Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/aLikTXSSUI2KETE3H8SZ2arc2Oo.roa
File: aLikTXSSUI2KETE3H8SZ2arc2Oo.roa (raw, json)
Hash identifier: v4UkHetFxXTFzeELXdcbWd1LA5wtojVJySptssJKb4Y=
Subject key identifier: 68:B8:A4:4D:74:92:50:8D:8A:11:31:37:1F:C4:99:D9:AA:DC:D8:EA
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 03250CB3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/aLikTXSSUI2KETE3H8SZ2arc2Oo.roa
Signing time: Sat 01 Jan 2022 16:04:20 +0000
ROA not before: Sat 01 Jan 2022 16:04:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50916
IP address blocks: 185.172.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52759731 (0x3250cb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 1 16:04:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68b8a44d7492508d8a1131371fc499d9aadcd8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d1:a2:ba:3a:bf:45:1a:5f:29:ff:fc:f1:88:
db:78:ae:5c:b1:f5:9d:d5:61:b9:9f:e4:ec:3c:3b:
f3:ab:1e:2f:7f:89:82:95:c5:be:75:60:f7:4e:32:
11:35:46:5b:09:a0:9f:59:ef:ac:d7:56:90:49:3b:
e8:33:48:59:41:3a:90:4c:56:1a:98:2c:25:f4:7b:
67:30:7b:f8:75:07:45:ed:bb:7c:d5:85:e9:d2:78:
d5:ee:76:98:2b:53:17:5d:d1:cd:60:ec:29:ca:13:
be:80:44:6a:ea:a2:b7:4c:90:92:b3:1c:8f:c9:b7:
c2:38:7e:00:b4:a5:7a:ae:83:b9:b0:2e:d3:30:87:
f5:3d:e5:77:3e:74:93:a1:14:e7:fe:5e:40:e8:1c:
b1:e4:59:c5:e9:98:b1:b8:76:6b:b9:21:2e:fe:12:
56:ea:ad:7e:9e:53:8c:ca:88:c5:4c:77:b6:cf:21:
2b:28:63:0d:1c:a4:6a:d1:c2:3b:45:01:d8:72:12:
28:89:fb:2a:33:91:86:af:7a:fc:75:bc:90:76:67:
dd:c9:fe:82:69:35:db:85:39:a5:2b:b1:c8:3e:13:
78:85:75:26:ef:fa:f8:3f:8d:d0:1e:91:36:b5:45:
a9:ac:43:f7:68:b5:3e:3e:4a:c3:8f:18:10:a4:85:
10:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:B8:A4:4D:74:92:50:8D:8A:11:31:37:1F:C4:99:D9:AA:DC:D8:EA
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/aLikTXSSUI2KETE3H8SZ2arc2Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.172.128.0/24
Signature Algorithm: sha256WithRSAEncryption
48:1b:e9:5d:81:15:d8:b9:0f:2c:b2:22:e1:f5:a8:98:65:bb:
d8:b8:69:15:0a:5f:b2:61:02:ca:2f:7e:72:e1:77:8a:79:e5:
16:06:5e:7f:47:bf:da:ce:e8:f3:db:38:26:f2:90:e7:6a:32:
45:a3:15:9e:7e:5c:3d:1a:9d:f1:a3:0f:99:05:56:d1:58:1d:
6a:8e:d9:24:e1:3d:9d:af:b8:d4:c9:36:0d:f8:7a:3d:13:f9:
c6:45:c2:d5:44:01:75:94:28:86:06:d4:2b:22:9f:43:e9:d7:
44:50:17:68:18:83:3c:77:5e:0d:00:a6:87:a3:e2:24:61:07:
5c:3b:e1:a0:6c:a4:93:5b:e8:71:f0:07:c3:cf:05:f7:b0:fd:
42:43:01:63:49:5b:e6:dc:9f:01:de:06:b8:76:0c:12:e2:b2:
99:b1:93:d0:49:67:84:1e:e1:fe:3c:63:79:a8:cf:88:ef:ce:
0b:0b:8a:bc:14:f3:5b:7b:1b:da:2e:3a:6e:cf:87:a5:f5:0a:
59:5d:2c:47:40:db:ce:f8:0d:7f:df:60:ef:d5:e2:3f:8b:05:
5c:5d:70:04:da:da:75:15:ec:6f:f1:29:b9:c1:e5:87:cc:07:
92:46:58:5d:50:61:91:10:46:e3:88:b2:8d:99:b9:fe:f4:06:
e8:fc:f8:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyUMszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEw
MTE2MDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhiOGE0NGQ3NDky
NTA4ZDhhMTEzMTM3MWZjNDk5ZDlhYWRjZDhlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLRoro6v0UaXyn//PGI23iuXLH1ndVhuZ/k7Dw786seL3+J
gpXFvnVg904yETVGWwmgn1nvrNdWkEk76DNIWUE6kExWGpgsJfR7ZzB7+HUHRe27
fNWF6dJ41e52mCtTF13RzWDsKcoTvoBEauqit0yQkrMcj8m3wjh+ALSleq6DubAu
0zCH9T3ldz50k6EU5/5eQOgcseRZxemYsbh2a7khLv4SVuqtfp5TjMqIxUx3ts8h
KyhjDRykatHCO0UB2HISKIn7KjORhq96/HW8kHZn3cn+gmk124U5pSuxyD4TeIV1
Ju/6+D+N0B6RNrVFqaxD92i1Pj5Kw48YEKSFEC0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRouKRNdJJQjYoRMTcfxJnZqtzY6jAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L2FMaWtUWFNTVUkyS0VURTNIOFNaMmFyYzJPby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmsgDANBgkqhkiG9w0BAQsFAAOC
AQEASBvpXYEV2LkPLLIi4fWomGW72LhpFQpfsmECyi9+cuF3innlFgZef0e/2s7o
89s4JvKQ52oyRaMVnn5cPRqd8aMPmQVW0Vgdao7ZJOE9na+41Mk2Dfh6PRP5xkXC
1UQBdZQohgbUKyKfQ+nXRFAXaBiDPHdeDQCmh6PiJGEHXDvhoGykk1vocfAHw88F
97D9QkMBY0lb5tyfAd4GuHYMEuKymbGT0ElnhB7h/jxjeajPiO/OCwuKvBTzW3sb
2i46bs+HpfUKWV0sR0DbzvgNf99g79XiP4sFXF1wBNradRXsb/EpucHlh8wHkkZY
XVBhkRBG44iyjZm5/vQG6Pz41Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:29 2023 by rpki-client on console-ams.rpki-client.org