Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8f551f-2425-434d-afb5-a762e9c0dd32/1/B9paPiwgYndibBI392gpBPn_8uo.roa
File: B9paPiwgYndibBI392gpBPn_8uo.roa (raw, json)
Hash identifier: gOPlbXueelMBrbOCMadZpTqR1LNrGk+4DZ+gOr4WN08=
Subject key identifier: 07:DA:5A:3E:2C:20:62:77:62:6C:12:37:F7:68:29:04:F9:FF:F2:EA
Certificate issuer: /CN=71cec269f84d5641ff63a63d1f3997c8cfd4fe28
Certificate serial: 018AEFCC
Authority key identifier: 71:CE:C2:69:F8:4D:56:41:FF:63:A6:3D:1F:39:97:C8:CF:D4:FE:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cc7CafhNVkH_Y6Y9HzmXyM_U_ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/8f551f-2425-434d-afb5-a762e9c0dd32/1/B9paPiwgYndibBI392gpBPn_8uo.roa
Signing time: Sat 01 Jan 2022 15:01:20 +0000
ROA not before: Sat 01 Jan 2022 15:01:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 185.228.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25882572 (0x18aefcc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71cec269f84d5641ff63a63d1f3997c8cfd4fe28
Validity
Not Before: Jan 1 15:01:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=07da5a3e2c206277626c1237f7682904f9fff2ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2b:08:a9:9e:7d:cb:1c:84:a3:53:44:ac:48:
ee:37:a2:dc:c6:03:9f:40:98:5f:1d:93:21:71:04:
4b:c9:f0:91:6e:99:84:b0:1b:3a:9f:c5:9a:ae:f0:
c5:c1:99:a4:28:41:17:bd:33:37:06:e7:fe:a2:eb:
69:23:13:56:5d:75:97:bc:3d:5d:7d:7d:fc:b1:de:
f7:a4:62:f5:2d:4e:24:b1:77:a3:ab:a3:91:87:8b:
2c:67:64:f6:8d:d1:2f:59:9a:e0:6d:e0:4b:ee:63:
e4:a9:eb:88:4c:97:8c:09:49:b7:3f:00:c8:e7:85:
1c:f8:c7:b6:63:b2:89:ea:f2:fe:ed:4f:0f:7b:9a:
58:0f:fa:57:42:20:e9:46:5a:8a:a6:1b:51:ad:a1:
2f:7f:be:87:13:95:69:a2:60:e7:1e:48:63:c0:bf:
f4:e6:bd:00:c9:d6:9b:02:b7:78:2a:37:2c:64:8b:
29:00:98:b3:f5:98:ce:c8:02:d5:2b:3a:30:74:d1:
b2:98:c3:9a:f8:c8:82:a8:a5:30:1a:9c:0c:1c:3c:
00:a7:45:5b:d3:6b:4b:b3:86:67:c0:9f:a4:90:15:
97:31:db:c1:ca:ae:b3:01:3f:c0:8d:6e:16:4b:10:
3a:40:e6:bf:47:f3:ff:89:c1:3a:a4:f7:28:0b:7c:
00:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:DA:5A:3E:2C:20:62:77:62:6C:12:37:F7:68:29:04:F9:FF:F2:EA
X509v3 Authority Key Identifier:
keyid:71:CE:C2:69:F8:4D:56:41:FF:63:A6:3D:1F:39:97:C8:CF:D4:FE:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc7CafhNVkH_Y6Y9HzmXyM_U_ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8f551f-2425-434d-afb5-a762e9c0dd32/1/B9paPiwgYndibBI392gpBPn_8uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8f551f-2425-434d-afb5-a762e9c0dd32/1/cc7CafhNVkH_Y6Y9HzmXyM_U_ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.192.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:d5:2a:4b:a5:62:12:b3:5c:0f:89:5b:51:0a:93:b7:5d:18:
9a:de:2f:bf:fb:c8:86:f1:2a:71:2c:5c:df:d5:7f:60:d4:90:
86:a9:a1:39:05:97:97:38:06:d3:32:33:5c:0f:b0:c9:9a:fd:
e4:6b:84:8c:c6:93:68:98:b8:21:a3:1b:4b:20:23:a6:ae:59:
f3:96:b9:b8:3d:25:93:44:ee:e1:c5:ed:0d:bd:eb:df:91:cb:
a6:83:b5:1c:ca:17:13:82:59:af:21:fb:4c:34:88:f7:8e:27:
cb:dd:a5:27:58:70:a1:05:d6:1c:2a:b9:a9:d4:0e:4d:c2:31:
60:b9:7c:99:18:89:5c:11:55:5f:e1:4c:0b:97:1a:83:63:bb:
3f:35:a3:9d:11:36:ab:d2:6d:9f:bb:43:51:fb:31:6a:69:43:
65:f4:bb:0d:02:9f:ef:29:13:74:fc:80:8d:e4:e2:9c:4b:4c:
a3:cb:fb:dd:b2:3d:91:77:df:b5:ee:a4:fa:08:11:c5:d8:97:
f6:fc:c3:d9:a8:3b:3d:00:b8:bf:18:6a:64:88:f1:0d:8a:e5:
8a:9d:56:03:3d:ab:90:b5:58:83:a3:8b:86:f1:a7:7c:1e:37:
c6:c4:cb:4f:fd:e0:c8:3c:f9:5a:65:36:f6:b2:6f:18:29:f5:
e3:c0:20:2e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAYrvzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MWNlYzI2OWY4NGQ1NjQxZmY2M2E2M2QxZjM5OTdjOGNmZDRmZTI4MB4XDTIyMDEw
MTE1MDEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDdkYTVhM2UyYzIw
NjI3NzYyNmMxMjM3Zjc2ODI5MDRmOWZmZjJlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMwrCKmefcschKNTRKxI7jei3MYDn0CYXx2TIXEES8nwkW6Z
hLAbOp/Fmq7wxcGZpChBF70zNwbn/qLraSMTVl11l7w9XX19/LHe96Ri9S1OJLF3
o6ujkYeLLGdk9o3RL1ma4G3gS+5j5KnriEyXjAlJtz8AyOeFHPjHtmOyiery/u1P
D3uaWA/6V0Ig6UZaiqYbUa2hL3++hxOVaaJg5x5IY8C/9Oa9AMnWmwK3eCo3LGSL
KQCYs/WYzsgC1Ss6MHTRspjDmvjIgqilMBqcDBw8AKdFW9NrS7OGZ8CfpJAVlzHb
wcquswE/wI1uFksQOkDmv0fz/4nBOqT3KAt8AP8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQH2lo+LCBid2JsEjf3aCkE+f/y6jAfBgNVHSMEGDAWgBRxzsJp+E1WQf9j
pj0fOZfIz9T+KDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NjN0NhZmhOVmtIX1k2WTlIem1YeU1fVV9pZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvOGY1NTFmLTI0MjUtNDM0ZC1hZmI1LWE3NjJlOWMwZGQzMi8x
L0I5cGFQaXdnWW5kaWJCSTM5MmdwQlBuXzh1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
OGY1NTFmLTI0MjUtNDM0ZC1hZmI1LWE3NjJlOWMwZGQzMi8xL2NjN0NhZmhOVmtI
X1k2WTlIem1YeU1fVV9pZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnkwDANBgkqhkiG9w0BAQsFAAOC
AQEAtdUqS6ViErNcD4lbUQqTt10Ymt4vv/vIhvEqcSxc39V/YNSQhqmhOQWXlzgG
0zIzXA+wyZr95GuEjMaTaJi4IaMbSyAjpq5Z85a5uD0lk0Tu4cXtDb3r35HLpoO1
HMoXE4JZryH7TDSI944ny92lJ1hwoQXWHCq5qdQOTcIxYLl8mRiJXBFVX+FMC5ca
g2O7PzWjnRE2q9Jtn7tDUfsxamlDZfS7DQKf7ykTdPyAjeTinEtMo8v73bI9kXff
te6k+ggRxdiX9vzD2ag7PQC4vxhqZIjxDYrlip1WAz2rkLVYg6OLhvGnfB43xsTL
T/3gyDz5WmU29rJvGCn148AgLg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:08 2024 by rpki-client on console-fra.rpki-client.org