Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mtCOzAPlZTqpYWz0gbErzNuqm74.roa
File: mtCOzAPlZTqpYWz0gbErzNuqm74.roa (raw, json)
Hash identifier: g4uSf6t63rPPknLjvY3sgszxK313n+CkgYNTw5XxYXA=
Subject key identifier: 9A:D0:8E:CC:03:E5:65:3A:A9:61:6C:F4:81:B1:2B:CC:DB:AA:9B:BE
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 14D942CC
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mtCOzAPlZTqpYWz0gbErzNuqm74.roa
Signing time: Fri 06 May 2022 05:04:51 +0000
ROA not before: Fri 06 May 2022 05:04:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133206
IP address blocks: 188.214.236.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 349782732 (0x14d942cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 6 05:04:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ad08ecc03e5653aa9616cf481b12bccdbaa9bbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:05:66:df:35:ac:24:27:4b:90:43:d3:4d:6b:
49:85:35:8b:fa:ae:61:fd:5d:6b:df:df:94:f7:a6:
fa:6b:4d:9e:1a:cd:1d:03:d2:bb:ca:c7:bc:73:ec:
6a:41:74:ea:e4:a4:9b:38:fb:f0:12:82:d4:6c:88:
87:f3:7e:05:23:cd:d8:c5:da:cf:51:1e:39:c6:fa:
38:76:29:8d:f3:78:d3:26:37:79:de:aa:8f:a9:05:
8b:ab:35:19:f8:73:2f:b8:6f:e2:5c:f4:3b:40:1a:
43:25:6b:4f:0e:91:7e:ef:d9:ae:93:e2:6b:b6:4a:
c1:68:10:fe:45:e9:da:63:e5:14:5f:2d:53:83:dc:
89:d0:a0:ce:c4:38:70:ae:5f:76:03:87:fd:2d:30:
9d:bf:ac:cb:60:06:a0:14:72:6e:95:67:72:79:37:
6e:a9:0a:d8:f9:c5:fe:2a:df:a6:aa:99:9d:b1:c1:
64:d6:6d:93:43:0f:4d:b9:73:dd:dd:02:ce:06:0b:
ac:39:08:91:32:1d:e0:2e:4a:12:92:68:d6:22:6c:
07:d5:97:15:23:91:fa:e7:52:72:0b:8b:7a:33:2f:
33:14:40:20:83:95:bc:83:06:54:2e:99:4a:42:cd:
84:d6:30:30:54:60:71:02:d0:2b:62:7b:8a:3f:85:
76:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:D0:8E:CC:03:E5:65:3A:A9:61:6C:F4:81:B1:2B:CC:DB:AA:9B:BE
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mtCOzAPlZTqpYWz0gbErzNuqm74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.236.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:ed:f2:92:c9:63:22:39:16:a7:f7:19:70:69:66:19:a3:58:
31:27:d5:cf:12:8b:91:26:fc:84:0e:3f:85:e4:ff:e3:b1:bb:
cc:76:68:ac:4a:11:09:de:65:19:80:0e:1e:fd:f9:f8:ab:1a:
52:f9:6e:2b:5d:f6:aa:67:3b:66:7e:e2:0a:ec:22:77:d2:29:
60:d1:8e:46:d0:ba:8a:a6:8c:ab:32:b3:e2:4c:e4:4c:db:88:
92:bb:68:5b:14:b6:41:b5:f2:50:7e:cd:fe:3b:5d:48:b7:c0:
d9:f2:ea:71:aa:96:3a:0e:a6:b2:a4:e2:c2:74:0d:18:52:b4:
85:01:59:83:a7:a1:07:96:dd:e3:29:7e:4f:7f:2a:84:05:5b:
a8:3f:54:0e:08:17:50:81:61:b9:6e:08:3f:12:dd:ef:57:27:
0f:cb:9b:c4:85:85:70:35:60:49:26:97:ee:5e:c4:df:cf:7f:
9d:10:07:c7:ce:07:d2:70:03:a9:5a:18:50:86:59:3b:80:1d:
34:3a:25:c1:69:38:f3:0d:ae:1c:20:65:d2:00:39:ce:cb:a0:
56:60:d1:19:27:e5:f6:29:b9:04:d9:95:09:4d:a7:11:60:04:
aa:6a:c1:4c:48:f5:44:6c:90:a5:ab:a8:41:d3:db:7e:f2:ca:
5e:ae:c1:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFNlCzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YWMzZGFhMWIxNDg1MGYyZTYxYzU5MmIyMTkxOTE1YTVlNjVhNDc4MB4XDTIyMDUw
NjA1MDQ1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFkMDhlY2MwM2U1
NjUzYWE5NjE2Y2Y0ODFiMTJiY2NkYmFhOWJiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0FZt81rCQnS5BD001rSYU1i/quYf1da9/flPem+mtNnhrN
HQPSu8rHvHPsakF06uSkmzj78BKC1GyIh/N+BSPN2MXaz1EeOcb6OHYpjfN40yY3
ed6qj6kFi6s1GfhzL7hv4lz0O0AaQyVrTw6Rfu/ZrpPia7ZKwWgQ/kXp2mPlFF8t
U4PcidCgzsQ4cK5fdgOH/S0wnb+sy2AGoBRybpVncnk3bqkK2PnF/irfpqqZnbHB
ZNZtk0MPTblz3d0CzgYLrDkIkTId4C5KEpJo1iJsB9WXFSOR+udScguLejMvMxRA
IIOVvIMGVC6ZSkLNhNYwMFRgcQLQK2J7ij+FdksCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSa0I7MA+VlOqlhbPSBsSvM26qbvjAfBgNVHSMEGDAWgBQqw9qhsUhQ8uYc
WSshkZFaXmWkeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tzUGFvYkZJVVBMbUhGa3JJWkdSV2w1bHBIZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzAvNDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8x
L210Q096QVBsWlRxcFlXejBnYkVyek51cW03NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzAv
NDA1YmJkLTU5MTMtNGU5NS04ZTc1LWZlMDY1OTE3NmE1Ni8xL0tzUGFvYkZJVVBM
bUhGa3JJWkdSV2w1bHBIZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArzW7DANBgkqhkiG9w0BAQsFAAOC
AQEAqe3yksljIjkWp/cZcGlmGaNYMSfVzxKLkSb8hA4/heT/47G7zHZorEoRCd5l
GYAOHv35+KsaUvluK132qmc7Zn7iCuwid9IpYNGORtC6iqaMqzKz4kzkTNuIkrto
WxS2QbXyUH7N/jtdSLfA2fLqcaqWOg6msqTiwnQNGFK0hQFZg6ehB5bd4yl+T38q
hAVbqD9UDggXUIFhuW4IPxLd71cnD8ubxIWFcDVgSSaX7l7E389/nRAHx84H0nAD
qVoYUIZZO4AdNDolwWk48w2uHCBl0gA5zsugVmDRGSfl9im5BNmVCU2nEWAEqmrB
TEj1RGyQpauoQdPbfvLKXq7BrQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org