Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/AqpMJ-DR0mbsfbv-qDe4FXaLi0U.roa
File: AqpMJ-DR0mbsfbv-qDe4FXaLi0U.roa (raw, json)
Hash identifier: YG3vIU4pLRK33l2qHyPJ/q/Q9Sket/jW/HL/qJwulsA=
Subject key identifier: 02:AA:4C:27:E0:D1:D2:66:EC:7D:BB:FE:A8:37:B8:15:76:8B:8B:45
Certificate issuer: /CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Certificate serial: 01857328112764ACE5A519777E6713C86165
Authority key identifier: F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/AqpMJ-DR0mbsfbv-qDe4FXaLi0U.roa
Signing time: Mon 02 Jan 2023 15:44:43 +0000
ROA not before: Mon 02 Jan 2023 15:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41954
IP address blocks: 185.142.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:11:27:64:ac:e5:a5:19:77:7e:67:13:c8:61:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0521128cf634aa6afa7ef52d531f3fcd55628f9
Validity
Not Before: Jan 2 15:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=02aa4c27e0d1d266ec7dbbfea837b815768b8b45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:6c:11:a9:2c:7b:c1:bc:14:6d:40:bb:fb:21:
2f:65:66:6f:83:fd:de:93:31:08:69:e5:cc:d2:dc:
09:15:36:ba:62:69:86:ce:95:d6:39:bc:66:23:b9:
94:41:c7:78:15:e8:42:62:4c:3e:48:18:6e:46:d8:
ae:6b:e6:b0:4d:a8:53:4c:cf:66:c2:b6:92:34:13:
ca:ff:81:35:05:e8:56:4c:06:23:70:e1:f9:9d:07:
29:ed:22:fe:6b:f6:e5:94:5f:27:23:38:ee:c8:b2:
d8:b5:86:dc:91:e7:ce:f7:b8:af:52:07:ce:7c:28:
9e:60:29:55:b2:af:9b:14:b9:12:81:3b:76:96:e7:
2f:d0:f9:b6:41:95:26:09:57:5d:54:e2:97:ba:4a:
cc:bd:d2:ef:45:ba:bc:c8:7f:6f:35:8f:59:67:8c:
23:cb:82:c2:c3:72:b7:bf:d6:ec:69:25:a1:97:6f:
26:40:e3:d1:56:33:d5:e9:c4:35:53:e9:e2:da:30:
71:03:52:f6:86:c8:53:ea:69:31:44:f2:98:15:bf:
f6:81:4f:05:ed:e9:c3:92:cf:09:75:3b:50:71:98:
23:66:4a:64:30:38:8a:b7:a6:f3:e7:ba:b1:a2:24:
1a:f6:7f:92:59:2e:4c:a7:04:a0:27:79:94:26:35:
25:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:AA:4C:27:E0:D1:D2:66:EC:7D:BB:FE:A8:37:B8:15:76:8B:8B:45
X509v3 Authority Key Identifier:
keyid:F0:52:11:28:CF:63:4A:A6:AF:A7:EF:52:D5:31:F3:FC:D5:56:28:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8FIRKM9jSqavp-9S1THz_NVWKPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/AqpMJ-DR0mbsfbv-qDe4FXaLi0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4b150-dbb8-465f-8155-e4419b64212e/1/8FIRKM9jSqavp-9S1THz_NVWKPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.142.218.0/24
