Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/tYUhEwUjf4LW_zMPGMhcqqBLJ94.roa
File: tYUhEwUjf4LW_zMPGMhcqqBLJ94.roa (raw, json)
Hash identifier: Q4V+2xODRG39XLbMut+GrsbUbWxlkSxiOc8HyfPthyE=
Subject key identifier: B5:85:21:13:05:23:7F:82:D6:FF:33:0F:18:C8:5C:AA:A0:4B:27:DE
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 01712742
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/tYUhEwUjf4LW_zMPGMhcqqBLJ94.roa
Signing time: Tue 22 Mar 2022 20:35:10 +0000
ROA not before: Tue 22 Mar 2022 20:35:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204948
IP address blocks: 185.234.248.0/23 maxlen: 23
185.234.250.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24192834 (0x1712742)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Mar 22 20:35:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b585211305237f82d6ff330f18c85caaa04b27de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:99:58:a4:d5:16:c9:4e:a0:d0:6f:29:37:bc:
af:7a:54:ae:43:10:88:d5:09:48:b7:17:6f:d5:14:
4d:88:1e:0f:b8:07:c0:ff:a2:36:72:78:15:75:a0:
cd:cb:90:12:51:e4:8f:74:d1:a4:87:28:08:25:84:
be:55:a6:1e:aa:7a:b2:73:fe:fa:5b:52:3e:e4:45:
d1:11:4c:72:8e:89:a8:15:19:22:36:d2:48:37:b5:
b0:96:aa:42:39:44:48:a4:27:49:9c:78:66:91:50:
c0:ea:4b:a7:e3:6c:83:6b:eb:f1:59:24:58:37:f3:
32:df:33:96:f5:e6:55:02:a9:ad:7d:10:af:71:d9:
1e:de:81:cf:14:47:e3:94:f2:dd:9d:95:b0:55:48:
ff:e0:80:10:66:9a:93:6a:f2:97:86:6c:5b:6d:ea:
da:3d:7f:28:2f:37:af:00:6a:32:a2:72:7a:6e:6b:
48:50:28:9f:3a:d1:24:f0:ea:d1:24:0c:4b:75:86:
89:35:d8:c1:aa:76:fd:e3:30:fb:1e:41:a5:b0:a6:
31:85:50:61:77:4e:4c:ef:99:b4:f3:4b:a4:ee:b4:
12:6c:cb:e8:87:80:c4:36:3c:f4:9d:bb:e1:4c:ad:
c8:85:b0:c5:9d:0a:43:93:21:74:7f:60:90:a8:2c:
8c:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:85:21:13:05:23:7F:82:D6:FF:33:0F:18:C8:5C:AA:A0:4B:27:DE
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/tYUhEwUjf4LW_zMPGMhcqqBLJ94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.248.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:3e:05:b9:c8:96:26:ca:40:d5:6b:c6:d7:13:d0:f0:b0:7b:
f5:ed:21:c1:a4:36:65:02:3a:31:5e:a2:72:30:9e:a6:bf:65:
2b:f8:05:1a:26:92:a9:5a:7c:b1:92:86:93:4b:e5:05:38:8f:
89:dc:b6:34:45:04:6b:38:6c:05:d1:6b:1f:0f:1c:24:ec:e8:
f7:3b:74:d0:28:f8:cf:d2:ea:d9:09:62:7d:f4:8c:89:9b:10:
ce:e9:cb:48:4f:9e:8d:6b:cb:f8:e4:3a:13:06:1c:37:85:91:
bd:fc:0f:3f:49:e0:57:65:9c:36:fc:79:96:61:8f:58:39:98:
73:d7:22:75:71:61:c8:2d:98:ec:61:01:19:e4:97:b3:b6:0d:
59:a0:82:ed:68:4e:91:b0:3a:0f:27:8f:fe:93:bf:68:d3:fb:
90:31:0f:48:f7:b3:27:e8:33:56:61:cd:eb:08:11:87:7d:c3:
72:84:c3:eb:51:da:3a:f1:7a:15:a9:21:ee:d1:99:8b:70:5c:
cf:73:09:31:e3:7d:51:1b:f5:65:c9:21:c5:4f:69:74:2b:83:
1f:b1:bd:ec:4d:aa:e6:86:0d:5c:78:e7:e0:c8:13:c6:25:2a:
69:5c:6b:ca:eb:7a:7b:43:8d:94:bf:10:f3:e1:4c:03:ac:8a:
2a:14:08:93
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAXEnQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGEyYWUyY2QwOTQzMzMwMThjNDFkYWFmYjQ3NGM2Y2ZhODBkMDdkMB4XDTIyMDMy
MjIwMzUxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU4NTIxMTMwNTIz
N2Y4MmQ2ZmYzMzBmMThjODVjYWFhMDRiMjdkZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANiZWKTVFslOoNBvKTe8r3pUrkMQiNUJSLcXb9UUTYgeD7gH
wP+iNnJ4FXWgzcuQElHkj3TRpIcoCCWEvlWmHqp6snP++ltSPuRF0RFMco6JqBUZ
IjbSSDe1sJaqQjlESKQnSZx4ZpFQwOpLp+Nsg2vr8VkkWDfzMt8zlvXmVQKprX0Q
r3HZHt6BzxRH45Ty3Z2VsFVI/+CAEGaak2ryl4ZsW23q2j1/KC83rwBqMqJyem5r
SFAonzrRJPDq0SQMS3WGiTXYwap2/eMw+x5BpbCmMYVQYXdOTO+ZtPNLpO60EmzL
6IeAxDY89J274UytyIWwxZ0KQ5MhdH9gkKgsjMECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS1hSETBSN/gtb/Mw8YyFyqoEsn3jAfBgNVHSMEGDAWgBQEoq4s0JQzMBjE
Har7R0xs+oDQfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLS3VMTkNVTXpBWXhCMnEtMGRNYlBxQTBIMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8x
L3RZVWhFd1VqZjRMV196TVBHTWhjcXFCTEo5NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8xL0JLS3VMTkNVTXpB
WXhCMnEtMGRNYlBxQTBIMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnq+DANBgkqhkiG9w0BAQsFAAOC
AQEAjD4FuciWJspA1WvG1xPQ8LB79e0hwaQ2ZQI6MV6icjCepr9lK/gFGiaSqVp8
sZKGk0vlBTiPidy2NEUEazhsBdFrHw8cJOzo9zt00Cj4z9Lq2QliffSMiZsQzunL
SE+ejWvL+OQ6EwYcN4WRvfwPP0ngV2WcNvx5lmGPWDmYc9cidXFhyC2Y7GEBGeSX
s7YNWaCC7WhOkbA6DyeP/pO/aNP7kDEPSPezJ+gzVmHN6wgRh33DcoTD61HaOvF6
Fakh7tGZi3Bcz3MJMeN9URv1ZckhxU9pdCuDH7G97E2q5oYNXHjn4MgTxiUqaVxr
yut6e0ONlL8Q8+FMA6yKKhQIkw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:48 2023 by rpki-client on console-ams.rpki-client.org