Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/fHTJELa7o6YYcPqDwJIfFxKIgEY.roa
File: fHTJELa7o6YYcPqDwJIfFxKIgEY.roa (raw, json)
Hash identifier: qBWx3kdX5IPT4AbDibN/3aSVarHOdu35jrmcbJOcyyY=
Subject key identifier: 7C:74:C9:10:B6:BB:A3:A6:18:70:FA:83:C0:92:1F:17:12:88:80:46
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 0182EAC836BBAACFF68849AD9CF3C5605E4F
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/fHTJELa7o6YYcPqDwJIfFxKIgEY.roa
Signing time: Mon 29 Aug 2022 18:06:05 +0000
ROA not before: Mon 29 Aug 2022 18:06:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 185.164.64.0/23 maxlen: 23
2a0f:4cc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:c8:36:bb:aa:cf:f6:88:49:ad:9c:f3:c5:60:5e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Aug 29 18:06:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c74c910b6bba3a61870fa83c0921f1712888046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b2:82:1e:65:14:84:a4:64:e9:07:c8:69:f7:
78:96:87:2a:dd:8f:ba:d3:d7:67:c9:d1:85:e2:07:
39:90:9a:e9:fa:7d:7d:d0:c0:ba:70:65:ad:6c:09:
37:98:c0:dc:25:e5:ca:cc:16:44:93:88:19:f4:6b:
9e:00:0c:bb:75:5c:14:47:a3:1e:53:ff:05:42:4c:
8a:20:72:46:23:a6:89:8e:cb:0d:f3:f3:70:41:23:
be:06:c6:b5:8f:d2:74:4f:38:84:d6:76:1f:29:10:
f5:ce:e5:55:d7:42:35:32:8e:ee:09:2f:40:48:fd:
da:bb:32:7f:02:56:8d:e3:3c:c0:51:3e:c1:34:2a:
57:46:73:e2:6b:ce:53:c6:f8:5b:f8:88:e7:3f:a8:
25:5b:01:da:28:58:ad:a9:91:8a:87:9c:a6:c7:84:
42:47:04:e5:70:8b:b6:31:00:b4:f7:64:ca:69:d8:
b4:e7:28:4d:c9:45:50:c6:cd:52:55:a6:a4:60:e8:
7b:7d:9a:0f:fa:d1:bf:ad:3c:a8:0c:02:07:6a:f4:
66:d4:a9:62:0b:2d:5f:e6:45:26:1c:2a:c3:75:2f:
11:46:9c:46:92:74:02:3e:c6:be:5c:c5:a6:5c:74:
14:28:aa:3b:c4:af:f0:b6:27:3d:48:c8:0b:28:91:
83:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:74:C9:10:B6:BB:A3:A6:18:70:FA:83:C0:92:1F:17:12:88:80:46
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/fHTJELa7o6YYcPqDwJIfFxKIgEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.64.0/23
IPv6:
2a0f:4cc0::/29
Signature Algorithm: sha256WithRSAEncryption
5e:8d:d2:a7:1c:5f:6b:67:d5:9c:27:27:e2:49:f2:5f:3c:e5:
86:c0:12:96:60:47:6d:b2:1a:2b:b4:27:c9:22:f0:d2:0e:c9:
8c:cc:b8:27:96:0b:ac:87:cd:c6:db:fb:05:65:0b:83:52:66:
5a:4d:ce:12:9e:d6:fb:69:f5:39:96:09:30:53:17:79:60:dd:
65:31:63:c4:b3:65:23:79:ca:33:84:b6:7a:6e:26:7d:56:77:
8a:7a:70:11:1a:a7:5e:89:fe:7a:12:93:56:b8:04:be:6b:fb:
eb:81:13:8a:18:da:ff:0d:16:d0:e2:f5:82:a2:1f:a4:02:21:
d2:68:a1:d1:cf:48:0d:33:1e:c0:8d:2b:23:77:2c:1d:c2:4d:
26:98:42:5b:4e:bf:42:ed:79:9b:92:93:72:9f:92:c2:46:9a:
e8:9b:ed:d7:06:00:1f:9c:76:55:6d:4a:cc:9d:32:61:32:d5:
95:b3:19:d3:59:bf:e9:03:20:c6:f9:60:f1:3b:7f:40:6a:1f:
ae:2c:e1:fa:1a:ab:14:ce:96:05:1e:2e:33:50:41:a2:ed:67:
67:c6:8a:33:c9:6b:ee:93:64:f4:11:06:27:43:b2:7e:1b:8d:
03:bf:ad:47:8e:cd:a7:fc:1a:51:f9:af:aa:9d:9a:ec:4b:a5:
19:5b:99:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYLqyDa7qs/2iEmtnPPFYF5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjIwODI5MTgwNjA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Yzc0YzkxMGI2YmJhM2E2MTg3MGZhODNjMDkyMWYxNzEyODg4MDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7KCHmUUhKRk6QfIafd4locq3Y+6
09dnydGF4gc5kJrp+n190MC6cGWtbAk3mMDcJeXKzBZEk4gZ9GueAAy7dVwUR6Me
U/8FQkyKIHJGI6aJjssN8/NwQSO+Bsa1j9J0TziE1nYfKRD1zuVV10I1Mo7uCS9A
SP3auzJ/AlaN4zzAUT7BNCpXRnPia85Txvhb+IjnP6glWwHaKFitqZGKh5ymx4RC
RwTlcIu2MQC092TKadi05yhNyUVQxs1SVaakYOh7fZoP+tG/rTyoDAIHavRm1Kli
Cy1f5kUmHCrDdS8RRpxGknQCPsa+XMWmXHQUKKo7xK/wtic9SMgLKJGDSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHx0yRC2u6OmGHD6g8CSHxcSiIBGMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvZkhUSkVMYTdvNllZY1BxRHdKSWZGeEtJZ0VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuaRAMA0E
AgACMAcDBQMqD0zAMA0GCSqGSIb3DQEBCwUAA4IBAQBejdKnHF9rZ9WcJyfiSfJf
POWGwBKWYEdtshortCfJIvDSDsmMzLgnlgush83G2/sFZQuDUmZaTc4Sntb7afU5
lgkwUxd5YN1lMWPEs2UjecozhLZ6biZ9VneKenARGqdeif56EpNWuAS+a/vrgROK
GNr/DRbQ4vWCoh+kAiHSaKHRz0gNMx7AjSsjdywdwk0mmEJbTr9C7XmbkpNyn5LC
Rprom+3XBgAfnHZVbUrMnTJhMtWVsxnTWb/pAyDG+WDxO39Aah+uLOH6GqsUzpYF
Hi4zUEGi7WdnxoozyWvuk2T0EQYnQ7J+G40Dv61Hjs2n/BpR+a+qnZrsS6UZW5m4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:07 2023 by rpki-client on console-fra.rpki-client.org