Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/sgLHeNJL71JWIO1ebfnQeWV5rwY.roa
File: sgLHeNJL71JWIO1ebfnQeWV5rwY.roa (raw, json)
Hash identifier: 9z+94wx6H2EH0zZXvb4YG9PjLqhSsqXQF625Kh9E6VA=
Subject key identifier: B2:02:C7:78:D2:4B:EF:52:56:20:ED:5E:6D:F9:D0:79:65:79:AF:06
Certificate issuer: /CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Certificate serial: 018262624393A586DF78826A3E0D524FFB59
Authority key identifier: D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/sgLHeNJL71JWIO1ebfnQeWV5rwY.roa
Signing time: Wed 03 Aug 2022 06:26:23 +0000
ROA not before: Wed 03 Aug 2022 06:26:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 185.13.208.0/22 maxlen: 22
2a03:a540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:62:43:93:a5:86:df:78:82:6a:3e:0d:52:4f:fb:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1fd3436d7a19a7343fa800d87a01af183da318b
Validity
Not Before: Aug 3 06:26:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b202c778d24bef525620ed5e6df9d0796579af06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:05:af:24:0f:f3:a3:ab:21:ae:04:5c:97:ae:
6e:83:5a:8d:a2:ef:c9:2b:c8:e7:f1:82:98:f7:d6:
dc:2c:97:71:19:f0:e8:10:a7:34:0e:69:67:78:db:
ce:5d:60:08:24:07:26:4e:eb:dc:bf:3c:8c:61:f3:
4c:73:0d:e2:cd:9c:45:02:40:7a:55:15:e4:70:08:
01:7b:d0:e0:06:c9:b2:9e:c9:87:86:65:7d:f1:dd:
42:35:1d:e6:84:d5:d5:a7:f8:f5:0c:7f:b1:0d:21:
24:bc:b3:2f:b7:fe:bc:62:5c:fc:22:d3:4a:24:b5:
4e:4c:0d:37:fe:bc:dd:c2:7b:5a:5c:45:b5:94:d4:
16:34:77:d5:b6:73:11:9d:f7:72:7a:7e:09:33:60:
01:6e:7a:15:65:f0:4c:e2:9d:d0:36:7a:b0:65:f8:
a9:5f:77:a7:51:40:7e:39:c7:0b:60:f2:9a:33:06:
31:a7:ed:59:25:3b:2c:ae:e9:41:9e:99:78:27:b1:
8c:db:de:22:10:0c:d3:01:fa:04:13:3c:03:31:6e:
73:5b:1c:27:6a:a3:d5:7c:fe:4f:76:fe:a1:1a:86:
48:4c:e1:85:d0:bb:4f:72:25:aa:82:3a:84:db:88:
ed:61:5f:25:4e:01:bc:85:db:dc:f0:e5:b2:21:0c:
e4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:02:C7:78:D2:4B:EF:52:56:20:ED:5E:6D:F9:D0:79:65:79:AF:06
X509v3 Authority Key Identifier:
keyid:D1:FD:34:36:D7:A1:9A:73:43:FA:80:0D:87:A0:1A:F1:83:DA:31:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f00NtehmnND-oANh6Aa8YPaMYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/sgLHeNJL71JWIO1ebfnQeWV5rwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/bcd5e8-5d1f-46b1-96bc-39a66cbe1e4d/1/0f00NtehmnND-oANh6Aa8YPaMYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.208.0/22
IPv6:
2a03:a540::/32
