Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/804c2c-85fd-429f-bbaf-f6b044dcd624/1/Kr6PbyH3FHLWslFzyQPAUjjpaNk.roa
File: Kr6PbyH3FHLWslFzyQPAUjjpaNk.roa (raw, json)
Hash identifier: npFMkM7QYlVJQlN8iLEbEtFm85PPL+WF6Mip4BaY4GA=
Subject key identifier: 2A:BE:8F:6F:21:F7:14:72:D6:B2:51:73:C9:03:C0:52:38:E9:68:D9
Certificate issuer: /CN=3c614bf257d3af770bbf3c6c2d35bfa465686ceb
Certificate serial: 2FF7BD8D
Authority key identifier: 3C:61:4B:F2:57:D3:AF:77:0B:BF:3C:6C:2D:35:BF:A4:65:68:6C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PGFL8lfTr3cLvzxsLTW_pGVobOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/804c2c-85fd-429f-bbaf-f6b044dcd624/1/Kr6PbyH3FHLWslFzyQPAUjjpaNk.roa
Signing time: Sat 01 Jan 2022 15:02:20 +0000
ROA not before: Sat 01 Jan 2022 15:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61171
IP address blocks: 185.10.24.0/24 maxlen: 24
185.10.25.0/24 maxlen: 24
185.10.26.0/24 maxlen: 24
185.10.27.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 804765069 (0x2ff7bd8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c614bf257d3af770bbf3c6c2d35bfa465686ceb
Validity
Not Before: Jan 1 15:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2abe8f6f21f71472d6b25173c903c05238e968d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b1:0f:5e:df:f5:2c:57:81:7a:88:e3:63:dc:
ad:d2:76:e0:95:31:8a:4e:c2:f7:d3:61:c3:b3:d5:
4a:7c:62:47:3d:52:bd:15:b4:50:9f:58:12:69:61:
af:31:23:5c:81:26:e0:fb:6f:0a:3d:4c:70:11:9d:
9a:d8:09:d7:e1:81:0d:31:a3:85:9c:97:de:8d:ff:
94:b0:8c:f9:63:48:35:db:6a:bc:b3:34:66:ae:49:
98:0e:ed:18:25:e4:31:d7:58:f4:0a:8f:4c:d2:5b:
18:b4:55:20:4f:79:c4:20:61:d4:30:f8:0f:93:2e:
64:54:4e:94:1a:18:67:a6:ea:17:0a:97:2e:7b:5b:
9f:83:a0:b9:a0:4e:6c:b9:57:09:c8:8b:fe:c5:cf:
ed:85:f6:a0:23:48:5e:2d:9d:54:29:8d:e1:31:82:
b2:94:8f:b4:6d:58:fa:56:ca:dd:2f:93:1b:c9:21:
57:d9:73:6b:e7:a2:45:92:c3:0a:e7:cc:52:66:21:
67:7d:58:7f:1f:c2:05:ea:c5:5f:4d:d6:6c:bd:d0:
ab:3b:52:84:9d:ce:fd:ce:f3:97:ac:b9:f2:a1:cb:
2b:ee:b2:b5:36:a6:69:fd:3a:18:d3:05:ef:bd:93:
2b:a8:af:37:bc:65:bc:d8:e5:4a:9b:ea:60:d4:e7:
52:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:BE:8F:6F:21:F7:14:72:D6:B2:51:73:C9:03:C0:52:38:E9:68:D9
X509v3 Authority Key Identifier:
keyid:3C:61:4B:F2:57:D3:AF:77:0B:BF:3C:6C:2D:35:BF:A4:65:68:6C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PGFL8lfTr3cLvzxsLTW_pGVobOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/804c2c-85fd-429f-bbaf-f6b044dcd624/1/Kr6PbyH3FHLWslFzyQPAUjjpaNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/804c2c-85fd-429f-bbaf-f6b044dcd624/1/PGFL8lfTr3cLvzxsLTW_pGVobOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.10.24.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:36:81:0a:5a:9a:0c:5c:3d:b1:62:12:ad:79:ca:d3:8d:87:
