Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/AGR7FOkSu38PD5LZh5UJOaEikYA.roa
File: AGR7FOkSu38PD5LZh5UJOaEikYA.roa (raw, json)
Hash identifier: 4zH25BU6uXjkAsk5LkiiO+9W1rImA7EqFz8GXO/mZGE=
Subject key identifier: 00:64:7B:14:E9:12:BB:7F:0F:0F:92:D9:87:95:09:39:A1:22:91:80
Certificate issuer: /CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Certificate serial: 0184868A57F1133AF76FBB216F555EB57249
Authority key identifier: 25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/AGR7FOkSu38PD5LZh5UJOaEikYA.roa
Signing time: Thu 17 Nov 2022 17:02:04 +0000
ROA not before: Thu 17 Nov 2022 17:02:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209968
IP address blocks: 185.23.5.0/24 maxlen: 24
2a09:be44::/30 maxlen: 48
2a0e:ec00::/32 maxlen: 48
2a09:be41::/32 maxlen: 48
2a12:49c0::/29 maxlen: 48
2a09:be42::/31 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:8a:57:f1:13:3a:f7:6f:bb:21:6f:55:5e:b5:72:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259490c5dbcfbf590da33bfbd37970a0763469c9
Validity
Not Before: Nov 17 17:02:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00647b14e912bb7f0f0f92d987950939a1229180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:4e:fa:6e:9a:85:38:b2:99:02:cb:f2:24:fe:
82:3b:f8:0b:b4:d7:37:33:3f:16:bf:75:ab:4c:63:
b0:8f:56:82:40:1e:cb:3c:3d:32:6a:77:4b:6f:c1:
81:cf:74:ec:18:06:49:b5:7a:f7:82:21:2c:d0:94:
05:af:63:cf:ab:24:92:4b:8e:0e:e5:43:2a:92:d5:
4b:bc:a0:bd:54:08:0d:96:db:bd:e2:fd:8e:59:0a:
e1:e7:e8:03:3c:a4:84:5e:74:4c:ca:dc:31:3e:76:
2a:36:4c:ac:de:6b:9c:92:b9:c7:12:f5:bc:03:ab:
84:8a:10:d5:00:fe:31:67:e0:95:8f:cc:8f:57:31:
0c:cb:b3:7b:56:ad:bd:41:91:c5:e6:74:da:9c:98:
4b:c4:43:ef:0d:ff:81:37:40:fe:78:a5:0c:14:aa:
ff:ce:d2:6f:b3:f6:5c:f1:cf:c1:c4:a7:3a:22:0a:
14:b0:82:e1:57:4b:dd:d8:e9:9c:8e:63:79:1b:d1:
6c:9f:ab:da:e2:55:2c:a0:23:c9:ab:f7:e4:77:6a:
47:a3:23:d0:4e:3c:69:30:96:fa:98:de:c8:15:c2:
3e:2a:fa:05:50:c1:a7:bf:f4:c3:11:96:c6:e7:04:
ed:d7:4c:31:21:57:2b:2e:da:93:98:f8:93:5d:8b:
a1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:64:7B:14:E9:12:BB:7F:0F:0F:92:D9:87:95:09:39:A1:22:91:80
X509v3 Authority Key Identifier:
keyid:25:94:90:C5:DB:CF:BF:59:0D:A3:3B:FB:D3:79:70:A0:76:34:69:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZSQxdvPv1kNozv703lwoHY0ack.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/AGR7FOkSu38PD5LZh5UJOaEikYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/edad2d-95cc-49d0-86f4-3ce3cf8b1c49/1/JZSQxdvPv1kNozv703lwoHY0ack.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.5.0/24
IPv6:
