Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/klR3Tw2zhQustpC27SdEaChdhaU.roa
File: klR3Tw2zhQustpC27SdEaChdhaU.roa (raw, json)
Hash identifier: 0xbZ9p/+EGEzLEiF56AqxrPvwXrScXB0PK58PUuY9JA=
Subject key identifier: 92:54:77:4F:0D:B3:85:0B:AC:B6:90:B6:ED:27:44:68:28:5D:85:A5
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 02A850A0
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/klR3Tw2zhQustpC27SdEaChdhaU.roa
Signing time: Sat 01 Jan 2022 13:01:18 +0000
ROA not before: Sat 01 Jan 2022 13:01:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208058
IP address blocks: 185.125.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44585120 (0x2a850a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jan 1 13:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9254774f0db3850bacb690b6ed274468285d85a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:60:37:19:73:66:cb:e7:0c:f1:8e:cc:5d:25:
ad:06:24:57:f0:8a:ac:65:f4:af:44:25:47:69:40:
d2:72:2a:45:38:73:bb:d6:b8:a6:1b:59:b9:50:17:
db:92:17:63:ef:31:7c:51:bc:8b:5e:87:37:ec:02:
85:53:a2:63:a9:d3:4f:65:cb:47:3b:71:e0:de:52:
26:09:7b:28:3d:41:dd:91:48:c3:6d:97:ed:60:16:
05:08:2e:db:24:e6:f4:ef:fb:8c:f3:1c:87:b1:3f:
5c:4d:5e:ab:a7:26:93:19:98:3a:a0:6e:d0:3b:75:
bd:12:ee:a8:93:17:9c:29:b7:37:9f:9f:f8:9a:d2:
7d:7f:30:d5:a1:aa:91:5a:46:8a:19:f8:08:79:a7:
97:6a:b0:df:08:a0:0c:05:3e:ee:79:3c:5d:9d:aa:
d6:de:fa:54:40:76:a8:23:82:0d:34:88:3d:94:f7:
17:d0:a3:d6:3c:6a:79:71:8c:72:1c:33:07:cc:86:
f6:e3:71:d6:73:40:01:07:b3:4f:7b:af:da:bc:a0:
b2:70:a1:96:2f:6f:25:23:a9:7b:59:8a:72:0a:ac:
37:c4:fe:7c:e7:0a:11:96:7b:23:d5:7e:63:e1:2c:
c3:d2:4d:fc:07:91:c6:ad:8a:45:29:96:c2:e4:07:
5e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:54:77:4F:0D:B3:85:0B:AC:B6:90:B6:ED:27:44:68:28:5D:85:A5
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/klR3Tw2zhQustpC27SdEaChdhaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.192.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:4e:77:01:56:65:eb:09:5f:8f:3c:81:6d:f1:a3:47:0d:c1:
3d:65:b8:80:9a:52:cf:0a:ce:13:1c:eb:65:12:11:cd:e2:22:
57:31:c4:a6:8c:03:f1:67:88:30:68:f6:b7:2f:5c:2f:f6:77:
83:a6:17:bb:c8:7b:58:bf:bb:8a:54:88:11:c5:ed:5f:f2:25:
35:7f:e7:17:7c:15:ee:f5:e0:d5:5e:27:15:ca:45:6b:02:4b:
f3:22:d0:a9:b0:74:74:1d:9a:6b:b3:d3:13:bd:c1:00:c4:bb:
ae:9f:de:60:65:ea:b0:c7:21:e5:d5:2c:24:86:53:ae:89:a9:
06:11:66:49:87:17:f8:34:cd:29:ef:7e:23:07:86:28:17:f4:
82:a1:4c:00:30:79:0a:b4:d1:a2:84:3d:98:42:b5:e7:d2:47:
30:5f:b3:f7:67:31:51:7a:b8:b8:f2:f4:2a:5a:e8:c0:59:c7:
5c:e0:7b:d4:ac:20:25:ba:60:f7:f2:36:42:62:e0:96:3c:8c:
5f:47:a5:8a:e4:9e:f2:30:10:83:9e:d0:8c:54:ee:c5:ee:4f:
55:d0:a3:28:34:0d:86:a4:2b:f6:5c:ef:47:d4:36:23:b2:b7:
2c:23:7d:83:c6:61:bb:03:f8:48:85:ec:84:37:bc:42:31:cc:
3d:4f:61:d0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAqhQoDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YmE1MWEwYmMwZjBhZmViYmY2ZDVkOTI3ZmUxZjk4MTZmNTIzNTJkMB4XDTIyMDEw
MTEzMDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTI1NDc3NGYwZGIz
ODUwYmFjYjY5MGI2ZWQyNzQ0NjgyODVkODVhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBgNxlzZsvnDPGOzF0lrQYkV/CKrGX0r0QlR2lA0nIqRThz
u9a4phtZuVAX25IXY+8xfFG8i16HN+wChVOiY6nTT2XLRztx4N5SJgl7KD1B3ZFI
w22X7WAWBQgu2yTm9O/7jPMch7E/XE1eq6cmkxmYOqBu0Dt1vRLuqJMXnCm3N5+f
+JrSfX8w1aGqkVpGihn4CHmnl2qw3wigDAU+7nk8XZ2q1t76VEB2qCOCDTSIPZT3
F9Cj1jxqeXGMchwzB8yG9uNx1nNAAQezT3uv2rygsnChli9vJSOpe1mKcgqsN8T+
fOcKEZZ7I9V+Y+Esw9JN/AeRxq2KRSmWwuQHXikCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSSVHdPDbOFC6y2kLbtJ0RoKF2FpTAfBgNVHSMEGDAWgBQbpRoLwPCv679t
XZJ/4fmBb1I1LTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0c2VWFDOER3ci11X2JWMlNmLUg1Z1c5U05TMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNGYyMTFlLTc5ZDctNDUwNC05ZWFkLTg3MWY5ZWQ3MDhlMC8x
L2tsUjNUdzJ6aFF1c3RwQzI3U2RFYUNoZGhhVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NGYyMTFlLTc5ZDctNDUwNC05ZWFkLTg3MWY5ZWQ3MDhlMC8xL0c2VWFDOER3ci11
X2JWMlNmLUg1Z1c5U05TMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl9wDANBgkqhkiG9w0BAQsFAAOC
AQEAak53AVZl6wlfjzyBbfGjRw3BPWW4gJpSzwrOExzrZRIRzeIiVzHEpowD8WeI
MGj2ty9cL/Z3g6YXu8h7WL+7ilSIEcXtX/IlNX/nF3wV7vXg1V4nFcpFawJL8yLQ
qbB0dB2aa7PTE73BAMS7rp/eYGXqsMch5dUsJIZTrompBhFmSYcX+DTNKe9+IweG
KBf0gqFMADB5CrTRooQ9mEK159JHMF+z92cxUXq4uPL0KlrowFnHXOB71KwgJbpg
9/I2QmLgljyMX0eliuSe8jAQg57QjFTuxe5PVdCjKDQNhqQr9lzvR9Q2I7K3LCN9
g8ZhuwP4SIXshDe8QjHMPU9h0A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:17 2023 by rpki-client on console-ams.rpki-client.org