Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/iiD0ehTjvVzMar1aSohb_c6x7DI.roa
File: iiD0ehTjvVzMar1aSohb_c6x7DI.roa (raw, json)
Hash identifier: +3Eozrvm+ZW0ycXQCDjhKNqZ/0uvnP4FN108XGXvIwg=
Subject key identifier: 8A:20:F4:7A:14:E3:BD:5C:CC:6A:BD:5A:4A:88:5B:FD:CE:B1:EC:32
Certificate issuer: /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial: 08001313
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/iiD0ehTjvVzMar1aSohb_c6x7DI.roa
Signing time: Sat 01 Jan 2022 16:01:36 +0000
ROA not before: Sat 01 Jan 2022 16:01:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60122
IP address blocks: 185.157.98.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134222611 (0x8001313)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Validity
Not Before: Jan 1 16:01:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a20f47a14e3bd5ccc6abd5a4a885bfdceb1ec32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:12:44:8c:03:23:45:8e:51:9a:8d:e8:88:46:
4e:5d:5e:98:f3:91:86:b3:5f:bb:cf:77:f8:1e:72:
16:a0:01:62:c0:92:29:ed:a0:ca:13:d0:f3:68:c7:
2f:d1:6f:9e:b9:d8:c4:15:d5:3d:14:95:3e:42:0e:
ee:01:83:65:16:99:21:02:0d:89:82:bc:1c:41:82:
98:ef:57:b6:64:16:eb:94:65:97:e1:96:7c:dd:28:
b3:d3:09:f7:bc:0f:1a:ec:9e:86:40:71:f9:d5:e8:
4c:8e:38:27:9a:b2:9c:af:ec:49:e3:6a:a3:c3:36:
72:12:28:68:2e:0a:db:95:e6:c0:4e:54:1b:29:5e:
74:01:cb:56:c2:98:a3:b2:a8:3b:4c:74:71:c5:c0:
a4:57:e1:9d:ed:1b:b9:b5:7c:37:f5:d0:a5:15:6e:
fd:08:76:ac:8d:97:95:47:eb:63:30:f5:a0:bf:43:
a1:25:77:16:93:28:07:d6:43:b9:7e:ac:0e:34:d9:
aa:a1:ac:98:e0:e1:3f:03:05:e3:a4:8e:8a:9d:5b:
ac:19:8b:ad:5b:07:44:c3:1e:75:34:b3:9f:5d:d6:
ae:04:2f:57:94:9b:ab:12:73:29:b6:75:06:6c:70:
ad:07:51:63:e5:29:02:0e:92:e0:9f:c4:c0:4a:96:
f7:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:20:F4:7A:14:E3:BD:5C:CC:6A:BD:5A:4A:88:5B:FD:CE:B1:EC:32
X509v3 Authority Key Identifier:
keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/iiD0ehTjvVzMar1aSohb_c6x7DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.98.0/24
Signature Algorithm: sha256WithRSAEncryption
74:bf:c2:78:cf:20:85:cf:77:32:90:56:79:fc:15:73:5c:77:
36:2c:c1:ca:37:e2:1e:ed:2d:a2:bf:46:0a:a5:f7:21:ba:83:
c9:f1:0c:0a:a5:76:12:75:dd:1d:1f:73:88:48:67:df:61:a1:
87:1a:14:0b:a9:e0:fc:14:f8:ae:25:ce:bd:fb:08:76:be:32:
b3:5e:31:04:b9:41:e0:a8:2e:da:d9:fb:e2:e8:b7:cf:3b:84:
9b:a0:e4:51:b8:0c:d1:6a:eb:26:98:6b:f1:8f:ed:81:33:57:
27:fe:b4:c3:44:2d:c5:56:81:27:62:07:74:58:43:91:a1:de:
86:eb:51:4c:d4:29:22:7b:4e:3a:ed:82:26:31:3f:d2:4a:82:
ec:c3:c8:4a:78:ff:aa:cd:a4:e4:96:93:48:3f:0f:fc:1d:44:
ac:17:11:d1:d9:ba:15:56:2e:f9:42:fc:bd:f6:2d:e5:82:66:
f0:6c:70:bf:05:f4:70:b2:0e:9e:a6:99:87:03:21:37:ad:7f:
db:7e:ad:aa:27:cb:ed:25:87:6d:a2:f4:8d:ca:3b:19:a4:b3:
14:98:92:33:60:88:ef:5f:e8:8a:67:f6:83:cc:cf:43:88:27:
66:5c:99:7d:75:39:26:d8:a2:08:c2:71:18:44:62:a4:1b:21:
73:e3:88:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECAATEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTUyNmE3M2NlOGY5ZjYyYzE0YTExYTJlYTkxM2VjMjczZDU4YzQ2MB4XDTIyMDEw
MTE2MDEzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGEyMGY0N2ExNGUz
YmQ1Y2NjNmFiZDVhNGE4ODViZmRjZWIxZWMzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMASRIwDI0WOUZqN6IhGTl1emPORhrNfu893+B5yFqABYsCS
Ke2gyhPQ82jHL9FvnrnYxBXVPRSVPkIO7gGDZRaZIQINiYK8HEGCmO9XtmQW65Rl
l+GWfN0os9MJ97wPGuyehkBx+dXoTI44J5qynK/sSeNqo8M2chIoaC4K25XmwE5U
GyledAHLVsKYo7KoO0x0ccXApFfhne0bubV8N/XQpRVu/Qh2rI2XlUfrYzD1oL9D
oSV3FpMoB9ZDuX6sDjTZqqGsmODhPwMF46SOip1brBmLrVsHRMMedTSzn13WrgQv
V5SbqxJzKbZ1BmxwrQdRY+UpAg6S4J/EwEqW978CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSKIPR6FOO9XMxqvVpKiFv9zrHsMjAfBgNVHSMEGDAWgBSaUmpzzo+fYsFK
EaLqkT7Cc9WMRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21sSnFjODZQbjJMQlNoR2k2cEUtd25QVmpFWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8x
L2lpRDBlaFRqdlZ6TWFyMWFTb2hiX2M2eDdESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8xL21sSnFjODZQbjJM
QlNoR2k2cEUtd25QVmpFWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmdYjANBgkqhkiG9w0BAQsFAAOC
AQEAdL/CeM8ghc93MpBWefwVc1x3NizByjfiHu0tor9GCqX3IbqDyfEMCqV2EnXd
HR9ziEhn32GhhxoUC6ng/BT4riXOvfsIdr4ys14xBLlB4Kgu2tn74ui3zzuEm6Dk
UbgM0WrrJphr8Y/tgTNXJ/60w0QtxVaBJ2IHdFhDkaHehutRTNQpIntOOu2CJjE/
0kqC7MPISnj/qs2k5JaTSD8P/B1ErBcR0dm6FVYu+UL8vfYt5YJm8GxwvwX0cLIO
nqaZhwMhN61/236tqifL7SWHbaL0jco7GaSzFJiSM2CI71/oimf2g8zPQ4gnZlyZ
fXU5JtiiCMJxGERipBshc+OIpA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:51 2023 by rpki-client on console-ams.rpki-client.org