Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/AaW3oQYBuS4_NcPrDsL2WECL_mc.roa
File: AaW3oQYBuS4_NcPrDsL2WECL_mc.roa (raw, json)
Hash identifier: LwF8J+jYrXebvJTbE8MEvQB+0xBKFZ8HwR/q+sUkNR8=
Subject key identifier: 01:A5:B7:A1:06:01:B9:2E:3F:35:C3:EB:0E:C2:F6:58:40:8B:FE:67
Certificate issuer: /CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Certificate serial: 01696F18
Authority key identifier: FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/AaW3oQYBuS4_NcPrDsL2WECL_mc.roa
Signing time: Sat 01 Jan 2022 08:05:55 +0000
ROA not before: Sat 01 Jan 2022 08:05:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211873
IP address blocks: 185.149.28.0/22 maxlen: 22
2a06:34c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 23686936 (0x1696f18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbfcd4515b493039216758de738e4f1ae8e3224c
Validity
Not Before: Jan 1 08:05:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01a5b7a10601b92e3f35c3eb0ec2f658408bfe67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b9:67:f0:73:c6:64:76:ec:2a:ac:23:cc:43:
52:3d:51:b3:94:07:bb:06:b4:74:45:b9:7b:5e:89:
ab:68:e1:f3:56:0b:dd:57:7f:05:33:20:b4:6a:f6:
9d:67:57:d3:3d:d8:bf:5c:2e:3e:85:f3:0a:86:f1:
2e:91:00:96:16:bd:23:b8:fa:8f:8f:5e:69:19:82:
13:57:bc:f2:66:b4:b7:6d:32:94:f8:81:89:17:58:
fd:97:d6:8d:d4:0a:62:df:dd:a4:d9:44:73:0f:c5:
21:db:f8:ca:f3:ef:49:43:db:85:ab:c3:57:03:e6:
66:e3:8f:77:60:0c:b9:91:4a:4d:b1:06:80:b5:0f:
70:6a:d6:10:4c:8c:e0:e0:1e:e7:d4:82:f3:1f:90:
95:22:fc:46:ab:79:b1:d8:e8:aa:b2:60:b7:6e:05:
09:1e:b4:14:cf:96:21:c1:4d:78:94:5c:58:1c:9b:
f4:e1:20:61:b1:e2:9e:0a:ee:29:34:db:57:01:97:
4a:7e:53:e6:29:76:22:d4:1d:18:fe:25:dd:14:3c:
0e:87:26:8c:0a:48:6a:d7:08:26:09:52:b6:cf:69:
ec:06:61:31:bc:64:46:3b:8d:11:5b:a9:4f:e4:ac:
d0:c6:bd:10:19:4b:d9:47:2c:e7:58:21:49:dd:5c:
df:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A5:B7:A1:06:01:B9:2E:3F:35:C3:EB:0E:C2:F6:58:40:8B:FE:67
X509v3 Authority Key Identifier:
keyid:FB:FC:D4:51:5B:49:30:39:21:67:58:DE:73:8E:4F:1A:E8:E3:22:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_zUUVtJMDkhZ1jec45PGujjIkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/AaW3oQYBuS4_NcPrDsL2WECL_mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/d6486a-8ff7-426f-8d86-098d04ce51b2/1/1-_zUUVtJMDkhZ1jec45PGujjIkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.28.0/22
IPv6:
2a06:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
4f:59:97:f3:86:74:dc:11:49:39:39:a7:25:5f:37:13:54:0d:
