Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/AQGKVmdtwOMWYwhp8vgv99ngETA.roa
File: AQGKVmdtwOMWYwhp8vgv99ngETA.roa (raw, json)
Hash identifier: n0cLXKh9kEzvqufKFg430cyRIOUQ80Rrg1bJNTbgdzU=
Subject key identifier: 01:01:8A:56:67:6D:C0:E3:16:63:08:69:F2:F8:2F:F7:D9:E0:11:30
Certificate issuer: /CN=b252dda27226a275e3e79b374c8f263cd2d8ecd1
Certificate serial: 13295F7B
Authority key identifier: B2:52:DD:A2:72:26:A2:75:E3:E7:9B:37:4C:8F:26:3C:D2:D8:EC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/slLdonImonXj55s3TI8mPNLY7NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/AQGKVmdtwOMWYwhp8vgv99ngETA.roa
Signing time: Thu 09 Jun 2022 14:16:03 +0000
ROA not before: Thu 09 Jun 2022 14:16:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398465
IP address blocks: 185.156.168.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321478523 (0x13295f7b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b252dda27226a275e3e79b374c8f263cd2d8ecd1
Validity
Not Before: Jun 9 14:16:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01018a56676dc0e316630869f2f82ff7d9e01130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:50:67:ec:6a:24:9a:cc:b2:4e:25:d9:3c:fb:
3c:b4:87:ad:75:84:bf:7d:0b:9d:75:f3:5f:f5:23:
12:1c:e4:d9:6d:8e:01:db:54:14:c4:82:a8:5e:d6:
b0:ae:7c:9e:78:c6:7f:8a:2e:9d:b3:7b:ec:cb:ce:
6e:85:90:58:c5:b8:e4:6d:5d:46:b0:4d:8e:10:98:
5c:95:b9:20:95:99:3f:5e:da:6c:fb:be:76:29:83:
1a:8d:a4:d5:e6:06:41:9b:1c:a0:90:fc:3c:5d:89:
a6:26:cd:df:9c:d3:d2:fb:ec:11:fc:f8:a9:07:bf:
24:b2:34:a7:ab:7c:51:25:da:4c:55:ad:17:10:96:
30:33:90:4f:39:eb:80:c7:7a:e3:a0:5b:e1:7c:9c:
67:3f:b6:6a:4a:be:5d:89:5f:78:df:0d:c2:60:d8:
d5:5c:d6:cf:47:95:9a:b0:30:e1:94:dd:70:83:19:
a2:bf:90:9c:fb:ab:48:a4:1f:8b:9b:a0:d9:d7:90:
4d:3e:44:5e:e7:de:88:26:3e:89:76:e6:88:c2:9f:
35:6e:63:1a:1a:b3:67:e2:6e:d9:5b:c7:84:cb:62:
1b:7a:4e:3d:4b:df:ef:61:f0:72:db:fd:c8:85:5c:
3d:63:7a:d5:e8:b5:87:21:a8:55:3c:9d:46:8a:3c:
3d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:01:8A:56:67:6D:C0:E3:16:63:08:69:F2:F8:2F:F7:D9:E0:11:30
X509v3 Authority Key Identifier:
keyid:B2:52:DD:A2:72:26:A2:75:E3:E7:9B:37:4C:8F:26:3C:D2:D8:EC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/slLdonImonXj55s3TI8mPNLY7NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/AQGKVmdtwOMWYwhp8vgv99ngETA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d05a2e-c281-4dab-8373-a1779904b1c5/1/slLdonImonXj55s3TI8mPNLY7NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.168.0/23
Signature Algorithm: sha256WithRSAEncryption
