Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/46ca25-7595-4e7f-a4b1-23386749fbdf/1/aLw4UahczDQZgf1rBavgTPcU2RE.roa
File: aLw4UahczDQZgf1rBavgTPcU2RE.roa (raw, json)
Hash identifier: XYD2DXmy3PwyBX5E8ejxNZ0W7Clos5wXEKw7Swn3gtI=
Subject key identifier: 68:BC:38:51:A8:5C:CC:34:19:81:FD:6B:05:AB:E0:4C:F7:14:D9:11
Certificate issuer: /CN=0acf0a954639c83582974bd29c1992272b3683a3
Certificate serial: 0183E75DDDCBE543E060A7CCCA83A8068BFE
Authority key identifier: 0A:CF:0A:95:46:39:C8:35:82:97:4B:D2:9C:19:92:27:2B:36:83:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cs8KlUY5yDWCl0vSnBmSJys2g6M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/46ca25-7595-4e7f-a4b1-23386749fbdf/1/aLw4UahczDQZgf1rBavgTPcU2RE.roa
Signing time: Mon 17 Oct 2022 19:13:52 +0000
ROA not before: Mon 17 Oct 2022 19:13:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 185.202.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e7:5d:dd:cb:e5:43:e0:60:a7:cc:ca:83:a8:06:8b:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0acf0a954639c83582974bd29c1992272b3683a3
Validity
Not Before: Oct 17 19:13:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68bc3851a85ccc341981fd6b05abe04cf714d911
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dc:7e:71:ec:e4:e3:3c:b2:99:04:1b:47:5f:
85:3f:75:9e:3f:2f:de:3d:bf:67:ca:a0:33:ea:3f:
ce:88:e8:1d:35:97:00:93:6e:fe:13:33:c5:de:07:
f4:c9:63:d8:77:fc:c2:c4:8b:c8:90:89:9d:f3:9f:
4d:24:73:c4:a3:16:c2:8d:2c:10:40:62:e6:2e:29:
19:8f:6b:bd:f6:d5:5e:06:b0:42:8c:20:53:9a:14:
af:1f:07:e1:fa:80:0e:91:42:03:be:0b:5e:62:ba:
8c:3f:05:ca:fc:9f:e1:c5:15:fc:2b:47:50:10:2f:
c8:87:81:09:8c:ff:45:22:df:85:5f:12:ff:21:85:
5e:f4:02:15:3e:22:36:e7:b7:c1:b9:58:08:a2:62:
e8:17:77:f8:1b:06:f0:95:81:97:ba:4a:16:ce:92:
fe:79:c4:bf:ad:de:53:eb:a5:23:2b:b6:23:ca:c9:
b3:4b:89:09:b8:f8:e4:d3:44:f6:c0:96:51:9e:20:
be:a0:92:43:8c:4a:c7:06:23:bc:4d:77:77:9a:d3:
2d:e5:99:e0:c8:a2:df:fe:1a:0e:15:fe:45:fc:fe:
62:2a:f8:85:1b:f5:34:a6:1e:bf:66:6c:f3:61:f0:
1b:93:87:ef:7b:f4:0e:3c:2f:ef:9a:bf:79:c2:12:
14:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BC:38:51:A8:5C:CC:34:19:81:FD:6B:05:AB:E0:4C:F7:14:D9:11
X509v3 Authority Key Identifier:
keyid:0A:CF:0A:95:46:39:C8:35:82:97:4B:D2:9C:19:92:27:2B:36:83:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cs8KlUY5yDWCl0vSnBmSJys2g6M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/46ca25-7595-4e7f-a4b1-23386749fbdf/1/aLw4UahczDQZgf1rBavgTPcU2RE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/46ca25-7595-4e7f-a4b1-23386749fbdf/1/Cs8KlUY5yDWCl0vSnBmSJys2g6M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.110.0/24
