Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/sRtxLKGtodp7gOc58Lqi3cbPxpU.roa
File: sRtxLKGtodp7gOc58Lqi3cbPxpU.roa (raw, json)
Hash identifier: 3eh+SX9gRFKOkjF8ClILkRWCqyLQ0p7TvvqFgc+2hO4=
Subject key identifier: B1:1B:71:2C:A1:AD:A1:DA:7B:80:E7:39:F0:BA:A2:DD:C6:CF:C6:95
Certificate issuer: /CN=ad2cdf27d9de65eb24e5cfc9d310e4c8a0301460
Certificate serial: 0181EDBE2312B6D7C8E327EB66B929A0F544
Authority key identifier: AD:2C:DF:27:D9:DE:65:EB:24:E5:CF:C9:D3:10:E4:C8:A0:30:14:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSzfJ9neZesk5c_J0xDkyKAwFGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/sRtxLKGtodp7gOc58Lqi3cbPxpU.roa
Signing time: Mon 11 Jul 2022 14:51:09 +0000
ROA not before: Mon 11 Jul 2022 14:51:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202526
IP address blocks: 185.161.152.0/22 maxlen: 22
2a07:c5c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:be:23:12:b6:d7:c8:e3:27:eb:66:b9:29:a0:f5:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad2cdf27d9de65eb24e5cfc9d310e4c8a0301460
Validity
Not Before: Jul 11 14:51:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b11b712ca1ada1da7b80e739f0baa2ddc6cfc695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:55:91:9e:a0:22:fd:eb:f8:e4:05:a7:af:53:
64:a7:e9:26:e9:90:99:8f:cf:79:78:20:8f:ec:ef:
4e:fd:47:ba:06:87:80:3f:f4:76:42:67:f6:fd:38:
1c:80:be:a0:cc:c1:aa:2a:d2:8f:4f:b7:f6:28:f5:
d8:a5:5b:8b:85:99:8e:cf:68:47:2a:28:4b:59:8a:
78:7a:07:b7:ae:2c:76:ff:8a:d5:8d:47:ff:b0:35:
bb:97:eb:d8:cd:bb:e1:7f:16:b4:ba:f0:57:e3:77:
1c:8e:f1:05:01:12:89:37:fd:67:cb:96:cc:7b:04:
c4:c2:59:f0:80:34:90:c6:c8:dc:c1:44:65:1d:6f:
fc:57:0c:f8:3a:51:f2:c5:ae:1d:70:d8:c6:a6:b2:
30:d6:74:05:dd:d9:cb:a7:b6:19:9a:fa:0a:f1:05:
99:b2:78:b5:54:fc:fc:b6:95:69:39:1c:4b:78:d4:
26:a9:56:de:0b:69:a4:91:4e:8d:73:8c:f1:43:10:
98:cb:3d:f9:86:71:2c:f7:9d:d5:e4:aa:2a:c1:05:
00:2a:a5:06:60:e9:30:cb:09:bb:fa:72:f1:ab:e5:
8a:43:25:ad:7a:65:8b:93:2e:53:8e:f3:17:66:5b:
1e:b3:63:67:e6:ed:62:da:6d:2d:0a:88:7e:98:43:
3b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1B:71:2C:A1:AD:A1:DA:7B:80:E7:39:F0:BA:A2:DD:C6:CF:C6:95
X509v3 Authority Key Identifier:
keyid:AD:2C:DF:27:D9:DE:65:EB:24:E5:CF:C9:D3:10:E4:C8:A0:30:14:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSzfJ9neZesk5c_J0xDkyKAwFGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/sRtxLKGtodp7gOc58Lqi3cbPxpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/ed634b-39f7-4b9c-86e4-1e9238cf028c/1/rSzfJ9neZesk5c_J0xDkyKAwFGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.152.0/22
IPv6:
2a07:c5c0::/29
