Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/SpOs676Q6Bi47JhzcuRalXIqtK0.roa
File: SpOs676Q6Bi47JhzcuRalXIqtK0.roa (raw, json)
Hash identifier: /NFPz9BaLofgSEOIJOfLaHt2ck1Pz0dyMj8wdHyQayk=
Subject key identifier: 4A:93:AC:EB:BE:90:E8:18:B8:EC:98:73:72:E4:5A:95:72:2A:B4:AD
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09AC08AF
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/SpOs676Q6Bi47JhzcuRalXIqtK0.roa
Signing time: Sat 01 Jan 2022 09:56:54 +0000
ROA not before: Sat 01 Jan 2022 09:56:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 185.235.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162269359 (0x9ac08af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a93acebbe90e818b8ec987372e45a95722ab4ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b3:07:43:df:82:d9:11:ad:45:69:47:b1:43:
18:a2:ee:4c:f9:4d:53:9b:2c:5c:19:f3:e4:66:88:
e3:20:94:f4:ce:79:4b:80:e4:60:68:6e:45:e3:e1:
e2:b9:08:ff:f0:b5:86:30:23:fb:37:64:dc:16:2e:
60:25:9c:fc:bd:47:96:fd:d7:a1:91:99:e3:84:d8:
bd:d2:49:b5:c7:1d:2a:84:32:d0:7f:d0:8b:a6:d4:
25:dc:b7:fe:9b:96:cd:56:1c:8a:24:bf:72:85:67:
ee:3e:7e:f6:07:ba:99:81:e3:48:a3:77:dd:52:e8:
2d:cd:09:fe:5f:74:1f:f6:ac:49:a2:80:3c:a8:47:
af:33:b0:e3:e1:3a:08:2c:97:58:d2:42:87:32:4b:
d4:ff:72:b0:74:45:f9:0a:a7:31:a3:46:7b:11:2b:
d3:f2:e2:67:53:39:66:15:07:8d:11:ac:bd:9c:07:
b7:67:33:a6:c9:4e:16:2a:09:73:a6:e8:9a:92:67:
aa:7b:40:9a:97:f0:bf:3a:1b:de:f0:b2:45:fc:ab:
e9:25:78:27:cb:30:5a:aa:ad:ab:6f:6f:30:9d:0e:
fb:d5:45:74:c8:91:90:5d:b2:88:7e:7d:62:58:43:
fb:28:59:f4:ee:45:b4:1b:52:41:d2:d0:eb:b4:0c:
68:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:93:AC:EB:BE:90:E8:18:B8:EC:98:73:72:E4:5A:95:72:2A:B4:AD
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/SpOs676Q6Bi47JhzcuRalXIqtK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.71.0/24
Signature Algorithm: sha256WithRSAEncryption
94:87:2a:95:4d:77:5c:f2:36:14:db:98:ab:b0:c6:25:9c:f3:
35:f8:29:44:2c:52:2c:40:e4:16:95:9a:a9:09:28:bc:5e:48:
ad:20:68:a8:48:c0:e3:56:a6:79:10:eb:e7:4a:de:b2:fe:e2:
45:f8:58:11:26:a7:f0:c6:a6:83:fa:a5:fc:d7:e8:dd:0e:0b:
53:78:17:be:2c:d2:a1:59:0e:f3:0c:29:74:58:02:9f:27:35:
5a:da:ac:2b:ef:d3:90:52:9d:9a:c7:d8:24:df:f1:57:16:7e:
7d:fd:9b:71:d8:d0:62:ce:51:57:63:2e:cc:12:39:74:f1:6a:
28:e3:22:ad:e4:0f:e0:fa:80:8c:47:29:46:ea:8b:f7:c9:f8:
a3:3e:05:da:83:51:58:fe:1d:1f:5e:25:3d:f4:26:08:0d:8c:
d8:1c:bf:35:88:ce:cf:36:09:0a:48:b7:78:04:d2:03:41:f2:
82:01:a6:d0:a1:2a:9d:fb:c6:9d:10:95:86:c0:49:44:d2:03:
a0:fa:a9:d9:9f:53:a1:59:1e:58:a1:4b:75:95:0d:31:cf:5f:
01:20:57:78:06:45:94:1a:13:73:31:cc:c2:c5:0b:c4:d2:70:
ea:f6:89:a4:68:02:c5:df:42:a9:c7:b1:97:9c:59:c9:7e:47:
39:e6:be:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECawIrzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE5M2FjZWJiZTkw
ZTgxOGI4ZWM5ODczNzJlNDVhOTU3MjJhYjRhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALyzB0PfgtkRrUVpR7FDGKLuTPlNU5ssXBnz5GaI4yCU9M55
S4DkYGhuRePh4rkI//C1hjAj+zdk3BYuYCWc/L1Hlv3XoZGZ44TYvdJJtccdKoQy
0H/Qi6bUJdy3/puWzVYciiS/coVn7j5+9ge6mYHjSKN33VLoLc0J/l90H/asSaKA
PKhHrzOw4+E6CCyXWNJChzJL1P9ysHRF+QqnMaNGexEr0/LiZ1M5ZhUHjRGsvZwH
t2czpslOFioJc6bompJnqntAmpfwvzob3vCyRfyr6SV4J8swWqqtq29vMJ0O+9VF
dMiRkF2yiH59YlhD+yhZ9O5FtBtSQdLQ67QMaPcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRKk6zrvpDoGLjsmHNy5FqVciq0rTAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L1NwT3M2NzZRNkJpNDdKaHpjdVJhbFhJcXRLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnrRzANBgkqhkiG9w0BAQsFAAOC
AQEAlIcqlU13XPI2FNuYq7DGJZzzNfgpRCxSLEDkFpWaqQkovF5IrSBoqEjA41am
eRDr50resv7iRfhYESan8Mamg/ql/Nfo3Q4LU3gXvizSoVkO8wwpdFgCnyc1Wtqs
K+/TkFKdmsfYJN/xVxZ+ff2bcdjQYs5RV2MuzBI5dPFqKOMireQP4PqAjEcpRuqL
98n4oz4F2oNRWP4dH14lPfQmCA2M2By/NYjOzzYJCki3eATSA0HyggGm0KEqnfvG
nRCVhsBJRNIDoPqp2Z9ToVkeWKFLdZUNMc9fASBXeAZFlBoTczHMwsULxNJw6vaJ
pGgCxd9Cqcexl5xZyX5HOea+fQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org