Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/g1UhvDANNn4rTF_0fmIbvVT31iY.roa
File: g1UhvDANNn4rTF_0fmIbvVT31iY.roa (raw, json)
Hash identifier: eLaCRHWjFkE/p7rA20YsA8tIdTQupEF+7+WKdeFBFeo=
Subject key identifier: 83:55:21:BC:30:0D:36:7E:2B:4C:5F:F4:7E:62:1B:BD:54:F7:D6:26
Certificate issuer: /CN=f278acbcc46f133efd393f51160fdbb7607e1e16
Certificate serial: 0131C10E
Authority key identifier: F2:78:AC:BC:C4:6F:13:3E:FD:39:3F:51:16:0F:DB:B7:60:7E:1E:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nisvMRvEz79OT9RFg_bt2B-HhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/g1UhvDANNn4rTF_0fmIbvVT31iY.roa
Signing time: Sat 01 Jan 2022 11:04:18 +0000
ROA not before: Sat 01 Jan 2022 11:04:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203936
IP address blocks: 185.191.250.0/23 maxlen: 23
185.191.248.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20037902 (0x131c10e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f278acbcc46f133efd393f51160fdbb7607e1e16
Validity
Not Before: Jan 1 11:04:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=835521bc300d367e2b4c5ff47e621bbd54f7d626
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:5f:67:84:90:43:3b:e7:5b:95:d2:2c:20:2e:
3c:33:f7:6c:5c:2f:26:e9:c7:d5:d4:40:bb:61:cf:
b8:79:f5:a6:42:6f:a6:ba:97:e3:09:67:bd:22:1a:
bc:34:72:99:32:af:ea:1a:0d:30:7b:b4:5a:2b:b8:
ab:a4:47:a5:d7:34:d2:37:56:1e:19:06:a1:ce:fc:
c0:86:22:c6:e4:2e:62:d6:d9:0e:0d:dc:01:07:53:
54:a7:72:ce:75:3b:8b:2b:b5:1d:d1:3d:94:e7:ad:
de:d2:8e:30:95:3a:67:17:f7:b8:ca:bc:79:53:e3:
af:ef:87:2c:d1:37:53:15:be:19:7f:60:6a:3b:c5:
f4:ba:30:f0:da:b0:40:06:7c:77:44:31:94:ad:e1:
14:66:8d:f1:9f:73:e6:62:a0:f2:f6:21:29:b4:b7:
26:d9:38:96:b3:ca:bc:72:9d:51:9d:ee:1f:cf:a5:
cd:51:61:a6:06:e8:fc:68:1e:63:92:1e:80:00:72:
04:1a:aa:cd:37:a5:73:b5:90:b6:88:8a:fe:f6:39:
b8:4f:6b:5d:f7:aa:60:81:1a:de:ce:1a:e7:a4:61:
33:ab:f0:ec:05:83:8e:bb:d2:a9:fe:f0:c1:20:50:
f4:da:2f:7e:84:9a:1b:c2:1c:ad:f9:ee:40:2a:e0:
29:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:55:21:BC:30:0D:36:7E:2B:4C:5F:F4:7E:62:1B:BD:54:F7:D6:26
X509v3 Authority Key Identifier:
keyid:F2:78:AC:BC:C4:6F:13:3E:FD:39:3F:51:16:0F:DB:B7:60:7E:1E:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nisvMRvEz79OT9RFg_bt2B-HhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/g1UhvDANNn4rTF_0fmIbvVT31iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/8nisvMRvEz79OT9RFg_bt2B-HhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.248.0/22
Signature Algorithm: sha256WithRSAEncryption