2a09:be41::-2a09:be47:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:ec00::/32
2a12:49c0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:47:af:d9:f6:66:02:98:1f:28:8c:5d:e3:5e:68:be:8f:8e:
17:af:ec:6e:2e:30:3d:35:69:0f:9c:02:80:67:93:8e:f5:c3:
bd:22:6e:bd:de:22:92:6f:c1:ef:86:39:e1:64:01:ee:7f:d6:
bb:5d:84:a8:f4:4d:cf:59:b4:46:8c:b3:f7:94:7f:59:fa:ef:
e9:e9:50:a8:b9:46:d5:8f:b4:fe:7f:dd:e9:66:6d:ce:b5:bb:
4e:33:a4:72:76:a5:e6:88:db:0a:2c:c7:bd:4e:42:0d:df:e6:
02:35:54:8c:22:e1:04:2d:a2:b2:26:ee:84:25:3f:d8:27:a8:
30:6d:41:6b:88:b6:68:7b:fe:2e:d0:01:b3:c2:5b:f5:be:a5:
6f:ba:db:50:b4:0a:6b:e9:6f:12:6f:b5:0f:fe:b3:15:c2:85:
78:12:ef:2c:c2:75:41:c7:c8:d3:68:70:3d:a8:4b:31:91:3b:
2b:a2:a9:2a:38:a6:3e:d1:ae:50:ce:d1:76:4e:8b:e0:66:c9:
34:a3:9f:e3:19:0a:d0:17:ee:db:80:5e:56:49:7a:3c:12:1e:
3e:7b:57:a1:1a:fd:5c:e8:e9:db:cf:f0:23:99:09:22:55:28:
5d:9e:8b:0c:17:41:45:10:b3:1c:70:db:63:6e:c2:63:9e:14:
71:0e:8e:b0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYSGilfxEzr3b7shb1VetXJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OTQ5MGM1ZGJjZmJmNTkwZGEzM2JmYmQzNzk3MGEwNzYz
NDY5YzkwHhcNMjIxMTE3MTcwMjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY0N2IxNGU5MTJiYjdmMGYwZjkyZDk4Nzk1MDkzOWExMjI5MTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhk76bpqFOLKZAsvyJP6CO/gLtNc3
Mz8Wv3WrTGOwj1aCQB7LPD0yandLb8GBz3TsGAZJtXr3giEs0JQFr2PPqySSS44O
5UMqktVLvKC9VAgNltu94v2OWQrh5+gDPKSEXnRMytwxPnYqNkys3muckrnHEvW8
A6uEihDVAP4xZ+CVj8yPVzEMy7N7Vq29QZHF5nTanJhLxEPvDf+BN0D+eKUMFKr/
ztJvs/Zc8c/BxKc6IgoUsILhV0vd2OmcjmN5G9Fsn6va4lUsoCPJq/fkd2pHoyPQ
TjxpMJb6mN7IFcI+KvoFUMGnv/TDEZbG5wTt10wxIVcrLtqTmPiTXYuhhwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFABkexTpErt/Dw+S2YeVCTmhIpGAMB8GA1UdIwQY
MBaAFCWUkMXbz79ZDaM7+9N5cKB2NGnJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQt
M2NlM2NmOGIxYzQ5LzEvQUdSN0ZPa1N1MzhQRDVMWmg1VUpPYUVpa1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9lZGFkMmQtOTVjYy00OWQwLTg2ZjQtM2NlM2NmOGIxYzQ5
LzEvSlpTUXhkdlB2MWtOb3p2NzAzbHdvSFkwYWNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAMBAIAATAGAwQAuRcFMCQE
AgACMB4wDgMFACoJvkEDBQMqCb5AAwUAKg7sAAMFAyoSScAwDQYJKoZIhvcNAQEL
BQADggEBAI1Hr9n2ZgKYHyiMXeNeaL6Pjhev7G4uMD01aQ+cAoBnk471w70ibr3e
IpJvwe+GOeFkAe5/1rtdhKj0Tc9ZtEaMs/eUf1n67+npUKi5RtWPtP5/3elmbc61
u04zpHJ2peaI2wosx71OQg3f5gI1VIwi4QQtorIm7oQlP9gnqDBtQWuItmh7/i7Q
AbPCW/W+pW+621C0CmvpbxJvtQ/+sxXChXgS7yzCdUHHyNNocD2oSzGROyuiqSo4
pj7RrlDO0XZOi+BmyTSjn+MZCtAX7tuAXlZJejwSHj57V6Ea/Vzo6dvP8COZCSJV
KF2eiwwXQUUQsxxw22NuwmOeFHEOjrA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:26 2024 by rpki-client on console-ams.rpki-client.org