Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/2e0536-4ca2-4afe-83d6-336e874f3d87/1/aox9I7mNvf7bykUi4MMjI36ktgQ.roa
File: aox9I7mNvf7bykUi4MMjI36ktgQ.roa (raw, json)
Hash identifier: y27pbWa5UUg5SAuyN1T9GJgr2tcSgseSiVNeC71l2L4=
Subject key identifier: 6A:8C:7D:23:B9:8D:BD:FE:DB:CA:45:22:E0:C3:23:23:7E:A4:B6:04
Certificate issuer: /CN=08818cbb0f9d1e573773d791138a0122f28bec56
Certificate serial: 05C7F452
Authority key identifier: 08:81:8C:BB:0F:9D:1E:57:37:73:D7:91:13:8A:01:22:F2:8B:EC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIGMuw-dHlc3c9eRE4oBIvKL7FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/2e0536-4ca2-4afe-83d6-336e874f3d87/1/aox9I7mNvf7bykUi4MMjI36ktgQ.roa
Signing time: Sat 01 Jan 2022 01:53:12 +0000
ROA not before: Sat 01 Jan 2022 01:53:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206772
IP address blocks: 185.158.124.0/23 maxlen: 23
185.158.124.0/24 maxlen: 24
185.158.124.0/22 maxlen: 22
185.158.125.0/24 maxlen: 24
185.158.126.0/24 maxlen: 24
185.158.126.0/23 maxlen: 23
185.158.127.0/24 maxlen: 24
2a07:ad40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96990290 (0x5c7f452)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08818cbb0f9d1e573773d791138a0122f28bec56
Validity
Not Before: Jan 1 01:53:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6a8c7d23b98dbdfedbca4522e0c323237ea4b604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:51:a4:51:4d:b1:6d:5a:ea:1c:3b:11:25:91:
d7:5d:93:c2:b7:b7:68:28:c9:dd:27:2b:69:c1:80:
a9:55:f2:f1:04:3b:9d:d7:aa:ba:90:68:d0:23:ec:
27:0c:c0:d8:f3:54:ca:36:0b:03:0b:08:d9:72:c7:
ed:30:55:95:b7:b8:1f:88:b9:ad:33:64:a0:a5:48:
9b:28:f4:83:10:7f:fa:91:80:56:fa:5a:99:e4:09:
d6:cb:fc:48:68:e7:94:84:91:e0:c2:8c:ae:2c:db:
f0:c9:47:18:31:3f:64:a4:52:3c:4a:af:26:d5:16:
f0:97:e9:70:ce:e4:d0:46:bd:c2:2e:81:fd:60:a9:
79:18:e9:da:c5:58:71:fe:31:e8:98:f3:c4:d0:c0:
82:fc:f0:f2:10:dc:e9:b2:74:ce:4c:c0:1f:f6:59:
2f:31:57:92:ee:1c:34:86:10:2e:95:cf:b8:4e:69:
1d:29:2d:87:65:af:c9:0b:d9:05:1e:5d:2a:eb:e2:
43:fe:03:27:71:85:a3:2c:09:37:1b:24:44:5c:21:
23:33:95:78:c3:95:c6:f3:5e:8d:ad:a6:5c:7e:a1:
72:d4:06:a4:33:6d:c3:f8:80:fa:0d:1b:d0:a3:d8:
a6:00:8c:d9:ed:ab:ce:50:a6:ef:f0:24:38:51:0e:
f9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:8C:7D:23:B9:8D:BD:FE:DB:CA:45:22:E0:C3:23:23:7E:A4:B6:04
X509v3 Authority Key Identifier:
keyid:08:81:8C:BB:0F:9D:1E:57:37:73:D7:91:13:8A:01:22:F2:8B:EC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIGMuw-dHlc3c9eRE4oBIvKL7FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2e0536-4ca2-4afe-83d6-336e874f3d87/1/aox9I7mNvf7bykUi4MMjI36ktgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/2e0536-4ca2-4afe-83d6-336e874f3d87/1/CIGMuw-dHlc3c9eRE4oBIvKL7FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.124.0/22
