Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/fIhKoN0A2ry8jjDsaKHPrminfWo.roa
File: fIhKoN0A2ry8jjDsaKHPrminfWo.roa (raw, json)
Hash identifier: GZrohEvL4IEGprimf8Jhl9W51+rV3zhgi0reb08ROv0=
Subject key identifier: 7C:88:4A:A0:DD:00:DA:BC:BC:8E:30:EC:68:A1:CF:AE:68:A7:7D:6A
Certificate issuer: /CN=9042e83976e35fe29a01d3c43a9bc5964b37b443
Certificate serial: 071BD889
Authority key identifier: 90:42:E8:39:76:E3:5F:E2:9A:01:D3:C4:3A:9B:C5:96:4B:37:B4:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kELoOXbjX-KaAdPEOpvFlks3tEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/fIhKoN0A2ry8jjDsaKHPrminfWo.roa
Signing time: Sat 01 Jan 2022 11:56:56 +0000
ROA not before: Sat 01 Jan 2022 11:56:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49374
IP address blocks: 185.1.136.0/24 maxlen: 24
2001:7f8:da::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119265417 (0x71bd889)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9042e83976e35fe29a01d3c43a9bc5964b37b443
Validity
Not Before: Jan 1 11:56:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c884aa0dd00dabcbc8e30ec68a1cfae68a77d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ef:94:e0:0f:6d:cf:5a:ab:ac:39:8d:a7:cc:
cd:f1:ce:db:8a:d1:6a:aa:77:19:e9:b9:fb:b5:40:
64:b1:99:07:f4:f8:b0:1f:0f:2d:f4:1b:9d:c8:c6:
db:7f:a9:56:24:5f:69:5d:05:6e:13:68:50:4c:0d:
7f:ca:87:91:7e:32:1a:fc:aa:37:1e:09:db:78:c6:
a0:30:14:73:19:af:90:09:15:43:8f:5f:ff:a4:9c:
d7:02:4e:77:a8:7c:33:57:72:11:5f:ba:09:7d:a5:
36:b4:96:4f:ac:fd:81:72:c2:ad:7d:b0:fc:cd:e9:
90:9f:2b:e6:bc:4c:da:f8:48:69:3f:d1:f6:b2:cb:
44:2d:e1:09:3d:04:01:77:b3:11:9c:ef:6e:30:64:
df:ba:26:13:6e:fe:10:4d:10:a3:ab:21:a8:95:70:
e7:5c:f7:40:47:1a:78:4a:6e:cb:21:d4:4c:9f:0d:
db:04:89:fc:1f:1e:25:92:cf:ab:b9:80:70:a6:9f:
86:86:29:dd:9e:64:a5:75:3a:8c:98:e3:08:ab:70:
28:c0:a4:8a:16:b0:b3:d2:90:0b:42:3a:ca:b6:e9:
e5:a5:ea:a9:e1:c3:8e:09:b5:5c:9c:17:c8:26:9b:
41:58:d9:64:bf:a1:4a:78:45:75:13:8b:f2:81:f8:
87:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:88:4A:A0:DD:00:DA:BC:BC:8E:30:EC:68:A1:CF:AE:68:A7:7D:6A
X509v3 Authority Key Identifier:
keyid:90:42:E8:39:76:E3:5F:E2:9A:01:D3:C4:3A:9B:C5:96:4B:37:B4:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kELoOXbjX-KaAdPEOpvFlks3tEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/fIhKoN0A2ry8jjDsaKHPrminfWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a87b6e-d842-4c0c-881b-210940da177b/1/kELoOXbjX-KaAdPEOpvFlks3tEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.136.0/24
IPv6:
2001:7f8:da::/48
Signature Algorithm: sha256WithRSAEncryption