Signature Algorithm: sha256WithRSAEncryption
23:bb:52:d7:bd:86:65:b4:a9:10:6a:2e:cd:67:be:27:aa:c8:
00:c3:8c:47:25:eb:e1:a5:40:02:b0:ab:42:64:9c:7b:c3:84:
2a:37:71:95:18:26:28:00:81:ad:4f:40:76:8e:74:38:32:56:
e9:cd:0e:62:0b:39:34:3f:f2:4f:0a:66:c6:c4:1d:14:d8:2e:
72:7a:56:cf:a5:bb:42:16:1f:7f:4e:84:d2:ff:e0:d9:89:a4:
b1:e1:28:f1:35:6d:2b:b9:e9:53:13:9d:67:f1:89:ae:47:36:
db:7d:1e:78:ee:a2:1d:f5:af:c3:79:f7:bc:6f:6b:c1:46:7f:
5e:03:c4:7a:bd:c4:49:82:2c:2a:7d:56:3e:b9:ee:98:ae:aa:
a2:7d:a2:ad:d1:8e:3d:a3:5c:ec:55:b8:14:be:02:03:f9:c5:
5a:6d:4f:20:eb:b8:d9:44:6e:62:a8:db:6a:d1:58:89:8c:99:
fa:8b:5f:55:f4:20:bf:06:d1:25:63:21:78:fc:83:57:57:af:
fc:fb:6d:ea:8c:5e:84:a9:2a:a7:2d:c9:93:3a:cf:44:79:c9:
2b:d4:48:ed:34:9a:b6:e3:f8:75:12:fc:b1:85:9d:1b:77:10:
ad:ef:f0:5d:fa:e9:8b:78:71:e1:96:15:84:f6:64:50:da:e5:
7d:a3:c8:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPnXd3L5UPgYKfMyoOoBov+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhY2YwYTk1NDYzOWM4MzU4Mjk3NGJkMjljMTk5MjI3MmIz
NjgzYTMwHhcNMjIxMDE3MTkxMzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJjMzg1MWE4NWNjYzM0MTk4MWZkNmIwNWFiZTA0Y2Y3MTRkOTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidx+cezk4zyymQQbR1+FP3WePy/e
Pb9nyqAz6j/OiOgdNZcAk27+EzPF3gf0yWPYd/zCxIvIkImd859NJHPEoxbCjSwQ
QGLmLikZj2u99tVeBrBCjCBTmhSvHwfh+oAOkUIDvgteYrqMPwXK/J/hxRX8K0dQ
EC/Ih4EJjP9FIt+FXxL/IYVe9AIVPiI257fBuVgIomLoF3f4GwbwlYGXukoWzpL+
ecS/rd5T66UjK7YjysmzS4kJuPjk00T2wJZRniC+oJJDjErHBiO8TXd3mtMt5Zng
yKLf/hoOFf5F/P5iKviFG/U0ph6/ZmzzYfAbk4fve/QOPC/vmr95whIUSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGi8OFGoXMw0GYH9awWr4Ez3FNkRMB8GA1UdIwQY
MBaAFArPCpVGOcg1gpdL0pwZkicrNoOjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3M4S2xVWTV5RFdDbDB2U25CbVNKeXMyZzZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy80NmNhMjUtNzU5NS00ZTdmLWE0YjEt
MjMzODY3NDlmYmRmLzEvYUx3NFVhaGN6RFFaZ2YxckJhdmdUUGNVMlJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy80NmNhMjUtNzU5NS00ZTdmLWE0YjEtMjMzODY3NDlmYmRm
LzEvQ3M4S2xVWTV5RFdDbDB2U25CbVNKeXMyZzZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucpuMA0G
CSqGSIb3DQEBCwUAA4IBAQAju1LXvYZltKkQai7NZ74nqsgAw4xHJevhpUACsKtC
ZJx7w4QqN3GVGCYoAIGtT0B2jnQ4MlbpzQ5iCzk0P/JPCmbGxB0U2C5yelbPpbtC
Fh9/ToTS/+DZiaSx4SjxNW0ruelTE51n8YmuRzbbfR547qId9a/Defe8b2vBRn9e
A8R6vcRJgiwqfVY+ue6YrqqifaKt0Y49o1zsVbgUvgID+cVabU8g67jZRG5iqNtq
0ViJjJn6i19V9CC/BtElYyF4/INXV6/8+23qjF6EqSqnLcmTOs9Eeckr1EjtNJq2
4/h1EvyxhZ0bdxCt7/Bd+umLeHHhlhWE9mRQ2uV9o8iv
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:05 2023 by rpki-client on console-fra.rpki-client.org