Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/uo0tDaLx8q8Sevbsgn0Uo0lvFEU.roa
File: uo0tDaLx8q8Sevbsgn0Uo0lvFEU.roa (raw, json)
Hash identifier: 27G0a9Nci/VfrUYzxIbYuoMBV1UvgR3sNVwVDiwz48E=
Subject key identifier: BA:8D:2D:0D:A2:F1:F2:AF:12:7A:F6:EC:82:7D:14:A3:49:6F:14:45
Certificate issuer: /CN=2b04cf00ba4ee8cdd9ff44ae883e66bb3d1bafa0
Certificate serial: 02E5A7
Authority key identifier: 2B:04:CF:00:BA:4E:E8:CD:D9:FF:44:AE:88:3E:66:BB:3D:1B:AF:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwTPALpO6M3Z_0SuiD5muz0br6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/uo0tDaLx8q8Sevbsgn0Uo0lvFEU.roa
Signing time: Wed 20 Apr 2022 07:38:02 +0000
ROA not before: Wed 20 Apr 2022 07:38:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31543
IP address blocks: 185.199.80.0/22 maxlen: 24
2a0a:9940::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 189863 (0x2e5a7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b04cf00ba4ee8cdd9ff44ae883e66bb3d1bafa0
Validity
Not Before: Apr 20 07:38:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba8d2d0da2f1f2af127af6ec827d14a3496f1445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:98:fb:b7:ad:7d:b0:39:45:3a:2e:39:c4:72:
c0:3f:0b:68:e5:2b:68:0c:23:30:14:3d:81:ed:1c:
ef:7f:67:5f:d6:67:b5:1c:56:f4:58:43:99:45:87:
aa:cf:45:08:bb:33:1a:cf:03:f1:d3:0c:4c:ab:ac:
0d:f7:d2:e4:fd:b4:01:2b:d3:e5:d0:1a:60:22:c0:
db:c2:fd:f5:c4:0c:38:89:99:aa:90:1f:fb:1c:4d:
18:ba:c5:8a:30:2d:bc:09:2b:21:f0:b2:98:bb:32:
cd:c7:72:b3:98:7d:fa:29:12:06:a7:48:fa:db:ae:
ff:54:5a:5b:95:9f:87:0c:c6:41:22:6c:4c:5f:78:
ff:f9:ca:ec:54:48:07:88:00:48:40:9e:48:2a:d1:
47:11:da:ac:24:e2:10:e2:34:ec:9d:f1:04:50:bf:
dc:1e:9b:28:f9:98:76:32:97:62:67:7a:72:97:bc:
3e:cb:df:f5:1b:f0:c5:84:29:68:cf:6a:10:e4:51:
fc:7d:89:b6:e5:6c:29:a3:c5:7e:a5:c5:a0:24:a6:
61:d1:d3:96:2d:8c:2c:61:7b:62:6e:c8:c6:0d:54:
cf:1d:6f:4b:50:ee:eb:e8:60:89:e9:e6:92:e8:c4:
f9:7f:f8:bb:10:25:47:4b:ba:d8:7f:06:b6:1f:48:
57:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:8D:2D:0D:A2:F1:F2:AF:12:7A:F6:EC:82:7D:14:A3:49:6F:14:45
X509v3 Authority Key Identifier:
keyid:2B:04:CF:00:BA:4E:E8:CD:D9:FF:44:AE:88:3E:66:BB:3D:1B:AF:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwTPALpO6M3Z_0SuiD5muz0br6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/uo0tDaLx8q8Sevbsgn0Uo0lvFEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/17bf7d-c69e-4be5-8a45-fd8ead27cfba/1/KwTPALpO6M3Z_0SuiD5muz0br6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.80.0/22
IPv6:
2a0a:9940::/29
Signature Algorithm: sha256WithRSAEncryption
