Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/_Oc2yPBw4-ybJ490QBmdWppPP-M.roa
File: _Oc2yPBw4-ybJ490QBmdWppPP-M.roa (raw, json)
Hash identifier: X8f7/pZNb/powhgLrfH+oejczEMT1dLAUUMiU9LEbTg=
Subject key identifier: FC:E7:36:C8:F0:70:E3:EC:9B:27:8F:74:40:19:9D:5A:9A:4F:3F:E3
Certificate issuer: /CN=4f9d5fbaaf76a80a65e0e92c02061e895b2b8117
Certificate serial: 0DA0565A
Authority key identifier: 4F:9D:5F:BA:AF:76:A8:0A:65:E0:E9:2C:02:06:1E:89:5B:2B:81:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T51fuq92qApl4OksAgYeiVsrgRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/_Oc2yPBw4-ybJ490QBmdWppPP-M.roa
Signing time: Sat 01 Jan 2022 14:57:58 +0000
ROA not before: Sat 01 Jan 2022 14:57:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205832
IP address blocks: 185.204.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228611674 (0xda0565a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9d5fbaaf76a80a65e0e92c02061e895b2b8117
Validity
Not Before: Jan 1 14:57:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fce736c8f070e3ec9b278f7440199d5a9a4f3fe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:29:6a:fc:f0:1b:1d:f6:af:f9:3d:09:d6:0b:
94:3c:32:e8:ad:c2:f0:e8:71:03:13:9a:5c:27:51:
c7:3e:b7:03:93:15:d1:c2:66:6a:88:cb:71:4c:41:
48:c1:35:0d:1d:ac:9d:15:df:5a:56:fd:b0:8a:e6:
3b:97:94:7b:58:16:1a:3a:27:b1:ae:b7:bf:70:ea:
d5:64:8b:42:7a:24:a2:96:b4:b5:0f:14:d7:67:b8:
bd:85:65:9d:c8:d5:0b:54:fd:84:c1:e9:a4:50:d4:
3c:38:cb:db:c5:39:cc:7c:e2:cc:74:9f:84:1e:fe:
b5:1f:4a:7c:05:8f:a3:60:ef:52:5d:7d:a4:2c:73:
54:50:3d:a5:18:e9:b7:60:22:49:38:bc:12:f1:53:
b1:6b:2e:b7:b6:00:1c:86:b3:e7:f9:d8:8c:4c:bb:
10:9d:f0:15:bd:1e:94:c6:68:9e:b5:d0:ee:5c:c8:
c5:12:be:28:8a:6e:c5:88:0a:9c:6c:01:cd:ad:ce:
92:21:a2:5a:5a:bb:ad:50:aa:9f:7a:f6:bd:1e:9b:
e1:b0:e7:56:8e:23:7b:6e:27:36:b1:dd:c6:9b:2e:
f2:f0:49:67:24:bd:c3:e8:d0:c6:df:85:77:18:87:
48:ed:3d:af:e6:22:18:ba:95:fe:77:69:aa:df:ba:
92:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E7:36:C8:F0:70:E3:EC:9B:27:8F:74:40:19:9D:5A:9A:4F:3F:E3
X509v3 Authority Key Identifier:
keyid:4F:9D:5F:BA:AF:76:A8:0A:65:E0:E9:2C:02:06:1E:89:5B:2B:81:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T51fuq92qApl4OksAgYeiVsrgRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/_Oc2yPBw4-ybJ490QBmdWppPP-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c70928-cede-4b62-89a7-60f6fa9110e2/1/T51fuq92qApl4OksAgYeiVsrgRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.32.0/22
Signature Algorithm: sha256WithRSAEncryption
