Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/847ffa-9f38-4610-98e7-528a63be4c87/1/iqmvnH70MXnKQxSnBb77I-GGg0M.roa
File: iqmvnH70MXnKQxSnBb77I-GGg0M.roa (raw, json)
Hash identifier: a4Q3JsfkcE2IVBE6e0WxnmYwJbxnEFLPjLjzfDnFECg=
Subject key identifier: 8A:A9:AF:9C:7E:F4:31:79:CA:43:14:A7:05:BE:FB:23:E1:86:83:43
Certificate issuer: /CN=4f9ac6fe2031adde03668240e3c5d91ec6711e1e
Certificate serial: 0AFCC954
Authority key identifier: 4F:9A:C6:FE:20:31:AD:DE:03:66:82:40:E3:C5:D9:1E:C6:71:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5rG_iAxrd4DZoJA48XZHsZxHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/847ffa-9f38-4610-98e7-528a63be4c87/1/iqmvnH70MXnKQxSnBb77I-GGg0M.roa
Signing time: Wed 12 Jan 2022 14:54:13 +0000
ROA not before: Wed 12 Jan 2022 14:54:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34323
IP address blocks: 185.93.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 184338772 (0xafcc954)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9ac6fe2031adde03668240e3c5d91ec6711e1e
Validity
Not Before: Jan 12 14:54:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8aa9af9c7ef43179ca4314a705befb23e1868343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:af:5d:d8:07:58:32:85:8b:ba:53:8b:a6:c8:
94:69:a2:e3:4b:1b:96:ea:04:59:86:7c:0e:45:5b:
3c:98:78:c7:63:f0:89:40:42:cb:59:a4:0c:2f:9c:
8a:de:d6:ed:fa:49:d1:aa:42:b4:58:c3:87:9c:7d:
ca:7c:62:f5:0e:8d:d2:2e:7c:83:d8:10:73:e5:32:
2f:6e:f4:ff:08:6b:cc:5a:21:a8:4c:d4:63:4a:bc:
df:41:68:b9:20:6b:06:c8:aa:df:b7:68:b7:46:b7:
94:39:b2:cf:bf:e4:9a:57:dc:94:3f:c7:75:f8:d9:
63:f2:d5:b2:05:24:53:23:77:0e:eb:d8:52:66:4c:
1f:a8:e5:28:1b:78:cc:cb:2f:fc:2f:2b:3e:bc:ae:
19:5d:99:f6:1d:3f:fb:0f:47:0a:d6:1e:d3:57:a3:
83:6f:53:d8:de:0b:0a:d8:67:d1:88:c2:1f:d4:82:
3a:0b:bc:d1:52:4a:d0:d0:fb:de:db:8e:3e:a1:91:
52:fe:76:8d:d4:2b:e1:92:22:9a:d7:e8:0b:aa:08:
dc:e7:e4:67:3a:89:bf:4f:a8:39:97:fe:4f:d8:8e:
b2:5a:9d:f5:b8:fc:8e:6b:79:ff:3b:e0:f8:05:39:
b9:c4:cb:d7:6e:dc:f8:e3:7b:eb:b8:83:10:00:b5:
e3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:A9:AF:9C:7E:F4:31:79:CA:43:14:A7:05:BE:FB:23:E1:86:83:43
X509v3 Authority Key Identifier:
keyid:4F:9A:C6:FE:20:31:AD:DE:03:66:82:40:E3:C5:D9:1E:C6:71:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5rG_iAxrd4DZoJA48XZHsZxHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/847ffa-9f38-4610-98e7-528a63be4c87/1/iqmvnH70MXnKQxSnBb77I-GGg0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/847ffa-9f38-4610-98e7-528a63be4c87/1/T5rG_iAxrd4DZoJA48XZHsZxHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.186.0/24