f0:39:58:92:47:05:c1:ac:9f:8c:76:e8:e2:73:3e:8b:cf:31:
d1:5f:c0:99:42:74:4a:18:ca:bf:0e:e7:05:b9:a7:e0:44:56:
1d:9f:23:03:2e:dd:a6:32:99:df:4b:79:2a:b9:eb:6e:2a:00:
17:e7:bf:c7:09:71:bf:5b:97:bf:82:2f:9d:38:1c:6c:97:56:
f6:fe:a0:6f:b7:7d:6c:39:c7:c4:20:f8:97:05:f4:6e:bf:51:
8f:b0:cf:95:a6:f2:9e:7a:d0:a9:ca:77:f5:cc:4b:30:8d:e1:
9b:e4:72:ca:94:05:b1:7a:41:ca:09:66:7c:3a:57:ad:15:c2:
87:72:12:93:e0:82:18:98:c0:f7:20:70:f5:e8:80:3f:67:1e:
00:93:08:93:28:ec:8d:4f:39:f2:8d:d7:0d:38:1a:29:97:0d:
37:f5:57:0e:3f:b5:2f:0f:c1:c2:d7:b5:29:08:71:b8:eb:8d:
31:5d:4d:be:38:da:f1:c0:f8:2e:c1:63:08:56:d4:17:2b:31:
c5:29:8e:21:d3:c1:24:02:9e:fd:92:23:59:ef:1f:b5:e8:12:
ae:f5:5c:4a:0f:7c:ce:9b:a6:62:82:3b:ab:6c:00:da:c3:64:
bc:68:8e:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEL/e9jTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzYxNGJmMjU3ZDNhZjc3MGJiZjNjNmMyZDM1YmZhNDY1Njg2Y2ViMB4XDTIyMDEw
MTE1MDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmFiZThmNmYyMWY3
MTQ3MmQ2YjI1MTczYzkwM2MwNTIzOGU5NjhkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyxD17f9SxXgXqI42PcrdJ24JUxik7C99Nhw7PVSnxiRz1S
vRW0UJ9YEmlhrzEjXIEm4PtvCj1McBGdmtgJ1+GBDTGjhZyX3o3/lLCM+WNINdtq
vLM0Zq5JmA7tGCXkMddY9AqPTNJbGLRVIE95xCBh1DD4D5MuZFROlBoYZ6bqFwqX
Lntbn4OguaBObLlXCciL/sXP7YX2oCNIXi2dVCmN4TGCspSPtG1Y+lbK3S+TG8kh
V9lza+eiRZLDCufMUmYhZ31Yfx/CBerFX03WbL3QqztShJ3O/c7zl6y58qHLK+6y
tTamaf06GNMF772TK6ivN7xlvNjlSpvqYNTnUl0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQqvo9vIfcUctayUXPJA8BSOOlo2TAfBgNVHSMEGDAWgBQ8YUvyV9Ovdwu/
PGwtNb+kZWhs6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BHRkw4bGZUcjNjTHZ6eHNMVFdfcEdWb2JPcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvODA0YzJjLTg1ZmQtNDI5Zi1iYmFmLWY2YjA0NGRjZDYyNC8x
L0tyNlBieUgzRkhMV3NsRnp5UVBBVWpqcGFOay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
ODA0YzJjLTg1ZmQtNDI5Zi1iYmFmLWY2YjA0NGRjZDYyNC8xL1BHRkw4bGZUcjNj
THZ6eHNMVFdfcEdWb2JPcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkKGDANBgkqhkiG9w0BAQsFAAOC
AQEAXTaBClqaDFw9sWISrXnK042H8DlYkkcFwayfjHbo4nM+i88x0V/AmUJ0ShjK
vw7nBbmn4ERWHZ8jAy7dpjKZ30t5KrnrbioAF+e/xwlxv1uXv4IvnTgcbJdW9v6g
b7d9bDnHxCD4lwX0br9Rj7DPlabynnrQqcp39cxLMI3hm+RyypQFsXpByglmfDpX
rRXCh3ISk+CCGJjA9yBw9eiAP2ceAJMIkyjsjU858o3XDTgaKZcNN/VXDj+1Lw/B
wte1KQhxuOuNMV1Nvjja8cD4LsFjCFbUFysxxSmOIdPBJAKe/ZIjWe8ftegSrvVc
Sg98zpumYoI7q2wA2sNkvGiOrQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:40 2023 by rpki-client on console-ams.rpki-client.org