Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/mjLfF7FlYpMhhIzd0E6Z9N6WY3s.roa
File: mjLfF7FlYpMhhIzd0E6Z9N6WY3s.roa (raw, json)
Hash identifier: n07lDsnCNSSez9FF5qsj/mIq2iXgD4IDPHxHWyGS4cw=
Subject key identifier: 9A:32:DF:17:B1:65:62:93:21:84:8C:DD:D0:4E:99:F4:DE:96:63:7B
Certificate issuer: /CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Certificate serial: 0181D9F86449F57C35FAF059F57C2D2B8FD7
Authority key identifier: 03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/mjLfF7FlYpMhhIzd0E6Z9N6WY3s.roa
Signing time: Thu 07 Jul 2022 18:42:23 +0000
ROA not before: Thu 07 Jul 2022 18:42:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212341
IP address blocks: 185.66.178.0/24 maxlen: 24
2a05:900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d9:f8:64:49:f5:7c:35:fa:f0:59:f5:7c:2d:2b:8f:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03c33e43ef56527a169d6ac6d7e62c63d1973051
Validity
Not Before: Jul 7 18:42:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a32df17b165629321848cddd04e99f4de96637b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3a:65:2b:c3:2f:48:55:71:f6:a5:2a:3d:f5:
f0:a0:b8:e5:2f:6f:b9:74:ba:6a:e6:e9:2e:da:59:
8d:ff:75:c5:64:5b:7c:c1:7b:82:9a:68:58:19:28:
a3:de:92:0b:12:3b:b3:e7:3c:d5:d0:8b:7b:4d:0a:
f6:c1:81:32:84:57:89:d8:56:cf:ea:c9:e2:94:c7:
0e:cb:f6:14:5b:bb:4c:a3:22:ea:68:4d:21:43:5b:
6e:79:f0:b5:f1:c5:bb:66:85:43:4d:89:df:d1:68:
cb:cb:da:e6:ee:20:c7:d3:5d:6a:95:b6:a1:b3:10:
a2:c2:d3:d3:67:12:60:d4:0d:ac:42:99:2b:6a:bf:
1f:42:56:84:86:e5:da:8c:90:dd:70:fd:67:9a:b0:
e2:2a:82:22:06:b9:85:93:5b:d4:db:b2:1c:33:83:
93:3f:36:5b:76:f4:eb:e9:ad:14:13:8a:7d:a5:e6:
2f:65:7d:30:23:88:d5:e0:4b:af:22:09:44:7a:c6:
39:b7:ba:91:16:7e:99:f1:77:69:57:96:6a:8b:2d:
8c:5b:d7:96:85:e2:d6:3e:65:85:34:f4:36:53:de:
c3:75:f3:a8:2d:36:de:26:a8:2a:9a:e1:77:8a:19:
84:62:cf:38:ca:c7:df:dc:51:a1:ad:12:23:3f:8d:
b3:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:32:DF:17:B1:65:62:93:21:84:8C:DD:D0:4E:99:F4:DE:96:63:7B
X509v3 Authority Key Identifier:
keyid:03:C3:3E:43:EF:56:52:7A:16:9D:6A:C6:D7:E6:2C:63:D1:97:30:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/mjLfF7FlYpMhhIzd0E6Z9N6WY3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c17c15-a142-4b37-b8fe-a3a3eb879f2b/1/A8M-Q-9WUnoWnWrG1-YsY9GXMFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.178.0/24
IPv6:
2a05:900::/29
Signature Algorithm: sha256WithRSAEncryption
