Dxe/qH9x3EY4BAePa5k
IdBpY6wbUwCv0+v/z2CaymKqZKTFsOjCftRcNp74HI9ox+3pQLbb0Dk3B/QM3Ebm
mY4+eQ/GGj/jTfyqR3Lbbp6zllf8tZCpJPLbUFrrS/xuWx3JIKHVzgkl7fa57zUH
ghfggIdCCmg4YqF2/4pXeJ/36YhZgg+KlDXo5kp8xf+K7fU0VG0DUoP1MWxQdxqW
P6x82AgUoXNwE774eL8WnKjptg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:39 2023 by rpki-client on console-fra.rpki-client.org