Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/X7Gg2n3JAQKV1xztX8h3DXZnTuE.roa
File: X7Gg2n3JAQKV1xztX8h3DXZnTuE.roa (raw, json)
Hash identifier: d3l5DVvEH7hZR3YVIAJ82+zYlLqx573Wc4VH2Q+GEw8=
Subject key identifier: 5F:B1:A0:DA:7D:C9:01:02:95:D7:1C:ED:5F:C8:77:0D:76:67:4E:E1
Certificate issuer: /CN=85c3f6a9e8550c090bc3b257f72b8f65b69a9f61
Certificate serial: 0183323EF86F9CD7C5757F1E0A07D4372900
Authority key identifier: 85:C3:F6:A9:E8:55:0C:09:0B:C3:B2:57:F7:2B:8F:65:B6:9A:9F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcP2qehVDAkLw7JX9yuPZbaan2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/X7Gg2n3JAQKV1xztX8h3DXZnTuE.roa
Signing time: Mon 12 Sep 2022 15:08:51 +0000
ROA not before: Mon 12 Sep 2022 15:08:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.212.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:32:3e:f8:6f:9c:d7:c5:75:7f:1e:0a:07:d4:37:29:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c3f6a9e8550c090bc3b257f72b8f65b69a9f61
Validity
Not Before: Sep 12 15:08:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fb1a0da7dc9010295d71ced5fc8770d76674ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:42:4c:1b:ea:0a:c6:39:76:69:7b:a9:bf:44:
10:25:d4:9e:77:38:77:e1:94:93:5c:5d:a0:23:60:
ba:4f:f0:7c:ae:45:2d:65:be:cc:4e:cf:a7:05:87:
d6:eb:66:f6:ac:bb:47:9a:04:b6:0d:5d:0b:2a:73:
18:b8:b4:46:90:fe:ca:d5:c0:0b:c3:54:5b:0d:e0:
68:47:8d:7d:5a:28:3c:8e:b6:ff:52:d3:b2:da:a9:
11:43:57:90:05:19:cd:4b:f4:8a:83:5c:cd:2e:4e:
9f:a8:f3:9b:55:ca:a4:d7:41:53:d4:28:44:cf:1f:
bd:31:79:b2:25:44:c1:ea:0f:6b:8f:40:60:ab:1c:
97:eb:87:0c:e1:e1:79:e8:46:fc:2b:e0:a7:52:de:
6c:56:c5:cb:8d:d8:0f:1a:d3:a0:bd:65:fe:95:cb:
6b:2c:6f:fe:90:dc:3a:82:07:42:f2:f0:da:e1:28:
ea:bb:51:a5:23:eb:7c:8f:8f:f9:03:f5:c3:1d:4b:
38:4b:3f:df:44:17:aa:d3:34:14:fb:ae:ab:10:e9:
6b:ed:1d:03:45:32:a3:da:14:22:c3:d4:c3:09:c2:
8c:c5:5a:d9:c3:b0:f0:04:47:b1:90:4d:5a:4d:e2:
5b:5b:70:48:4f:39:8d:56:b5:7c:32:ac:91:6f:c1:
c9:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B1:A0:DA:7D:C9:01:02:95:D7:1C:ED:5F:C8:77:0D:76:67:4E:E1
X509v3 Authority Key Identifier:
keyid:85:C3:F6:A9:E8:55:0C:09:0B:C3:B2:57:F7:2B:8F:65:B6:9A:9F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcP2qehVDAkLw7JX9yuPZbaan2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/X7Gg2n3JAQKV1xztX8h3DXZnTuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/hcP2qehVDAkLw7JX9yuPZbaan2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.119.0/24
Signature Algorithm: sha256WithRSAEncryption
