Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/AnFlRzv1pF2eLlsRaBurwGV611s.roa
File: AnFlRzv1pF2eLlsRaBurwGV611s.roa (raw, json)
Hash identifier: a1YF9VhLXS0qpYXJOvyswhQVRnuBkxhNQW6ZcadPmwk=
Subject key identifier: 02:71:65:47:3B:F5:A4:5D:9E:2E:5B:11:68:1B:AB:C0:65:7A:D7:5B
Certificate issuer: /CN=603831a61bc8a8f4cb85887022fb6f86397345dc
Certificate serial: 01842E5B0E19A1F68C8A52C236A4F167EFD2
Authority key identifier: 60:38:31:A6:1B:C8:A8:F4:CB:85:88:70:22:FB:6F:86:39:73:45:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YDgxphvIqPTLhYhwIvtvhjlzRdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/AnFlRzv1pF2eLlsRaBurwGV611s.roa
Signing time: Mon 31 Oct 2022 14:03:50 +0000
ROA not before: Mon 31 Oct 2022 14:03:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 185.34.224.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:5b:0e:19:a1:f6:8c:8a:52:c2:36:a4:f1:67:ef:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=603831a61bc8a8f4cb85887022fb6f86397345dc
Validity
Not Before: Oct 31 14:03:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=027165473bf5a45d9e2e5b11681babc0657ad75b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:6e:1d:bd:19:12:2b:d8:f1:75:8d:0d:17:
f8:ba:50:e1:aa:bf:49:28:71:94:3b:d0:28:e8:f9:
4e:9f:94:f9:42:9b:dc:3d:94:6d:da:a9:fd:ee:e7:
77:90:d5:35:c4:cf:71:ce:ee:c9:73:2b:27:df:69:
e6:40:ff:00:d7:d5:7f:d6:3e:54:ac:7d:95:48:91:
94:66:c3:b6:6d:6f:ad:0f:98:18:2e:32:d4:49:72:
c2:87:7d:62:0e:67:e8:16:28:ca:16:ea:b9:93:e7:
41:cd:b5:95:46:19:17:b5:57:69:cd:b0:e2:45:94:
1e:54:a6:c5:96:ff:e5:13:93:74:64:67:d9:ec:db:
16:61:c2:14:e3:59:e6:f1:a2:37:ce:95:c4:4a:51:
4d:b4:cf:66:cc:c1:eb:4a:60:d1:5e:f4:11:4c:d7:
06:e8:f0:9f:2d:63:b2:93:d1:7c:fa:68:70:87:41:
ba:9b:ae:db:15:6e:ec:06:5d:b6:24:08:0b:cf:3e:
90:16:5a:43:23:39:44:93:d5:e5:e3:52:a9:bf:69:
58:2f:a1:7b:b9:44:3c:0b:ec:77:9d:4d:5e:d9:23:
2e:dd:2e:d5:b7:76:11:45:29:71:34:54:fa:f4:04:
79:f1:31:e5:85:9e:92:dc:3e:54:35:35:85:ac:1f:
ef:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:71:65:47:3B:F5:A4:5D:9E:2E:5B:11:68:1B:AB:C0:65:7A:D7:5B
X509v3 Authority Key Identifier:
keyid:60:38:31:A6:1B:C8:A8:F4:CB:85:88:70:22:FB:6F:86:39:73:45:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YDgxphvIqPTLhYhwIvtvhjlzRdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/AnFlRzv1pF2eLlsRaBurwGV611s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac3276-50ad-4ebc-a2a6-9808545933c9/1/YDgxphvIqPTLhYhwIvtvhjlzRdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.34.224.0/22
Signature Algorithm: sha256WithRSAEncryption
