Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/_rKAJBLaTPZif9J2FNvE6uhjzDY.roa
File: _rKAJBLaTPZif9J2FNvE6uhjzDY.roa (raw, json)
Hash identifier: ophQZUD64nq3WLFV8oglRP+nAhx78NmYMoqemhcGOYw=
Subject key identifier: FE:B2:80:24:12:DA:4C:F6:62:7F:D2:76:14:DB:C4:EA:E8:63:CC:36
Certificate issuer: /CN=3aba1172472ea80265d12982967de0a8b0bc5901
Certificate serial: 0183E5BF6F15FA60E6FA3F815C9650F8F7AA
Authority key identifier: 3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/_rKAJBLaTPZif9J2FNvE6uhjzDY.roa
Signing time: Mon 17 Oct 2022 11:41:11 +0000
ROA not before: Mon 17 Oct 2022 11:41:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210876
IP address blocks: 193.57.164.0/23 maxlen: 23
193.57.164.0/24 maxlen: 24
185.204.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:bf:6f:15:fa:60:e6:fa:3f:81:5c:96:50:f8:f7:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3aba1172472ea80265d12982967de0a8b0bc5901
Validity
Not Before: Oct 17 11:41:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=feb2802412da4cf6627fd27614dbc4eae863cc36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:3c:49:ec:71:48:27:51:ab:83:9b:f5:24:2a:
79:87:c5:59:56:bf:fd:89:9e:2c:68:2a:91:bb:3c:
be:3c:54:92:ad:46:ee:36:9d:d5:d6:74:08:10:74:
b3:73:d9:50:1e:41:99:63:65:b7:b1:6e:0c:4d:53:
78:86:f8:e3:79:93:13:91:e7:ce:67:13:74:51:5b:
1d:4f:0d:9b:2a:f4:25:aa:f9:9a:1d:52:5e:da:af:
44:00:df:7a:d9:9e:f5:b8:80:40:45:bb:cb:64:d9:
3d:1c:ce:7c:f2:2f:4a:6a:1d:d0:ff:89:12:5a:be:
9f:6c:66:20:26:92:76:87:f7:53:21:a2:d6:71:b0:
74:a3:ea:a9:08:76:90:60:50:8f:1c:87:11:b7:de:
87:66:a6:75:fa:7c:a1:43:9f:5d:ff:54:d0:c0:67:
ee:c3:bb:e9:b3:b2:9d:9d:16:ee:e3:76:e7:3a:f2:
81:33:c4:46:3c:7f:be:4a:7c:81:86:40:c5:30:f6:
f5:d1:f3:c2:33:31:20:d1:4f:6a:29:b8:7c:20:c8:
a0:b6:ff:7e:40:70:79:01:e7:62:a3:55:8d:73:c7:
f7:44:ff:b6:06:56:64:ad:3d:c4:be:25:6d:a1:cb:
37:15:2b:9d:f3:eb:f8:8a:dd:e9:5e:37:03:c8:ba:
de:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:B2:80:24:12:DA:4C:F6:62:7F:D2:76:14:DB:C4:EA:E8:63:CC:36
X509v3 Authority Key Identifier:
keyid:3A:BA:11:72:47:2E:A8:02:65:D1:29:82:96:7D:E0:A8:B0:BC:59:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OroRckcuqAJl0SmCln3gqLC8WQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/_rKAJBLaTPZif9J2FNvE6uhjzDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/7b1c55-ddd0-4281-8378-4dd04346abc3/1/OroRckcuqAJl0SmCln3gqLC8WQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.102.0/24
193.57.164.0/23
