Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/dbb5c7-9460-4009-8e7d-1c17d502d4df/1/cR58wBtexhHUoyi-UkiPoAbi2U8.roa
File: cR58wBtexhHUoyi-UkiPoAbi2U8.roa (raw, json)
Hash identifier: sKwvNTTHY0X05FZOktzeSoiZwwmqbE9YAe6IzqNS8fY=
Subject key identifier: 71:1E:7C:C0:1B:5E:C6:11:D4:A3:28:BE:52:48:8F:A0:06:E2:D9:4F
Certificate issuer: /CN=fa95ecdaa359a6f8355573d39001baa35874bed2
Certificate serial: 0DE8369A
Authority key identifier: FA:95:EC:DA:A3:59:A6:F8:35:55:73:D3:90:01:BA:A3:58:74:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-pXs2qNZpvg1VXPTkAG6o1h0vtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/dbb5c7-9460-4009-8e7d-1c17d502d4df/1/cR58wBtexhHUoyi-UkiPoAbi2U8.roa
Signing time: Sat 01 Jan 2022 07:57:44 +0000
ROA not before: Sat 01 Jan 2022 07:57:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60111
IP address blocks: 185.157.116.0/22 maxlen: 22
2a07:a680::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 233322138 (0xde8369a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa95ecdaa359a6f8355573d39001baa35874bed2
Validity
Not Before: Jan 1 07:57:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=711e7cc01b5ec611d4a328be52488fa006e2d94f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:34:bf:62:88:97:8a:26:d4:8a:db:ea:36:2a:
a5:d4:19:e5:4d:f9:b2:3e:91:1b:84:c9:ed:35:75:
a3:51:7a:bd:3b:ce:cd:76:55:76:b3:c5:b5:40:77:
5b:d2:d2:61:da:f6:ea:7e:95:ce:59:a8:00:77:7f:
32:da:a2:d2:d0:58:dd:c7:c0:96:8c:fe:03:6f:29:
0e:5f:97:d5:24:6c:a5:b9:e3:28:e5:2e:f6:12:1c:
44:f3:eb:f1:7e:37:57:73:1f:bd:8a:47:60:9b:9a:
89:cc:92:d9:da:23:8d:bd:7e:c2:c7:01:72:be:29:
f4:23:5f:13:b4:91:36:94:c1:b4:00:0e:5c:f3:aa:
17:f5:42:d8:e5:30:f4:7d:c4:b0:c6:79:a0:5b:50:
47:ff:3b:da:df:e6:93:e1:81:40:5b:c9:22:33:cb:
20:f6:9d:66:41:a3:e3:8b:50:02:ee:93:9e:b1:bc:
96:80:ad:97:90:52:6a:03:d5:8d:a2:0f:3c:3d:b9:
0a:b8:72:22:18:ee:17:20:e2:10:d3:32:33:22:9d:
52:82:b5:29:b7:02:ae:50:4f:94:46:ba:d8:fe:3f:
5a:a2:de:3e:d8:ae:55:09:8c:29:11:93:c1:bb:09:
27:40:0e:70:f1:95:d7:04:e1:3c:4d:00:71:9a:4e:
b5:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1E:7C:C0:1B:5E:C6:11:D4:A3:28:BE:52:48:8F:A0:06:E2:D9:4F
X509v3 Authority Key Identifier:
keyid:FA:95:EC:DA:A3:59:A6:F8:35:55:73:D3:90:01:BA:A3:58:74:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-pXs2qNZpvg1VXPTkAG6o1h0vtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/dbb5c7-9460-4009-8e7d-1c17d502d4df/1/cR58wBtexhHUoyi-UkiPoAbi2U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/dbb5c7-9460-4009-8e7d-1c17d502d4df/1/1-pXs2qNZpvg1VXPTkAG6o1h0vtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.116.0/22