31:ed:2b:66:39:31:3f:1b:50:d9:f5:9d:e8:63:c4:52:ae:ae:
63:9c:ab:c2:3e:b0:f7:81:fe:35:5e:ba:72:65:b4:8a:09:90:
d0:fc:9f:73:48:93:cf:f1:71:9d:0c:0d:96:49:12:ce:3a:e4:
2b:73:90:08:e8:c7:9f:75:ce:02:e8:19:d2:11:b7:e9:7f:18:
1a:f6:b3:62:f1:f3:85:47:ac:af:96:33:bd:c1:7a:23:6c:50:
9e:2f:37:74:12:65:38:d6:c8:43:b1:0d:cd:01:fb:ec:8e:1a:
d8:4e:3a:0a:ad:23:c2:49:e8:e7:44:ec:89:15:0e:d7:0e:b8:
b8:4c:83:a9:a5:48:e7:a1:da:13:8e:e5:f3:9f:9f:4b:b5:fe:
86:b4:e9:c2:88:bb:24:e9:69:3e:7e:5d:c1:4c:60:b6:a2:27:
f0:ed:9f:f8:a5:b0:a6:b3:be:8f:0b:5b:50:1c:e0:fe:06:47:
d6:b4:8e:67:3b:c9:c6:cb:ab:56:26:a4:40:84:41:02:e4:de:
32:b5:55:37:66:ad:30:bb:30:f8:cd:a3:3b:5e:6e:6a:d1:4d:
36:72:92:d1:59:32:42:e8:0a:9a:17:21:1a:99:7e:a9:4d:0b:
19:38:46:cb:f9:30:12:ee:f5:fb:bd:17:19:9a:1e:3b:05:d6:
99:5a:47:95
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMyPvhvnNfFdX8eCgfUNykAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YzNmNmE5ZTg1NTBjMDkwYmMzYjI1N2Y3MmI4ZjY1YjY5
YTlmNjEwHhcNMjIwOTEyMTUwODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmIxYTBkYTdkYzkwMTAyOTVkNzFjZWQ1ZmM4NzcwZDc2Njc0ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEJMG+oKxjl2aXupv0QQJdSedzh3
4ZSTXF2gI2C6T/B8rkUtZb7MTs+nBYfW62b2rLtHmgS2DV0LKnMYuLRGkP7K1cAL
w1RbDeBoR419Wig8jrb/UtOy2qkRQ1eQBRnNS/SKg1zNLk6fqPObVcqk10FT1ChE
zx+9MXmyJUTB6g9rj0BgqxyX64cM4eF56Eb8K+CnUt5sVsXLjdgPGtOgvWX+lctr
LG/+kNw6ggdC8vDa4Sjqu1GlI+t8j4/5A/XDHUs4Sz/fRBeq0zQU+66rEOlr7R0D
RTKj2hQiw9TDCcKMxVrZw7DwBEexkE1aTeJbW3BITzmNVrV8MqyRb8HJiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+xoNp9yQECldcc7V/Idw12Z07hMB8GA1UdIwQY
MBaAFIXD9qnoVQwJC8OyV/crj2W2mp9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGNQMnFlaFZEQWtMdzdKWDl5dVBaYmFhbjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MjRiYTUtMDk2ZC00N2ZmLWE4ZjQt
ZGM4YTJkOWVjNmYzLzEvWDdHZzJuM0pBUUtWMXh6dFg4aDNEWFpuVHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MjRiYTUtMDk2ZC00N2ZmLWE4ZjQtZGM4YTJkOWVjNmYz
LzEvaGNQMnFlaFZEQWtMdzdKWDl5dVBaYmFhbjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudR3MA0G
CSqGSIb3DQEBCwUAA4IBAQAx7StmOTE/G1DZ9Z3oY8RSrq5jnKvCPrD3gf41Xrpy
ZbSKCZDQ/J9zSJPP8XGdDA2WSRLOOuQrc5AI6Mefdc4C6BnSEbfpfxga9rNi8fOF
R6yvljO9wXojbFCeLzd0EmU41shDsQ3NAfvsjhrYTjoKrSPCSejnROyJFQ7XDri4
TIOppUjnodoTjuXzn59Ltf6GtOnCiLsk6Wk+fl3BTGC2oifw7Z/4pbCms76PC1tQ
HOD+BkfWtI5nO8nGy6tWJqRAhEEC5N4ytVU3Zq0wuzD4zaM7Xm5q0U02cpLRWTJC
6AqaFyEamX6pTQsZOEbL+TAS7vX7vRcZmh47BdaZWkeV
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:42 2023 by rpki-client on console-ams.rpki-client.org