Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0842ea-788a-495b-bd21-518015f59e47/1/wT2X1Vg6SokEPhItl0ogWVhD6PI.roa
File: wT2X1Vg6SokEPhItl0ogWVhD6PI.roa (raw, json)
Hash identifier: NkQaS7PQW1SuxFzz3I6ySaUz8GBjC3SO1NAjdIpmkC4=
Subject key identifier: C1:3D:97:D5:58:3A:4A:89:04:3E:12:2D:97:4A:20:59:58:43:E8:F2
Certificate issuer: /CN=d71ee53337a1d05baa47e009cb5ba9f2c4570144
Certificate serial: 021D45
Authority key identifier: D7:1E:E5:33:37:A1:D0:5B:AA:47:E0:09:CB:5B:A9:F2:C4:57:01:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1x7lMzeh0FuqR-AJy1up8sRXAUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/0842ea-788a-495b-bd21-518015f59e47/1/wT2X1Vg6SokEPhItl0ogWVhD6PI.roa
Signing time: Wed 16 Mar 2022 16:22:08 +0000
ROA not before: Wed 16 Mar 2022 16:22:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.211.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138565 (0x21d45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d71ee53337a1d05baa47e009cb5ba9f2c4570144
Validity
Not Before: Mar 16 16:22:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c13d97d5583a4a89043e122d974a20595843e8f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:f2:aa:c1:fc:92:45:24:53:c6:13:be:35:fd:
f0:f7:46:ba:61:d8:fc:a5:37:d0:95:40:a4:ef:fb:
95:fe:4a:3f:b5:11:04:ea:68:10:38:0d:02:32:92:
e7:09:26:26:05:de:4e:00:11:95:32:82:d8:e2:ad:
79:b7:f3:f6:5b:ef:9b:03:e6:9c:72:d6:5b:d8:b4:
15:77:d7:40:83:66:22:ba:b6:9a:dc:86:8b:c9:18:
e8:27:5b:3c:d9:9e:92:76:ef:07:f5:00:8e:d0:a6:
f1:a0:94:b0:98:76:17:a0:b5:01:a2:a4:2d:ad:20:
71:12:6d:d7:77:b5:cb:e0:22:62:c5:44:41:84:09:
3b:02:e4:66:ac:9d:31:5c:36:4e:d4:b6:28:0e:55:
0f:f1:82:e6:c5:35:a6:10:3a:2d:af:20:b3:e9:b9:
da:5b:ff:d3:86:ca:f0:b2:1d:fe:7b:db:f3:86:2a:
28:a1:a5:80:60:24:b4:80:78:96:80:b6:7c:62:cd:
a9:4b:9d:a6:2b:54:dc:11:e0:92:95:ae:6a:6f:60:
48:fc:23:f8:57:53:52:eb:49:8a:9e:c8:25:35:1f:
84:a4:05:4e:e7:0c:51:19:64:33:a8:03:66:e5:65:
fc:4d:dd:cb:a2:3a:45:f9:26:cc:88:1d:4b:df:f4:
ba:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:3D:97:D5:58:3A:4A:89:04:3E:12:2D:97:4A:20:59:58:43:E8:F2
X509v3 Authority Key Identifier:
keyid:D7:1E:E5:33:37:A1:D0:5B:AA:47:E0:09:CB:5B:A9:F2:C4:57:01:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1x7lMzeh0FuqR-AJy1up8sRXAUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0842ea-788a-495b-bd21-518015f59e47/1/wT2X1Vg6SokEPhItl0ogWVhD6PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0842ea-788a-495b-bd21-518015f59e47/1/1x7lMzeh0FuqR-AJy1up8sRXAUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.168.0/24