Signature Algorithm: sha256WithRSAEncryption
27:2a:ec:12:ad:a2:55:eb:65:d8:a5:04:90:08:de:79:29:4b:
89:63:32:32:cc:6c:5c:21:77:f0:20:0e:bd:47:d4:e9:d0:1b:
66:fa:97:3d:e7:2d:31:dd:a8:05:62:6f:0c:48:5d:2c:6a:d6:
09:a9:9e:97:b1:76:82:78:ac:39:92:d2:41:b6:94:83:62:b4:
9a:2a:45:6a:2c:19:13:52:e9:96:1e:48:23:33:27:bb:38:a1:
4c:be:af:77:23:6d:5b:85:6d:45:01:f7:92:f4:48:03:e1:fb:
50:ee:cb:16:11:fe:f9:fc:86:d1:ba:ab:4f:1d:c6:98:bc:58:
3a:2d:40:70:28:77:19:a4:fc:98:2b:52:a0:88:a5:5b:7b:26:
fa:6f:06:ec:82:ae:31:1c:ae:cb:df:b2:17:d8:e3:68:c4:36:
ad:b7:b2:50:71:79:5c:43:2b:df:8d:ba:5a:77:b1:d1:0f:81:
aa:23:02:91:2f:b9:9b:f5:94:c9:55:8f:f7:0e:10:96:2c:4c:
c6:5f:93:d9:65:af:84:f4:45:4d:11:ca:e0:70:f6:af:09:94:
0f:54:44:bb:7f:50:85:31:8c:7e:a8:29:e7:6a:97:64:33:17:
27:3a:d5:1a:5b:eb:31:87:aa:a6:ed:d7:58:ce:36:0f:52:f3:
ee:af:32:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPlv28V+mDm+j+BXJZQ+PeqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYmExMTcyNDcyZWE4MDI2NWQxMjk4Mjk2N2RlMGE4YjBi
YzU5MDEwHhcNMjIxMDE3MTE0MTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWIyODAyNDEyZGE0Y2Y2NjI3ZmQyNzYxNGRiYzRlYWU4NjNjYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjxJ7HFIJ1Grg5v1JCp5h8VZVr/9
iZ4saCqRuzy+PFSSrUbuNp3V1nQIEHSzc9lQHkGZY2W3sW4MTVN4hvjjeZMTkefO
ZxN0UVsdTw2bKvQlqvmaHVJe2q9EAN962Z71uIBARbvLZNk9HM588i9Kah3Q/4kS
Wr6fbGYgJpJ2h/dTIaLWcbB0o+qpCHaQYFCPHIcRt96HZqZ1+nyhQ59d/1TQwGfu
w7vps7KdnRbu43bnOvKBM8RGPH++SnyBhkDFMPb10fPCMzEg0U9qKbh8IMigtv9+
QHB5Aedio1WNc8f3RP+2BlZkrT3EviVtocs3FSud8+v4it3pXjcDyLreQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP6ygCQS2kz2Yn/SdhTbxOroY8w2MB8GA1UdIwQY
MBaAFDq6EXJHLqgCZdEpgpZ94KiwvFkBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgt
NGRkMDQzNDZhYmMzLzEvX3JLQUpCTGFUUFppZjlKMkZOdkU2dWhqekRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My83YjFjNTUtZGRkMC00MjgxLTgzNzgtNGRkMDQzNDZhYmMz
LzEvT3JvUmNrY3VxQUpsMFNtQ2xuM2dxTEM4V1FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucxmAwQB
wTmkMA0GCSqGSIb3DQEBCwUAA4IBAQAnKuwSraJV62XYpQSQCN55KUuJYzIyzGxc
IXfwIA69R9Tp0Btm+pc95y0x3agFYm8MSF0satYJqZ6XsXaCeKw5ktJBtpSDYrSa
KkVqLBkTUumWHkgjMye7OKFMvq93I21bhW1FAfeS9EgD4ftQ7ssWEf75/IbRuqtP
HcaYvFg6LUBwKHcZpPyYK1KgiKVbeyb6bwbsgq4xHK7L37IX2ONoxDatt7JQcXlc
Qyvfjbpad7HRD4GqIwKRL7mb9ZTJVY/3DhCWLEzGX5PZZa+E9EVNEcrgcPavCZQP
VES7f1CFMYx+qCnnapdkMxcnOtUaW+sxh6qm7ddYzjYPUvPurzLQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:23 2023 by rpki-client on console-ams.rpki-client.org