Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/jQhVLZipLfMK71-oCEmvMVC4DNo.roa
File: jQhVLZipLfMK71-oCEmvMVC4DNo.roa (raw, json)
Hash identifier: 6i/7J/F+JWgQNY5HaxkKykS/ocrMVak8Jcmpa+Ys08I=
Subject key identifier: 8D:08:55:2D:98:A9:2D:F3:0A:EF:5F:A8:08:49:AF:31:50:B8:0C:DA
Certificate issuer: /CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Certificate serial: 045EB372
Authority key identifier: 0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/jQhVLZipLfMK71-oCEmvMVC4DNo.roa
Signing time: Sat 01 Jan 2022 16:05:50 +0000
ROA not before: Sat 01 Jan 2022 16:05:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61144
IP address blocks: 185.172.197.0/24 maxlen: 24
185.172.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 73315186 (0x45eb372)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f65bd21c683207da0c39fb3798535af49e0bff5
Validity
Not Before: Jan 1 16:05:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d08552d98a92df30aef5fa80849af3150b80cda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:24:08:05:fa:c5:02:16:63:ab:13:df:8c:5c:
60:9e:d7:ca:d3:3d:87:64:30:e2:6b:9c:b8:4d:3e:
d9:c9:e5:74:ba:ef:62:f3:6d:74:f0:d7:7d:a6:10:
a5:3d:88:4e:f1:98:dc:cd:54:c6:89:e5:10:c6:2e:
99:60:16:79:78:0e:fe:3c:19:5e:aa:f4:19:78:e5:
48:3d:8c:92:15:ed:f8:d5:d1:0b:db:03:a0:79:a5:
00:20:c9:e1:60:59:df:45:04:ca:9c:3b:da:27:e5:
e9:46:53:ca:bc:40:f0:49:16:d5:1e:27:38:71:13:
b3:11:0d:e0:ba:25:7d:e2:89:f8:73:6f:16:aa:30:
3b:d2:ac:d2:7e:0e:92:9f:e0:73:11:38:b8:5a:a5:
98:b3:77:97:46:07:63:fb:2e:43:cf:f9:72:17:4b:
8d:aa:fc:c2:3f:9d:c9:54:6f:bf:55:ac:51:89:c2:
57:e8:b1:93:f5:9f:8c:15:4a:c2:1d:dd:1e:c9:a8:
bf:ab:1a:97:5c:de:87:b0:e5:86:c4:52:de:b8:10:
66:dd:4c:f3:e1:4c:5e:77:ef:da:5a:83:af:4b:b1:
a8:65:78:e8:82:68:64:59:5b:17:ab:e7:13:6f:f9:
57:5b:d8:b3:d8:57:83:81:4c:e7:ea:c7:7d:f0:c7:
07:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:08:55:2D:98:A9:2D:F3:0A:EF:5F:A8:08:49:AF:31:50:B8:0C:DA
X509v3 Authority Key Identifier:
keyid:0F:65:BD:21:C6:83:20:7D:A0:C3:9F:B3:79:85:35:AF:49:E0:BF:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2W9IcaDIH2gw5-zeYU1r0ngv_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/jQhVLZipLfMK71-oCEmvMVC4DNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/4a999f-d1fa-4887-bae8-e23f10e4b91c/1/D2W9IcaDIH2gw5-zeYU1r0ngv_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.196.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:de:c6:62:57:df:f2:16:9e:d5:ff:62:1c:e3:41:35:9a:db:
84:02:41:4d:cd:26:8d:1c:0f:92:cb:70:92:3e:dd:de:54:f5:
06:90:01:df:22:b8:58:1a:0f:bf:df:b2:c5:6f:3d:a0:83:57:
d8:e8:e8:9f:10:71:93:62:60:49:fa:eb:0a:67:34:0b:c5:63:
4a:10:77:cd:b0:d7:e5:71:7a:93:7c:bf:a1:67:09:b4:05:cb:
ff:c0:3d:eb:0d:a1:ca:11:9d:1e:62:29:74:9f:a1:e6:10:69:
94:2c:73:f5:e4:36:c2:e1:4d:d7:11:5c:ae:1c:54:88:bd:0c:
ea:ef:cb:08:e1:df:7a:05:e8:db:1b:19:95:a0:00:90:13:98:
56:72:64:7b:ae:19:db:33:c4:7b:54:61:a0:50:73:93:56:75:
1b:bd:fe:55:86:f4:46:29:04:a9:b3:0a:be:f4:6e:25:7f:a9:
dc:22:f1:17:bd:27:34:70:e2:4b:09:35:e5:71:b8:c2:b1:c6:
28:38:c9:b3:74:39:ee:11:d1:19:f9:8e:53:15:83:80:65:9f:
3a:c4:ee:df:04:cf:10:7b:6b:30:9d:71:c1:d6:0b:ea:ff:ab:
ed:f7:27:4e:20:f4:66:96:39:00:a9:a2:3d:75:34:a4:62:af:
e2:9b:90:f4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBF6zcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZjY1YmQyMWM2ODMyMDdkYTBjMzlmYjM3OTg1MzVhZjQ5ZTBiZmY1MB4XDTIyMDEw
MTE2MDU1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQwODU1MmQ5OGE5
MmRmMzBhZWY1ZmE4MDg0OWFmMzE1MGI4MGNkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8kCAX6xQIWY6sT34xcYJ7XytM9h2Qw4mucuE0+2cnldLrv
YvNtdPDXfaYQpT2ITvGY3M1UxonlEMYumWAWeXgO/jwZXqr0GXjlSD2MkhXt+NXR
C9sDoHmlACDJ4WBZ30UEypw72ifl6UZTyrxA8EkW1R4nOHETsxEN4LolfeKJ+HNv
FqowO9Ks0n4Okp/gcxE4uFqlmLN3l0YHY/suQ8/5chdLjar8wj+dyVRvv1WsUYnC
V+ixk/WfjBVKwh3dHsmov6sal1zeh7DlhsRS3rgQZt1M8+FMXnfv2lqDr0uxqGV4
6IJoZFlbF6vnE2/5V1vYs9hXg4FM5+rHffDHB88CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSNCFUtmKkt8wrvX6gISa8xULgM2jAfBgNVHSMEGDAWgBQPZb0hxoMgfaDD
n7N5hTWvSeC/9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0QyVzlJY2FESUgyZ3c1LXplWVUxcjBuZ3ZfVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvNGE5OTlmLWQxZmEtNDg4Ny1iYWU4LWUyM2YxMGU0YjkxYy8x
L2pRaFZMWmlwTGZNSzcxLW9DRW12TVZDNEROby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
NGE5OTlmLWQxZmEtNDg4Ny1iYWU4LWUyM2YxMGU0YjkxYy8xL0QyVzlJY2FESUgy
Z3c1LXplWVUxcjBuZ3ZfVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbmsxDANBgkqhkiG9w0BAQsFAAOC
AQEAjt7GYlff8hae1f9iHONBNZrbhAJBTc0mjRwPkstwkj7d3lT1BpAB3yK4WBoP
v9+yxW89oINX2OjonxBxk2JgSfrrCmc0C8VjShB3zbDX5XF6k3y/oWcJtAXL/8A9
6w2hyhGdHmIpdJ+h5hBplCxz9eQ2wuFN1xFcrhxUiL0M6u/LCOHfegXo2xsZlaAA
kBOYVnJke64Z2zPEe1RhoFBzk1Z1G73+VYb0RikEqbMKvvRuJX+p3CLxF70nNHDi
Swk15XG4wrHGKDjJs3Q57hHRGfmOUxWDgGWfOsTu3wTPEHtrMJ1xwdYL6v+r7fcn
TiD0ZpY5AKmiPXU0pGKv4puQ9A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:36 2023 by rpki-client on console-fra.rpki-client.org