Signature Algorithm: sha256WithRSAEncryption
21:78:ef:38:e4:bc:0f:5e:5b:2a:44:ec:20:c1:ea:1f:42:ae:
7e:a3:41:fb:f2:f5:e7:d3:dc:4b:e0:1f:e5:6b:af:d4:4b:7c:
69:5d:0f:05:73:0d:cb:fc:5e:fc:d6:6c:3d:94:d9:e1:e8:f9:
58:8c:72:75:b4:63:c2:7a:4b:33:79:dc:63:57:52:fe:3d:76:
2d:28:5b:05:ee:4d:1d:6f:9f:9f:df:3d:19:fb:fa:ba:62:1c:
75:8e:c0:bf:61:db:59:95:1c:db:93:c2:6c:ef:2d:98:fd:f7:
a9:bb:22:4e:d2:6d:93:58:dc:8c:f4:53:1c:59:c6:c7:dc:a7:
94:37:59:7e:1f:2c:b7:17:81:7b:4c:bb:c0:e8:82:1a:c6:31:
29:3a:d6:8c:bb:c1:c4:40:ff:c0:98:4f:67:ae:d8:0f:b6:6e:
0e:56:9b:4a:10:33:fd:f1:8b:a9:69:70:25:7b:be:b6:55:34:
89:d0:9d:c9:cf:8e:2a:5a:d5:41:15:9d:c6:e4:96:4a:b5:de:
c6:18:71:71:e4:76:f1:4a:33:d2:dd:06:82:99:ed:c3:9a:ba:
89:53:02:b9:89:4b:92:e5:54:5d:61:c4:68:5a:3d:c3:b5:93:
a3:51:f1:6b:e1:ef:56:7d:57:1d:66:53:97:dc:29:17:ec:43:
c9:8b:ff:7c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYJiYkOTpYbfeIJqPg1ST/tZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZmQzNDM2ZDdhMTlhNzM0M2ZhODAwZDg3YTAxYWYxODNk
YTMxOGIwHhcNMjIwODAzMDYyNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjAyYzc3OGQyNGJlZjUyNTYyMGVkNWU2ZGY5ZDA3OTY1NzlhZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAWvJA/zo6shrgRcl65ug1qNou/J
K8jn8YKY99bcLJdxGfDoEKc0DmlneNvOXWAIJAcmTuvcvzyMYfNMcw3izZxFAkB6
VRXkcAgBe9DgBsmynsmHhmV98d1CNR3mhNXVp/j1DH+xDSEkvLMvt/68Ylz8ItNK
JLVOTA03/rzdwntaXEW1lNQWNHfVtnMRnfdyen4JM2ABbnoVZfBM4p3QNnqwZfip
X3enUUB+OccLYPKaMwYxp+1ZJTssrulBnpl4J7GM294iEAzTAfoEEzwDMW5zWxwn
aqPVfP5Pdv6hGoZITOGF0LtPciWqgjqE24jtYV8lTgG8hdvc8OWyIQzkvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLICx3jSS+9SViDtXm350Hllea8GMB8GA1UdIwQY
MBaAFNH9NDbXoZpzQ/qADYegGvGD2jGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMt
MzlhNjZjYmUxZTRkLzEvc2dMSGVOSkw3MUpXSU8xZWJmblFlV1Y1cndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9iY2Q1ZTgtNWQxZi00NmIxLTk2YmMtMzlhNjZjYmUxZTRk
LzEvMGYwME50ZWhtbk5ELW9BTmg2QWE4WVBhTVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQ3QMA0E
AgACMAcDBQAqA6VAMA0GCSqGSIb3DQEBCwUAA4IBAQAheO845LwPXlsqROwgweof
Qq5+o0H78vXn09xL4B/la6/US3xpXQ8Fcw3L/F781mw9lNnh6PlYjHJ1tGPCeksz
edxjV1L+PXYtKFsF7k0db5+f3z0Z+/q6Yhx1jsC/YdtZlRzbk8Js7y2Y/fepuyJO
0m2TWNyM9FMcWcbH3KeUN1l+Hyy3F4F7TLvA6IIaxjEpOtaMu8HEQP/AmE9nrtgP
tm4OVptKEDP98YupaXAle762VTSJ0J3Jz44qWtVBFZ3G5JZKtd7GGHFx5HbxSjPS
3QaCme3DmrqJUwK5iUuS5VRdYcRoWj3DtZOjUfFr4e9WfVcdZlOX3CkX7EPJi/98
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:14 2023 by rpki-client on console-fra.rpki-client.org