Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/BAW309aJg3gaygCKVMm_n3dqPso.roa
File: BAW309aJg3gaygCKVMm_n3dqPso.roa (raw, json)
Hash identifier: IY+hSOa+Yg5/7xTHHmiBDZHh0XaRpNplRRAog9B1/0I=
Subject key identifier: 04:05:B7:D3:D6:89:83:78:1A:CA:00:8A:54:C9:BF:9F:77:6A:3E:CA
Certificate issuer: /CN=08fe040242651353d556b8c4240082190f271d13
Certificate serial: 14C79FBE
Authority key identifier: 08:FE:04:02:42:65:13:53:D5:56:B8:C4:24:00:82:19:0F:27:1D:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CP4EAkJlE1PVVrjEJACCGQ8nHRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/BAW309aJg3gaygCKVMm_n3dqPso.roa
Signing time: Sat 01 Jan 2022 11:02:41 +0000
ROA not before: Sat 01 Jan 2022 11:02:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60821
IP address blocks: 185.22.170.0/24 maxlen: 24
185.22.169.0/24 maxlen: 24
185.22.168.0/22 maxlen: 22
185.22.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348626878 (0x14c79fbe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fe040242651353d556b8c4240082190f271d13
Validity
Not Before: Jan 1 11:02:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0405b7d3d68983781aca008a54c9bf9f776a3eca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:27:e4:d5:08:01:65:06:7b:ab:46:a2:a1:21:
45:09:b9:e0:f8:1c:80:d9:b7:65:36:81:e1:e7:c6:
af:d3:33:3d:64:21:a3:73:15:f8:1f:83:2e:54:19:
38:75:d5:11:fe:ea:ae:a9:0a:ee:01:78:32:fe:64:
ff:98:25:65:4f:b6:e3:ae:d8:ae:1e:e0:b2:d8:d8:
5a:4f:9c:2c:61:8e:d0:bc:26:7c:61:6e:47:84:a7:
7d:dc:e5:e9:24:0d:0c:b9:31:57:54:df:83:78:70:
f9:3a:80:52:e2:4b:46:a4:c9:81:dc:3e:aa:0c:29:
06:84:b4:aa:7a:5c:19:83:c7:78:18:6a:5f:4c:f0:
ab:45:81:4a:fb:9b:8a:85:ae:72:85:ef:a9:ea:17:
59:09:47:3a:ea:7e:d3:2e:4f:9d:09:eb:a2:b6:61:
67:30:93:6b:f0:a4:32:b7:d6:6d:f9:89:5b:a5:80:
80:43:9a:fc:30:51:03:08:57:9e:8c:12:94:19:2c:
ca:38:23:e9:06:00:d7:c4:7b:68:3d:33:1f:1c:bb:
e2:99:74:c3:7f:5c:af:ee:b8:be:00:b0:7a:c1:eb:
87:d0:a7:8e:28:0d:eb:e7:98:6e:17:45:b8:0a:85:
9c:a4:6d:69:4a:34:96:bd:25:dc:34:8f:df:2d:b7:
28:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:05:B7:D3:D6:89:83:78:1A:CA:00:8A:54:C9:BF:9F:77:6A:3E:CA
X509v3 Authority Key Identifier:
keyid:08:FE:04:02:42:65:13:53:D5:56:B8:C4:24:00:82:19:0F:27:1D:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CP4EAkJlE1PVVrjEJACCGQ8nHRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/BAW309aJg3gaygCKVMm_n3dqPso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/4ebc33-ee54-437c-8a1b-dec4807cd7e6/1/CP4EAkJlE1PVVrjEJACCGQ8nHRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.168.0/22