32:00:38:75:64:2b:0b:69:98:07:a9:e6:81:09:07:70:42:8a:
64:49:fb:3a:db:8c:23:3d:b5:a7:c1:4e:9d:c1:49:7a:85:6e:
6a:f7:c7:b2:4f:a5:e9:f8:2f:b2:85:7c:e8:53:03:c0:67:ed:
c4:5b:9e:86:cf:5a:ca:08:ea:e3:01:07:8e:9a:ad:67:27:c5:
07:66:68:e9:11:86:09:8f:9d:10:d9:85:ae:4c:8f:b5:e3:3e:
74:74:60:bc:e1:ba:46:23:ee:ec:c3:fd:5b:9a:4b:3e:c6:3d:
8e:e2:e4:ee:69:a3:8d:d8:89:24:fa:e7:5d:77:25:52:c0:93:
16:13:7d:54:3a:a7:0e:af:9c:02:80:84:cd:9b:fa:18:f1:ee:
1e:e8:cb:96:02:22:73:e2:22:38:5f:ec:da:a1:ad:47:50:86:
c7:e5:e1:9c:73:47:65:3f:8c:76:9f:1f:38:72:f7:e0:34:4e:
aa:16:f6:dc:fc:ef:63:d6:a9:b6:fe:ab:93:53:c6:4a:c6:73:
53:6d:e9:6c:46:2a:f8:99:96:f2:94:43:c9:ad:36:ad:cd:2f:
37:b8:76:e4:40:c2:9e:83:f8:f5:6f:91:80:32:36:63:16:f2:
03:4a:2f:b7:15:4b:ea:db:2f:13:5d:99:63:b0:75:35:2f:db:
21:0b:3d:e2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYHZ+GRJ9Xw1+vBZ9XwtK4/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYzMzZTQzZWY1NjUyN2ExNjlkNmFjNmQ3ZTYyYzYzZDE5
NzMwNTEwHhcNMjIwNzA3MTg0MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTMyZGYxN2IxNjU2MjkzMjE4NDhjZGRkMDRlOTlmNGRlOTY2MzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTplK8MvSFVx9qUqPfXwoLjlL2+5
dLpq5uku2lmN/3XFZFt8wXuCmmhYGSij3pILEjuz5zzV0It7TQr2wYEyhFeJ2FbP
6snilMcOy/YUW7tMoyLqaE0hQ1tuefC18cW7ZoVDTYnf0WjLy9rm7iDH011qlbah
sxCiwtPTZxJg1A2sQpkrar8fQlaEhuXajJDdcP1nmrDiKoIiBrmFk1vU27IcM4OT
PzZbdvTr6a0UE4p9peYvZX0wI4jV4EuvIglEesY5t7qRFn6Z8XdpV5Zqiy2MW9eW
heLWPmWFNPQ2U97DdfOoLTbeJqgqmuF3ihmEYs84ysff3FGhrRIjP42z0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJoy3xexZWKTIYSM3dBOmfTelmN7MB8GA1UdIwQY
MBaAFAPDPkPvVlJ6Fp1qxtfmLGPRlzBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUt
YTNhM2ViODc5ZjJiLzEvbWpMZkY3RmxZcE1oaEl6ZDBFNlo5TjZXWTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jMTdjMTUtYTE0Mi00YjM3LWI4ZmUtYTNhM2ViODc5ZjJi
LzEvQThNLVEtOVdVbm9XbldyRzEtWXNZOUdYTUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUKyMA0E
AgACMAcDBQMqBQkAMA0GCSqGSIb3DQEBCwUAA4IBAQAyADh1ZCsLaZgHqeaBCQdw
QopkSfs624wjPbWnwU6dwUl6hW5q98eyT6Xp+C+yhXzoUwPAZ+3EW56Gz1rKCOrj
AQeOmq1nJ8UHZmjpEYYJj50Q2YWuTI+14z50dGC84bpGI+7sw/1bmks+xj2O4uTu
aaON2Ikk+udddyVSwJMWE31UOqcOr5wCgITNm/oY8e4e6MuWAiJz4iI4X+zaoa1H
UIbH5eGcc0dlP4x2nx84cvfgNE6qFvbc/O9j1qm2/quTU8ZKxnNTbelsRir4mZby
lEPJrTatzS83uHbkQMKeg/j1b5GAMjZjFvIDSi+3FUvq2y8TXZljsHU1L9shCz3i
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:01 2023 by rpki-client on console-ams.rpki-client.org