Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1cec14-db59-4950-bdb8-b90a941ea51a/1/jq1afHLgU6gxl_a2RJwBOYxLhsA.roa
File: jq1afHLgU6gxl_a2RJwBOYxLhsA.roa (raw, json)
Hash identifier: hCdvUleGNFlefxtKmmdZ/g+k0DMASE3rCZZ7GeYaElE=
Subject key identifier: 8E:AD:5A:7C:72:E0:53:A8:31:97:F6:B6:44:9C:01:39:8C:4B:86:C0
Certificate issuer: /CN=22b6a25f2f74191be9ea0ca9c1915fe745cf57c8
Certificate serial: 18BF9D20
Authority key identifier: 22:B6:A2:5F:2F:74:19:1B:E9:EA:0C:A9:C1:91:5F:E7:45:CF:57:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IraiXy90GRvp6gypwZFf50XPV8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1cec14-db59-4950-bdb8-b90a941ea51a/1/jq1afHLgU6gxl_a2RJwBOYxLhsA.roa
Signing time: Sat 01 Jan 2022 01:52:12 +0000
ROA not before: Sat 01 Jan 2022 01:52:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1103
IP address blocks: 194.26.8.0/22 maxlen: 22
194.26.12.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 415210784 (0x18bf9d20)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22b6a25f2f74191be9ea0ca9c1915fe745cf57c8
Validity
Not Before: Jan 1 01:52:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8ead5a7c72e053a83197f6b6449c01398c4b86c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b8:d9:e9:d9:ea:13:20:c0:97:2d:37:23:d1:
97:83:be:a5:49:26:35:bf:48:22:84:f1:e1:d7:d4:
45:01:61:ad:a7:9f:93:02:04:bb:7b:1a:28:a1:25:
4b:ec:79:c7:4a:13:59:82:e5:ad:38:c5:38:7a:9c:
a9:95:93:bf:7d:b7:04:5f:d4:5b:ad:d7:ec:cf:5d:
ff:72:cc:69:4f:c7:f7:02:89:5b:cd:ce:fe:29:86:
9b:f3:11:27:28:a7:4e:b1:a0:db:37:72:27:72:fd:
50:bb:8b:7a:a8:91:07:5a:d3:33:93:a7:6a:24:6e:
fc:15:0c:b6:73:c8:b8:c5:a0:fa:9e:8f:c8:0f:37:
64:d6:a0:0c:ce:a8:af:64:bd:12:50:f0:06:c3:0a:
25:76:e7:71:70:0e:b4:95:00:97:ad:a9:cd:c7:83:
58:16:ad:bc:c8:5e:de:04:04:fc:e5:5f:5d:d1:c1:
2d:4d:8e:19:12:a3:42:e1:69:f7:3d:7c:7f:9e:fd:
73:9d:26:ed:92:38:41:c2:5c:bb:e5:87:dc:7b:1b:
bd:c1:52:76:f0:10:14:64:1c:34:df:6a:04:7b:55:
8b:c1:ed:3d:b6:58:54:62:c5:01:bd:02:ca:51:20:
7a:8a:99:66:68:dc:a8:22:ef:31:79:a0:97:39:62:
ff:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:AD:5A:7C:72:E0:53:A8:31:97:F6:B6:44:9C:01:39:8C:4B:86:C0
X509v3 Authority Key Identifier:
keyid:22:B6:A2:5F:2F:74:19:1B:E9:EA:0C:A9:C1:91:5F:E7:45:CF:57:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IraiXy90GRvp6gypwZFf50XPV8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1cec14-db59-4950-bdb8-b90a941ea51a/1/jq1afHLgU6gxl_a2RJwBOYxLhsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1cec14-db59-4950-bdb8-b90a941ea51a/1/IraiXy90GRvp6gypwZFf50XPV8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.8.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:1d:84:d9:44:8e:6e:27:fb:2f:ab:0c:ea:0b:6d:cb:99:1e:
8c:2e:ca:92:1c:f1:0f:19:7a:7f:2f:db:f9:b1:f8:13:d5:79:
ce:fa:62:65:0d:6c:0e:79:c7:3f:4c:87:c5:af:f0:e7:f2:63:
70:2a:ab:4b:98:d0:8b:3b:27:3c:7f:52:fa:7f:bc:71:a3:8c:
cf:1f:49:e2:0b:c5:b4:49:b7:55:ac:74:5b:3a:70:77:a0:a0:
2d:ac:be:aa:69:39:a9:3f:c5:a5:28:96:15:85:82:38:51:09:
ef:84:15:68:10:03:f5:6b:f4:8e:d4:61:03:4a:25:d3:dc:8a:
c9:eb:9d:20:24:02:00:2b:6e:c2:3e:36:20:3b:bd:1c:74:1d:
59:33:fb:62:54:fa:d6:68:c7:05:5b:80:59:7a:a1:73:8a:8a:
14:ff:88:aa:b6:0e:69:ee:6c:d6:ab:a7:f4:28:40:40:57:76:
53:bd:f6:e0:12:da:63:0b:d4:2f:a2:5b:eb:93:53:84:a2:4b:
14:5c:8d:2c:36:c9:04:de:92:41:1b:a0:47:85:d8:2b:56:d6:
e4:a6:cf:4a:a2:95:6c:5c:10:41:4e:62:1b:fa:7c:34:73:ba:
9e:d0:27:6a:c4:09:6d:d8:63:89:b9:ce:cd:6d:61:65:e6:de:
41:db:a3:d6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGL+dIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmI2YTI1ZjJmNzQxOTFiZTllYTBjYTljMTkxNWZlNzQ1Y2Y1N2M4MB4XDTIyMDEw
MTAxNTIxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGVhZDVhN2M3MmUw
NTNhODMxOTdmNmI2NDQ5YzAxMzk4YzRiODZjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALe42enZ6hMgwJctNyPRl4O+pUkmNb9IIoTx4dfURQFhraef
kwIEu3saKKElS+x5x0oTWYLlrTjFOHqcqZWTv323BF/UW63X7M9d/3LMaU/H9wKJ
W83O/imGm/MRJyinTrGg2zdyJ3L9ULuLeqiRB1rTM5OnaiRu/BUMtnPIuMWg+p6P
yA83ZNagDM6or2S9ElDwBsMKJXbncXAOtJUAl62pzceDWBatvMhe3gQE/OVfXdHB
LU2OGRKjQuFp9z18f579c50m7ZI4QcJcu+WH3HsbvcFSdvAQFGQcNN9qBHtVi8Ht
PbZYVGLFAb0CylEgeoqZZmjcqCLvMXmglzli/w0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSOrVp8cuBTqDGX9rZEnAE5jEuGwDAfBgNVHSMEGDAWgBQitqJfL3QZG+nq
DKnBkV/nRc9XyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lyYWlYeTkwR1J2cDZneXB3WkZmNTBYUFY4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvMWNlYzE0LWRiNTktNDk1MC1iZGI4LWI5MGE5NDFlYTUxYS8x
L2pxMWFmSExnVTZneGxfYTJSSndCT1l4TGhzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
MWNlYzE0LWRiNTktNDk1MC1iZGI4LWI5MGE5NDFlYTUxYS8xL0lyYWlYeTkwR1J2
cDZneXB3WkZmNTBYUFY4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8IaCDANBgkqhkiG9w0BAQsFAAOC
AQEASx2E2USObif7L6sM6gtty5kejC7KkhzxDxl6fy/b+bH4E9V5zvpiZQ1sDnnH
P0yHxa/w5/JjcCqrS5jQizsnPH9S+n+8caOMzx9J4gvFtEm3Vax0Wzpwd6CgLay+
qmk5qT/FpSiWFYWCOFEJ74QVaBAD9Wv0jtRhA0ol09yKyeudICQCACtuwj42IDu9
HHQdWTP7YlT61mjHBVuAWXqhc4qKFP+IqrYOae5s1qun9ChAQFd2U7324BLaYwvU
L6Jb65NThKJLFFyNLDbJBN6SQRugR4XYK1bW5KbPSqKVbFwQQU5iG/p8NHO6ntAn
asQJbdhjibnOzW1hZebeQduj1g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:06 2023 by rpki-client on console-ams.rpki-client.org