1e:dc:40:2c:9f:cc:a3:57:42:dd:35:98:02:6b:bf:04:44:b5:
ba:ca:6a:cc:df:41:31:51:4b:29:ce:90:c9:6b:08:46:6e:e7:
a8:c8:25:cf:0c:09:8f:53:5e:9c:43:67:33:92:d9:e2:14:d3:
5f:6d:86:c3:38:04:dd:52:93:4b:b5:f3:98:50:8f:65:d1:a1:
93:c4:b5:b1:35:2e:ba:e4:94:d5:ad:f5:0f:e8:7c:3a:97:ff:
de:ca:ec:32:20:44:c6:e3:e3:8e:48:d7:e4:fb:ee:85:10:54:
4f:4c:72:89:1e:7a:bb:88:47:50:3f:13:7a:66:f3:0f:2c:d3:
63:d9:fc:7a:64:de:fb:a8:c4:ce:8c:c0:60:f4:ba:20:dc:fa:
0c:50:43:74:5c:0a:29:ea:14:12:7c:55:9f:8e:03:dc:ea:c4:
4d:91:c9:30:1a:fd:9c:20:6a:2d:6e:40:95:b2:a6:ca:dc:f7:
b5:5a:bc:6b:ba:52:b4:55:57:9f:d1:8b:16:60:9f:e9:75:76:
ba:05:02:16:f8:3b:bd:ca:e1:90:d5:0e:93:c7:c8:67:2f:0f:
b3:10:76:c4:fd:be:8d:ca:81:ef:17:23:17:12:07:3d:21:6b:
fb:51:81:3f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAWlvGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmZjZDQ1MTViNDkzMDM5MjE2NzU4ZGU3MzhlNGYxYWU4ZTMyMjRjMB4XDTIyMDEw
MTA4MDU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDFhNWI3YTEwNjAx
YjkyZTNmMzVjM2ViMGVjMmY2NTg0MDhiZmU2NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKG5Z/BzxmR27CqsI8xDUj1Rs5QHuwa0dEW5e16Jq2jh81YL
3Vd/BTMgtGr2nWdX0z3Yv1wuPoXzCobxLpEAlha9I7j6j49eaRmCE1e88ma0t20y
lPiBiRdY/ZfWjdQKYt/dpNlEcw/FIdv4yvPvSUPbhavDVwPmZuOPd2AMuZFKTbEG
gLUPcGrWEEyM4OAe59SC8x+QlSL8Rqt5sdjoqrJgt24FCR60FM+WIcFNeJRcWByb
9OEgYbHingruKTTbVwGXSn5T5il2ItQdGP4l3RQ8DocmjApIatcIJglSts9p7AZh
MbxkRjuNEVupT+Ss0Ma9EBlL2Ucs51ghSd1c32ECAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQBpbehBgG5Lj81w+sOwvZYQIv+ZzAfBgNVHSMEGDAWgBT7/NRRW0kwOSFn
WN5zjk8a6OMiTDAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtX3pVVVZ0Sk1Ea2haMWplYzQ1UEd1ampJa3cuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzY4L2Q2NDg2YS04ZmY3LTQyNmYtOGQ4Ni0wOThkMDRjZTUxYjIv
MS9BYVczb1FZQnVTNF9OY1ByRHNMMldFQ0xfbWMucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzY4
L2Q2NDg2YS04ZmY3LTQyNmYtOGQ4Ni0wOThkMDRjZTUxYjIvMS8xLV96VVVWdEpN
RGtoWjFqZWM0NVBHdWpqSWt3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZUcMA0EAgACMAcDBQMqBjTA
MA0GCSqGSIb3DQEBCwUAA4IBAQBPWZfzhnTcEUk5OaclXzcTVA0e3EAsn8yjV0Ld
NZgCa78ERLW6ymrM30ExUUspzpDJawhGbueoyCXPDAmPU16cQ2czktniFNNfbYbD
OATdUpNLtfOYUI9l0aGTxLWxNS665JTVrfUP6Hw6l//eyuwyIETG4+OOSNfk++6F
EFRPTHKJHnq7iEdQPxN6ZvMPLNNj2fx6ZN77qMTOjMBg9Log3PoMUEN0XAop6hQS
fFWfjgPc6sRNkckwGv2cIGotbkCVsqbK3Pe1WrxrulK0VVef0YsWYJ/pdXa6BQIW
+Du9yuGQ1Q6Tx8hnLw+zEHbE/b6NyoHvFyMXEgc9IWv7UYE/
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:20 2023 by rpki-client on console-fra.rpki-client.org