Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/_YnL4y-ckAUG0SKjpDXKrkczXRM.roa
File: _YnL4y-ckAUG0SKjpDXKrkczXRM.roa (raw, json)
Hash identifier: vxDLvADb/5h8U6AcYvsmncdublme/H7iGE7Ys1lFJrQ=
Subject key identifier: FD:89:CB:E3:2F:9C:90:05:06:D1:22:A3:A4:35:CA:AE:47:33:5D:13
Certificate issuer: /CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17
Certificate serial: 18E0AF
Authority key identifier: 1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/_YnL4y-ckAUG0SKjpDXKrkczXRM.roa
Signing time: Thu 05 May 2022 09:22:52 +0000
ROA not before: Thu 05 May 2022 09:22:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207681
IP address blocks: 185.199.88.0/24 maxlen: 24
185.199.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1630383 (0x18e0af)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1caad93908aad8d246eb69f7e66aa70de5bd5a17
Validity
Not Before: May 5 09:22:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd89cbe32f9c900506d122a3a435caae47335d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:05:8c:5b:a8:04:b3:84:7e:dd:01:fa:53:47:
67:6d:cf:11:de:4a:0e:d4:4d:c2:e8:ed:c4:bc:08:
80:3c:03:b5:40:11:d3:8f:ac:46:5d:5b:f3:e1:97:
86:13:0b:4d:b3:35:14:7c:10:c3:b5:e4:62:ec:58:
8f:5f:09:c0:7a:13:dc:a6:4b:8b:ef:ba:8c:ae:de:
3c:8f:7d:01:f6:83:d1:91:2a:45:41:2e:f3:66:84:
ad:fd:2a:db:41:b7:1f:60:eb:9e:6c:4b:58:6f:f8:
69:56:bc:e7:49:9f:df:93:69:10:55:e1:af:21:86:
19:58:47:d2:e2:38:bf:08:a2:60:52:b1:48:05:77:
75:0e:ab:e2:c1:d2:f2:34:b2:64:d7:79:3a:f4:da:
34:b4:57:fa:8e:68:39:cf:3c:da:e2:90:c3:12:db:
13:dd:95:36:41:74:2c:ae:75:46:c6:fa:8c:6a:cf:
32:52:07:a2:2e:a0:0f:af:f7:9d:b7:56:ca:6d:c9:
30:b6:4f:29:27:50:b2:6e:d8:ac:34:0e:eb:b7:33:
84:a4:c6:f2:73:52:da:9f:eb:df:a8:e3:48:b2:8b:
35:d7:db:32:e0:eb:f2:7a:b2:7e:54:75:bb:07:72:
68:7a:d2:b5:63:38:68:d1:3c:78:e8:7c:0c:c1:e6:
55:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:89:CB:E3:2F:9C:90:05:06:D1:22:A3:A4:35:CA:AE:47:33:5D:13
X509v3 Authority Key Identifier:
keyid:1C:AA:D9:39:08:AA:D8:D2:46:EB:69:F7:E6:6A:A7:0D:E5:BD:5A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HKrZOQiq2NJG62n35mqnDeW9Whc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/_YnL4y-ckAUG0SKjpDXKrkczXRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/abb6ca-1a11-4ba5-9ee3-a798bdc7311f/1/HKrZOQiq2NJG62n35mqnDeW9Whc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.88.0/22
Signature Algorithm: sha256WithRSAEncryption
35:ab:7d:5e:86:6a:34:a2:bd:66:04:99:3c:d2:0f:87:fe:0b:
98:e4:b3:d5:99:bb:72:78:e7:c9:b9:cf:09:2f:53:a0:51:ec:
7a:3d:0e:a7:c3:cf:1e:02:64:99:3d:0f:e0:b5:e3:e7:e4:d7:
6d:85:3d:77:e4:62:fc:89:49:88:a7:d7:bd:91:0d:31:81:db:
1d:26:97:8c:a0:5b:80:0b:4c:44:0d:e0:d1:84:bb:fe:12:e7:
73:29:92:5f:66:14:f9:37:b6:f5:6b:8d:92:45:d0:97:e4:d3:
6f:dd:8e:01:dd:72:48:3f:88:b5:42:7b:1a:9a:ae:df:2c:dd:
10:a9:01:bb:9d:14:d0:76:81:c5:3b:4a:81:c6:e6:42:97:4d:
18:d9:98:3a:59:60:72:08:f5:04:ee:a6:6a:14:53:a2:7b:6b:
44:de:ce:a7:5d:f7:6b:7f:90:b7:f6:5c:ce:6c:e6:c9:98:25:
b6:66:98:72:f1:ef:12:f5:e2:7f:53:91:da:fe:fa:4f:d3:c6:
f7:ce:1f:00:65:91:eb:7b:dd:85:72:7e:82:91:82:15:ef:fa:
ba:52:69:28:12:b1:6e:49:e5:c7:39:62:c0:28:fc:ae:c9:c1:
e7:d9:85:31:69:bc:d1:87:72:99:34:f1:df:3e:95:b9:5b:38:
bf:25:34:c1
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDGOCvMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFj
YWFkOTM5MDhhYWQ4ZDI0NmViNjlmN2U2NmFhNzBkZTViZDVhMTcwHhcNMjIwNTA1
MDkyMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmZDg5Y2JlMzJmOWM5
MDA1MDZkMTIyYTNhNDM1Y2FhZTQ3MzM1ZDEzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtAWMW6gEs4R+3QH6U0dnbc8R3koO1E3C6O3EvAiAPAO1QBHT
j6xGXVvz4ZeGEwtNszUUfBDDteRi7FiPXwnAehPcpkuL77qMrt48j30B9oPRkSpF
QS7zZoSt/SrbQbcfYOuebEtYb/hpVrznSZ/fk2kQVeGvIYYZWEfS4ji/CKJgUrFI
BXd1DqviwdLyNLJk13k69No0tFf6jmg5zzza4pDDEtsT3ZU2QXQsrnVGxvqMas8y
UgeiLqAPr/edt1bKbckwtk8pJ1CybtisNA7rtzOEpMbyc1Lan+vfqONIsos119sy
4OvyerJ+VHW7B3JoetK1Yzho0Tx46HwMweZVaQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFP2Jy+MvnJAFBtEio6Q1yq5HM10TMB8GA1UdIwQYMBaAFByq2TkIqtjSRutp
9+Zqpw3lvVoXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SEtyWk9RaXEyTkpHNjJuMzVtcW5EZVc5V2hjLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hNS9hYmI2Y2EtMWExMS00YmE1LTllZTMtYTc5OGJkYzczMTFmLzEv
X1luTDR5LWNrQVVHMFNLanBEWEtya2N6WFJNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9h
YmI2Y2EtMWExMS00YmE1LTllZTMtYTc5OGJkYzczMTFmLzEvSEtyWk9RaXEyTkpH
NjJuMzVtcW5EZVc5V2hjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucdYMA0GCSqGSIb3DQEBCwUAA4IB
AQA1q31ehmo0or1mBJk80g+H/guY5LPVmbtyeOfJuc8JL1OgUex6PQ6nw88eAmSZ
PQ/gtePn5NdthT135GL8iUmIp9e9kQ0xgdsdJpeMoFuAC0xEDeDRhLv+EudzKZJf
ZhT5N7b1a42SRdCX5NNv3Y4B3XJIP4i1Qnsamq7fLN0QqQG7nRTQdoHFO0qBxuZC
l00Y2Zg6WWByCPUE7qZqFFOie2tE3s6nXfdrf5C39lzObObJmCW2Zphy8e8S9eJ/
U5Ha/vpP08b3zh8AZZHre92Fcn6CkYIV7/q6UmkoErFuSeXHOWLAKPyuycHn2YUx
abzRh3KZNPHfPpW5Wzi/JTTB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:46 2023 by rpki-client on console-fra.rpki-client.org