Signature Algorithm: sha256WithRSAEncryption
54:26:7e:4f:c7:1d:25:ff:37:39:57:e9:7a:51:e9:55:d2:9a:
2d:13:dd:a6:ee:30:ec:38:cc:46:50:af:ab:12:ef:75:eb:75:
42:4c:dd:eb:81:a7:b9:5a:91:86:d7:ef:45:b3:34:1b:e9:8b:
24:a5:10:54:0b:c1:89:cc:a9:37:d3:ce:54:55:98:4f:96:ad:
79:e1:b6:8b:86:57:b8:99:b5:a9:9c:73:21:9e:84:bc:8b:0f:
97:1b:5f:89:24:aa:7f:c2:0e:8d:92:35:7e:fe:b2:1c:e3:06:
cf:7c:9d:72:bf:2d:40:66:08:a5:7e:28:c3:32:8f:86:bc:56:
22:3b:49:e3:4e:ff:3b:40:9a:ad:62:fa:e1:10:0f:38:58:f4:
20:d4:b7:fd:44:1d:39:a4:92:e8:5c:f4:8c:d0:df:f0:bd:a4:
d5:83:74:cf:4f:dc:7c:b0:97:90:d5:34:7c:7d:df:4a:cb:85:
df:5a:ab:ac:b8:88:8d:f4:df:25:c1:ea:64:6b:33:04:d7:21:
81:43:4d:e8:53:e2:82:f8:1f:1d:ec:b9:a3:df:b4:90:ea:42:
30:e3:b4:70:52:48:ac:d4:8c:9d:a0:25:ab:00:ef:c0:b5:08:
ce:fa:d3:25:8f:78:06:80:1a:d3:ab:01:69:d8:fb:9b:90:d6:
46:c9:eb:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzKBEnZKzlpRl3fmcTyGFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNTIxMTI4Y2Y2MzRhYTZhZmE3ZWY1MmQ1MzFmM2ZjZDU1
NjI4ZjkwHhcNMjMwMTAyMTU0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmFhNGMyN2UwZDFkMjY2ZWM3ZGJiZmVhODM3YjgxNTc2OGI4YjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2wRqSx7wbwUbUC7+yEvZWZvg/3e
kzEIaeXM0twJFTa6YmmGzpXWObxmI7mUQcd4FehCYkw+SBhuRtiua+awTahTTM9m
wraSNBPK/4E1BehWTAYjcOH5nQcp7SL+a/bllF8nIzjuyLLYtYbckefO97ivUgfO
fCieYClVsq+bFLkSgTt2lucv0Pm2QZUmCVddVOKXukrMvdLvRbq8yH9vNY9ZZ4wj
y4LCw3K3v9bsaSWhl28mQOPRVjPV6cQ1U+ni2jBxA1L2hshT6mkxRPKYFb/2gU8F
7enDks8JdTtQcZgjZkpkMDiKt6bz57qxoiQa9n+SWS5MpwSgJ3mUJjUlJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKqTCfg0dJm7H27/qg3uBV2i4tFMB8GA1UdIwQY
MBaAFPBSESjPY0qmr6fvUtUx8/zVVij5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUt
ZTQ0MTliNjQyMTJlLzEvQXFwTUotRFIwbWJzZmJ2LXFEZTRGWGFMaTBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGIxNTAtZGJiOC00NjVmLTgxNTUtZTQ0MTliNjQyMTJl
LzEvOEZJUktNOWpTcWF2cC05UzFUSHpfTlZXS1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuY7aMA0G
CSqGSIb3DQEBCwUAA4IBAQBUJn5Pxx0l/zc5V+l6UelV0potE92m7jDsOMxGUK+r
Eu9163VCTN3rgae5WpGG1+9FszQb6YskpRBUC8GJzKk3085UVZhPlq154baLhle4
mbWpnHMhnoS8iw+XG1+JJKp/wg6NkjV+/rIc4wbPfJ1yvy1AZgilfijDMo+GvFYi
O0njTv87QJqtYvrhEA84WPQg1Lf9RB05pJLoXPSM0N/wvaTVg3TPT9x8sJeQ1TR8
fd9Ky4XfWqusuIiN9N8lwepkazME1yGBQ03oU+KC+B8d7Lmj37SQ6kIw47RwUkis
1IydoCWrAO/AtQjO+tMlj3gGgBrTqwFp2PubkNZGyeva
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:22 2025 by rpki-client