89:e2:9b:ca:bd:81:83:e9:40:d0:0f:56:dc:26:c6:a8:16:87:
af:7b:2f:2f:ef:c4:7d:ed:11:15:61:3d:a4:b3:93:a9:a9:e3:
84:92:15:4d:61:7d:f0:96:bc:37:c5:d6:a7:92:81:96:6f:0f:
f1:ba:03:34:36:e5:7c:8a:fe:45:5b:cf:8c:fd:0d:91:a7:7f:
24:31:35:34:32:65:cd:53:8b:c0:bf:3d:3f:f9:07:25:e6:3f:
f8:ec:f5:89:12:03:7e:4e:c9:74:d1:37:67:b6:56:8d:e8:bd:
fd:6b:02:96:ba:80:99:bb:ea:25:22:2e:87:9d:1f:04:42:3b:
ea:ea:69:95:a5:e0:0b:d1:33:26:00:46:84:74:1f:b6:21:b5:
78:7b:c5:03:f9:cf:d0:52:3a:e0:6c:ba:b2:47:5f:39:18:76:
1f:ab:fc:5e:6e:b7:46:a6:ad:61:e6:13:36:c8:87:e1:f6:b7:
cd:3a:ff:96:65:f6:f8:2f:37:d4:cf:ad:3c:62:b9:6b:d4:a0:
f2:9a:b3:fc:c4:39:87:54:14:bf:fe:7f:29:59:31:0e:4d:da:
1d:a3:1a:b8:d7:77:fc:8c:24:1b:75:cb:a3:d1:70:c4:8d:b5:
63:3f:a1:57:f2:57:d0:42:d9:46:42:d0:9c:58:eb:aa:8f:b0:
d8:c9:6c:2f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEylfezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MjUyZGRhMjcyMjZhMjc1ZTNlNzliMzc0YzhmMjYzY2QyZDhlY2QxMB4XDTIyMDYw
OTE0MTYwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDEwMThhNTY2NzZk
YzBlMzE2NjMwODY5ZjJmODJmZjdkOWUwMTEzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANlQZ+xqJJrMsk4l2Tz7PLSHrXWEv30LnXXzX/UjEhzk2W2O
AdtUFMSCqF7WsK58nnjGf4ounbN77MvOboWQWMW45G1dRrBNjhCYXJW5IJWZP17a
bPu+dimDGo2k1eYGQZscoJD8PF2JpibN35zT0vvsEfz4qQe/JLI0p6t8USXaTFWt
FxCWMDOQTznrgMd646Bb4XycZz+2akq+XYlfeN8NwmDY1VzWz0eVmrAw4ZTdcIMZ
or+QnPurSKQfi5ug2deQTT5EXufeiCY+iXbmiMKfNW5jGhqzZ+Ju2VvHhMtiG3pO
PUvf72Hwctv9yIVcPWN61ei1hyGoVTydRoo8PR8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQBAYpWZ23A4xZjCGny+C/32eARMDAfBgNVHSMEGDAWgBSyUt2iciaidePn
mzdMjyY80tjs0TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NsTGRvbkltb25YajU1czNUSThtUE5MWTdORS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvZDA1YTJlLWMyODEtNGRhYi04MzczLWExNzc5OTA0YjFjNS8x
L0FRR0tWbWR0d09NV1l3aHA4dmd2OTluZ0VUQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
ZDA1YTJlLWMyODEtNGRhYi04MzczLWExNzc5OTA0YjFjNS8xL3NsTGRvbkltb25Y
ajU1czNUSThtUE5MWTdORS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmcqDANBgkqhkiG9w0BAQsFAAOC
AQEAieKbyr2Bg+lA0A9W3CbGqBaHr3svL+/Efe0RFWE9pLOTqanjhJIVTWF98Ja8
N8XWp5KBlm8P8boDNDblfIr+RVvPjP0Nkad/JDE1NDJlzVOLwL89P/kHJeY/+Oz1
iRIDfk7JdNE3Z7ZWjei9/WsClrqAmbvqJSIuh50fBEI76upplaXgC9EzJgBGhHQf
tiG1eHvFA/nP0FI64Gy6skdfORh2H6v8Xm63RqatYeYTNsiH4fa3zTr/lmX2+C83
1M+tPGK5a9Sg8pqz/MQ5h1QUv/5/KVkxDk3aHaMauNd3/IwkG3XLo9FwxI21Yz+h
V/JX0ELZRkLQnFjrqo+w2MlsLw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-ams.rpki-client.org