Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/_XJvmi2FgD98hrROCHobgvvHfQU.roa
File: _XJvmi2FgD98hrROCHobgvvHfQU.roa (raw, json)
Hash identifier: d+XHpNlCCajimrJB5BZMIxqy7lIDgSMH7gqzSqHqKd0=
Subject key identifier: FD:72:6F:9A:2D:85:80:3F:7C:86:B4:4E:08:7A:1B:82:FB:C7:7D:05
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 0B31BE5C
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/_XJvmi2FgD98hrROCHobgvvHfQU.roa
Signing time: Tue 12 Apr 2022 07:08:08 +0000
ROA not before: Tue 12 Apr 2022 07:08:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209990
IP address blocks: 185.23.202.0/23 maxlen: 23
2a0d:f9c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 187809372 (0xb31be5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Apr 12 07:08:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd726f9a2d85803f7c86b44e087a1b82fbc77d05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:57:b9:62:d9:7c:cc:df:7e:4c:1d:d3:41:79:
8b:b3:33:7f:e7:1c:7d:e2:6f:cc:c1:00:2b:6a:c9:
63:b0:28:a9:ed:fd:87:f4:06:9b:2c:0a:15:f1:0d:
a2:ee:67:b4:aa:bb:b8:31:54:a6:e3:c4:1a:a1:cf:
e3:03:03:03:ec:29:6b:8b:b4:b6:4d:3e:ec:da:4a:
24:0e:f6:6d:bf:cf:bc:a5:e8:e8:e9:23:1e:a1:45:
75:b9:6a:98:76:dc:53:8d:42:39:3f:32:a7:e9:83:
7b:2f:3a:bf:ad:90:e9:57:dd:0d:cd:39:71:f1:d3:
ec:4a:95:20:71:ee:21:0b:70:c0:c6:9d:25:0a:e8:
2d:dd:19:b2:b5:69:fb:3b:ba:bf:3a:9d:27:e6:7a:
03:23:a3:2b:b3:b2:79:89:cf:4c:45:9b:d3:42:c7:
ac:6d:2d:f7:97:0f:78:31:b5:69:0a:b9:df:c6:3d:
8c:9e:b2:43:8a:f1:3e:e9:f7:f3:bb:aa:e1:4b:65:
c9:35:af:f6:3b:59:13:cf:79:c4:84:1e:3c:46:4d:
d2:ef:3a:16:4b:7d:3e:29:75:09:d5:fe:c1:fc:ce:
64:75:b5:6a:56:0b:d2:d8:8c:cc:7b:09:59:61:6d:
cd:00:69:48:2a:88:25:72:a9:70:37:0b:26:95:7e:
d3:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:72:6F:9A:2D:85:80:3F:7C:86:B4:4E:08:7A:1B:82:FB:C7:7D:05
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/_XJvmi2FgD98hrROCHobgvvHfQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.23.202.0/23
IPv6:
2a0d:f9c0::/29
Signature Algorithm: sha256WithRSAEncryption
d5:ca:99:a8:9b:84:0f:f2:e2:ff:43:15:32:1e:1f:21:9e:1b:
2a:1f:ed:e8:f6:0f:69:c8:60:0e:38:77:d7:05:ff:07:69:54:
ad:89:fa:8d:9f:f2:7b:1f:f1:8f:e7:de:1c:3d:35:4a:ed:77:
f7:93:16:29:ca:cc:6c:c3:7a:10:ca:b2:7e:5d:c4:1a:90:32:
de:6e:58:2b:18:4f:56:a0:7f:aa:02:25:e1:b6:7f:41:b8:b7:
a1:2f:01:04:9e:31:58:65:1c:a9:7f:67:76:92:6c:42:ce:37:
24:89:a8:d5:6b:59:72:34:f0:cf:25:ac:cb:82:7f:20:d6:3d:
89:e9:c1:f0:cd:93:a0:e8:17:1c:65:e8:41:7b:4c:0c:fa:02:
da:d0:c1:47:cd:63:83:8e:cd:79:1f:e4:db:bf:65:cb:ff:c6:
30:6d:19:ba:1c:14:01:41:48:ca:fb:71:45:de:a2:8c:13:a9:
bb:18:61:d2:6e:a5:28:82:a0:ca:10:24:56:1d:ae:cc:7f:97:
11:5b:ef:a7:eb:6b:f6:1e:f0:e2:cb:91:c4:da:8b:d5:f4:aa:
0b:42:31:da:15:5d:b6:d3:a8:71:93:3c:bf:b7:0d:d4:7f:de:
bc:8e:4b:fb:4a:51:82:fb:1c:69:4c:8e:5f:2e:4b:81:3e:92:
04:b0:e1:28
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECzG+XDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NDNlMWJhOTFjNTY5YThiMjFhNmQyZDY3ZjVkYmJkNmMwNGU0M2VhMB4XDTIyMDQx
MjA3MDgwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmQ3MjZmOWEyZDg1
ODAzZjdjODZiNDRlMDg3YTFiODJmYmM3N2QwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPRXuWLZfMzffkwd00F5i7Mzf+ccfeJvzMEAK2rJY7Aoqe39
h/QGmywKFfENou5ntKq7uDFUpuPEGqHP4wMDA+wpa4u0tk0+7NpKJA72bb/PvKXo
6OkjHqFFdblqmHbcU41COT8yp+mDey86v62Q6VfdDc05cfHT7EqVIHHuIQtwwMad
JQroLd0ZsrVp+zu6vzqdJ+Z6AyOjK7OyeYnPTEWb00LHrG0t95cPeDG1aQq538Y9
jJ6yQ4rxPun387uq4UtlyTWv9jtZE895xIQePEZN0u86Fkt9Pil1CdX+wfzOZHW1
alYL0tiMzHsJWWFtzQBpSCqIJXKpcDcLJpV+028CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT9cm+aLYWAP3yGtE4IehuC+8d9BTAfBgNVHSMEGDAWgBRkPhupHFaaiyGm
0tZ/XbvWwE5D6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pENGJxUnhXbW9zaHB0TFdmMTI3MXNCT1Etby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvYWNhOTEyLTllOGQtNDc0OS05NWUwLWZlYTBhZmYzNTlmNS8x
L19YSnZtaTJGZ0Q5OGhyUk9DSG9iZ3Z2SGZRVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
YWNhOTEyLTllOGQtNDc0OS05NWUwLWZlYTBhZmYzNTlmNS8xL1pENGJxUnhXbW9z
aHB0TFdmMTI3MXNCT1Etby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbkXyjANBAIAAjAHAwUDKg35wDAN
BgkqhkiG9w0BAQsFAAOCAQEA1cqZqJuED/Li/0MVMh4fIZ4bKh/t6PYPachgDjh3
1wX/B2lUrYn6jZ/yex/xj+feHD01Su1395MWKcrMbMN6EMqyfl3EGpAy3m5YKxhP
VqB/qgIl4bZ/Qbi3oS8BBJ4xWGUcqX9ndpJsQs43JImo1WtZcjTwzyWsy4J/INY9
ienB8M2ToOgXHGXoQXtMDPoC2tDBR81jg47NeR/k279ly//GMG0ZuhwUAUFIyvtx
Rd6ijBOpuxhh0m6lKIKgyhAkVh2uzH+XEVvvp+tr9h7w4suRxNqL1fSqC0Ix2hVd
ttOocZM8v7cN1H/evI5L+0pRgvscaUyOXy5LgT6SBLDhKA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:47 2023 by rpki-client on console-fra.rpki-client.org