Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/ChxJGj1_kEjw0ktnDV6Hh3C7aoI.roa
File: ChxJGj1_kEjw0ktnDV6Hh3C7aoI.roa (raw, json)
Hash identifier: RxyWZ7ZGw3HOCMmsmakr6D2kS+jok2nMPzJ1TvH5tuA=
Subject key identifier: 0A:1C:49:1A:3D:7F:90:48:F0:D2:4B:67:0D:5E:87:87:70:BB:6A:82
Certificate issuer: /CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
Certificate serial: 0270162C
Authority key identifier: C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/ChxJGj1_kEjw0ktnDV6Hh3C7aoI.roa
Signing time: Tue 15 Mar 2022 13:42:32 +0000
ROA not before: Tue 15 Mar 2022 13:42:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44203
IP address blocks: 185.211.202.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40900140 (0x270162c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c74eb7ea35238d02997c42eb574a38a30e5d00e7
Validity
Not Before: Mar 15 13:42:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a1c491a3d7f9048f0d24b670d5e878770bb6a82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:92:08:42:25:78:66:5c:87:8b:d3:79:35:cc:
ab:f1:25:61:0a:e3:7a:75:4c:b4:dd:05:ec:eb:1f:
af:cf:a7:b3:c9:4e:61:bc:47:94:9d:73:2e:0e:78:
54:ba:c2:f9:a2:40:7d:30:d5:90:dc:8f:c7:53:74:
e3:f1:6a:82:d7:a4:3e:91:67:6f:ea:27:3d:fa:83:
4f:8d:ad:03:f5:37:3c:87:72:b8:40:be:db:99:f7:
25:1f:8a:1a:89:87:88:48:85:09:35:56:c2:4a:16:
dd:71:18:3a:77:28:d0:da:4f:de:19:3c:72:8f:16:
96:a0:6b:45:1c:4d:73:48:af:7e:71:9c:dc:db:35:
a5:78:f3:69:4b:f3:48:bf:94:25:a0:bd:ce:44:4f:
42:5f:e6:50:fa:42:c2:45:10:f5:63:8f:1e:7c:76:
12:50:e4:32:2c:4c:a8:de:62:a1:df:04:ec:62:5f:
1a:8b:ba:4a:c3:ab:71:14:9d:ae:7b:86:10:7e:60:
3b:6e:94:ea:f8:cb:ac:fc:50:e3:d9:fb:81:9b:16:
69:f5:c5:68:c9:00:e0:12:8a:d6:9e:ad:3e:23:dc:
52:9b:59:f3:64:39:36:c3:a9:dd:23:04:68:7a:7b:
24:9d:c7:44:f4:ca:0e:08:bb:c1:a4:9e:dc:ea:d5:
1b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:1C:49:1A:3D:7F:90:48:F0:D2:4B:67:0D:5E:87:87:70:BB:6A:82
X509v3 Authority Key Identifier:
keyid:C7:4E:B7:EA:35:23:8D:02:99:7C:42:EB:57:4A:38:A3:0E:5D:00:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x0636jUjjQKZfELrV0o4ow5dAOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/ChxJGj1_kEjw0ktnDV6Hh3C7aoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/f6bd5f-7e26-4072-9d1a-157e3c169918/1/x0636jUjjQKZfELrV0o4ow5dAOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.202.0/23
Signature Algorithm: sha256WithRSAEncryption
40:d9:d9:12:af:2f:83:f7:fa:d9:8b:4b:76:94:b6:32:11:91:
