Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/gUPX6TOfCG_wV88uc6KGfzhzYL0.roa
File: gUPX6TOfCG_wV88uc6KGfzhzYL0.roa (raw, json)
Hash identifier: Z41UiV6qOsUi8VYh+I19krYLwPOihxUGtukNYT+zI6k=
Subject key identifier: 81:43:D7:E9:33:9F:08:6F:F0:57:CF:2E:73:A2:86:7F:38:73:60:BD
Certificate issuer: /CN=1af16a3cf8116721afad8c1e5b3e83a2959ceb99
Certificate serial: 8B15
Authority key identifier: 1A:F1:6A:3C:F8:11:67:21:AF:AD:8C:1E:5B:3E:83:A2:95:9C:EB:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GvFqPPgRZyGvrYweWz6DopWc65k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/gUPX6TOfCG_wV88uc6KGfzhzYL0.roa
Signing time: Tue 01 Feb 2022 09:46:49 +0000
ROA not before: Tue 01 Feb 2022 09:46:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209014
IP address blocks: 185.128.225.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35605 (0x8b15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1af16a3cf8116721afad8c1e5b3e83a2959ceb99
Validity
Not Before: Feb 1 09:46:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8143d7e9339f086ff057cf2e73a2867f387360bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:48:3f:b6:44:e8:ef:32:7e:ac:a6:ef:8f:9a:
3e:d7:41:45:a0:23:f4:c1:a6:6d:ce:2c:cf:58:ec:
59:1b:c5:a1:d5:bc:e9:d5:86:e7:af:80:61:7a:eb:
70:4e:15:8c:e9:34:a5:25:6c:dd:09:2f:54:6b:8e:
23:46:e5:58:75:59:85:6e:3c:97:ff:0b:53:3f:e2:
e4:91:68:92:0d:6f:10:d4:57:88:4a:22:17:ae:df:
9b:f8:33:ca:32:7e:91:d9:3f:70:cb:9f:85:30:4e:
01:7b:68:ed:9a:ac:63:bf:13:c1:3a:9c:c7:ab:0d:
21:ec:ca:ac:26:0f:15:a5:fe:ee:bb:0a:0d:dc:26:
d9:90:f5:73:4c:84:9c:1b:d5:47:c2:18:40:23:65:
29:67:2c:8e:f0:23:53:87:21:2e:d3:8e:5a:a2:90:
d3:df:3f:b5:35:b6:b6:1e:70:45:4b:b6:8b:de:3b:
87:f6:2f:17:4f:4e:dc:10:c2:b1:ad:b4:88:fc:34:
5a:c0:b3:74:b7:3d:fd:ad:a3:63:ce:4a:c7:f2:f5:
b3:8d:0e:5f:f4:dd:a9:9b:a9:5a:0f:da:fe:3a:c3:
e6:73:53:de:10:ff:5d:02:78:9a:2a:97:50:11:7c:
4a:ca:8b:5d:ab:91:05:46:5a:32:ac:26:38:dc:ad:
36:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:43:D7:E9:33:9F:08:6F:F0:57:CF:2E:73:A2:86:7F:38:73:60:BD
X509v3 Authority Key Identifier:
keyid:1A:F1:6A:3C:F8:11:67:21:AF:AD:8C:1E:5B:3E:83:A2:95:9C:EB:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GvFqPPgRZyGvrYweWz6DopWc65k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/gUPX6TOfCG_wV88uc6KGfzhzYL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7a5fd3-faae-4120-a4a8-1dc2a52368c1/1/GvFqPPgRZyGvrYweWz6DopWc65k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.225.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ed:ef:7c:75:8d:f6:7a:ae:70:d1:0f:35:31:79:14:cf:18:
ea:8f:bf:17:72:66:0c:4c:f5:2f:f8:32:a8:51:6b:81:09:ba:
bb:21:a9:de:e7:5c:9a:8e:1c:b2:35:7a:92:76:8d:26:46:b3:
a7:fe:9b:97:23:18:f2:e0:14:37:ab:6d:be:d1:24:68:f1:4c:
9a:35:e2:73:b5:07:e5:05:ea:a8:47:47:01:96:61:b4:99:2e:
fd:a6:41:a7:d7:12:7a:5a:ce:8b:57:cf:e1:ee:1e:81:27:d5:
a6:be:ab:ca:aa:67:7f:7a:79:36:5e:86:95:7e:68:11:88:47:
1c:15:3a:52:a6:14:16:fc:ac:4f:e8:32:d5:60:b6:0e:fe:d5:
4b:b1:c6:11:83:fa:4e:ca:e8:52:36:05:43:da:91:99:ea:a2:
dd:a0:24:b3:7b:6f:39:87:2c:53:1e:fd:7b:42:93:7e:b7:cb:
01:0d:30:a9:70:41:84:82:08:5d:7f:b3:8b:a6:88:3e:08:18:
35:2d:6e:7e:7c:6a:8d:62:78:5f:75:a8:e8:a2:79:51:c6:f3:
70:7e:7c:c2:f7:f2:e5:cf:6b:5f:c4:f0:12:cd:dd:48:42:60:
52:0d:2f:f6:f2:80:0f:b0:62:a4:d7:43:79:c0:ba:8d:66:a9:
47:7c:48:c8
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAIsVMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDFh
ZjE2YTNjZjgxMTY3MjFhZmFkOGMxZTViM2U4M2EyOTU5Y2ViOTkwHhcNMjIwMjAx
MDk0NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg4MTQzZDdlOTMzOWYw
ODZmZjA1N2NmMmU3M2EyODY3ZjM4NzM2MGJkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAuUg/tkTo7zJ+rKbvj5o+10FFoCP0waZtzizPWOxZG8Wh1bzp
1Ybnr4BheutwThWM6TSlJWzdCS9Ua44jRuVYdVmFbjyX/wtTP+LkkWiSDW8Q1FeI
SiIXrt+b+DPKMn6R2T9wy5+FME4Be2jtmqxjvxPBOpzHqw0h7MqsJg8Vpf7uuwoN
3CbZkPVzTIScG9VHwhhAI2UpZyyO8CNThyEu045aopDT3z+1Nba2HnBFS7aL3juH
9i8XT07cEMKxrbSI/DRawLN0tz39raNjzkrH8vWzjQ5f9N2pm6laD9r+OsPmc1Pe
EP9dAniaKpdQEXxKyotdq5EFRloyrCY43K02kQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFIFD1+kznwhv8FfPLnOihn84c2C9MB8GA1UdIwQYMBaAFBrxajz4EWchr62M
Hls+g6KVnOuZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
R3ZGcVBQZ1JaeUd2cll3ZVd6NkRvcFdjNjVrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kYy83YTVmZDMtZmFhZS00MTIwLWE0YTgtMWRjMmE1MjM2OGMxLzEv
Z1VQWDZUT2ZDR193Vjg4dWM2S0dmemh6WUwwLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83
YTVmZDMtZmFhZS00MTIwLWE0YTgtMWRjMmE1MjM2OGMxLzEvR3ZGcVBQZ1JaeUd2
cll3ZVd6NkRvcFdjNjVrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYDhMA0GCSqGSIb3DQEBCwUAA4IB
AQB57e98dY32eq5w0Q81MXkUzxjqj78XcmYMTPUv+DKoUWuBCbq7Iane51yajhyy
NXqSdo0mRrOn/puXIxjy4BQ3q22+0SRo8UyaNeJztQflBeqoR0cBlmG0mS79pkGn
1xJ6Ws6LV8/h7h6BJ9WmvqvKqmd/enk2XoaVfmgRiEccFTpSphQW/KxP6DLVYLYO
/tVLscYRg/pOyuhSNgVD2pGZ6qLdoCSze285hyxTHv17QpN+t8sBDTCpcEGEgghd
f7OLpog+CBg1LW5+fGqNYnhfdajoonlRxvNwfnzC9/Llz2tfxPASzd1IQmBSDS/2
8oAPsGKk10N5wLqNZqlHfEjI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:48 2023 by rpki-client on console-ams.rpki-client.org