2b:d8:88:81:80:80:3d:bf:32:a7:c6:6e:8b:62:d4:38:17:d9:
f3:49:f3:01:ee:55:4f:2d:cb:cc:dc:64:68:96:9c:11:05:a9:
8d:9b:f6:6a:c3:81:21:75:7f:61:2c:52:6f:ac:00:9d:6f:64:
93:51:0a:d8:2e:dd:e8:17:7f:21:c1:43:e7:0f:30:bf:66:60:
e4:07:6e:94:1c:48:c3:e6:0a:ac:9d:ef:9a:43:46:57:24:18:
19:cc:bc:33:11:3e:ea:02:07:2f:90:21:58:30:fb:ea:2f:cb:
c4:68:0d:16:74:92:06:3f:6d:52:8c:db:ae:c4:02:29:1b:60:
08:1d:dc:e8:89:1b:e1:b7:b1:9c:b7:d6:2b:b2:cb:c7:5b:ab:
b3:1b:5d:ad:5e:11:86:f5:86:74:ac:b5:4f:dd:7f:bf:b0:5c:
96:50:ba:5a:c4:23:0b:29:3f:ae:59:7c:5e:97:3e:cb:29:04:
cd:8c:09:0a:71:57:0e:40:20:c0:f9:e3:54:df:d7:fd:9b:77:
67:81:ae:9d:48:90:f4:b4:9b:fe:9a:b5:8c:47:45:90:07:ed:
7f:b3:78:55:2e:17:99:d7:07:de:11:2c:37:d8:12:8a:5b:00:
6d:eb:06:9d:51:38:d8:40:ab:81:54:f9:b8:2e:4c:6b:47:d9:
47:78:02:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAuWnMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJi
MDRjZjAwYmE0ZWU4Y2RkOWZmNDRhZTg4M2U2NmJiM2QxYmFmYTAwHhcNMjIwNDIw
MDczODAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiYThkMmQwZGEyZjFm
MmFmMTI3YWY2ZWM4MjdkMTRhMzQ5NmYxNDQ1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAxJj7t619sDlFOi45xHLAPwto5StoDCMwFD2B7Rzvf2df1me1
HFb0WEOZRYeqz0UIuzMazwPx0wxMq6wN99Lk/bQBK9Pl0BpgIsDbwv31xAw4iZmq
kB/7HE0YusWKMC28CSsh8LKYuzLNx3KzmH36KRIGp0j6267/VFpblZ+HDMZBImxM
X3j/+crsVEgHiABIQJ5IKtFHEdqsJOIQ4jTsnfEEUL/cHpso+Zh2MpdiZ3pyl7w+
y9/1G/DFhCloz2oQ5FH8fYm25Wwpo8V+pcWgJKZh0dOWLYwsYXtibsjGDVTPHW9L
UO7r6GCJ6eaS6MT5f/i7ECVHS7rYfwa2H0hX/QIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFLqNLQ2i8fKvEnr27IJ9FKNJbxRFMB8GA1UdIwQYMBaAFCsEzwC6TujN2f9E
rog+Zrs9G6+gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S3dUUEFMcE82TTNaXzBTdWlENW11ejBicjZBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85YS8xN2JmN2QtYzY5ZS00YmU1LThhNDUtZmQ4ZWFkMjdjZmJhLzEv
dW8wdERhTHg4cThTZXZic2duMFVvMGx2RkVVLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8x
N2JmN2QtYzY5ZS00YmU1LThhNDUtZmQ4ZWFkMjdjZmJhLzEvS3dUUEFMcE82TTNa
XzBTdWlENW11ejBicjZBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucdQMA0EAgACMAcDBQMqCplAMA0G
CSqGSIb3DQEBCwUAA4IBAQAr2IiBgIA9vzKnxm6LYtQ4F9nzSfMB7lVPLcvM3GRo
lpwRBamNm/Zqw4EhdX9hLFJvrACdb2STUQrYLt3oF38hwUPnDzC/ZmDkB26UHEjD
5gqsne+aQ0ZXJBgZzLwzET7qAgcvkCFYMPvqL8vEaA0WdJIGP21SjNuuxAIpG2AI
HdzoiRvht7Gct9YrssvHW6uzG12tXhGG9YZ0rLVP3X+/sFyWULpaxCMLKT+uWXxe
lz7LKQTNjAkKcVcOQCDA+eNU39f9m3dnga6dSJD0tJv+mrWMR0WQB+1/s3hVLheZ
1wfeESw32BKKWwBt6wadUTjYQKuBVPm4LkxrR9lHeAJ7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:53 2023 by rpki-client on console-fra.rpki-client.org