Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BhH2iJJAR8_w19juZ1f3-czGymY.roa
File: BhH2iJJAR8_w19juZ1f3-czGymY.roa (raw, json)
Hash identifier: nd12Bj5mevDKPeg9v6vA5H0s3l2c7KJ41cUMrFHPsLk=
Subject key identifier: 06:11:F6:88:92:40:47:CF:F0:D7:D8:EE:67:57:F7:F9:CC:C6:CA:66
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 01847EF483FF7ED33C42F259FD9F49787651
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BhH2iJJAR8_w19juZ1f3-czGymY.roa
Signing time: Wed 16 Nov 2022 05:41:04 +0000
ROA not before: Wed 16 Nov 2022 05:41:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.241.210.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7e:f4:83:ff:7e:d3:3c:42:f2:59:fd:9f:49:78:76:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Nov 16 05:41:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0611f688924047cff0d7d8ee6757f7f9ccc6ca66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:23:ed:79:c9:26:f7:53:ed:86:d7:3e:2e:00:
a3:ef:8a:ad:53:31:f2:9e:2c:9e:99:8f:e9:33:bd:
43:a2:d9:aa:fa:b3:40:e2:cb:a1:4b:48:43:0e:9f:
b6:5f:cf:9d:46:cb:d6:c7:c2:6e:cc:0c:72:e7:6f:
09:25:dd:61:5e:7d:37:01:0d:41:d9:6d:82:73:d3:
22:26:1e:db:b6:e0:ca:3a:d6:a3:9a:40:b2:d6:2e:
75:71:b9:5d:3b:76:98:76:a7:d9:59:7a:cc:06:11:
ea:8a:1d:0c:52:5b:d7:d5:56:0c:ac:38:b2:7e:04:
93:86:4d:2f:94:82:5c:27:bf:01:8a:3b:51:f5:f2:
82:ff:4f:85:46:ba:dc:be:26:0c:46:f4:4d:a5:56:
8f:84:8d:85:da:cd:e5:a9:f6:da:31:fa:e6:70:6b:
51:ca:ef:04:e1:78:83:b1:47:d7:ad:df:21:41:66:
b9:8e:73:6e:64:71:44:63:57:5e:ed:56:d3:bf:5e:
e9:8a:66:37:3a:e2:7c:67:2a:63:77:01:16:36:dc:
a9:29:48:ff:45:4e:76:5b:ee:ba:47:4d:4d:3f:28:
59:8f:0c:2c:e4:57:86:b9:a6:73:b0:f3:a3:7a:83:
52:b4:ad:19:98:12:74:c8:24:00:6d:c8:b9:81:a6:
c6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:11:F6:88:92:40:47:CF:F0:D7:D8:EE:67:57:F7:F9:CC:C6:CA:66
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BhH2iJJAR8_w19juZ1f3-czGymY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.210.0/23
Signature Algorithm: sha256WithRSAEncryption
77:bb:6a:14:28:67:8c:84:ee:5c:f5:b9:6d:8a:01:9f:b8:06:
f6:3d:f8:6f:35:15:7e:46:aa:32:de:33:b0:06:4c:10:05:11:
84:55:24:25:e5:a6:c7:78:3f:cf:05:13:fb:35:ef:c6:cf:47:
10:76:d7:da:eb:21:b2:f0:be:11:43:8d:1b:f8:8b:ec:72:94:
7d:b0:ab:89:73:23:16:77:a6:b6:e0:17:eb:66:c9:c2:a3:e5:
83:a1:05:d6:b8:0a:84:70:98:36:13:5b:be:89:6a:ea:b6:9f:
cf:82:e9:2a:69:03:6b:6b:37:52:84:a6:27:f2:97:dc:05:71:
0c:11:65:a3:14:c4:11:29:51:45:52:22:0d:93:2b:6b:12:b3:
4d:76:52:e4:2b:f8:59:f8:a0:cf:56:ef:59:7e:57:5b:a8:da:
0b:9e:d2:79:8e:43:4b:29:82:33:2a:bb:b9:ba:b1:1b:fa:5e:
61:71:93:ec:ed:62:4d:9e:93:f4:43:d6:2f:52:7f:c3:7c:2b:
fd:b1:55:79:1b:6c:f4:0e:58:e1:94:53:03:30:3a:61:70:5e:
2b:f6:01:2c:7e:41:3a:24:64:82:97:4b:b0:38:34:dc:15:16:
d0:8e:4f:77:36:ca:2a:15:12:2f:4c:cd:11:94:e9:0e:0c:f4:
d3:b2:28:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR+9IP/ftM8QvJZ/Z9JeHZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIxMTE2MDU0MTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjExZjY4ODkyNDA0N2NmZjBkN2Q4ZWU2NzU3ZjdmOWNjYzZjYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCPteckm91Pthtc+LgCj74qtUzHy
niyemY/pM71Dotmq+rNA4suhS0hDDp+2X8+dRsvWx8JuzAxy528JJd1hXn03AQ1B
2W2Cc9MiJh7btuDKOtajmkCy1i51cbldO3aYdqfZWXrMBhHqih0MUlvX1VYMrDiy
fgSThk0vlIJcJ78BijtR9fKC/0+FRrrcviYMRvRNpVaPhI2F2s3lqfbaMfrmcGtR
yu8E4XiDsUfXrd8hQWa5jnNuZHFEY1de7VbTv17pimY3OuJ8ZypjdwEWNtypKUj/
RU52W+66R01NPyhZjwws5FeGuaZzsPOjeoNStK0ZmBJ0yCQAbci5gabGLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYR9oiSQEfP8NfY7mdX9/nMxspmMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQmhIMmlKSkFSOF93MTlqdVoxZjMtY3pHeW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufHSMA0G
CSqGSIb3DQEBCwUAA4IBAQB3u2oUKGeMhO5c9bltigGfuAb2PfhvNRV+Rqoy3jOw
BkwQBRGEVSQl5abHeD/PBRP7Ne/Gz0cQdtfa6yGy8L4RQ40b+IvscpR9sKuJcyMW
d6a24BfrZsnCo+WDoQXWuAqEcJg2E1u+iWrqtp/PgukqaQNrazdShKYn8pfcBXEM
EWWjFMQRKVFFUiINkytrErNNdlLkK/hZ+KDPVu9ZfldbqNoLntJ5jkNLKYIzKru5
urEb+l5hcZPs7WJNnpP0Q9YvUn/DfCv9sVV5G2z0DljhlFMDMDphcF4r9gEsfkE6
JGSCl0uwODTcFRbQjk93NsoqFRIvTM0RlOkODPTTsijy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:53 2023 by rpki-client on console-ams.rpki-client.org