IPv6:
2a07:a680::/29
Signature Algorithm: sha256WithRSAEncryption
43:75:22:c1:5f:7c:4d:8f:62:69:26:e0:ef:f8:3a:37:b3:9f:
56:12:dd:24:50:e8:7e:38:4e:87:30:e3:4a:49:03:9a:73:5e:
89:8b:f3:4b:2a:ed:da:27:04:aa:6b:69:72:2c:27:7f:2e:24:
8a:32:d1:32:ee:a9:46:f6:09:6a:08:5d:dd:57:b8:4c:03:ea:
a3:36:5f:81:d3:e4:06:79:1b:58:c2:a9:01:fe:1b:fe:0a:5d:
f9:e3:8d:e4:97:02:d8:4d:03:25:8c:0d:fc:a2:32:d1:4f:af:
9e:85:b2:4e:20:e2:b0:b5:75:8d:88:0e:21:79:62:17:b9:23:
3a:df:34:2c:61:98:40:24:b2:53:6a:80:29:d1:ca:13:94:51:
94:5d:55:ad:f8:e9:d6:7d:10:3e:fd:b5:3b:34:72:28:24:3e:
d9:62:f9:bb:0c:f4:07:1d:89:bb:21:cb:21:35:7a:0e:7b:1a:
e2:c2:b4:6a:85:ff:d5:34:41:b8:16:46:34:4a:cd:3f:31:fb:
89:bb:43:88:c0:16:ae:73:5e:0d:7f:78:10:55:fa:d7:d6:ea:
c8:25:b6:b5:24:9b:e6:7c:4d:15:82:c0:b2:51:5f:42:d0:ac:
33:c7:83:eb:84:85:f6:c8:6c:a6:c3:82:fd:39:19:cf:a0:4d:
f5:51:c3:5b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEDeg2mjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YTk1ZWNkYWEzNTlhNmY4MzU1NTczZDM5MDAxYmFhMzU4NzRiZWQyMB4XDTIyMDEw
MTA3NTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzExZTdjYzAxYjVl
YzYxMWQ0YTMyOGJlNTI0ODhmYTAwNmUyZDk0ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKA0v2KIl4om1Irb6jYqpdQZ5U35sj6RG4TJ7TV1o1F6vTvO
zXZVdrPFtUB3W9LSYdr26n6VzlmoAHd/Mtqi0tBY3cfAloz+A28pDl+X1SRspbnj
KOUu9hIcRPPr8X43V3MfvYpHYJuaicyS2dojjb1+wscBcr4p9CNfE7SRNpTBtAAO
XPOqF/VC2OUw9H3EsMZ5oFtQR/872t/mk+GBQFvJIjPLIPadZkGj44tQAu6TnrG8
loCtl5BSagPVjaIPPD25CrhyIhjuFyDiENMyMyKdUoK1KbcCrlBPlEa62P4/WqLe
PtiuVQmMKRGTwbsJJ0AOcPGV1wThPE0AcZpOtYcCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBRxHnzAG17GEdSjKL5SSI+gBuLZTzAfBgNVHSMEGDAWgBT6lezao1mm+DVV
c9OQAbqjWHS+0jAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtcFhzMnFOWnB2ZzFWWFBUa0FHNm8xaDB2dEkuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2JlL2RiYjVjNy05NDYwLTQwMDktOGU3ZC0xYzE3ZDUwMmQ0ZGYv
MS9jUjU4d0J0ZXhoSFVveWktVWtpUG9BYmkyVTgucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Jl
L2RiYjVjNy05NDYwLTQwMDktOGU3ZC0xYzE3ZDUwMmQ0ZGYvMS8xLXBYczJxTlpw
dmcxVlhQVGtBRzZvMWgwdnRJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ10MA0EAgACMAcDBQMqB6aA
MA0GCSqGSIb3DQEBCwUAA4IBAQBDdSLBX3xNj2JpJuDv+Do3s59WEt0kUOh+OE6H
MONKSQOac16Ji/NLKu3aJwSqa2lyLCd/LiSKMtEy7qlG9glqCF3dV7hMA+qjNl+B
0+QGeRtYwqkB/hv+Cl35443klwLYTQMljA38ojLRT6+ehbJOIOKwtXWNiA4heWIX
uSM63zQsYZhAJLJTaoAp0coTlFGUXVWt+OnWfRA+/bU7NHIoJD7ZYvm7DPQHHYm7
IcshNXoOexriwrRqhf/VNEG4FkY0Ss0/MfuJu0OIwBauc14Nf3gQVfrX1urIJba1
JJvmfE0VgsCyUV9C0Kwzx4PrhIX2yGymw4L9ORnPoE31UcNb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:05 2023 by rpki-client on console-ams.rpki-client.org