Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/so7Akj9CoVRTjfG-hdNZ7qlKOaA.roa
File: so7Akj9CoVRTjfG-hdNZ7qlKOaA.roa (raw, json)
Hash identifier: b2xkPMSJDRKpTFH2Y9dTTqB/vvL9zv5d+/w5HbLEcck=
Subject key identifier: B2:8E:C0:92:3F:42:A1:54:53:8D:F1:BE:85:D3:59:EE:A9:4A:39:A0
Certificate issuer: /CN=0b083808763c262541020d2e81da34aaa38283b7
Certificate serial: 06BF884B
Authority key identifier: 0B:08:38:08:76:3C:26:25:41:02:0D:2E:81:DA:34:AA:A3:82:83:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cwg4CHY8JiVBAg0ugdo0qqOCg7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/so7Akj9CoVRTjfG-hdNZ7qlKOaA.roa
Signing time: Sat 01 Jan 2022 04:01:23 +0000
ROA not before: Sat 01 Jan 2022 04:01:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24749
IP address blocks: 185.70.148.0/22 maxlen: 22
2a03:35a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 113215563 (0x6bf884b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b083808763c262541020d2e81da34aaa38283b7
Validity
Not Before: Jan 1 04:01:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b28ec0923f42a154538df1be85d359eea94a39a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:73:c0:fb:15:2f:8d:0b:61:b8:33:7b:87:37:
4c:be:7e:f7:59:c4:6a:db:24:a4:f3:78:01:f6:e1:
95:dc:1f:35:64:e9:31:d6:cd:65:9b:15:ed:98:61:
89:8e:f4:f6:85:20:15:57:f0:ca:58:75:b4:9f:d7:
53:dd:8f:64:d1:60:5e:2c:b4:3c:b8:9a:e7:26:97:
46:f1:f3:76:a4:b1:81:65:8f:bb:c3:f1:90:25:00:
80:e5:02:02:aa:a0:eb:4f:b2:d1:25:d8:44:38:17:
19:1f:2c:1f:aa:72:f3:51:04:f0:5b:03:57:15:4b:
9a:89:7c:cf:de:44:97:c2:84:cf:69:ec:a0:46:4e:
4f:df:33:32:c0:9c:ec:02:46:95:5f:bc:f1:2c:1f:
98:98:d0:df:ff:76:c5:3d:fa:b2:f5:08:01:0e:da:
e8:6f:c3:99:6e:84:7c:67:1f:df:0a:fc:bd:e0:68:
3c:7d:24:db:dd:83:91:31:ef:9b:c2:11:c7:c6:a8:
37:52:cd:90:bc:c0:22:ce:ae:f2:18:23:ff:12:a2:
57:03:85:6a:73:24:cf:fd:4b:f9:2d:48:ab:de:63:
db:d6:02:11:57:93:c0:85:99:15:4f:9c:f7:2b:0a:
39:e7:1f:9b:3c:d9:20:25:61:aa:9e:4a:81:6f:8d:
39:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:8E:C0:92:3F:42:A1:54:53:8D:F1:BE:85:D3:59:EE:A9:4A:39:A0
X509v3 Authority Key Identifier:
keyid:0B:08:38:08:76:3C:26:25:41:02:0D:2E:81:DA:34:AA:A3:82:83:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cwg4CHY8JiVBAg0ugdo0qqOCg7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/so7Akj9CoVRTjfG-hdNZ7qlKOaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/7e47d7-6137-4300-936b-46925c5249e6/1/Cwg4CHY8JiVBAg0ugdo0qqOCg7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.148.0/22
IPv6:
2a03:35a0::/32
Signature Algorithm: sha256WithRSAEncryption
