Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/e5dfe6-18bb-48a5-8622-59207d8420d0/1/ChA-cYsbctyGrEQofUBixbjHcoI.roa
File: ChA-cYsbctyGrEQofUBixbjHcoI.roa (raw, json)
Hash identifier: GXfbiZ8PXU88dAr/B0UQkPlRvHqAS+v7u5fWlHWI97c=
Subject key identifier: 0A:10:3E:71:8B:1B:72:DC:86:AC:44:28:7D:40:62:C5:B8:C7:72:82
Certificate issuer: /CN=6f3c9c76e2afc73ccedbc9e0292ffb99f65e7352
Certificate serial: 49B4
Authority key identifier: 6F:3C:9C:76:E2:AF:C7:3C:CE:DB:C9:E0:29:2F:FB:99:F6:5E:73:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bzycduKvxzzO28ngKS_7mfZec1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/e5dfe6-18bb-48a5-8622-59207d8420d0/1/ChA-cYsbctyGrEQofUBixbjHcoI.roa
Signing time: Thu 17 Mar 2022 17:44:54 +0000
ROA not before: Thu 17 Mar 2022 17:44:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203730
IP address blocks: 185.106.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18868 (0x49b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f3c9c76e2afc73ccedbc9e0292ffb99f65e7352
Validity
Not Before: Mar 17 17:44:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a103e718b1b72dc86ac44287d4062c5b8c77282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:68:35:44:5e:c6:ef:42:67:3d:56:fa:85:22:
5a:77:a7:9e:07:a6:b4:c5:59:e9:39:69:45:67:ab:
9a:33:21:ca:d0:32:f7:62:e7:c4:36:7a:ef:d2:99:
5f:91:f6:69:5b:67:a8:7c:cf:5b:c1:8b:2c:64:ac:
e3:1e:12:f6:85:31:e3:82:26:4c:72:8b:9d:b6:a9:
7a:5b:56:ce:ce:38:b0:50:50:10:d6:53:30:78:44:
a8:99:13:41:15:c6:69:73:97:fe:92:06:ca:03:7a:
b7:ca:3d:0f:3a:83:24:41:b9:91:24:2d:ca:a1:b4:
c9:18:ea:73:04:83:ad:08:e1:aa:31:a4:50:d8:8e:
cd:79:e7:6d:c8:64:49:8f:32:13:60:77:d8:58:6f:
be:3b:c0:28:39:4a:c5:ce:4b:79:66:e7:dd:ba:a4:
22:e9:8f:e8:ce:0d:32:f0:2d:23:3e:10:c9:88:c3:
fe:13:5f:2d:8a:fd:94:d3:2b:de:2a:6a:54:e8:b3:
7a:76:17:a3:79:e2:52:31:86:0b:7e:e8:c1:ef:71:
5e:77:b6:a1:70:7a:4b:39:73:48:b6:99:0c:12:26:
da:ad:50:67:70:36:bb:73:0c:8b:98:13:5e:d0:e6:
82:35:c7:01:04:45:39:56:4f:6f:de:fa:2e:8a:d6:
8e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:10:3E:71:8B:1B:72:DC:86:AC:44:28:7D:40:62:C5:B8:C7:72:82
X509v3 Authority Key Identifier:
keyid:6F:3C:9C:76:E2:AF:C7:3C:CE:DB:C9:E0:29:2F:FB:99:F6:5E:73:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bzycduKvxzzO28ngKS_7mfZec1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e5dfe6-18bb-48a5-8622-59207d8420d0/1/ChA-cYsbctyGrEQofUBixbjHcoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/e5dfe6-18bb-48a5-8622-59207d8420d0/1/bzycduKvxzzO28ngKS_7mfZec1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.116.0/22
