Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/cF1C1gGMo1ZkVPfthg06eZyG4mY.roa
File: cF1C1gGMo1ZkVPfthg06eZyG4mY.roa (raw, json)
Hash identifier: E+k/K+ODzK/szuZPPx/obMD/n/rXrPyCml1VHQ9NHnY=
Subject key identifier: 70:5D:42:D6:01:8C:A3:56:64:54:F7:ED:86:0D:3A:79:9C:86:E2:66
Certificate issuer: /CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Certificate serial: 38232724
Authority key identifier: AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/cF1C1gGMo1ZkVPfthg06eZyG4mY.roa
Signing time: Sat 01 Jan 2022 10:04:43 +0000
ROA not before: Sat 01 Jan 2022 10:04:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43998
IP address blocks: 185.111.116.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941827876 (0x38232724)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab4f00f5c3ab3df4c674a410d8a0f0182fb5e918
Validity
Not Before: Jan 1 10:04:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=705d42d6018ca3566454f7ed860d3a799c86e266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5a:80:59:d8:66:34:24:71:d9:21:d0:92:bd:
54:10:e7:68:dc:ef:86:ee:0f:dc:d9:3d:e6:56:62:
48:da:fd:71:2e:ae:08:1a:6e:bf:ed:ec:2d:53:6c:
59:83:1c:44:98:c2:39:6f:5d:99:1c:91:0d:34:aa:
6d:45:a2:ec:52:08:62:8a:0f:20:57:51:35:7a:30:
12:3a:47:46:77:02:e7:18:d0:03:37:ad:19:e4:f0:
e3:e4:5c:be:1c:27:d1:af:29:cc:95:7c:ad:a6:69:
4d:69:29:d8:11:51:ec:6d:05:ab:54:c4:b8:8d:00:
1a:10:9e:0c:93:03:0a:49:71:35:ec:89:3c:13:72:
44:a9:9c:73:ab:e0:5c:76:31:98:6b:e2:6e:2b:88:
cf:66:f9:19:b9:23:57:2c:af:6d:da:32:2f:93:98:
be:53:76:0d:b4:e1:61:0b:02:98:10:fd:83:69:26:
43:68:64:d3:35:fe:61:51:c5:06:88:d4:bd:33:26:
40:52:26:2a:3b:9a:da:8d:80:7f:48:3b:a0:f3:99:
75:14:00:9f:53:9e:a5:f1:0b:71:8f:80:13:c9:33:
0e:02:be:41:6e:c5:4f:2a:d2:69:44:80:60:5e:95:
49:2f:c3:5d:91:e0:3f:3e:93:e3:99:30:04:d9:d3:
14:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:5D:42:D6:01:8C:A3:56:64:54:F7:ED:86:0D:3A:79:9C:86:E2:66
X509v3 Authority Key Identifier:
keyid:AB:4F:00:F5:C3:AB:3D:F4:C6:74:A4:10:D8:A0:F0:18:2F:B5:E9:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q08A9cOrPfTGdKQQ2KDwGC-16Rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/cF1C1gGMo1ZkVPfthg06eZyG4mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/a1f212-ba35-466b-b52e-3853d340c9a6/1/q08A9cOrPfTGdKQQ2KDwGC-16Rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.116.0/22
Signature Algorithm: sha256WithRSAEncryption
99:a7:27:82:6c:2a:36:e3:78:b8:7e:c6:e1:98:c2:c3:cf:5f:
