Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/pIUFyQCbdNsBLDYHOPUn0GiYMA0.roa
File: pIUFyQCbdNsBLDYHOPUn0GiYMA0.roa (raw, json)
Hash identifier: Bm9nqGhF+HYiHcloD4jGpjO2iN7FpFoPHlf7WEzQchk=
Subject key identifier: A4:85:05:C9:00:9B:74:DB:01:2C:36:07:38:F5:27:D0:68:98:30:0D
Certificate issuer: /CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Certificate serial: 01831211DAF00D2155A82A2B0F73D9C7ED1A
Authority key identifier: D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/pIUFyQCbdNsBLDYHOPUn0GiYMA0.roa
Signing time: Tue 06 Sep 2022 09:11:43 +0000
ROA not before: Tue 06 Sep 2022 09:11:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198551
IP address blocks: 185.238.36.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:12:11:da:f0:0d:21:55:a8:2a:2b:0f:73:d9:c7:ed:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0ee0389687dbd445de6f9239c1d02c3770cf574
Validity
Not Before: Sep 6 09:11:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a48505c9009b74db012c360738f527d06898300d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:95:7e:15:b4:9c:1e:49:4d:4a:c3:19:51:c7:
16:62:18:c3:60:a7:51:94:98:dc:7e:72:e4:e3:f6:
6e:27:5a:cf:3f:8a:b9:7d:dd:65:f1:09:c4:ba:b2:
ab:9c:b8:39:e7:2e:20:3a:7d:45:f2:cc:a9:57:a8:
d0:84:c2:ab:56:13:2c:80:f4:f1:08:a3:31:ac:e8:
04:65:ac:4e:b3:73:bf:e4:99:38:c4:8c:92:e2:26:
12:3b:63:8d:65:50:61:95:1a:a8:46:d0:26:4f:88:
03:6f:da:10:02:66:0e:23:43:0e:fe:62:3c:7f:0c:
6f:1f:2d:5f:f6:26:b8:4a:d3:3a:a7:79:65:d2:0f:
3e:68:09:84:bf:a5:28:4d:16:84:7f:62:13:09:43:
5f:6e:2d:49:b0:d4:2e:1a:eb:b1:f7:a3:d2:36:65:
63:26:80:76:1b:2e:db:8c:c9:86:d5:35:e4:95:2e:
5a:a8:1f:04:9f:f3:dc:32:9d:af:fd:3c:b8:b4:75:
0d:e4:23:3e:da:cb:17:dd:cb:c3:de:56:5b:5b:a7:
19:c3:5a:53:5b:46:bd:27:c1:3f:1f:ad:43:3d:b3:
89:21:c8:d0:37:52:ac:c9:01:e9:9d:a9:7f:8c:82:
3b:01:d6:3c:3e:34:85:55:74:97:87:5e:ad:7a:23:
0c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:85:05:C9:00:9B:74:DB:01:2C:36:07:38:F5:27:D0:68:98:30:0D
X509v3 Authority Key Identifier:
keyid:D0:EE:03:89:68:7D:BD:44:5D:E6:F9:23:9C:1D:02:C3:77:0C:F5:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/pIUFyQCbdNsBLDYHOPUn0GiYMA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/a11417-6abc-4c0d-8afa-1a29a448d309/1/0O4DiWh9vURd5vkjnB0Cw3cM9XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.238.36.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:88:e7:ba:8b:82:e6:0b:20:53:17:8c:f4:db:25:5e:8b:7d:
45:f2:c2:3d:07:02:97:fd:a8:1c:94:b3:2b:06:9d:a7:51:04:
df:cf:21:82:52:c6:b2:14:73:a2:55:ad:3c:a6:23:c8:0d:63:
89:f6:d3:f4:c9:08:db:73:4a:d6:87:b0:ed:e8:ac:fa:cc:b5:
8b:86:98:a1:7e:5e:f7:79:a3:cf:6d:4a:c4:c7:94:b8:cf:b3:
c2:28:16:08:36:f4:c3:86:e8:d1:8e:aa:ec:85:0a:aa:ef:5b:
49:90:ef:60:03:cc:28:71:18:7a:01:59:04:f5:53:d1:74:7a:
64:b9:18:8c:68:25:48:1c:11:ee:e8:36:0a:38:a5:24:b8:02:
72:34:f2:05:6d:25:17:8e:bf:fc:3a:8b:f3:68:39:86:ba:6a:
55:ff:20:ee:2d:d0:7b:22:8c:70:a6:01:f6:b1:63:aa:01:44:
e6:c0:fb:24:7c:0e:c8:cb:48:00:c4:e5:94:b9:ee:35:ca:69:
12:02:3c:4d:a6:d6:bd:be:a5:33:a7:6b:ce:78:03:66:95:5c:
5f:10:10:3d:ee:7b:80:bd:b6:10:c5:00:4c:65:6f:e5:f9:5b:
05:d5:76:7c:b5:c5:8a:87:f8:9b:ca:ab:62:8f:5d:1e:22:81:
11:37:46:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMSEdrwDSFVqCorD3PZx+0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZWUwMzg5Njg3ZGJkNDQ1ZGU2ZjkyMzljMWQwMmMzNzcw
Y2Y1NzQwHhcNMjIwOTA2MDkxMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDg1MDVjOTAwOWI3NGRiMDEyYzM2MDczOGY1MjdkMDY4OTgzMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJV+FbScHklNSsMZUccWYhjDYKdR
lJjcfnLk4/ZuJ1rPP4q5fd1l8QnEurKrnLg55y4gOn1F8sypV6jQhMKrVhMsgPTx
CKMxrOgEZaxOs3O/5Jk4xIyS4iYSO2ONZVBhlRqoRtAmT4gDb9oQAmYOI0MO/mI8
fwxvHy1f9ia4StM6p3ll0g8+aAmEv6UoTRaEf2ITCUNfbi1JsNQuGuux96PSNmVj
JoB2Gy7bjMmG1TXklS5aqB8En/PcMp2v/Ty4tHUN5CM+2ssX3cvD3lZbW6cZw1pT
W0a9J8E/H61DPbOJIcjQN1KsyQHpnal/jII7AdY8PjSFVXSXh16teiMMTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKSFBckAm3TbASw2Bzj1J9BomDANMB8GA1UdIwQY
MBaAFNDuA4lofb1EXeb5I5wdAsN3DPV0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME80RGlXaDl2VVJkNXZram5CMEN3M2NNOVhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9hMTE0MTctNmFiYy00YzBkLThhZmEt
MWEyOWE0NDhkMzA5LzEvcElVRnlRQ2JkTnNCTERZSE9QVW4wR2lZTUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9hMTE0MTctNmFiYy00YzBkLThhZmEtMWEyOWE0NDhkMzA5
LzEvME80RGlXaDl2VVJkNXZram5CMEN3M2NNOVhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue4kMA0G
CSqGSIb3DQEBCwUAA4IBAQBuiOe6i4LmCyBTF4z02yVei31F8sI9BwKX/agclLMr
Bp2nUQTfzyGCUsayFHOiVa08piPIDWOJ9tP0yQjbc0rWh7Dt6Kz6zLWLhpihfl73
eaPPbUrEx5S4z7PCKBYINvTDhujRjqrshQqq71tJkO9gA8wocRh6AVkE9VPRdHpk
uRiMaCVIHBHu6DYKOKUkuAJyNPIFbSUXjr/8OovzaDmGumpV/yDuLdB7IoxwpgH2
sWOqAUTmwPskfA7Iy0gAxOWUue41ymkSAjxNpta9vqUzp2vOeANmlVxfEBA97nuA
vbYQxQBMZW/l+VsF1XZ8tcWKh/ibyqtij10eIoERN0ZR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:40 2023 by rpki-client on console-fra.rpki-client.org