0b:8d:cb:e0:9d:dc:f4:f4:0b:57:d5:12:44:b0:16:bc:8f:91:
4b:03:74:c3:ac:2f:50:48:ee:80:71:00:32:b5:c5:b1:4c:0f:
f7:95:1e:cc:7d:9c:bb:c4:c3:b1:89:9b:0f:a6:f5:57:ae:33:
22:40:ae:a6:5f:4d:54:81:55:8e:e8:de:0f:b4:2c:a8:5b:a6:
8f:9f:f6:35:bf:2b:ac:f8:83:d2:dd:c2:d7:79:38:6f:51:cd:
78:5c:29:8a:ec:9b:9e:26:6e:b6:d4:40:7a:cf:98:4c:40:6f:
57:9e:e5:c2:4b:78:17:eb:99:25:b4:9b:50:b7:25:af:6d:6a:
01:44:33:2d:07:e2:7f:49:bc:a7:ea:0b:c0:c0:39:aa:77:f5:
e7:4b:44:90:1d:3c:51:98:f0:a2:e5:5c:a2:28:1c:54:87:7c:
df:00:35:94:1b:6e:a4:80:9f:f6:bc:4a:35:52:0d:01:b5:e6:
7d:a7:2c:b0:e1:bc:ba:c2:1b:b9:7d:0c:9f:c0:6a:38:9f:e5:
bc:30:3f:a3:e2:32:ed:b6:cf:6f:a5:4e:3b:16:e8:86:90:81:
c0:af:4c:8a:c8:8a:14:9b:cd:cb:ee:21:37:f1:75:43:01:18:
4a:8e:d3:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAnAWLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzRlYjdlYTM1MjM4ZDAyOTk3YzQyZWI1NzRhMzhhMzBlNWQwMGU3MB4XDTIyMDMx
NTEzNDIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGExYzQ5MWEzZDdm
OTA0OGYwZDI0YjY3MGQ1ZTg3ODc3MGJiNmE4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI2SCEIleGZch4vTeTXMq/ElYQrjenVMtN0F7Osfr8+ns8lO
YbxHlJ1zLg54VLrC+aJAfTDVkNyPx1N04/FqgtekPpFnb+onPfqDT42tA/U3PIdy
uEC+25n3JR+KGomHiEiFCTVWwkoW3XEYOnco0NpP3hk8co8WlqBrRRxNc0ivfnGc
3Ns1pXjzaUvzSL+UJaC9zkRPQl/mUPpCwkUQ9WOPHnx2ElDkMixMqN5iod8E7GJf
Gou6SsOrcRSdrnuGEH5gO26U6vjLrPxQ49n7gZsWafXFaMkA4BKK1p6tPiPcUptZ
82Q5NsOp3SMEaHp7JJ3HRPTKDgi7waSe3OrVGy8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQKHEkaPX+QSPDSS2cNXoeHcLtqgjAfBgNVHSMEGDAWgBTHTrfqNSONApl8
QutXSjijDl0A5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gwNjM2alVqalFLWmZFTHJWMG80b3c1ZEFPYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvZjZiZDVmLTdlMjYtNDA3Mi05ZDFhLTE1N2UzYzE2OTkxOC8x
L0NoeEpHajFfa0VqdzBrdG5EVjZIaDNDN2FvSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
ZjZiZDVmLTdlMjYtNDA3Mi05ZDFhLTE1N2UzYzE2OTkxOC8xL3gwNjM2alVqalFL
WmZFTHJWMG80b3c1ZEFPYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnTyjANBgkqhkiG9w0BAQsFAAOC
AQEAQNnZEq8vg/f62YtLdpS2MhGRC43L4J3c9PQLV9USRLAWvI+RSwN0w6wvUEju
gHEAMrXFsUwP95UezH2cu8TDsYmbD6b1V64zIkCupl9NVIFVjujeD7QsqFumj5/2
Nb8rrPiD0t3C13k4b1HNeFwpiuybniZuttRAes+YTEBvV57lwkt4F+uZJbSbULcl
r21qAUQzLQfif0m8p+oLwMA5qnf150tEkB08UZjwouVcoigcVId83wA1lBtupICf
9rxKNVINAbXmfacssOG8usIbuX0Mn8BqOJ/lvDA/o+Iy7bbPb6VOOxbohpCBwK9M
isiKFJvNy+4hN/F1QwEYSo7TWw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:40 2023 by rpki-client on console-fra.rpki-client.org