e0:3f:22:38:70:e5:2a:3b:6a:27:83:5b:a9:4e:3a:e6:8e:50:
ba:e8:7f:b9:6b:66:86:94:a6:b9:7a:97:58:00:a9:9d:a1:3e:
19:80:dc:e3:73:53:4e:c8:46:a2:2a:7c:18:4f:24:7f:b1:45:
53:a4:50:42:af:e1:db:68:6e:32:c7:e4:d8:a5:8d:c7:e7:94:
1a:e5:ca:20:3f:1d:e4:94:e7:f6:83:34:f3:bf:0b:12:88:ee:
38:60:71:70:b3:b2:97:55:9d:70:22:3a:e5:12:74:86:71:45:
4e:11:c0:22:8b:c3:58:59:fb:48:b8:30:17:df:88:84:8b:70:
65:e9:dd:ee:ed:66:ed:6b:c2:e6:2a:87:b1:8f:aa:ba:7b:96:
f9:54:4d:8a:b0:06:6e:27:46:c2:ec:46:42:11:45:e1:ab:08:
79:5e:76:39:89:5d:6d:af:fd:7f:bf:3b:4d:04:3b:61:ce:9c:
2c:28:a6:80:d0:f8:3b:68:6b:10:9a:e2:44:16:74:62:36:8e:
f3:6a:80:39:ba:a5:31:cc:79:4e:fb:59:7b:ca:ec:6d:59:4e:
a8:3f:ec:70:bd:f1:32:3a:be:ba:1c:e7:06:4f:14:fc:67:a8:
ab:aa:e3:b5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOCMnJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjRmMDBmNWMzYWIzZGY0YzY3NGE0MTBkOGEwZjAxODJmYjVlOTE4MB4XDTIyMDEw
MTEwMDQ0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA1ZDQyZDYwMThj
YTM1NjY0NTRmN2VkODYwZDNhNzk5Yzg2ZTI2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRagFnYZjQkcdkh0JK9VBDnaNzvhu4P3Nk95lZiSNr9cS6u
CBpuv+3sLVNsWYMcRJjCOW9dmRyRDTSqbUWi7FIIYooPIFdRNXowEjpHRncC5xjQ
AzetGeTw4+Rcvhwn0a8pzJV8raZpTWkp2BFR7G0Fq1TEuI0AGhCeDJMDCklxNeyJ
PBNyRKmcc6vgXHYxmGvibiuIz2b5GbkjVyyvbdoyL5OYvlN2DbThYQsCmBD9g2km
Q2hk0zX+YVHFBojUvTMmQFImKjua2o2Af0g7oPOZdRQAn1OepfELcY+AE8kzDgK+
QW7FTyrSaUSAYF6VSS/DXZHgPz6T45kwBNnTFLUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRwXULWAYyjVmRU9+2GDTp5nIbiZjAfBgNVHSMEGDAWgBSrTwD1w6s99MZ0
pBDYoPAYL7XpGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3EwOEE5Y09yUGZUR2RLUVEyS0R3R0MtMTZSZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvYTFmMjEyLWJhMzUtNDY2Yi1iNTJlLTM4NTNkMzQwYzlhNi8x
L2NGMUMxZ0dNbzFaa1ZQZnRoZzA2ZVp5RzRtWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
YTFmMjEyLWJhMzUtNDY2Yi1iNTJlLTM4NTNkMzQwYzlhNi8xL3EwOEE5Y09yUGZU
R2RLUVEyS0R3R0MtMTZSZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlvdDANBgkqhkiG9w0BAQsFAAOC
AQEAmacngmwqNuN4uH7G4ZjCw89f4D8iOHDlKjtqJ4NbqU465o5Quuh/uWtmhpSm
uXqXWACpnaE+GYDc43NTTshGoip8GE8kf7FFU6RQQq/h22huMsfk2KWNx+eUGuXK
ID8d5JTn9oM0878LEojuOGBxcLOyl1WdcCI65RJ0hnFFThHAIovDWFn7SLgwF9+I
hItwZend7u1m7WvC5iqHsY+qunuW+VRNirAGbidGwuxGQhFF4asIeV52OYldba/9
f787TQQ7Yc6cLCimgND4O2hrEJriRBZ0YjaO82qAObqlMcx5TvtZe8rsbVlOqD/s
cL3xMjq+uhznBk8U/Geoq6rjtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:57 2024 by rpki-client on console-fra.rpki-client.org