24:3b:f2:79:5b:cb:4b:62:99:ef:99:3a:07:f2:4d:91:67:4b:
27:af:b4:25:92:7b:55:3d:fb:56:ec:39:69:96:fc:c5:7b:06:
1a:58:99:57:bd:02:06:66:99:c8:36:f2:ab:28:99:ac:95:81:
09:7f:59:58:4a:12:75:ea:98:cb:92:79:ee:87:49:98:7f:c1:
f6:59:64:37:22:9f:60:b8:63:88:03:4d:01:a3:0d:86:1a:e3:
c0:9b:6c:c6:8d:8a:14:50:ab:68:f6:33:ca:a0:d9:c3:7d:8c:
18:b8:7c:cc:8c:20:87:ea:be:40:e8:0c:2e:32:0a:56:89:7d:
34:18:0a:48:46:8c:f2:be:34:9f:cc:00:e4:cd:56:99:51:e6:
11:43:9f:1d:12:4b:3b:bd:9d:46:b1:32:d7:b5:05:31:0c:02:
4a:b6:1b:1d:a4:e7:19:55:69:11:2a:0c:a3:2f:ee:c5:1c:51:
13:2f:aa:ed:65:9e:13:5d:a8:5e:99:03:d3:e8:6b:88:1c:39:
52:54:5c:58:d6:34:ec:ff:cd:5e:2e:ff:4f:0f:06:19:d3:fe:
b0:a5:be:29:65:20:b1:c0:ed:91:c0:8c:40:6a:5b:4d:d7:e7:
bf:ba:eb:18:66:66:b6:9a:6d:c1:4a:40:a5:aa:17:73:10:a3:
91:2a:bd:9d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDaBWWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjlkNWZiYWFmNzZhODBhNjVlMGU5MmMwMjA2MWU4OTViMmI4MTE3MB4XDTIyMDEw
MTE0NTc1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmNlNzM2YzhmMDcw
ZTNlYzliMjc4Zjc0NDAxOTlkNWE5YTRmM2ZlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALIpavzwGx32r/k9CdYLlDwy6K3C8OhxAxOaXCdRxz63A5MV
0cJmaojLcUxBSME1DR2snRXfWlb9sIrmO5eUe1gWGjonsa63v3Dq1WSLQnokopa0
tQ8U12e4vYVlncjVC1T9hMHppFDUPDjL28U5zHzizHSfhB7+tR9KfAWPo2DvUl19
pCxzVFA9pRjpt2AiSTi8EvFTsWsut7YAHIaz5/nYjEy7EJ3wFb0elMZonrXQ7lzI
xRK+KIpuxYgKnGwBza3OkiGiWlq7rVCqn3r2vR6b4bDnVo4je24nNrHdxpsu8vBJ
ZyS9w+jQxt+FdxiHSO09r+YiGLqV/ndpqt+6ki0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT85zbI8HDj7Jsnj3RAGZ1amk8/4zAfBgNVHSMEGDAWgBRPnV+6r3aoCmXg
6SwCBh6JWyuBFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q1MWZ1cTkycUFwbDRPa3NBZ1llaVZzcmdSYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvYzcwOTI4LWNlZGUtNGI2Mi04OWE3LTYwZjZmYTkxMTBlMi8x
L19PYzJ5UEJ3NC15Yko0OTBRQm1kV3BwUFAtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
YzcwOTI4LWNlZGUtNGI2Mi04OWE3LTYwZjZmYTkxMTBlMi8xL1Q1MWZ1cTkycUFw
bDRPa3NBZ1llaVZzcmdSYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnMIDANBgkqhkiG9w0BAQsFAAOC
AQEAJDvyeVvLS2KZ75k6B/JNkWdLJ6+0JZJ7VT37Vuw5aZb8xXsGGliZV70CBmaZ
yDbyqyiZrJWBCX9ZWEoSdeqYy5J57odJmH/B9llkNyKfYLhjiANNAaMNhhrjwJts
xo2KFFCraPYzyqDZw32MGLh8zIwgh+q+QOgMLjIKVol9NBgKSEaM8r40n8wA5M1W
mVHmEUOfHRJLO72dRrEy17UFMQwCSrYbHaTnGVVpESoMoy/uxRxREy+q7WWeE12o
XpkD0+hriBw5UlRcWNY07P/NXi7/Tw8GGdP+sKW+KWUgscDtkcCMQGpbTdfnv7rr
GGZmtpptwUpApaoXcxCjkSq9nQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:01 2024 by rpki-client on console-fra.rpki-client.org