Signature Algorithm: sha256WithRSAEncryption
38:44:7e:0f:5b:b9:22:99:c0:20:9e:bc:62:4f:12:2c:bc:93:
72:4e:02:2c:25:f7:96:22:66:ad:75:ff:73:24:19:a3:b7:3c:
ba:91:9e:04:2f:3f:1a:eb:24:c8:a7:19:4e:ab:bc:bd:d9:a4:
18:72:9c:1a:57:1f:ba:4a:ef:79:68:be:d0:ba:6b:64:a1:f5:
62:3d:90:06:8e:33:92:17:af:27:e1:b4:0c:df:4e:77:68:02:
41:32:88:df:24:90:9a:53:aa:53:32:7f:61:7c:55:64:f9:5f:
52:6d:8b:74:e0:b2:1a:87:78:06:9b:48:b7:8d:0c:38:07:01:
7c:b2:ea:4e:43:a5:63:01:8b:47:56:f9:09:99:e7:5a:80:3d:
8b:b5:23:d1:7b:5a:74:f4:95:66:57:2b:b7:3f:f2:e8:b2:7b:
4d:d3:a8:d4:46:90:12:1f:0a:e5:ed:51:5b:00:87:b6:4a:b3:
df:00:99:5d:c4:f3:29:66:6b:ca:aa:af:4f:72:ac:b5:e2:92:
65:62:f7:82:04:ef:e3:73:66:2f:2e:73:02:7f:f9:4e:68:f4:
a0:d8:b7:fc:9c:1c:fb:7e:4d:ea:b7:f1:1d:3d:c5:9b:da:83:
bb:08:7f:39:42:3e:10:7b:d5:95:ec:f9:e7:14:be:db:75:b7:
67:53:f2:84
-----BEGIN CERTIFICATE-----
MIIE7TCCA9WgAwIBAgICSbQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNmYz
YzljNzZlMmFmYzczY2NlZGJjOWUwMjkyZmZiOTlmNjVlNzM1MjAeFw0yMjAzMTcx
NzQ0NTRaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDBhMTAzZTcxOGIxYjcy
ZGM4NmFjNDQyODdkNDA2MmM1YjhjNzcyODIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCTaDVEXsbvQmc9VvqFIlp3p54HprTFWek5aUVnq5ozIcrQMvdi
58Q2eu/SmV+R9mlbZ6h8z1vBiyxkrOMeEvaFMeOCJkxyi522qXpbVs7OOLBQUBDW
UzB4RKiZE0EVxmlzl/6SBsoDerfKPQ86gyRBuZEkLcqhtMkY6nMEg60I4aoxpFDY
js15523IZEmPMhNgd9hYb747wCg5SsXOS3lm5926pCLpj+jODTLwLSM+EMmIw/4T
Xy2K/ZTTK94qalTos3p2F6N54lIxhgt+6MHvcV53tqFweks5c0i2mQwSJtqtUGdw
NrtzDIuYE17Q5oI1xwEERTlWT2/e+i6K1o5pAgMBAAGjggIJMIICBTAdBgNVHQ4E
FgQUChA+cYsbctyGrEQofUBixbjHcoIwHwYDVR0jBBgwFoAUbzycduKvxzzO28ng
KS/7mfZec1IwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9i
enljZHVLdnh6ek8yOG5nS1NfN21mWmVjMUkuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzgwL2U1ZGZlNi0xOGJiLTQ4YTUtODYyMi01OTIwN2Q4NDIwZDAvMS9D
aEEtY1lzYmN0eUdyRVFvZlVCaXhiakhjb0kucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzgwL2U1
ZGZlNi0xOGJiLTQ4YTUtODYyMi01OTIwN2Q4NDIwZDAvMS9ienljZHVLdnh6ek8y
OG5nS1NfN21mWmVjMUkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK5anQwDQYJKoZIhvcNAQELBQADggEB
ADhEfg9buSKZwCCevGJPEiy8k3JOAiwl95YiZq11/3MkGaO3PLqRngQvPxrrJMin
GU6rvL3ZpBhynBpXH7pK73lovtC6a2Sh9WI9kAaOM5IXryfhtAzfTndoAkEyiN8k
kJpTqlMyf2F8VWT5X1Jti3TgshqHeAabSLeNDDgHAXyy6k5DpWMBi0dW+QmZ51qA
PYu1I9F7WnT0lWZXK7c/8uiye03TqNRGkBIfCuXtUVsAh7ZKs98AmV3E8ylma8qq
r09yrLXikmVi94IE7+NzZi8ucwJ/+U5o9KDYt/ycHPt+Teq38R09xZvag7sIfzlC
PhB71ZXs+ecUvtt1t2dT8oQ=
-----END CERTIFICATE-----