IPv6:
2a07:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
81:0b:9b:bb:74:55:ba:e2:fe:22:ff:ba:f6:dc:ef:e0:fe:28:
cb:73:b4:a3:f6:57:4f:66:28:5d:77:53:53:9d:a0:c4:ba:ca:
92:c1:8d:49:aa:4c:7b:fe:50:7d:b5:00:b7:0c:1f:b4:60:f4:
c6:0f:9f:d3:a2:ce:63:30:72:9f:e0:34:07:38:64:38:de:0b:
95:4c:4c:0f:30:4c:d7:cc:74:5f:9c:62:88:81:1d:80:76:82:
35:1f:36:00:2a:56:dc:a9:e7:b9:4b:c3:f7:0e:ed:1c:08:97:
95:4a:a9:ad:0a:7e:4c:c8:82:b9:ed:49:15:b7:38:60:71:68:
9c:fb:5e:90:25:af:73:fb:5d:e0:60:ac:08:38:3d:de:b6:35:
5e:65:2b:ee:60:de:cb:ee:dc:c7:08:a4:09:73:13:d1:7e:ab:
9b:15:bd:b5:01:48:b8:f9:7c:fb:a4:8c:e3:97:76:d7:bc:e4:
90:4d:95:4e:41:81:15:0f:bc:9f:3c:3e:ad:0c:d8:54:a2:5e:
6a:8f:38:e6:d7:b3:1b:35:46:32:61:24:60:d4:13:1b:29:68:
d0:6f:0e:8d:88:16:e0:08:e6:aa:83:f0:fd:4f:a0:2a:93:05:
f6:e0:a5:86:59:91:c1:9e:8e:b4:6f:c0:82:24:d1:08:ba:f5:
fd:48:8d:2a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBcf0UjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODgxOGNiYjBmOWQxZTU3Mzc3M2Q3OTExMzhhMDEyMmYyOGJlYzU2MB4XDTIyMDEw
MTAxNTMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmE4YzdkMjNiOThk
YmRmZWRiY2E0NTIyZTBjMzIzMjM3ZWE0YjYwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNRpFFNsW1a6hw7ESWR112Twre3aCjJ3ScracGAqVXy8QQ7
ndequpBo0CPsJwzA2PNUyjYLAwsI2XLH7TBVlbe4H4i5rTNkoKVImyj0gxB/+pGA
VvpameQJ1sv8SGjnlISR4MKMrizb8MlHGDE/ZKRSPEqvJtUW8JfpcM7k0Ea9wi6B
/WCpeRjp2sVYcf4x6JjzxNDAgvzw8hDc6bJ0zkzAH/ZZLzFXku4cNIYQLpXPuE5p
HSkth2WvyQvZBR5dKuviQ/4DJ3GFoywJNxskRFwhIzOVeMOVxvNeja2mXH6hctQG
pDNtw/iA+g0b0KPYpgCM2e2rzlCm7/AkOFEO+ZsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRqjH0juY29/tvKRSLgwyMjfqS2BDAfBgNVHSMEGDAWgBQIgYy7D50eVzdz
15ETigEi8ovsVjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NJR011dy1kSGxjM2M5ZVJFNG9CSXZLTDdGWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvMmUwNTM2LTRjYTItNGFmZS04M2Q2LTMzNmU4NzRmM2Q4Ny8x
L2FveDlJN21OdmY3YnlrVWk0TU1qSTM2a3RnUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
MmUwNTM2LTRjYTItNGFmZS04M2Q2LTMzNmU4NzRmM2Q4Ny8xL0NJR011dy1kSGxj
M2M5ZVJFNG9CSXZLTDdGWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmefDANBAIAAjAHAwUDKgetQDAN
BgkqhkiG9w0BAQsFAAOCAQEAgQubu3RVuuL+Iv+69tzv4P4oy3O0o/ZXT2YoXXdT
U52gxLrKksGNSapMe/5QfbUAtwwftGD0xg+f06LOYzByn+A0BzhkON4LlUxMDzBM
18x0X5xiiIEdgHaCNR82ACpW3KnnuUvD9w7tHAiXlUqprQp+TMiCue1JFbc4YHFo
nPtekCWvc/td4GCsCDg93rY1XmUr7mDey+7cxwikCXMT0X6rmxW9tQFIuPl8+6SM
45d217zkkE2VTkGBFQ+8nzw+rQzYVKJeao845tezGzVGMmEkYNQTGylo0G8OjYgW
4AjmqoPw/U+gKpMF9uClhlmRwZ6OtG/AgiTRCLr1/UiNKg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:21 2023 by rpki-client on console-fra.rpki-client.org