bf:40:bf:32:c0:62:bb:92:30:03:62:9e:06:e7:74:cd:b6:bc:
97:37:9d:c2:07:0c:f4:98:b1:5f:bc:b8:e5:3c:db:1f:06:f2:
dd:b8:3c:c9:61:54:01:29:d2:2d:88:c5:a0:0a:0c:00:b7:b3:
b1:bf:b3:69:92:8d:b3:30:9d:19:43:05:c4:d1:ac:61:b2:3d:
90:a0:4a:4d:e6:61:ee:8b:4f:e6:af:6b:05:06:43:a1:b3:e0:
14:f5:48:7e:84:b2:80:5b:74:b9:e2:9b:5f:f7:e8:bf:78:74:
e5:e3:b9:5e:1d:c6:1e:b1:7c:21:23:f6:87:67:7a:63:21:3a:
82:3a:22:c8:56:6d:fc:0f:ef:d0:7f:dd:60:80:16:91:93:3e:
28:48:71:3e:03:e6:10:1b:3e:60:7d:f4:fa:07:fe:ce:b9:ef:
fa:87:74:61:82:78:1f:05:b1:c3:49:da:ab:e0:3b:ec:34:af:
c7:4b:85:65:3d:19:b1:9e:4c:1a:14:9f:6a:d4:4e:c6:2a:e3:
c4:4d:6a:cd:bc:21:11:35:45:e3:26:a6:eb:86:f5:d9:fb:97:
5d:77:d4:e5:4b:da:71:a9:de:5e:d5:ff:23:6f:b8:75:30:51:
51:6d:1a:58:7c:a9:0b:6f:f7:eb:1e:d0:f3:ab:be:22:9b:44:
c4:a3:76:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQuWw4ZofaMilLCNqTxZ+/SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwMzgzMWE2MWJjOGE4ZjRjYjg1ODg3MDIyZmI2Zjg2Mzk3
MzQ1ZGMwHhcNMjIxMDMxMTQwMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjcxNjU0NzNiZjVhNDVkOWUyZTViMTE2ODFiYWJjMDY1N2FkNzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvuhuHb0ZEivY8XWNDRf4ulDhqr9J
KHGUO9Ao6PlOn5T5QpvcPZRt2qn97ud3kNU1xM9xzu7Jcysn32nmQP8A19V/1j5U
rH2VSJGUZsO2bW+tD5gYLjLUSXLCh31iDmfoFijKFuq5k+dBzbWVRhkXtVdpzbDi
RZQeVKbFlv/lE5N0ZGfZ7NsWYcIU41nm8aI3zpXESlFNtM9mzMHrSmDRXvQRTNcG
6PCfLWOyk9F8+mhwh0G6m67bFW7sBl22JAgLzz6QFlpDIzlEk9Xl41Kpv2lYL6F7
uUQ8C+x3nU1e2SMu3S7Vt3YRRSlxNFT69AR58THlhZ6S3D5UNTWFrB/vLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJxZUc79aRdni5bEWgbq8BletdbMB8GA1UdIwQY
MBaAFGA4MaYbyKj0y4WIcCL7b4Y5c0XcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWURneHBodklxUFRMaFlod0l2dHZoamx6UmR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hYzMyNzYtNTBhZC00ZWJjLWEyYTYt
OTgwODU0NTkzM2M5LzEvQW5GbFJ6djFwRjJlTGxzUmFCdXJ3R1Y2MTFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hYzMyNzYtNTBhZC00ZWJjLWEyYTYtOTgwODU0NTkzM2M5
LzEvWURneHBodklxUFRMaFlod0l2dHZoamx6UmR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSLgMA0G
CSqGSIb3DQEBCwUAA4IBAQC/QL8ywGK7kjADYp4G53TNtryXN53CBwz0mLFfvLjl
PNsfBvLduDzJYVQBKdItiMWgCgwAt7Oxv7Npko2zMJ0ZQwXE0axhsj2QoEpN5mHu
i0/mr2sFBkOhs+AU9Uh+hLKAW3S54ptf9+i/eHTl47leHcYesXwhI/aHZ3pjITqC
OiLIVm38D+/Qf91ggBaRkz4oSHE+A+YQGz5gffT6B/7Oue/6h3RhgngfBbHDSdqr
4DvsNK/HS4VlPRmxnkwaFJ9q1E7GKuPETWrNvCERNUXjJqbrhvXZ+5ddd9TlS9px
qd5e1f8jb7h1MFFRbRpYfKkLb/frHtDzq74im0TEo3al
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:34 2024 by rpki-client on console-fra.rpki-client.org