Signature Algorithm: sha256WithRSAEncryption
62:f6:33:b9:3d:04:b6:35:3e:d0:4c:e3:2e:f0:7b:52:43:5c:
95:e1:98:db:d2:d4:47:ed:37:78:1f:e0:3e:5b:0c:9a:be:e6:
c2:9d:16:1c:b8:08:de:86:04:62:95:12:6e:ac:f0:6d:b5:55:
f7:d7:b3:51:22:db:a6:de:bc:89:de:50:91:b5:6a:a7:e9:83:
c7:3a:d3:fe:d7:4e:2b:66:08:0f:98:a1:fa:b0:a8:8f:02:91:
8e:5a:43:dd:42:9c:3a:e3:40:d3:b9:92:15:fd:57:c1:ac:52:
f8:d5:0e:b9:94:6d:7d:9d:44:11:88:21:25:f3:8a:3f:8a:e8:
b1:a3:0a:81:16:13:b0:cc:13:09:07:24:38:e3:87:7a:63:6c:
79:43:4c:ee:ed:4b:91:5a:84:88:80:e5:9f:7a:70:72:04:28:
15:a2:e8:1f:4c:5f:1c:37:c9:fd:06:69:1c:4c:60:95:1f:d0:
51:f8:5a:3e:5a:7b:b8:1f:0e:54:8a:dc:60:cc:c6:3c:8a:55:
83:ad:af:cf:4c:18:f4:1f:1a:03:bc:77:6b:08:98:5f:7f:b7:
9f:ed:bb:94:9a:cc:32:4e:bb:a4:c1:72:c9:44:ec:85:d0:f8:
d3:16:db:0b:60:ab:6b:87:3f:b6:f0:82:dc:14:0f:54:5a:69:
df:38:f1:c5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECvzJVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjlhYzZmZTIwMzFhZGRlMDM2NjgyNDBlM2M1ZDkxZWM2NzExZTFlMB4XDTIyMDEx
MjE0NTQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGFhOWFmOWM3ZWY0
MzE3OWNhNDMxNGE3MDViZWZiMjNlMTg2ODM0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWvXdgHWDKFi7pTi6bIlGmi40sbluoEWYZ8DkVbPJh4x2Pw
iUBCy1mkDC+cit7W7fpJ0apCtFjDh5x9ynxi9Q6N0i58g9gQc+UyL270/whrzFoh
qEzUY0q830FouSBrBsiq37dot0a3lDmyz7/kmlfclD/HdfjZY/LVsgUkUyN3DuvY
UmZMH6jlKBt4zMsv/C8rPryuGV2Z9h0/+w9HCtYe01ejg29T2N4LCthn0YjCH9SC
Ogu80VJK0ND73tuOPqGRUv52jdQr4ZIimtfoC6oI3OfkZzqJv0+oOZf+T9iOslqd
9bj8jmt5/zvg+AU5ucTL127c+ON767iDEAC140sCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKqa+cfvQxecpDFKcFvvsj4YaDQzAfBgNVHSMEGDAWgBRPmsb+IDGt3gNm
gkDjxdkexnEeHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q1ckdfaUF4cmQ0RFpvSkE0OFhaSHNaeEhoNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzIvODQ3ZmZhLTlmMzgtNDYxMC05OGU3LTUyOGE2M2JlNGM4Ny8x
L2lxbXZuSDcwTVhuS1F4U25CYjc3SS1HR2cwTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzIv
ODQ3ZmZhLTlmMzgtNDYxMC05OGU3LTUyOGE2M2JlNGM4Ny8xL1Q1ckdfaUF4cmQ0
RFpvSkE0OFhaSHNaeEhoNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALldujANBgkqhkiG9w0BAQsFAAOC
AQEAYvYzuT0EtjU+0EzjLvB7UkNcleGY29LUR+03eB/gPlsMmr7mwp0WHLgI3oYE
YpUSbqzwbbVV99ezUSLbpt68id5QkbVqp+mDxzrT/tdOK2YID5ih+rCojwKRjlpD
3UKcOuNA07mSFf1XwaxS+NUOuZRtfZ1EEYghJfOKP4rosaMKgRYTsMwTCQckOOOH
emNseUNM7u1LkVqEiIDln3pwcgQoFaLoH0xfHDfJ/QZpHExglR/QUfhaPlp7uB8O
VIrcYMzGPIpVg62vz0wY9B8aA7x3awiYX3+3n+27lJrMMk67pMFyyUTshdD40xbb
C2Cra4c/tvCC3BQPVFpp3zjxxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:42 2024 by rpki-client on console-fra.rpki-client.org