Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d0f6f5-a9a1-4ed9-a4c3-fd2e04bb01e7/1/aghZs3xc-UBKVnABBuUcaFSP7AM.roa
File: aghZs3xc-UBKVnABBuUcaFSP7AM.roa (raw, json)
Hash identifier: uUu5JMHFu+Uta0TK9+NGHJpGVYwHYLeBCX8rP3stFyE=
Subject key identifier: 6A:08:59:B3:7C:5C:F9:40:4A:56:70:01:06:E5:1C:68:54:8F:EC:03
Certificate issuer: /CN=f1ad914f8b68a56ef5f68e799f56ddcdaeee0bcc
Certificate serial: 03091569
Authority key identifier: F1:AD:91:4F:8B:68:A5:6E:F5:F6:8E:79:9F:56:DD:CD:AE:EE:0B:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8a2RT4topW719o55n1bdza7uC8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d0f6f5-a9a1-4ed9-a4c3-fd2e04bb01e7/1/aghZs3xc-UBKVnABBuUcaFSP7AM.roa
Signing time: Sat 01 Jan 2022 14:07:54 +0000
ROA not before: Sat 01 Jan 2022 14:07:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205694
IP address blocks: 185.85.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50926953 (0x3091569)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1ad914f8b68a56ef5f68e799f56ddcdaeee0bcc
Validity
Not Before: Jan 1 14:07:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a0859b37c5cf9404a56700106e51c68548fec03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:de:fd:04:08:29:c6:7c:fb:44:17:8f:36:be:
f1:87:58:6d:50:48:ec:26:f4:13:7c:41:57:cb:05:
93:ae:ee:3c:78:a3:93:60:d5:64:8f:88:00:13:64:
e0:8a:89:59:52:a3:ed:40:29:9d:2a:d6:9e:dc:43:
58:a0:64:6d:4b:06:c1:8d:a0:41:72:a8:79:d3:4a:
53:cd:f5:c6:86:93:22:a5:c1:c4:2d:3d:d5:4b:65:
19:db:05:a3:13:27:28:c7:cb:32:c6:9c:22:97:6e:
a9:66:43:6c:b2:18:89:fc:10:df:33:c8:58:6c:9d:
a2:02:9d:a7:8c:e1:c0:46:f7:a7:9e:8f:e6:fd:bd:
37:22:40:3a:2a:77:2d:3e:51:76:96:23:e5:9e:94:
44:c9:01:b6:b8:4b:3b:4b:cf:2a:a6:10:35:31:24:
c5:67:84:2c:72:44:b0:a1:fe:e7:fd:4a:a1:9b:86:
d4:59:9c:ad:d2:47:6d:15:e1:c8:10:36:a1:5e:00:
d9:c3:41:7c:41:0d:67:ee:f3:39:0a:d0:bf:83:3b:
8b:95:69:52:81:d8:13:07:dd:55:f9:cf:2e:f8:35:
f1:08:0b:69:b7:ef:3f:68:43:24:3d:95:02:4b:5a:
1b:02:12:8f:5a:53:e2:59:3c:25:7d:04:d0:bf:fb:
95:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:08:59:B3:7C:5C:F9:40:4A:56:70:01:06:E5:1C:68:54:8F:EC:03
X509v3 Authority Key Identifier:
keyid:F1:AD:91:4F:8B:68:A5:6E:F5:F6:8E:79:9F:56:DD:CD:AE:EE:0B:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a2RT4topW719o55n1bdza7uC8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d0f6f5-a9a1-4ed9-a4c3-fd2e04bb01e7/1/aghZs3xc-UBKVnABBuUcaFSP7AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d0f6f5-a9a1-4ed9-a4c3-fd2e04bb01e7/1/8a2RT4topW719o55n1bdza7uC8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.254.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:66:cf:23:8d:16:c0:09:0d:d0:5b:a1:82:a3:9c:03:1f:64:
25:a8:52:bd:e7:56:1f:56:47:50:49:84:08:f7:24:76:ce:27:
ae:6c:91:8e:41:ec:27:d7:21:83:87:f1:73:8f:4c:96:f6:ca:
ce:29:0a:99:bd:2f:c1:5c:cb:62:49:03:1b:90:ca:9c:2c:81:
77:73:03:d8:85:22:1d:dc:06:ae:bf:20:0a:61:f5:cf:6c:5a:
fb:90:46:38:c9:09:21:b0:08:0c:e7:ee:44:4f:84:97:97:6a:
a6:73:a8:dc:3b:cc:2e:29:d6:a0:3f:8e:ed:00:02:f6:61:dc:
63:a2:77:dc:48:62:e5:ff:89:7b:74:2d:56:78:49:3e:3b:e1:
75:00:5b:10:7a:84:2e:53:3b:ee:20:a4:4f:2c:e7:29:32:37:
b4:46:09:23:d8:74:49:c6:cd:9e:1f:72:c4:46:8f:96:5b:f6:
e2:5f:a1:d3:a8:6b:45:a1:79:53:11:82:08:cd:c6:8f:92:44:
8b:20:84:a8:7d:ea:19:49:53:dc:84:38:21:29:9c:6e:b7:59:
f5:25:91:e6:4e:c3:ff:cb:6b:c9:5c:c6:97:32:e4:1e:eb:76:
41:96:01:82:7c:9c:37:5a:79:17:5c:d0:ca:28:f2:22:92:31:
50:5c:19:c0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAwkVaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWFkOTE0ZjhiNjhhNTZlZjVmNjhlNzk5ZjU2ZGRjZGFlZWUwYmNjMB4XDTIyMDEw
MTE0MDc1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmEwODU5YjM3YzVj
Zjk0MDRhNTY3MDAxMDZlNTFjNjg1NDhmZWMwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLe/QQIKcZ8+0QXjza+8YdYbVBI7Cb0E3xBV8sFk67uPHij
k2DVZI+IABNk4IqJWVKj7UApnSrWntxDWKBkbUsGwY2gQXKoedNKU831xoaTIqXB
xC091UtlGdsFoxMnKMfLMsacIpduqWZDbLIYifwQ3zPIWGydogKdp4zhwEb3p56P
5v29NyJAOip3LT5RdpYj5Z6URMkBtrhLO0vPKqYQNTEkxWeELHJEsKH+5/1KoZuG
1FmcrdJHbRXhyBA2oV4A2cNBfEENZ+7zOQrQv4M7i5VpUoHYEwfdVfnPLvg18QgL
abfvP2hDJD2VAktaGwISj1pT4lk8JX0E0L/7ldUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRqCFmzfFz5QEpWcAEG5RxoVI/sAzAfBgNVHSMEGDAWgBTxrZFPi2ilbvX2
jnmfVt3Nru4LzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhhMlJUNHRvcFc3MTlvNTVuMWJkemE3dUM4dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvZDBmNmY1LWE5YTEtNGVkOS1hNGMzLWZkMmUwNGJiMDFlNy8x
L2FnaFpzM3hjLVVCS1ZuQUJCdVVjYUZTUDdBTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
ZDBmNmY1LWE5YTEtNGVkOS1hNGMzLWZkMmUwNGJiMDFlNy8xLzhhMlJUNHRvcFc3
MTlvNTVuMWJkemE3dUM4dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALlV/jANBgkqhkiG9w0BAQsFAAOC
AQEAjmbPI40WwAkN0FuhgqOcAx9kJahSvedWH1ZHUEmECPckds4nrmyRjkHsJ9ch
g4fxc49MlvbKzikKmb0vwVzLYkkDG5DKnCyBd3MD2IUiHdwGrr8gCmH1z2xa+5BG
OMkJIbAIDOfuRE+El5dqpnOo3DvMLinWoD+O7QAC9mHcY6J33Ehi5f+Je3QtVnhJ
PjvhdQBbEHqELlM77iCkTyznKTI3tEYJI9h0ScbNnh9yxEaPllv24l+h06hrRaF5
UxGCCM3Gj5JEiyCEqH3qGUlT3IQ4ISmcbrdZ9SWR5k7D/8tryVzGlzLkHut2QZYB
gnycN1p5F1zQyijyIpIxUFwZwA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:34 2023 by rpki-client on console-ams.rpki-client.org