49:cd:71:c1:28:a1:49:7c:8b:ae:e1:33:0f:4d:1d:3e:49:a1:
51:bc:21:bf:29:d7:81:6b:a7:bb:fa:6f:68:87:b4:20:62:6c:
d1:33:92:19:c9:2b:4f:be:9a:9c:d1:0c:df:00:1d:79:5d:7c:
08:cc:72:65:23:dd:c6:b9:32:41:1b:e7:de:9e:d9:69:ab:7c:
4b:49:f2:88:0f:0d:dc:72:a8:25:5b:5b:21:ea:6d:e8:3e:5c:
7b:d7:8b:87:de:58:b3:5d:d1:9d:a5:8d:e7:03:fa:ec:52:8a:
8f:84:57:62:57:6d:d0:f8:19:01:32:3c:00:32:ac:b2:53:1d:
6b:cf:f5:2f:6a:24:a5:4b:c9:fa:e2:4e:9c:c4:3b:30:c6:fd:
e5:b2:ff:59:2b:bf:83:bd:cb:aa:b6:48:ba:39:6a:77:36:22:
48:fe:34:e2:c2:32:be:e4:d9:67:b3:5c:ce:dc:7b:2b:86:68:
b3:2c:b2:bc:b9:2a:a1:69:db:e2:f1:aa:34:6e:27:a1:44:b1:
7c:55:05:d9:cd:b6:9b:14:db:a2:7e:d3:98:86:e6:97:ef:b6:
d5:ef:9a:78:94:15:43:92:0a:d7:15:4f:ec:2e:63:bc:c0:24:
81:51:88:6b:eb:fc:35:5b:e9:d9:ae:0c:2e:21:5d:e6:32:7f:
23:f8:55:f2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBxvYiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MDQyZTgzOTc2ZTM1ZmUyOWEwMWQzYzQzYTliYzU5NjRiMzdiNDQzMB4XDTIyMDEw
MTExNTY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M4ODRhYTBkZDAw
ZGFiY2JjOGUzMGVjNjhhMWNmYWU2OGE3N2Q2YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK7vlOAPbc9aq6w5jafMzfHO24rRaqp3Gem5+7VAZLGZB/T4
sB8PLfQbncjG23+pViRfaV0FbhNoUEwNf8qHkX4yGvyqNx4J23jGoDAUcxmvkAkV
Q49f/6Sc1wJOd6h8M1dyEV+6CX2lNrSWT6z9gXLCrX2w/M3pkJ8r5rxM2vhIaT/R
9rLLRC3hCT0EAXezEZzvbjBk37omE27+EE0Qo6shqJVw51z3QEcaeEpuyyHUTJ8N
2wSJ/B8eJZLPq7mAcKafhoYp3Z5kpXU6jJjjCKtwKMCkihaws9KQC0I6yrbp5aXq
qeHDjgm1XJwXyCabQVjZZL+hSnhFdROL8oH4h+8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBR8iEqg3QDavLyOMOxooc+uaKd9ajAfBgNVHSMEGDAWgBSQQug5duNf4poB
08Q6m8WWSze0QzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tFTG9PWGJqWC1LYUFkUEVPcHZGbGtzM3RFTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvYTg3YjZlLWQ4NDItNGMwYy04ODFiLTIxMDk0MGRhMTc3Yi8x
L2ZJaEtvTjBBMnJ5OGpqRHNhS0hQcm1pbmZXby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
YTg3YjZlLWQ4NDItNGMwYy04ODFiLTIxMDk0MGRhMTc3Yi8xL2tFTG9PWGJqWC1L
YUFkUEVPcHZGbGtzM3RFTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALkBiDAPBAIAAjAJAwcAIAEH+ADa
MA0GCSqGSIb3DQEBCwUAA4IBAQBJzXHBKKFJfIuu4TMPTR0+SaFRvCG/KdeBa6e7
+m9oh7QgYmzRM5IZyStPvpqc0QzfAB15XXwIzHJlI93GuTJBG+fentlpq3xLSfKI
Dw3ccqglW1sh6m3oPlx714uH3lizXdGdpY3nA/rsUoqPhFdiV23Q+BkBMjwAMqyy
Ux1rz/UvaiSlS8n64k6cxDswxv3lsv9ZK7+Dvcuqtki6OWp3NiJI/jTiwjK+5Nln
s1zO3HsrhmizLLK8uSqhadvi8ao0biehRLF8VQXZzbabFNuiftOYhuaX77bV75p4
lBVDkgrXFU/sLmO8wCSBUYhr6/w1W+nZrgwuIV3mMn8j+FXy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:58 2023 by rpki-client on console-ams.rpki-client.org