Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/2b42fc-49bc-4f81-987b-85493046ec46/1/pgnQgaDwAFb9wVvArtUJ2dhwZ0o.roa
File: pgnQgaDwAFb9wVvArtUJ2dhwZ0o.roa (raw, json)
Hash identifier: sy28o42iNB60Z/mgTXl24AuTRz+lRczsDB7koPa4TF4=
Subject key identifier: A6:09:D0:81:A0:F0:00:56:FD:C1:5B:C0:AE:D5:09:D9:D8:70:67:4A
Certificate issuer: /CN=0701b929fd9edbabae35dd44adc161d7d470b1fa
Certificate serial: 0185249C356CE170A672B091FF0239EEAC24
Authority key identifier: 07:01:B9:29:FD:9E:DB:AB:AE:35:DD:44:AD:C1:61:D7:D4:70:B1:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BwG5Kf2e26uuNd1ErcFh19Rwsfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/2b42fc-49bc-4f81-987b-85493046ec46/1/pgnQgaDwAFb9wVvArtUJ2dhwZ0o.roa
Signing time: Sun 18 Dec 2022 09:41:35 +0000
ROA not before: Sun 18 Dec 2022 09:41:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16019
IP address blocks: 185.31.36.0/22 maxlen: 22
2a04:4d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:24:9c:35:6c:e1:70:a6:72:b0:91:ff:02:39:ee:ac:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0701b929fd9edbabae35dd44adc161d7d470b1fa
Validity
Not Before: Dec 18 09:41:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a609d081a0f00056fdc15bc0aed509d9d870674a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:23:be:b4:10:ff:8b:bb:a9:4c:4e:a0:94:31:
14:3b:3d:81:f0:aa:3c:05:8d:da:14:9a:f8:17:1c:
ef:17:dd:b5:ed:93:48:32:20:fa:43:ad:5f:02:c6:
23:00:8d:9f:51:f3:4d:09:9e:80:db:c7:64:94:bb:
a5:ce:1c:db:a8:da:73:f2:89:2d:ce:30:94:28:77:
9a:8c:9a:92:b8:d5:f9:5e:db:2f:e4:64:46:de:3a:
f8:e7:0b:2e:22:cb:f9:03:f9:f8:4e:59:eb:e6:c7:
b7:24:68:ec:ef:40:d1:bd:41:74:5c:82:b4:70:b0:
bb:a2:d2:fc:94:38:99:1a:7d:df:8e:27:6d:db:8f:
f5:da:76:3d:80:a8:c2:f6:72:06:5e:56:d5:85:04:
bf:0e:de:65:12:11:f3:80:d2:5a:2c:d9:3e:ee:5c:
7b:1e:a0:3e:c0:b2:72:d4:f0:ec:4d:d5:a9:32:ab:
40:46:d7:95:87:7c:b9:89:33:b0:6e:2d:e5:32:49:
13:95:bb:16:d7:c8:ef:a3:33:51:66:b4:53:d7:a0:
66:84:7c:40:85:80:b5:2e:fc:00:b5:3d:45:6e:93:
e8:0e:10:c6:e3:0d:4e:ab:65:a7:0b:ee:e7:61:9f:
f9:09:58:54:e9:a5:4d:02:f6:f1:47:75:ac:35:d9:
53:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:09:D0:81:A0:F0:00:56:FD:C1:5B:C0:AE:D5:09:D9:D8:70:67:4A
X509v3 Authority Key Identifier:
keyid:07:01:B9:29:FD:9E:DB:AB:AE:35:DD:44:AD:C1:61:D7:D4:70:B1:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwG5Kf2e26uuNd1ErcFh19Rwsfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2b42fc-49bc-4f81-987b-85493046ec46/1/pgnQgaDwAFb9wVvArtUJ2dhwZ0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/2b42fc-49bc-4f81-987b-85493046ec46/1/BwG5Kf2e26uuNd1ErcFh19Rwsfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.36.0/22
