Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/sDJTfs6fAGS5fTwduSzftK6sgcc.roa
File: sDJTfs6fAGS5fTwduSzftK6sgcc.roa (raw, json)
Hash identifier: gE/4n7wm2T+eH/FkDMdyNv1i0XXtOzIWuDR3vQy8ltk=
Subject key identifier: B0:32:53:7E:CE:9F:00:64:B9:7D:3C:1D:B9:2C:DF:B4:AE:AC:81:C7
Certificate issuer: /CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Certificate serial: 09F1F7C3
Authority key identifier: 32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/sDJTfs6fAGS5fTwduSzftK6sgcc.roa
Signing time: Sat 01 Jan 2022 05:02:09 +0000
ROA not before: Sat 01 Jan 2022 05:02:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49621
IP address blocks: 185.105.200.0/22 maxlen: 22
188.64.48.0/21 maxlen: 21
2a03:8f00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166852547 (0x9f1f7c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=323ab5ba98bef5d0d9bd0cea031a1fe13777a486
Validity
Not Before: Jan 1 05:02:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b032537ece9f0064b97d3c1db92cdfb4aeac81c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:7f:32:1c:d5:9d:b3:56:51:96:bd:35:27:f0:
ff:a6:3d:f4:9b:f4:18:6d:03:84:e0:07:4e:52:cf:
b1:70:ab:b8:d0:17:39:20:a6:d7:60:e3:fc:a0:11:
1f:d4:30:87:85:70:64:25:21:98:e0:fa:cc:a2:54:
69:aa:7b:d9:ff:f6:f2:fd:e6:6c:46:e4:fe:fa:7d:
da:d4:80:8d:4c:ed:e9:5e:f3:32:c1:22:5f:b6:47:
74:05:87:a0:11:70:d2:d1:5f:34:df:3b:bb:d3:ab:
01:8f:7f:a3:04:35:c4:33:19:f2:24:98:4d:74:bb:
01:a0:11:20:b1:d4:b3:60:3a:60:4f:60:ff:99:9c:
ee:75:bc:fb:1b:a6:9e:1a:e1:e7:7a:3a:f8:42:f2:
15:3e:3e:db:75:d6:74:10:36:d5:88:6e:07:e3:07:
a0:3b:ba:12:20:64:2c:9b:fc:6b:5d:e6:6f:ea:4a:
fd:f3:02:44:4b:48:74:ad:50:8f:45:01:fb:7c:70:
82:d3:0c:c4:ac:bf:ff:78:ad:73:45:eb:5c:c3:3d:
13:cc:6e:2c:05:66:69:6e:61:f5:82:12:5f:d2:8d:
6d:59:6b:26:87:1a:42:e4:0e:df:a0:2c:a4:ce:c6:
65:11:09:dd:42:58:a4:86:bb:5a:34:97:bc:37:f5:
7d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:32:53:7E:CE:9F:00:64:B9:7D:3C:1D:B9:2C:DF:B4:AE:AC:81:C7
X509v3 Authority Key Identifier:
keyid:32:3A:B5:BA:98:BE:F5:D0:D9:BD:0C:EA:03:1A:1F:E1:37:77:A4:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mjq1upi-9dDZvQzqAxof4Td3pIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/sDJTfs6fAGS5fTwduSzftK6sgcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b01290-d76d-42d8-a234-f9512499e05c/1/Mjq1upi-9dDZvQzqAxof4Td3pIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.200.0/22
188.64.48.0/21
IPv6:
2a03:8f00::/29
Signature Algorithm: sha256WithRSAEncryption
86:6f:83:22:b4:38:f2:85:16:78:8a:5b:13:ec:cb:b5:ac:47:
16:6c:12:21:cb:a3:9a:b0:44:75:44:9e:e6:28:bd:33:d0:81:
da:1f:d1:1d:c0:f0:86:34:e5:b1:b5:49:ad:53:50:9b:6d:77:
dc:36:6a:06:41:a1:1c:9a:15:1a:81:4f:bb:9b:7f:6e:25:1a:
df:9e:c7:f7:3c:55:da:90:b3:65:d5:4e:36:b9:77:b7:60:8b:
c2:35:f8:6c:95:3b:b3:dc:46:27:26:5c:37:66:4a:07:01:4a:
6d:63:21:53:4e:ba:43:ff:34:7b:c7:49:0c:75:c7:d4:45:ef:
26:aa:5a:8a:00:f2:03:c7:00:45:e9:71:d8:52:43:0e:48:c2:
6a:e7:f7:dd:56:50:6b:da:73:49:5f:e7:93:70:13:34:bc:35:
50:c7:7c:40:16:05:ce:c4:93:d6:f8:ba:8d:25:a3:07:cd:88:
21:7b:ce:4a:b4:81:cd:38:17:a4:0d:c6:d6:a3:73:f6:e5:f6:
e6:9d:af:e0:f6:d9:40:16:27:2a:f9:3f:34:e2:26:47:62:8d:
11:5f:96:72:4b:a0:d6:14:59:b3:58:ae:e3:f9:de:1e:a7:e4:
e8:6a:86:d8:4d:7c:67:bf:28:0d:15:97:be:01:21:b8:b3:a7:
03:29:a5:90
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIECfH3wzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjNhYjViYTk4YmVmNWQwZDliZDBjZWEwMzFhMWZlMTM3NzdhNDg2MB4XDTIyMDEw
MTA1MDIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjAzMjUzN2VjZTlm
MDA2NGI5N2QzYzFkYjkyY2RmYjRhZWFjODFjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKh/MhzVnbNWUZa9NSfw/6Y99Jv0GG0DhOAHTlLPsXCruNAX
OSCm12Dj/KARH9Qwh4VwZCUhmOD6zKJUaap72f/28v3mbEbk/vp92tSAjUzt6V7z
MsEiX7ZHdAWHoBFw0tFfNN87u9OrAY9/owQ1xDMZ8iSYTXS7AaARILHUs2A6YE9g
/5mc7nW8+xumnhrh53o6+ELyFT4+23XWdBA21YhuB+MHoDu6EiBkLJv8a13mb+pK
/fMCREtIdK1Qj0UB+3xwgtMMxKy//3itc0XrXMM9E8xuLAVmaW5h9YISX9KNbVlr
JocaQuQO36AspM7GZREJ3UJYpIa7WjSXvDf1fdcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSwMlN+zp8AZLl9PB25LN+0rqyBxzAfBgNVHSMEGDAWgBQyOrW6mL710Nm9
DOoDGh/hN3ekhjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01qcTF1cGktOWREWnZRenFBeG9mNFRkM3BJWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvYjAxMjkwLWQ3NmQtNDJkOC1hMjM0LWY5NTEyNDk5ZTA1Yy8x
L3NESlRmczZmQUdTNWZUd2R1U3pmdEs2c2djYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
YjAxMjkwLWQ3NmQtNDJkOC1hMjM0LWY5NTEyNDk5ZTA1Yy8xL01qcTF1cGktOWRE
WnZRenFBeG9mNFRkM3BJWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArlpyAMEA7xAMDANBAIAAjAHAwUD
KgOPADANBgkqhkiG9w0BAQsFAAOCAQEAhm+DIrQ48oUWeIpbE+zLtaxHFmwSIcuj
mrBEdUSe5ii9M9CB2h/RHcDwhjTlsbVJrVNQm2133DZqBkGhHJoVGoFPu5t/biUa
357H9zxV2pCzZdVONrl3t2CLwjX4bJU7s9xGJyZcN2ZKBwFKbWMhU066Q/80e8dJ
DHXH1EXvJqpaigDyA8cARelx2FJDDkjCauf33VZQa9pzSV/nk3ATNLw1UMd8QBYF
zsST1vi6jSWjB82IIXvOSrSBzTgXpA3G1qNz9uX25p2v4PbZQBYnKvk/NOImR2KN
EV+Wckug1hRZs1iu4/neHqfk6GqG2E18Z78oDRWXvgEhuLOnAymlkA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:07 2023 by rpki-client on console-ams.rpki-client.org