Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/nC8_G3mdcks8tJCWxmrWGKfSmo8.roa
File: nC8_G3mdcks8tJCWxmrWGKfSmo8.roa (raw, json)
Hash identifier: OM7vW/vpxVaH5Sd6g8sTOpbqDQS3AA0q4xVe6Ufc3sk=
Subject key identifier: 9C:2F:3F:1B:79:9D:72:4B:3C:B4:90:96:C6:6A:D6:18:A7:D2:9A:8F
Certificate issuer: /CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Certificate serial: 0184CE4FC4B87B79D698F6E7536CE5115C15
Authority key identifier: 19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/nC8_G3mdcks8tJCWxmrWGKfSmo8.roa
Signing time: Thu 01 Dec 2022 15:30:44 +0000
ROA not before: Thu 01 Dec 2022 15:30:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202246
IP address blocks: 185.128.16.0/22 maxlen: 22
2a10:a5c1::/32 maxlen: 32
2a10:a5c2::/32 maxlen: 32
2a10:a5c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:4f:c4:b8:7b:79:d6:98:f6:e7:53:6c:e5:11:5c:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Validity
Not Before: Dec 1 15:30:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9c2f3f1b799d724b3cb49096c66ad618a7d29a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:06:8a:d5:10:df:7b:0c:94:84:c8:38:2e:c1:
0a:a2:d3:89:e5:19:27:eb:a4:74:e7:da:75:c1:f9:
53:4c:d5:9e:c6:da:29:61:b7:f2:04:c6:27:fe:89:
50:1e:85:12:e3:40:6a:f2:5c:d2:48:3d:39:e9:d4:
ee:03:b4:ba:84:f7:42:ee:21:3a:8e:80:b4:69:a2:
df:33:9f:0b:49:41:ab:4b:2c:62:6a:27:ba:b1:41:
c8:ec:2e:18:93:4b:dc:16:35:87:a4:91:de:b6:59:
1f:cc:8c:73:00:4e:26:31:5d:02:b8:9d:e9:04:5a:
0d:ba:83:8d:3d:74:bc:80:ba:95:de:37:cb:2f:6b:
6d:eb:01:68:a3:b0:7b:18:24:f1:fe:d7:96:0a:ec:
82:16:80:97:cc:d7:36:57:92:60:9f:de:e8:d6:79:
72:89:87:12:00:e8:4e:f4:f2:9e:e7:75:9e:91:7b:
74:80:9e:07:2b:f2:5f:60:5b:04:4b:01:df:d9:d3:
48:a8:f3:be:c6:54:ca:82:b8:cc:74:56:e4:ed:b2:
4b:d9:ff:df:5e:5b:60:61:21:a8:48:35:2e:53:a0:
a2:70:f1:60:58:49:38:98:b0:f5:63:6d:6d:c9:1c:
af:50:15:66:bb:1d:31:57:2d:0c:c3:e4:0c:10:60:
2d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:2F:3F:1B:79:9D:72:4B:3C:B4:90:96:C6:6A:D6:18:A7:D2:9A:8F
X509v3 Authority Key Identifier:
keyid:19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/nC8_G3mdcks8tJCWxmrWGKfSmo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.16.0/22
IPv6:
2a10:a5c0::-2a10:a5c2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5e:d4:f9:9d:12:32:3f:10:73:d4:ce:a7:16:72:c4:c1:6d:a0:
41:d6:0a:92:aa:c2:cf:92:c5:17:d3:fd:15:15:2d:0e:92:87:
12:4b:3e:e3:2d:69:2f:8d:02:74:51:5f:7d:79:c9:68:6b:62:
1d:ee:ff:7c:19:13:1b:e4:fe:d0:ed:29:19:28:81:2e:61:43:
59:d5:b0:b8:d4:c7:31:70:eb:ec:74:08:fe:f2:6b:88:31:bf:
39:56:6a:c8:25:76:70:49:95:e0:a1:05:52:4e:aa:b3:80:1b:
08:74:59:98:62:56:b7:0c:05:79:0d:6f:4e:f1:64:1a:c9:fd:
2c:e1:02:76:c9:74:c5:14:26:00:a0:43:7b:95:c8:a8:bc:60:
c5:3a:5a:c7:1b:1e:1c:58:4f:82:ff:4b:8a:38:19:da:94:2b:
f0:78:e7:ce:21:d9:7c:7e:46:84:8a:2d:ed:a7:71:9c:03:30:
d6:71:72:de:68:81:e5:99:23:fc:9e:c9:73:d9:ff:d6:09:73:
8e:32:13:65:9d:cc:cd:f2:e0:77:34:8f:0c:b4:e4:c5:1f:dd:
06:c9:c3:47:50:8a:29:1a:89:92:f0:e5:d4:c8:10:16:2b:8c:
2f:fc:8f:dc:a2:a7:45:e3:6f:bd:7f:c7:23:cc:9d:e9:78:a7:
f3:04:0f:77
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYTOT8S4e3nWmPbnU2zlEVwVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTNjYjQ4NTY4MjFkMTRjZDJlMGI3NjdjMjkzMWEyMmMx
NTRlN2MwHhcNMjIxMjAxMTUzMDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzJmM2YxYjc5OWQ3MjRiM2NiNDkwOTZjNjZhZDYxOGE3ZDI5YThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQaK1RDfewyUhMg4LsEKotOJ5Rkn
66R059p1wflTTNWextopYbfyBMYn/olQHoUS40Bq8lzSSD056dTuA7S6hPdC7iE6
joC0aaLfM58LSUGrSyxiaie6sUHI7C4Yk0vcFjWHpJHetlkfzIxzAE4mMV0CuJ3p
BFoNuoONPXS8gLqV3jfLL2tt6wFoo7B7GCTx/teWCuyCFoCXzNc2V5Jgn97o1nly
iYcSAOhO9PKe53WekXt0gJ4HK/JfYFsESwHf2dNIqPO+xlTKgrjMdFbk7bJL2f/f
XltgYSGoSDUuU6CicPFgWEk4mLD1Y21tyRyvUBVmux0xVy0Mw+QMEGAtTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJwvPxt5nXJLPLSQlsZq1hin0pqPMB8GA1UdIwQY
MBaAFBkTy0hWgh0UzS4LdnwpMaIsFU58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTkt
MDc3OWRmMWRkNjRkLzEvbkM4X0czbWRja3M4dEpDV3htcldHS2ZTbW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTktMDc3OWRmMWRkNjRk
LzEvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQCuYAQMBYE
AgACMBAwDgMFBioQpcADBQAqEKXCMA0GCSqGSIb3DQEBCwUAA4IBAQBe1PmdEjI/
EHPUzqcWcsTBbaBB1gqSqsLPksUX0/0VFS0OkocSSz7jLWkvjQJ0UV99ecloa2Id
7v98GRMb5P7Q7SkZKIEuYUNZ1bC41McxcOvsdAj+8muIMb85VmrIJXZwSZXgoQVS
TqqzgBsIdFmYYla3DAV5DW9O8WQayf0s4QJ2yXTFFCYAoEN7lciovGDFOlrHGx4c
WE+C/0uKOBnalCvweOfOIdl8fkaEii3tp3GcAzDWcXLeaIHlmSP8nslz2f/WCXOO
MhNlnczN8uB3NI8MtOTFH90GycNHUIopGomS8OXUyBAWK4wv/I/coqdF42+9f8cj
zJ3peKfzBA93
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:39 2023 by rpki-client on console-ams.rpki-client.org