34:6c:e8:1f:1d:d5:fe:a2:a1:bf:cb:72:3a:a6:44:6e:aa:04:
72:e5:98:8a:f8:2c:14:32:d9:40:1b:81:00:f6:ff:fe:a5:3b:
24:f4:9b:ac:88:2b:4b:11:a8:26:a4:e2:98:23:05:fc:11:f0:
7b:e6:3b:d2:c4:e7:8d:cd:2c:8c:5d:6f:27:d0:1a:ab:60:78:
e3:9d:9e:83:4c:af:a4:f1:b1:27:1d:78:5d:b0:fc:5c:e5:07:
0c:5c:87:a5:da:ec:de:1a:bd:d0:5a:ac:2d:69:67:f1:e4:f6:
5d:cc:f5:76:de:80:62:f8:bf:dc:4a:6e:37:42:f7:c3:e7:7c:
5f:97:79:c6:67:83:4d:7d:93:bb:0c:5c:56:5d:8e:d0:f0:a7:
31:f8:53:46:37:9b:a3:26:b7:cb:dc:93:eb:67:50:21:79:73:
d4:30:8c:2b:41:21:5d:e2:29:64:4d:50:b9:c7:57:2b:30:5a:
11:21:56:19:bd:4c:f3:c4:f3:92:fd:58:83:ad:47:e7:0f:67:
12:9d:80:56:9c:e4:c7:62:65:c6:e0:8a:77:bf:9d:26:3f:94:
5b:b1:07:ab:d5:b5:03:6d:eb:4c:0b:89:a2:cb:85:0d:c4:7a:
6d:15:ce:98:29:e1:00:fc:44:39:17:77:b7:76:b4:a6:91:a6:
a2:be:98:67
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATHBDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Mjc4YWNiY2M0NmYxMzNlZmQzOTNmNTExNjBmZGJiNzYwN2UxZTE2MB4XDTIyMDEw
MTExMDQxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODM1NTIxYmMzMDBk
MzY3ZTJiNGM1ZmY0N2U2MjFiYmQ1NGY3ZDYyNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZfZ4SQQzvnW5XSLCAuPDP3bFwvJunH1dRAu2HPuHn1pkJv
prqX4wlnvSIavDRymTKv6hoNMHu0Wiu4q6RHpdc00jdWHhkGoc78wIYixuQuYtbZ
Dg3cAQdTVKdyznU7iyu1HdE9lOet3tKOMJU6Zxf3uMq8eVPjr++HLNE3UxW+GX9g
ajvF9Low8NqwQAZ8d0QxlK3hFGaN8Z9z5mKg8vYhKbS3Jtk4lrPKvHKdUZ3uH8+l
zVFhpgbo/GgeY5IegAByBBqqzTelc7WQtoiK/vY5uE9rXfeqYIEa3s4a56RhM6vw
7AWDjrvSqf7wwSBQ9NovfoSaG8IcrfnuQCrgKaECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSDVSG8MA02fitMX/R+Yhu9VPfWJjAfBgNVHSMEGDAWgBTyeKy8xG8TPv05
P1EWD9u3YH4eFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhuaXN2TVJ2RXo3OU9UOVJGZ19idDJCLUhoWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvNTM3MjY3LWIyNDMtNDY1Ny05OWZmLTk0YjUxNDQzM2MxMS8x
L2cxVWh2REFOTm40clRGXzBmbUlidlZUMzFpWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
NTM3MjY3LWIyNDMtNDY1Ny05OWZmLTk0YjUxNDQzM2MxMS8xLzhuaXN2TVJ2RXo3
OU9UOVJGZ19idDJCLUhoWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArm/+DANBgkqhkiG9w0BAQsFAAOC
AQEANGzoHx3V/qKhv8tyOqZEbqoEcuWYivgsFDLZQBuBAPb//qU7JPSbrIgrSxGo
JqTimCMF/BHwe+Y70sTnjc0sjF1vJ9Aaq2B4452eg0yvpPGxJx14XbD8XOUHDFyH
pdrs3hq90FqsLWln8eT2Xcz1dt6AYvi/3EpuN0L3w+d8X5d5xmeDTX2TuwxcVl2O
0PCnMfhTRjeboya3y9yT62dQIXlz1DCMK0EhXeIpZE1QucdXKzBaESFWGb1M88Tz
kv1Yg61H5w9nEp2AVpzkx2JlxuCKd7+dJj+UW7EHq9W1A23rTAuJosuFDcR6bRXO
mCnhAPxEORd3t3a0ppGmor6YZw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:43 2025 by rpki-client