Signature Algorithm: sha256WithRSAEncryption
02:ee:8a:a3:61:21:1d:75:8a:46:16:c9:7e:ce:4d:7c:86:f1:
03:2d:84:b6:25:14:f0:6e:14:10:48:48:ad:49:21:eb:82:d5:
3d:a9:d7:c1:03:ec:3a:8b:af:1b:7d:2e:ad:c8:bf:9f:1d:13:
c2:26:d9:d2:9d:c7:b4:b7:47:6f:7d:33:c1:b8:c4:5c:44:03:
62:88:91:da:22:e6:49:04:91:98:c8:0a:7c:e4:f0:91:9c:8b:
37:3a:ac:c2:b5:a2:d8:17:ba:9e:82:80:a2:3a:8a:33:aa:41:
ae:57:59:f4:bd:d1:6f:d6:2d:8a:70:eb:5d:91:bb:06:87:a6:
59:a5:76:4a:59:1d:08:c5:41:8a:1d:2e:b6:52:67:ca:f6:dc:
36:d4:da:05:5e:d1:6b:0c:2e:30:23:75:33:53:13:33:1d:2b:
eb:09:d8:9f:6c:55:b9:db:f4:b2:fd:f9:6e:0d:dd:76:b6:09:
a0:41:91:fa:b2:f4:11:5e:04:c3:41:d4:6e:d1:28:a6:e4:82:
04:92:c3:a2:0b:20:74:fe:64:6f:82:a5:02:64:eb:05:99:28:
ad:41:a5:a9:20:2a:a2:e4:d6:ea:59:32:3a:5f:19:3c:ca:80:
d9:df:3f:88:69:93:b7:da:07:3a:ad:0f:48:dc:bc:ba:0e:bf:
5e:6f:ca:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYHtviMSttfI4yfrZrkpoPVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMmNkZjI3ZDlkZTY1ZWIyNGU1Y2ZjOWQzMTBlNGM4YTAz
MDE0NjAwHhcNMjIwNzExMTQ1MTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFiNzEyY2ExYWRhMWRhN2I4MGU3MzlmMGJhYTJkZGM2Y2ZjNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVWRnqAi/ev45AWnr1Nkp+km6ZCZ
j895eCCP7O9O/Ue6BoeAP/R2Qmf2/TgcgL6gzMGqKtKPT7f2KPXYpVuLhZmOz2hH
KihLWYp4ege3rix2/4rVjUf/sDW7l+vYzbvhfxa0uvBX43ccjvEFARKJN/1ny5bM
ewTEwlnwgDSQxsjcwURlHW/8Vwz4OlHyxa4dcNjGprIw1nQF3dnLp7YZmvoK8QWZ
sni1VPz8tpVpORxLeNQmqVbeC2mkkU6Nc4zxQxCYyz35hnEs953V5KoqwQUAKqUG
YOkwywm7+nLxq+WKQyWtemWLky5TjvMXZlses2Nn5u1i2m0tCoh+mEM7ywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLEbcSyhraHae4DnOfC6ot3Gz8aVMB8GA1UdIwQY
MBaAFK0s3yfZ3mXrJOXPydMQ5MigMBRgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclN6Zko5bmVaZXNrNWNfSjB4RGt5S0F3RkdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lZDYzNGItMzlmNy00YjljLTg2ZTQt
MWU5MjM4Y2YwMjhjLzEvc1J0eExLR3RvZHA3Z09jNThMcWkzY2JQeHBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lZDYzNGItMzlmNy00YjljLTg2ZTQtMWU5MjM4Y2YwMjhj
LzEvclN6Zko5bmVaZXNrNWNfSjB4RGt5S0F3RkdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaGYMA0E
AgACMAcDBQMqB8XAMA0GCSqGSIb3DQEBCwUAA4IBAQAC7oqjYSEddYpGFsl+zk18
hvEDLYS2JRTwbhQQSEitSSHrgtU9qdfBA+w6i68bfS6tyL+fHRPCJtnSnce0t0dv
fTPBuMRcRANiiJHaIuZJBJGYyAp85PCRnIs3OqzCtaLYF7qegoCiOoozqkGuV1n0
vdFv1i2KcOtdkbsGh6ZZpXZKWR0IxUGKHS62UmfK9tw21NoFXtFrDC4wI3UzUxMz
HSvrCdifbFW52/Sy/fluDd12tgmgQZH6svQRXgTDQdRu0Sim5IIEksOiCyB0/mRv
gqUCZOsFmSitQaWpICqi5NbqWTI6Xxk8yoDZ3z+IaZO32gc6rQ9I3Ly6Dr9eb8qC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:52 2023 by rpki-client on console-fra.rpki-client.org