07:c9:15:fb:60:52:4c:fe:07:90:b8:e0:63:73:5e:b5:13:cb:
f7:2d:ad:7b:ac:1d:6f:c7:42:94:a6:b2:73:4b:b7:38:ae:69:
c6:a5:62:7c:61:bf:98:8f:1b:60:3c:28:e8:18:1b:20:8b:10:
ba:96:63:98:79:01:3b:8c:79:97:05:aa:5b:22:fc:73:7d:0b:
dc:c5:53:ca:c3:ad:c1:11:2f:25:df:73:cd:ed:bc:db:0a:5e:
05:54:b7:fb:28:e2:55:6d:82:3a:a8:0f:5c:9b:88:b9:84:53:
df:21:eb:85:06:66:fb:f1:68:35:aa:cb:7a:2d:3e:3e:ba:b3:
ae:d2:47:d0:8a:15:47:c4:56:b1:a6:7d:28:77:de:2f:e6:96:
11:9b:47:cc:63:e5:3a:49:66:a1:b5:c8:eb:79:b0:4b:02:f1:
61:99:01:11:51:f5:b9:6d:de:e2:8f:a7:9f:eb:c3:a2:65:84:
ad:b3:56:3d:da:7e:29:d6:b7:07:4c:de:81:61:f8:48:f4:9e:
4d:87:3d:f0:04:8a:18:c5:ed:47:53:d0:a7:af:75:55:76:b2:
18:56:ee:3e:69:d0:53:01:99:26:f7:f5:9c:51:e8:20:e5:e2:
c3:ac:5e:ad:0b:14:25:be:2b:39:46:92:9c:43:fe:b5:91:9e:
3d:75:8f:e3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBr+ISzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YjA4MzgwODc2M2MyNjI1NDEwMjBkMmU4MWRhMzRhYWEzODI4M2I3MB4XDTIyMDEw
MTA0MDEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjI4ZWMwOTIzZjQy
YTE1NDUzOGRmMWJlODVkMzU5ZWVhOTRhMzlhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ5zwPsVL40LYbgze4c3TL5+91nEatskpPN4AfbhldwfNWTp
MdbNZZsV7ZhhiY709oUgFVfwylh1tJ/XU92PZNFgXiy0PLia5yaXRvHzdqSxgWWP
u8PxkCUAgOUCAqqg60+y0SXYRDgXGR8sH6py81EE8FsDVxVLmol8z95El8KEz2ns
oEZOT98zMsCc7AJGlV+88SwfmJjQ3/92xT36svUIAQ7a6G/DmW6EfGcf3wr8veBo
PH0k292DkTHvm8IRx8aoN1LNkLzAIs6u8hgj/xKiVwOFanMkz/1L+S1Iq95j29YC
EVeTwIWZFU+c9ysKOecfmzzZICVhqp5KgW+NOZcCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSyjsCSP0KhVFON8b6F01nuqUo5oDAfBgNVHSMEGDAWgBQLCDgIdjwmJUEC
DS6B2jSqo4KDtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N3ZzRDSFk4SmlWQkFnMHVnZG8wcXFPQ2c3Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvN2U0N2Q3LTYxMzctNDMwMC05MzZiLTQ2OTI1YzUyNDllNi8x
L3NvN0FrajlDb1ZSVGpmRy1oZE5aN3FsS09hQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
N2U0N2Q3LTYxMzctNDMwMC05MzZiLTQ2OTI1YzUyNDllNi8xL0N3ZzRDSFk4SmlW
QkFnMHVnZG8wcXFPQ2c3Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlGlDANBAIAAjAHAwUAKgM1oDAN
BgkqhkiG9w0BAQsFAAOCAQEAB8kV+2BSTP4HkLjgY3NetRPL9y2te6wdb8dClKay
c0u3OK5pxqVifGG/mI8bYDwo6BgbIIsQupZjmHkBO4x5lwWqWyL8c30L3MVTysOt
wREvJd9zze282wpeBVS3+yjiVW2COqgPXJuIuYRT3yHrhQZm+/FoNarLei0+Prqz
rtJH0IoVR8RWsaZ9KHfeL+aWEZtHzGPlOklmobXI63mwSwLxYZkBEVH1uW3e4o+n
n+vDomWErbNWPdp+Kda3B0zegWH4SPSeTYc98ASKGMXtR1PQp691VXayGFbuPmnQ
UwGZJvf1nFHoIOXiw6xerQsUJb4rOUaSnEP+tZGePXWP4w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:55 2023 by rpki-client on console-ams.rpki-client.org