Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/1-CrnriMRD89A8dcw7MoHAfmOEXE.roa
File: 1-CrnriMRD89A8dcw7MoHAfmOEXE.roa (raw, json)
Hash identifier: DjJOiK+XQj1463QJXD+/46oFU2mWxUqIw4ZzUczaxQU=
Subject key identifier: F8:2A:E7:AE:23:11:0F:CF:40:F1:D7:30:EC:CA:07:01:F9:8E:11:71
Certificate issuer: /CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Certificate serial: 0184F56C3750AA4E851038A1D248EBC3BBFA
Authority key identifier: 57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/1-CrnriMRD89A8dcw7MoHAfmOEXE.roa
Signing time: Fri 09 Dec 2022 05:47:00 +0000
ROA not before: Fri 09 Dec 2022 05:47:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 185.2.49.0/24 maxlen: 24
185.2.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f5:6c:37:50:aa:4e:85:10:38:a1:d2:48:eb:c3:bb:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5794afdb5e6a1885780920a54ffa82408ea85ba1
Validity
Not Before: Dec 9 05:47:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f82ae7ae23110fcf40f1d730ecca0701f98e1171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:07:5f:26:df:91:e3:6d:f5:96:f3:c3:0d:07:
9a:c0:25:13:a1:7d:13:c3:fe:70:9a:da:50:e6:90:
2b:41:33:b7:2c:ae:dc:3f:db:2d:78:02:2a:de:40:
96:8a:5f:3e:6f:b2:ef:af:0d:22:fc:91:12:87:c5:
1a:8a:6a:92:1d:56:27:ae:8b:9e:e9:c7:24:27:40:
30:95:e9:f9:d6:16:21:a2:b3:9a:97:b3:1b:46:fa:
f6:85:69:b9:11:12:82:93:59:7a:38:fc:fa:cd:73:
5e:1a:f8:13:67:23:cb:43:8a:db:89:23:20:e7:89:
78:95:77:b8:7d:99:3e:99:ba:bb:81:03:95:ca:79:
c6:b9:bc:95:70:54:b4:e6:16:dc:68:f9:cd:8e:fe:
bd:f6:37:a5:d4:16:9c:a7:ea:5b:c7:dd:fc:5d:f5:
5c:4b:61:95:b9:07:e8:4e:3c:c4:8d:b7:5b:ff:93:
7f:70:23:2d:55:3e:77:80:38:61:52:70:62:e7:b6:
54:13:da:f5:22:28:8f:1c:1f:c3:84:fb:fb:eb:d2:
4d:fe:b0:e9:33:66:57:de:b8:0f:fb:9b:3b:10:7f:
ad:ee:c7:62:94:d1:5a:bd:d5:6e:16:6a:c4:9b:b9:
76:8d:4f:3f:cb:fa:3d:fc:3e:f5:57:1a:41:14:1b:
9e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:2A:E7:AE:23:11:0F:CF:40:F1:D7:30:EC:CA:07:01:F9:8E:11:71
X509v3 Authority Key Identifier:
keyid:57:94:AF:DB:5E:6A:18:85:78:09:20:A5:4F:FA:82:40:8E:A8:5B:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V5Sv215qGIV4CSClT_qCQI6oW6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/1-CrnriMRD89A8dcw7MoHAfmOEXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ddce4d-9912-487d-b55d-47d82a41a8f3/1/V5Sv215qGIV4CSClT_qCQI6oW6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.48.0/23
Signature Algorithm: sha256WithRSAEncryption
32:05:e9:77:2b:7f:8e:39:64:e1:a9:8c:05:f9:d3:84:a0:25:
5a:f1:5e:2c:1b:ff:27:e4:a9:50:7d:d8:00:e7:66:c6:ea:b7:
ea:1e:83:f8:20:4f:e7:61:b4:a5:4c:30:9f:d1:d4:2f:08:d5:
c6:ed:97:5e:27:46:40:49:f8:d9:d3:5f:42:0f:0d:b3:70:ce:
d2:50:bc:1b:25:05:bd:8a:a2:9a:04:dd:77:6f:0a:25:34:6e:
c3:93:40:92:eb:4d:9c:ae:e4:30:17:6e:fe:ce:38:4b:76:46:
f2:59:94:66:37:3d:0e:10:1a:d7:3a:fd:1b:7b:71:e8:fc:01:
db:60:15:a9:56:e6:da:bd:6e:5e:3e:72:6a:bf:3f:7e:da:9c:
4a:33:70:b0:0a:8f:38:0d:5c:1f:63:e3:94:4d:c4:c4:ef:fd:
fa:db:9b:96:7a:f7:b0:61:67:65:b6:c9:aa:7a:ac:8a:74:63:
56:a7:c7:ae:68:a6:4d:74:b3:f4:23:a4:be:e6:09:90:da:30:
d1:42:4a:ac:30:09:f3:be:71:4b:6e:5d:2b:fd:97:91:ba:89:
37:b8:b6:4a:da:d4:63:61:74:1c:aa:41:ee:8c:a0:e2:7d:4b:
58:6c:ab:81:f5:8b:f4:14:04:84:49:6f:39:fc:2e:40:eb:34:
b1:a0:5a:a4
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYT1bDdQqk6FEDih0kjrw7v6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3OTRhZmRiNWU2YTE4ODU3ODA5MjBhNTRmZmE4MjQwOGVh
ODViYTEwHhcNMjIxMjA5MDU0NzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODJhZTdhZTIzMTEwZmNmNDBmMWQ3MzBlY2NhMDcwMWY5OGUxMTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowdfJt+R4231lvPDDQeawCUToX0T
w/5wmtpQ5pArQTO3LK7cP9steAIq3kCWil8+b7Lvrw0i/JESh8UaimqSHVYnroue
6cckJ0Awlen51hYhorOal7MbRvr2hWm5ERKCk1l6OPz6zXNeGvgTZyPLQ4rbiSMg
54l4lXe4fZk+mbq7gQOVynnGubyVcFS05hbcaPnNjv699jel1Bacp+pbx938XfVc
S2GVuQfoTjzEjbdb/5N/cCMtVT53gDhhUnBi57ZUE9r1IiiPHB/DhPv769JN/rDp
M2ZX3rgP+5s7EH+t7sdilNFavdVuFmrEm7l2jU8/y/o9/D71VxpBFBueswIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPgq564jEQ/PQPHXMOzKBwH5jhFxMB8GA1UdIwQY
MBaAFFeUr9teahiFeAkgpU/6gkCOqFuhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjVTdjIxNXFHSVY0Q1NDbFRfcUNRSTZvVzZFLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9kZGNlNGQtOTkxMi00ODdkLWI1NWQt
NDdkODJhNDFhOGYzLzEvMS1Dcm5yaU1SRDg5QThkY3c3TW9IQWZtT0VYRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjEvZGRjZTRkLTk5MTItNDg3ZC1iNTVkLTQ3ZDgyYTQxYThm
My8xL1Y1U3YyMTVxR0lWNENTQ2xUX3FDUUk2b1c2RS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbkCMDAN
BgkqhkiG9w0BAQsFAAOCAQEAMgXpdyt/jjlk4amMBfnThKAlWvFeLBv/J+SpUH3Y
AOdmxuq36h6D+CBP52G0pUwwn9HULwjVxu2XXidGQEn42dNfQg8Ns3DO0lC8GyUF
vYqimgTdd28KJTRuw5NAkutNnK7kMBdu/s44S3ZG8lmUZjc9DhAa1zr9G3tx6PwB
22AVqVbm2r1uXj5yar8/ftqcSjNwsAqPOA1cH2PjlE3ExO/9+tublnr3sGFnZbbJ
qnqsinRjVqfHrmimTXSz9COkvuYJkNow0UJKrDAJ875xS25dK/2XkbqJN7i2StrU
Y2F0HKpB7oyg4n1LWGyrgfWL9BQEhElvOfwuQOs0saBapA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:21 2023 by rpki-client on console-ams.rpki-client.org