IPv6:
2a04:4d40::/29
Signature Algorithm: sha256WithRSAEncryption
9c:aa:0e:6d:21:ab:c0:b7:58:50:d0:14:6b:61:23:9d:a5:a3:
fb:c2:42:97:f1:a7:8e:bc:92:26:79:1a:23:65:05:f1:aa:f5:
54:4a:4f:60:de:75:aa:4e:1f:cb:34:db:67:85:e8:98:a8:33:
11:be:d5:2b:2d:a7:55:14:52:3a:9b:27:42:9c:db:69:95:84:
23:17:a0:33:bd:6e:e4:90:af:da:5a:74:ae:cd:05:22:68:1b:
00:bc:5c:57:28:8c:36:f8:d8:30:59:ed:9a:56:92:b4:c7:75:
78:84:bf:f0:4a:e9:ad:21:b6:b5:63:96:31:fd:69:31:3a:17:
d7:d7:f7:82:eb:bd:8d:7f:4f:c6:2d:0f:4b:ca:8f:d6:83:b8:
85:13:a5:5a:e6:c1:18:16:9f:8f:7b:22:87:b1:fa:45:43:63:
7c:70:2f:fd:83:f7:8f:f5:84:b7:2f:7b:45:2b:e1:9b:2b:0e:
c0:9e:02:f7:66:a6:f1:3d:1d:dd:27:3f:94:a4:57:75:bf:ff:
3e:0c:6d:a3:1a:79:24:3d:9c:f3:d9:86:ef:be:f1:04:7e:81:
31:46:58:1a:d9:57:c7:51:b5:74:af:68:b1:e1:a0:1c:ad:49:
85:7f:a0:d5:7e:f8:15:c4:ed:81:bd:10:0a:75:67:68:7d:60:
af:91:02:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYUknDVs4XCmcrCR/wI57qwkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDFiOTI5ZmQ5ZWRiYWJhZTM1ZGQ0NGFkYzE2MWQ3ZDQ3
MGIxZmEwHhcNMjIxMjE4MDk0MTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjA5ZDA4MWEwZjAwMDU2ZmRjMTViYzBhZWQ1MDlkOWQ4NzA2NzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiO+tBD/i7upTE6glDEUOz2B8Ko8
BY3aFJr4FxzvF9217ZNIMiD6Q61fAsYjAI2fUfNNCZ6A28dklLulzhzbqNpz8okt
zjCUKHeajJqSuNX5Xtsv5GRG3jr45wsuIsv5A/n4Tlnr5se3JGjs70DRvUF0XIK0
cLC7otL8lDiZGn3fjidt24/12nY9gKjC9nIGXlbVhQS/Dt5lEhHzgNJaLNk+7lx7
HqA+wLJy1PDsTdWpMqtARteVh3y5iTOwbi3lMkkTlbsW18jvozNRZrRT16BmhHxA
hYC1LvwAtT1FbpPoDhDG4w1Oq2WnC+7nYZ/5CVhU6aVNAvbxR3WsNdlTRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKYJ0IGg8ABW/cFbwK7VCdnYcGdKMB8GA1UdIwQY
MBaAFAcBuSn9nturrjXdRK3BYdfUcLH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndHNUtmMmUyNnV1TmQxRXJjRmgxOVJ3c2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8yYjQyZmMtNDliYy00ZjgxLTk4N2It
ODU0OTMwNDZlYzQ2LzEvcGduUWdhRHdBRmI5d1Z2QXJ0VUoyZGh3WjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS8yYjQyZmMtNDliYy00ZjgxLTk4N2ItODU0OTMwNDZlYzQ2
LzEvQndHNUtmMmUyNnV1TmQxRXJjRmgxOVJ3c2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR8kMA0E
AgACMAcDBQMqBE1AMA0GCSqGSIb3DQEBCwUAA4IBAQCcqg5tIavAt1hQ0BRrYSOd
paP7wkKX8aeOvJImeRojZQXxqvVUSk9g3nWqTh/LNNtnheiYqDMRvtUrLadVFFI6
mydCnNtplYQjF6AzvW7kkK/aWnSuzQUiaBsAvFxXKIw2+NgwWe2aVpK0x3V4hL/w
SumtIba1Y5Yx/WkxOhfX1/eC672Nf0/GLQ9Lyo/Wg7iFE6Va5sEYFp+PeyKHsfpF
Q2N8cC/9g/eP9YS3L3tFK+GbKw7AngL3ZqbxPR3dJz+UpFd1v/8+DG2jGnkkPZzz
2YbvvvEEfoExRlga2VfHUbV0r2ix4aAcrUmFf6DVfvgVxO2BvRAKdWdofWCvkQKC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:21 2023 by rpki-client on console-fra.rpki-client.org