Signature Algorithm: sha256WithRSAEncryption
64:15:06:52:72:84:11:32:59:cd:57:2b:7a:5a:11:4f:4d:d4:
6c:1f:07:14:af:0a:d2:f4:4e:2f:6d:3e:c0:8b:bb:87:c8:3c:
79:99:1d:29:7e:1f:96:a7:54:b8:86:ef:c6:10:1d:a3:4d:60:
15:c7:c8:2f:e6:f4:c6:79:ad:7e:1f:65:fc:95:31:8c:5f:3f:
79:c6:e4:9d:cf:c8:dd:44:16:a8:22:5a:ca:dd:52:5b:3d:f0:
82:bd:41:18:37:9d:d2:7b:3b:4f:75:80:8e:fc:04:fe:4f:fa:
c1:7a:92:5c:13:23:05:36:2a:7a:53:b7:33:ef:a5:cb:93:e0:
67:1d:a9:27:a5:60:e7:ec:d2:44:be:cd:31:0d:a0:d4:3f:f3:
57:02:67:1e:b4:9a:e3:4e:e1:0b:65:82:bb:4f:be:64:c2:80:
1c:73:d0:67:30:0c:de:74:b9:ce:93:ed:cf:d6:e7:1e:8a:c3:
39:76:70:5d:58:55:b4:09:03:6e:37:ee:07:cd:c1:cd:80:c2:
18:5f:14:d6:7e:1c:2a:09:d2:23:33:78:a3:90:97:71:29:f2:
49:f0:78:1b:4f:72:0a:fb:5e:7d:3b:ac:12:ed:9c:12:50:35:
51:1c:45:2d:a4:00:48:7d:91:92:63:c6:36:f1:63:d2:15:59:
fc:f9:d7:2c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFMefvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OGZlMDQwMjQyNjUxMzUzZDU1NmI4YzQyNDAwODIxOTBmMjcxZDEzMB4XDTIyMDEw
MTExMDI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDQwNWI3ZDNkNjg5
ODM3ODFhY2EwMDhhNTRjOWJmOWY3NzZhM2VjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIn5NUIAWUGe6tGoqEhRQm54PgcgNm3ZTaB4efGr9MzPWQh
o3MV+B+DLlQZOHXVEf7qrqkK7gF4Mv5k/5glZU+2467Yrh7gstjYWk+cLGGO0Lwm
fGFuR4Snfdzl6SQNDLkxV1Tfg3hw+TqAUuJLRqTJgdw+qgwpBoS0qnpcGYPHeBhq
X0zwq0WBSvubioWucoXvqeoXWQlHOup+0y5PnQnrorZhZzCTa/CkMrfWbfmJW6WA
gEOa/DBRAwhXnowSlBksyjgj6QYA18R7aD0zHxy74pl0w39cr+64vgCwesHrh9Cn
jigN6+eYbhdFuAqFnKRtaUo0lr0l3DSP3y23KPMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQEBbfT1omDeBrKAIpUyb+fd2o+yjAfBgNVHSMEGDAWgBQI/gQCQmUTU9VW
uMQkAIIZDycdEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NQNEVBa0psRTFQVlZyakVKQUNDR1E4bkhSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTMvNGViYzMzLWVlNTQtNDM3Yy04YTFiLWRlYzQ4MDdjZDdlNi8x
L0JBVzMwOWFKZzNnYXlnQ0tWTW1fbjNkcVBzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMv
NGViYzMzLWVlNTQtNDM3Yy04YTFiLWRlYzQ4MDdjZDdlNi8xL0NQNEVBa0psRTFQ
VlZyakVKQUNDR1E4bkhSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkWqDANBgkqhkiG9w0BAQsFAAOC
AQEAZBUGUnKEETJZzVcreloRT03UbB8HFK8K0vROL20+wIu7h8g8eZkdKX4flqdU
uIbvxhAdo01gFcfIL+b0xnmtfh9l/JUxjF8/ecbknc/I3UQWqCJayt1SWz3wgr1B
GDed0ns7T3WAjvwE/k/6wXqSXBMjBTYqelO3M++ly5PgZx2pJ6Vg5+zSRL7NMQ2g
1D/zVwJnHrSa407hC2WCu0++ZMKAHHPQZzAM3nS5zpPtz9bnHorDOXZwXVhVtAkD
bjfuB83BzYDCGF8U1n4cKgnSIzN4o5CXcSnySfB4G09yCvtefTusEu2cElA1URxF
LaQASH2RkmPGNvFj0hVZ/PnXLA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:17 2023 by rpki-client on console-ams.rpki-client.org