Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/roAibznVN7ISc8OGsLgFM8BysAc.roa
File: roAibznVN7ISc8OGsLgFM8BysAc.roa (raw, json)
Hash identifier: 1xqLIyroB6MLWcmxXMi1KG0H6RLS6cgTG/GhU9l1i6s=
Subject key identifier: AE:80:22:6F:39:D5:37:B2:12:73:C3:86:B0:B8:05:33:C0:72:B0:07
Certificate issuer: /CN=70847f8221897d6e952e86ea2c339abaacc131f5
Certificate serial: A83099
Authority key identifier: 70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/roAibznVN7ISc8OGsLgFM8BysAc.roa
Signing time: Sat 01 Jan 2022 02:59:46 +0000
ROA not before: Sat 01 Jan 2022 02:59:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39010
IP address blocks: 185.38.28.0/22 maxlen: 24
185.95.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11022489 (0xa83099)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70847f8221897d6e952e86ea2c339abaacc131f5
Validity
Not Before: Jan 1 02:59:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae80226f39d537b21273c386b0b80533c072b007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:9c:f3:d8:29:d7:cc:e7:ed:ec:77:2d:eb:8f:
91:11:a0:18:d9:24:58:7c:9a:cd:12:b4:ea:3f:8e:
64:f5:84:ce:76:3d:b9:f5:2a:04:96:ed:94:83:f6:
eb:9c:ea:07:ff:96:e6:98:13:b7:3c:34:37:64:fb:
28:12:2e:8a:bf:66:68:d0:36:d3:ee:c3:6d:04:ed:
95:26:d4:56:36:ce:e6:38:2d:8a:bf:11:dc:47:f9:
64:9a:61:17:7f:16:b2:bd:e4:78:63:0a:03:cd:bd:
6a:c3:cd:7f:c1:a8:0c:be:c5:57:6f:44:73:af:ba:
d2:3a:97:f5:36:34:7d:33:69:74:8b:9f:a1:7c:e0:
cc:c2:99:2f:10:e2:b0:12:ba:b4:64:9f:2a:08:ca:
55:fe:37:9d:c8:82:71:e0:8d:74:f5:7a:1d:57:a0:
d0:22:1b:5d:d8:ac:99:6e:43:7f:c9:e0:0a:9f:1b:
57:c1:14:97:4e:50:fc:a9:94:b4:14:0d:67:e7:16:
5d:a1:2a:4f:fc:e5:42:c7:cd:cb:42:16:de:bf:20:
03:e1:b2:b3:0e:04:be:c0:18:9f:0a:3f:0e:14:f0:
c4:b5:96:0a:b8:28:93:a2:e0:51:36:31:85:d7:77:
41:73:a7:00:27:94:0c:08:9a:39:a0:7f:c5:31:d0:
f3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:80:22:6F:39:D5:37:B2:12:73:C3:86:B0:B8:05:33:C0:72:B0:07
X509v3 Authority Key Identifier:
keyid:70:84:7F:82:21:89:7D:6E:95:2E:86:EA:2C:33:9A:BA:AC:C1:31:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cIR_giGJfW6VLobqLDOauqzBMfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/roAibznVN7ISc8OGsLgFM8BysAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/706c03-7d35-4913-8a18-6e8784a7ad09/1/cIR_giGJfW6VLobqLDOauqzBMfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.28.0/22
185.95.252.0/22
Signature Algorithm: sha256WithRSAEncryption
42:70:26:0d:74:09:67:2a:28:46:e1:d4:56:7c:04:8b:18:05:
b1:b1:43:0e:63:81:ef:a7:b8:47:2d:6d:2c:52:0e:65:a1:61:
29:50:e4:f9:f6:26:eb:04:1c:70:f9:64:75:fe:e1:83:be:e5:
f4:92:2d:2e:88:08:b1:7e:f1:4a:cb:b9:a5:af:5f:d8:0d:48:
35:ce:a9:79:62:01:5b:08:2d:5d:8b:a8:f3:38:73:63:4a:33:
20:be:a2:ee:f4:31:59:7e:d6:60:ba:e4:11:99:6f:4d:b0:03:
82:d6:79:b2:76:12:78:3a:bb:e3:de:08:ac:99:7d:87:57:f6:
c4:75:32:a3:80:3f:39:c3:1b:78:bd:05:50:c5:16:67:92:1e:
76:75:94:ea:bf:96:5e:00:fc:e8:17:85:2e:a2:3a:cc:8d:79:
a4:22:aa:8e:c9:df:99:ca:0a:e6:67:7d:ab:fd:de:c6:2e:25:
9b:b6:23:d1:db:df:6b:9e:e4:45:0b:98:08:ea:ca:41:1c:f7:
8f:a0:1a:b5:b8:20:92:1e:30:26:bb:c9:22:76:f3:e7:3b:b5:
aa:57:c6:9e:c1:06:83:af:fa:b8:8b:24:b8:d2:fd:56:af:82:
76:a6:64:fa:71:30:90:34:b1:bf:3f:5a:30:9e:42:9b:53:35:
72:55:76:ea
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAKgwmTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDg0N2Y4MjIxODk3ZDZlOTUyZTg2ZWEyYzMzOWFiYWFjYzEzMWY1MB4XDTIyMDEw
MTAyNTk0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWU4MDIyNmYzOWQ1
MzdiMjEyNzNjMzg2YjBiODA1MzNjMDcyYjAwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN6c89gp18zn7ex3LeuPkRGgGNkkWHyazRK06j+OZPWEznY9
ufUqBJbtlIP265zqB/+W5pgTtzw0N2T7KBIuir9maNA20+7DbQTtlSbUVjbO5jgt
ir8R3Ef5ZJphF38Wsr3keGMKA829asPNf8GoDL7FV29Ec6+60jqX9TY0fTNpdIuf
oXzgzMKZLxDisBK6tGSfKgjKVf43nciCceCNdPV6HVeg0CIbXdismW5Df8ngCp8b
V8EUl05Q/KmUtBQNZ+cWXaEqT/zlQsfNy0IW3r8gA+Gysw4EvsAYnwo/DhTwxLWW
Crgok6LgUTYxhdd3QXOnACeUDAiaOaB/xTHQ8zcCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSugCJvOdU3shJzw4awuAUzwHKwBzAfBgNVHSMEGDAWgBRwhH+CIYl9bpUu
huosM5q6rMEx9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NJUl9naUdKZlc2VkxvYnFMRE9hdXF6Qk1mVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvNzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8x
L3JvQWliem5WTjdJU2M4T0dzTGdGTThCeXNBYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
NzA2YzAzLTdkMzUtNDkxMy04YTE4LTZlODc4NGE3YWQwOS8xL2NJUl9naUdKZlc2
VkxvYnFMRE9hdXF6Qk1mVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArkmHAMEArlf/DANBgkqhkiG9w0B
AQsFAAOCAQEAQnAmDXQJZyooRuHUVnwEixgFsbFDDmOB76e4Ry1tLFIOZaFhKVDk
+fYm6wQccPlkdf7hg77l9JItLogIsX7xSsu5pa9f2A1INc6peWIBWwgtXYuo8zhz
Y0ozIL6i7vQxWX7WYLrkEZlvTbADgtZ5snYSeDq7494IrJl9h1f2xHUyo4A/OcMb
eL0FUMUWZ5IednWU6r+WXgD86BeFLqI6zI15pCKqjsnfmcoK5md9q/3exi4lm7Yj
0dvfa57kRQuYCOrKQRz3j6Aatbggkh4wJrvJInbz5zu1qlfGnsEGg6/6uIskuNL9
Vq+CdqZk+nEwkDSxvz9aMJ5Cm1M1clV26g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:12 2024 by rpki-client on console-fra.rpki-client.org