Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/DQz73gUjVzBdvR7VvssDlHGK5XE.roa
File: DQz73gUjVzBdvR7VvssDlHGK5XE.roa (raw, json)
Hash identifier: PWoXWZ5mHbnN4p4dvdtgjQje0mOUk2ZtOWfpdkEq1ls=
Subject key identifier: 0D:0C:FB:DE:05:23:57:30:5D:BD:1E:D5:BE:CB:03:94:71:8A:E5:71
Certificate issuer: /CN=865122c0e562e407976823d94e19e2a794f8cb62
Certificate serial: 059CA01B
Authority key identifier: 86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/DQz73gUjVzBdvR7VvssDlHGK5XE.roa
Signing time: Sat 01 Jan 2022 06:05:16 +0000
ROA not before: Sat 01 Jan 2022 06:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205068
IP address blocks: 185.166.164.0/22 maxlen: 22
2a0d:3080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94150683 (0x59ca01b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=865122c0e562e407976823d94e19e2a794f8cb62
Validity
Not Before: Jan 1 06:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d0cfbde052357305dbd1ed5becb0394718ae571
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d8:e6:44:7e:4b:88:30:b7:32:cc:83:c8:a3:
25:4a:0c:bb:bd:d5:ab:8d:64:bf:5b:a0:76:89:ea:
8a:99:7d:59:13:1c:08:c8:c8:23:11:22:5f:64:0f:
b2:f6:38:a5:ce:22:3e:5f:a7:17:a9:a1:55:14:e0:
79:71:11:2a:29:90:56:7d:b0:60:79:d5:de:b2:8e:
5a:19:14:9e:d4:93:20:ff:88:30:e7:54:98:60:31:
f5:9f:59:f5:9a:11:fd:df:9d:cc:06:76:21:ad:b1:
5c:84:8c:a8:08:48:38:89:91:65:55:22:72:c9:77:
90:5f:60:63:31:7b:89:41:b3:f5:64:cd:a9:49:83:
ee:f8:2d:49:5d:3b:68:2b:51:ef:98:69:3f:5e:7f:
5c:a0:35:69:18:3d:ac:a6:f7:21:f3:0c:fb:3d:6a:
4e:6f:92:a0:c2:17:c1:d6:28:dc:e7:23:20:9b:89:
43:f2:a8:f7:46:25:ca:9c:23:96:2e:25:c3:46:cc:
e1:26:32:27:1c:a9:0e:28:4c:c7:0b:1a:9a:61:93:
c6:0c:b3:88:39:7e:cd:4c:d5:90:24:e1:89:ef:78:
6b:af:c4:55:7c:eb:7a:3f:5b:2a:90:b6:4d:b4:3f:
b5:6d:96:5e:da:98:b1:2f:69:7f:71:1d:a3:73:c3:
c3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:0C:FB:DE:05:23:57:30:5D:BD:1E:D5:BE:CB:03:94:71:8A:E5:71
X509v3 Authority Key Identifier:
keyid:86:51:22:C0:E5:62:E4:07:97:68:23:D9:4E:19:E2:A7:94:F8:CB:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hlEiwOVi5AeXaCPZThnip5T4y2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/DQz73gUjVzBdvR7VvssDlHGK5XE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/028b82-fe03-4025-9765-b8dd18e48e86/1/hlEiwOVi5AeXaCPZThnip5T4y2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.166.164.0/22
IPv6:
2a0d:3080::/29
Signature Algorithm: sha256WithRSAEncryption
32:f0:7c:e6:b7:3b:fb:dd:19:02:52:81:38:8b:9d:85:6f:8c:
86:1f:82:89:e9:73:93:24:43:de:1a:75:00:6f:89:87:1e:e2:
76:86:f9:eb:7d:a6:0d:db:b1:a7:b6:30:37:4b:1f:f1:2e:a0:
73:4a:2c:6b:50:8e:32:10:bb:ad:b3:0d:b9:ab:23:b7:3a:53:
89:b9:61:08:c6:60:c0:f3:0a:2e:0f:06:17:f7:a6:c8:00:73:
46:13:e6:3e:46:96:84:d4:66:37:75:ee:54:0c:f7:4c:61:d2:
c7:be:a5:21:4b:2e:5c:49:e3:92:d5:a4:2c:e5:88:f9:24:b9:
0a:f8:f8:64:19:58:01:10:94:49:4f:0e:51:af:27:bc:4c:d9:
11:c1:59:91:c1:b4:37:19:1d:3a:e3:22:aa:41:8a:99:cd:7e:
15:6d:b4:87:77:fb:82:0d:15:77:56:b5:81:aa:ab:19:d7:0e:
99:c6:8a:bb:c4:9b:cd:29:f9:94:72:0e:3a:22:46:a4:1c:30:
f5:f9:96:9e:ad:c7:9b:8c:c4:b3:a2:f9:43:24:20:d0:30:61:
ce:1e:3b:d3:98:90:f7:11:5c:2e:f9:80:77:e3:98:56:f1:e3:
f3:ce:1d:2b:09:57:af:1a:0b:95:a8:b3:76:21:10:01:eb:7c:
93:a4:62:f9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBZygGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NjUxMjJjMGU1NjJlNDA3OTc2ODIzZDk0ZTE5ZTJhNzk0ZjhjYjYyMB4XDTIyMDEw
MTA2MDUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQwY2ZiZGUwNTIz
NTczMDVkYmQxZWQ1YmVjYjAzOTQ3MThhZTU3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3Y5kR+S4gwtzLMg8ijJUoMu73Vq41kv1ugdonqipl9WRMc
CMjIIxEiX2QPsvY4pc4iPl+nF6mhVRTgeXERKimQVn2wYHnV3rKOWhkUntSTIP+I
MOdUmGAx9Z9Z9ZoR/d+dzAZ2Ia2xXISMqAhIOImRZVUicsl3kF9gYzF7iUGz9WTN
qUmD7vgtSV07aCtR75hpP15/XKA1aRg9rKb3IfMM+z1qTm+SoMIXwdYo3OcjIJuJ
Q/Ko90Ylypwjli4lw0bM4SYyJxypDihMxwsammGTxgyziDl+zUzVkCThie94a6/E
VXzrej9bKpC2TbQ/tW2WXtqYsS9pf3Edo3PDw3cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQNDPveBSNXMF29HtW+ywOUcYrlcTAfBgNVHSMEGDAWgBSGUSLA5WLkB5do
I9lOGeKnlPjLYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hsRWl3T1ZpNUFlWGFDUFpUaG5pcDVUNHkySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvMDI4YjgyLWZlMDMtNDAyNS05NzY1LWI4ZGQxOGU0OGU4Ni8x
L0RRejczZ1VqVnpCZHZSN1Z2c3NEbEhHSzVYRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
MDI4YjgyLWZlMDMtNDAyNS05NzY1LWI4ZGQxOGU0OGU4Ni8xL2hsRWl3T1ZpNUFl
WGFDUFpUaG5pcDVUNHkySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmmpDANBAIAAjAHAwUDKg0wgDAN
BgkqhkiG9w0BAQsFAAOCAQEAMvB85rc7+90ZAlKBOIudhW+Mhh+CielzkyRD3hp1
AG+Jhx7idob5632mDduxp7YwN0sf8S6gc0osa1COMhC7rbMNuasjtzpTiblhCMZg
wPMKLg8GF/emyABzRhPmPkaWhNRmN3XuVAz3TGHSx76lIUsuXEnjktWkLOWI+SS5
Cvj4ZBlYARCUSU8OUa8nvEzZEcFZkcG0NxkdOuMiqkGKmc1+FW20h3f7gg0Vd1a1
gaqrGdcOmcaKu8SbzSn5lHIOOiJGpBww9fmWnq3Hm4zEs6L5QyQg0DBhzh4705iQ
9xFcLvmAd+OYVvHj884dKwlXrxoLlaizdiEQAet8k6Ri+Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:18 2024 by rpki-client on console-fra.rpki-client.org