Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/r-VCrKyrdyyR_5ezFGRQCu7str0.roa
File: r-VCrKyrdyyR_5ezFGRQCu7str0.roa (raw, json)
Hash identifier: q+iHyW7vGXfSx9+c0lib6Uq+uEIWGWoEI1fP2Stej84=
Subject key identifier: AF:E5:42:AC:AC:AB:77:2C:91:FF:97:B3:14:64:50:0A:EE:EC:B6:BD
Certificate issuer: /CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Certificate serial: 019E8029
Authority key identifier: 49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/r-VCrKyrdyyR_5ezFGRQCu7str0.roa
Signing time: Sat 01 Jan 2022 12:53:59 +0000
ROA not before: Sat 01 Jan 2022 12:53:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 185.21.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27164713 (0x19e8029)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e14bf76f42da4f2ac003a6c69d61c2320e2cd8
Validity
Not Before: Jan 1 12:53:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=afe542acacab772c91ff97b31464500aeeecb6bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:aa:25:9e:c4:b2:27:ab:10:ab:97:4d:d2:5b:
92:a9:d0:44:16:ac:da:8d:c6:8b:8a:5b:e4:2d:c6:
49:a5:ae:b9:59:46:6a:e8:3a:6f:c2:d6:2a:ba:68:
af:88:e4:0c:f9:25:4b:15:5b:a7:68:f5:98:df:30:
11:72:77:91:95:66:65:31:ff:f0:5f:66:5f:7e:33:
79:e1:cb:80:88:93:b2:b0:e9:1a:2c:95:28:f4:9e:
83:f1:5f:a4:e4:2a:96:0b:45:83:8b:a2:72:e2:d1:
54:ba:3c:09:1c:43:d3:5a:4f:0c:a0:62:c7:92:92:
d3:ee:37:80:98:fa:c6:af:ea:36:79:bd:1f:aa:69:
ef:db:7e:e1:4a:a6:61:4d:59:a0:ac:4b:15:1f:cb:
d7:38:76:56:dd:28:cd:0c:1c:5a:ad:1e:78:dc:ca:
ef:bf:18:52:58:dd:19:fe:9f:56:03:28:a3:15:13:
b0:42:1e:99:45:a9:7b:9d:ea:b2:00:d4:d0:69:4e:
af:34:90:a8:af:43:59:c8:fe:92:3f:2b:21:ff:f1:
a0:70:1a:30:73:63:dd:4e:68:ff:2f:3b:46:ee:0d:
7d:93:91:ac:f1:9d:cf:74:69:59:bb:7b:b9:c6:34:
3d:91:31:40:d6:81:a5:24:57:e6:fe:26:ad:ee:a7:
36:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:E5:42:AC:AC:AB:77:2C:91:FF:97:B3:14:64:50:0A:EE:EC:B6:BD
X509v3 Authority Key Identifier:
keyid:49:E1:4B:F7:6F:42:DA:4F:2A:C0:03:A6:C6:9D:61:C2:32:0E:2C:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeFL929C2k8qwAOmxp1hwjIOLNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/r-VCrKyrdyyR_5ezFGRQCu7str0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/56167f-5327-4c88-b4ea-3beccaae336d/1/SeFL929C2k8qwAOmxp1hwjIOLNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.131.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:92:9a:12:31:e6:66:64:35:cc:c0:80:ca:6a:6b:a0:6b:98:
7f:c9:d3:35:c9:59:29:45:60:cf:c6:6f:1f:e6:86:bb:56:b4:
6c:f8:c3:89:21:75:5c:15:97:86:3a:dc:cc:f9:ee:c4:bc:0c:
bd:92:28:d7:ee:02:32:c1:fb:6b:a6:88:9e:f7:d0:ac:a8:9f:
d9:35:d0:90:41:04:40:1f:f8:52:bf:36:f4:1e:48:79:2f:1a:
6c:b6:b0:22:a1:e9:45:7a:30:9b:45:74:66:4c:aa:78:8d:86:
71:5b:1e:60:92:0d:66:b8:59:8d:f0:23:51:2e:aa:c6:7e:36:
9c:51:d4:68:ce:b8:14:e7:74:ee:52:18:7f:a0:aa:a7:c4:d4:
0c:41:73:30:54:bc:0b:2c:ac:81:dc:a6:ca:49:be:ac:1e:30:
56:a3:d3:df:5d:23:c8:5b:7a:24:7e:fb:18:e4:c6:97:af:fb:
19:54:3a:ff:29:4c:18:54:2a:56:36:93:2b:59:0c:7c:5c:84:
55:71:4c:3b:34:04:f8:39:79:f4:13:8d:c3:34:11:b5:c0:5f:
a0:e8:50:89:54:1f:c3:bf:a8:b1:2e:f9:c0:9c:1f:e8:a6:e0:
e8:f5:63:ac:c7:b1:b3:de:a1:7d:6c:64:c2:96:67:0c:55:cd:
89:2e:56:23
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAZ6AKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OWUxNGJmNzZmNDJkYTRmMmFjMDAzYTZjNjlkNjFjMjMyMGUyY2Q4MB4XDTIyMDEw
MTEyNTM1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWZlNTQyYWNhY2Fi
NzcyYzkxZmY5N2IzMTQ2NDUwMGFlZWVjYjZiZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJyqJZ7EsierEKuXTdJbkqnQRBas2o3Gi4pb5C3GSaWuuVlG
aug6b8LWKrpor4jkDPklSxVbp2j1mN8wEXJ3kZVmZTH/8F9mX34zeeHLgIiTsrDp
GiyVKPSeg/FfpOQqlgtFg4uicuLRVLo8CRxD01pPDKBix5KS0+43gJj6xq/qNnm9
H6pp79t+4UqmYU1ZoKxLFR/L1zh2Vt0ozQwcWq0eeNzK778YUljdGf6fVgMooxUT
sEIemUWpe53qsgDU0GlOrzSQqK9DWcj+kj8rIf/xoHAaMHNj3U5o/y87Ru4NfZOR
rPGdz3RpWbt7ucY0PZExQNaBpSRX5v4mre6nNtMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSv5UKsrKt3LJH/l7MUZFAK7uy2vTAfBgNVHSMEGDAWgBRJ4Uv3b0LaTyrA
A6bGnWHCMg4s2DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NlRkw5MjlDMms4cXdBT214cDFod2pJT0xOZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWQvNTYxNjdmLTUzMjctNGM4OC1iNGVhLTNiZWNjYWFlMzM2ZC8x
L3ItVkNyS3lyZHl5Ul81ZXpGR1JRQ3U3c3RyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWQv
NTYxNjdmLTUzMjctNGM4OC1iNGVhLTNiZWNjYWFlMzM2ZC8xL1NlRkw5MjlDMms4
cXdBT214cDFod2pJT0xOZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALkVgzANBgkqhkiG9w0BAQsFAAOC
AQEAfpKaEjHmZmQ1zMCAymproGuYf8nTNclZKUVgz8ZvH+aGu1a0bPjDiSF1XBWX
hjrczPnuxLwMvZIo1+4CMsH7a6aInvfQrKif2TXQkEEEQB/4Ur829B5IeS8abLaw
IqHpRXowm0V0ZkyqeI2GcVseYJINZrhZjfAjUS6qxn42nFHUaM64FOd07lIYf6Cq
p8TUDEFzMFS8Cyysgdymykm+rB4wVqPT310jyFt6JH77GOTGl6/7GVQ6/ylMGFQq
VjaTK1kMfFyEVXFMOzQE+Dl59BONwzQRtcBfoOhQiVQfw7+osS75wJwf6Kbg6PVj
rMexs96hfWxkwpZnDFXNiS5WIw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:49 2023 by rpki-client on console-ams.rpki-client.org