Signature Algorithm: sha256WithRSAEncryption
16:d4:7b:79:92:6b:4f:de:bc:6e:ce:53:79:31:6a:90:2a:c5:
69:66:ab:e9:fa:ef:84:ec:e3:dd:73:2a:f8:af:f6:d9:83:43:
e6:f6:67:03:56:3e:ad:27:48:d1:4f:a2:cf:f0:5d:90:ad:98:
5c:c5:4f:e7:bc:2b:73:bd:3a:cf:86:99:d2:7d:82:e4:ba:01:
90:bf:87:17:72:0c:98:bf:90:2a:ff:00:14:da:79:95:ef:a4:
33:6f:f7:6e:04:88:fd:6e:87:39:b7:c5:f6:b8:78:9c:8d:97:
71:45:6a:da:5a:9c:01:7e:e3:9c:fc:88:4a:38:61:9b:6c:d6:
74:39:f9:1a:04:6c:5c:45:65:c3:ab:f6:95:7e:d9:e1:74:c3:
f6:62:c7:61:0a:4a:26:08:8b:a4:c2:07:4b:41:b5:bf:7f:f5:
94:1a:c4:f8:5a:dd:97:2f:00:1a:52:b8:00:f9:52:ec:f3:32:
e3:a2:4d:3c:c5:16:74:73:e1:c5:6d:bc:17:cd:b3:e5:81:30:
b0:77:9d:ac:f5:14:63:f7:31:1e:79:7a:66:ad:c3:a8:a3:31:
40:29:4a:b4:83:47:a3:32:b3:34:3f:8a:7a:0c:3a:d5:59:18:
8b:0a:ad:8f:c9:53:a0:f7:3e:c0:ff:53:0d:20:0b:4e:bb:99:
b7:6c:b6:15
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAh1FMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ3
MWVlNTMzMzdhMWQwNWJhYTQ3ZTAwOWNiNWJhOWYyYzQ1NzAxNDQwHhcNMjIwMzE2
MTYyMjA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMTNkOTdkNTU4M2E0
YTg5MDQzZTEyMmQ5NzRhMjA1OTU4NDNlOGYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4/KqwfySRSRTxhO+Nf3w90a6Ydj8pTfQlUCk7/uV/ko/tREE
6mgQOA0CMpLnCSYmBd5OABGVMoLY4q15t/P2W++bA+acctZb2LQVd9dAg2Yiuraa
3IaLyRjoJ1s82Z6Sdu8H9QCO0KbxoJSwmHYXoLUBoqQtrSBxEm3Xd7XL4CJixURB
hAk7AuRmrJ0xXDZO1LYoDlUP8YLmxTWmEDotryCz6bnaW//Thsrwsh3+e9vzhioo
oaWAYCS0gHiWgLZ8Ys2pS52mK1TcEeCSla5qb2BI/CP4V1NS60mKnsglNR+EpAVO
5wxRGWQzqANm5WX8Td3LojpF+SbMiB1L3/S6oQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFME9l9VYOkqJBD4SLZdKIFlYQ+jyMB8GA1UdIwQYMBaAFNce5TM3odBbqkfg
CctbqfLEVwFEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MXg3bE16ZWgwRnVxUi1BSnkxdXA4c1JYQVVRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jOC8wODQyZWEtNzg4YS00OTViLWJkMjEtNTE4MDE1ZjU5ZTQ3LzEv
d1QyWDFWZzZTb2tFUGhJdGwwb2dXVmhENlBJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8w
ODQyZWEtNzg4YS00OTViLWJkMjEtNTE4MDE1ZjU5ZTQ3LzEvMXg3bE16ZWgwRnVx
Ui1BSnkxdXA4c1JYQVVRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudOoMA0GCSqGSIb3DQEBCwUAA4IB
AQAW1Ht5kmtP3rxuzlN5MWqQKsVpZqvp+u+E7OPdcyr4r/bZg0Pm9mcDVj6tJ0jR
T6LP8F2QrZhcxU/nvCtzvTrPhpnSfYLkugGQv4cXcgyYv5Aq/wAU2nmV76Qzb/du
BIj9boc5t8X2uHicjZdxRWraWpwBfuOc/IhKOGGbbNZ0OfkaBGxcRWXDq/aVftnh
dMP2YsdhCkomCIukwgdLQbW/f/WUGsT4Wt2XLwAaUrgA+VLs8zLjok08xRZ0c+HF
bbwXzbPlgTCwd52s9RRj9zEeeXpmrcOoozFAKUq0g0ejMrM0P4p6DDrVWRiLCq2P
yVOg9z7A/1MNIAtOu5m3bLYV
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:42 2023 by rpki-client on console-ams.rpki-client.org