Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/gRyq5koNSKHKitDFLKd_EaXmWu8.roa
File: gRyq5koNSKHKitDFLKd_EaXmWu8.roa (raw, json)
Hash identifier: a49xlOZgpV7fHghLpAE7mudVMMwg2czb11fFYpfynJw=
Subject key identifier: 81:1C:AA:E6:4A:0D:48:A1:CA:8A:D0:C5:2C:A7:7F:11:A5:E6:5A:EF
Certificate issuer: /CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Certificate serial: 02C07D63
Authority key identifier: CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/gRyq5koNSKHKitDFLKd_EaXmWu8.roa
Signing time: Tue 04 Jan 2022 16:50:39 +0000
ROA not before: Tue 04 Jan 2022 16:50:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210924
IP address blocks: 185.210.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46169443 (0x2c07d63)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb645bc0fdb8626bce2c0425c4087b54e150d386
Validity
Not Before: Jan 4 16:50:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=811caae64a0d48a1ca8ad0c52ca77f11a5e65aef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a5:47:75:b1:8a:f8:c0:ab:57:de:01:81:54:
f9:2f:7b:c0:c3:02:9c:03:09:57:ab:5f:bb:88:eb:
cd:8a:2f:0c:8f:15:fe:f9:c1:96:b5:d0:fd:10:1e:
d8:dd:55:01:df:79:d5:a2:3c:d4:2a:ff:08:7b:73:
13:ab:20:8e:fd:15:fe:eb:38:87:9d:03:95:76:99:
87:5b:b8:f3:8c:0a:75:28:97:e1:0f:f3:b4:b5:91:
fc:df:42:6e:be:a6:90:48:b5:4e:8b:dd:58:65:92:
79:49:54:eb:06:46:65:ff:d7:e6:e3:f5:24:bd:f8:
af:2f:31:ff:93:93:15:21:1f:ff:3c:8b:72:59:39:
93:e3:d3:f1:f5:f9:a9:af:4f:87:09:71:48:fb:7e:
98:a1:2f:ee:62:46:e8:de:9b:1c:aa:1e:8d:70:c1:
ea:bc:30:29:31:e2:24:cf:65:78:16:05:33:8f:f7:
0f:86:5b:f3:bd:fa:01:e5:57:85:0d:31:81:cb:e4:
e7:9a:ea:77:3e:a1:6b:6a:8b:7b:69:18:a8:07:cf:
bc:9f:1f:e5:40:18:e2:d6:53:12:9c:7b:f9:04:a1:
31:22:ff:0f:0e:ab:9b:1f:06:f7:ce:54:02:03:ce:
64:e1:03:cd:96:04:7e:d9:c1:25:e6:0c:97:2c:16:
a1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1C:AA:E6:4A:0D:48:A1:CA:8A:D0:C5:2C:A7:7F:11:A5:E6:5A:EF
X509v3 Authority Key Identifier:
keyid:CB:64:5B:C0:FD:B8:62:6B:CE:2C:04:25:C4:08:7B:54:E1:50:D3:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2RbwP24YmvOLAQlxAh7VOFQ04Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/gRyq5koNSKHKitDFLKd_EaXmWu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/57bf89-fe3b-4c21-8ffb-e8754d005ebe/1/y2RbwP24YmvOLAQlxAh7VOFQ04Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.157.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:4f:6a:3f:9d:ad:6f:e6:ee:b6:be:2c:ca:24:8f:e0:c2:ff:
a5:b4:fb:f1:98:ee:95:e3:ce:35:3e:a6:04:47:09:a2:87:9c:
6f:b9:35:13:15:dd:53:1f:fc:84:e9:35:6d:44:ac:1b:0a:18:
b9:f8:fa:b3:3b:d7:8b:1c:8d:c4:47:d1:b8:bb:34:cd:b8:8f:
95:fc:fd:89:4f:42:bc:a5:68:97:fd:b4:4f:bd:1b:a1:e3:4a:
c4:a8:31:85:ae:5a:ad:60:3f:7a:63:3d:20:f4:91:64:3a:7a:
41:a4:c2:3e:7c:c3:f2:ae:d6:ae:a4:eb:fc:65:6c:4e:3e:d2:
b1:c6:0e:24:f3:38:95:04:7e:e9:85:58:48:6f:54:69:72:21:
7e:75:66:58:52:79:03:d8:3b:21:11:3a:2d:eb:bc:69:50:5f:
44:e5:b3:b9:8e:0b:9b:f5:19:fe:16:fc:59:7d:fa:2f:af:c7:
91:b2:7a:ea:36:2e:29:a1:eb:be:e5:45:67:27:08:83:4d:fc:
0d:92:84:36:25:e9:42:51:f3:82:f0:b5:7a:4c:ed:9e:4b:d6:
32:26:ac:55:5d:85:f7:de:96:e6:b5:af:6b:73:d6:45:27:9d:
18:23:eb:3a:77:05:cb:90:15:cf:94:d6:8b:9a:7b:8f:b0:eb:
be:49:a2:13
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAsB9YzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YjY0NWJjMGZkYjg2MjZiY2UyYzA0MjVjNDA4N2I1NGUxNTBkMzg2MB4XDTIyMDEw
NDE2NTAzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODExY2FhZTY0YTBk
NDhhMWNhOGFkMGM1MmNhNzdmMTFhNWU2NWFlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKmlR3WxivjAq1feAYFU+S97wMMCnAMJV6tfu4jrzYovDI8V
/vnBlrXQ/RAe2N1VAd951aI81Cr/CHtzE6sgjv0V/us4h50DlXaZh1u484wKdSiX
4Q/ztLWR/N9Cbr6mkEi1TovdWGWSeUlU6wZGZf/X5uP1JL34ry8x/5OTFSEf/zyL
clk5k+PT8fX5qa9PhwlxSPt+mKEv7mJG6N6bHKoejXDB6rwwKTHiJM9leBYFM4/3
D4Zb8736AeVXhQ0xgcvk55rqdz6ha2qLe2kYqAfPvJ8f5UAY4tZTEpx7+QShMSL/
Dw6rmx8G985UAgPOZOEDzZYEftnBJeYMlywWoakCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSBHKrmSg1IocqK0MUsp38RpeZa7zAfBgNVHSMEGDAWgBTLZFvA/bhia84s
BCXECHtU4VDThjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3kyUmJ3UDI0WW12T0xBUWx4QWg3Vk9GUTA0WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNTdiZjg5LWZlM2ItNGMyMS04ZmZiLWU4NzU0ZDAwNWViZS8x
L2dSeXE1a29OU0tIS2l0REZMS2RfRWFYbVd1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NTdiZjg5LWZlM2ItNGMyMS04ZmZiLWU4NzU0ZDAwNWViZS8xL3kyUmJ3UDI0WW12
T0xBUWx4QWg3Vk9GUTA0WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnSnTANBgkqhkiG9w0BAQsFAAOC
AQEASk9qP52tb+butr4syiSP4ML/pbT78ZjulePONT6mBEcJooecb7k1ExXdUx/8
hOk1bUSsGwoYufj6szvXixyNxEfRuLs0zbiPlfz9iU9CvKVol/20T70boeNKxKgx
ha5arWA/emM9IPSRZDp6QaTCPnzD8q7WrqTr/GVsTj7SscYOJPM4lQR+6YVYSG9U
aXIhfnVmWFJ5A9g7IRE6Leu8aVBfROWzuY4Lm/UZ/hb8WX36L6/HkbJ66jYuKaHr
vuVFZycIg038DZKENiXpQlHzgvC1ekztnkvWMiasVV2F996W5rWva3PWRSedGCPr
OncFy5AVz5TWi5p7j7DrvkmiEw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:06 2023 by rpki-client on console-fra.rpki-client.org