Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/a7sZzR28elX1tQMTKV3cyFkYXgQ.roa
File: a7sZzR28elX1tQMTKV3cyFkYXgQ.roa (raw, json)
Hash identifier: yAmyoLfY2P83YgH16G+C5cEEXviazDbLS15A3gXj+cw=
Subject key identifier: 6B:BB:19:CD:1D:BC:7A:55:F5:B5:03:13:29:5D:DC:C8:59:18:5E:04
Certificate issuer: /CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Certificate serial: 0184A4111D685F35D6B04B694E0771320B26
Authority key identifier: 35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/a7sZzR28elX1tQMTKV3cyFkYXgQ.roa
Signing time: Wed 23 Nov 2022 10:38:15 +0000
ROA not before: Wed 23 Nov 2022 10:38:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 185.155.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a4:11:1d:68:5f:35:d6:b0:4b:69:4e:07:71:32:0b:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3517c9de927fa75beaef7885f0d88f6f4d2a0ed6
Validity
Not Before: Nov 23 10:38:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6bbb19cd1dbc7a55f5b50313295ddcc859185e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:34:bb:10:16:90:98:e2:84:7e:1c:d5:9e:bf:
60:76:8a:c9:9a:15:d2:ba:24:b7:37:fc:a7:30:03:
87:54:f7:a9:a6:2b:ea:3f:47:76:9e:29:23:39:64:
83:fa:f1:44:80:60:48:89:25:7a:1f:47:d9:02:15:
18:ec:04:0c:2f:77:93:66:4b:50:5c:35:6e:e2:de:
7d:66:0d:39:10:cd:17:47:8a:36:c0:aa:fd:58:b9:
2e:05:e6:0a:10:cc:dc:96:66:d6:8a:c4:ba:1c:46:
0c:1d:c9:1f:ce:7c:52:0f:b6:fe:0c:99:59:19:3d:
49:82:46:3d:d8:7a:61:6d:2f:0b:c1:99:07:a4:5f:
6c:8b:f2:15:3a:59:7b:c6:77:9f:17:5d:68:95:fb:
dc:b8:49:f3:ad:ec:52:cc:05:7e:32:15:b5:d7:cb:
96:b6:a7:be:32:81:75:96:43:cb:ca:4c:41:03:23:
2b:bf:25:ab:91:5b:0a:55:63:0e:29:aa:ee:be:cf:
f2:9c:3e:c7:70:ec:5f:ad:b8:9c:b3:90:05:77:8c:
73:5f:be:5d:d6:04:9c:b7:c9:bc:4e:30:44:cb:3f:
65:20:4f:a4:e2:f4:b0:26:67:d3:82:f2:27:ca:a2:
30:79:30:8f:ba:e8:12:38:9a:d9:aa:d8:22:79:51:
5e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:BB:19:CD:1D:BC:7A:55:F5:B5:03:13:29:5D:DC:C8:59:18:5E:04
X509v3 Authority Key Identifier:
keyid:35:17:C9:DE:92:7F:A7:5B:EA:EF:78:85:F0:D8:8F:6F:4D:2A:0E:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NRfJ3pJ_p1vq73iF8NiPb00qDtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/a7sZzR28elX1tQMTKV3cyFkYXgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/954ade-84b7-446d-a6e2-fd3b3002c0bb/1/NRfJ3pJ_p1vq73iF8NiPb00qDtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.155.235.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:06:de:73:79:14:bc:89:02:e3:5a:ed:2f:0f:3f:b1:d4:96:
a3:5d:78:3c:58:fd:fa:10:eb:34:ab:c3:c2:d1:48:59:ad:00:
dd:0d:66:65:10:19:26:56:39:0f:2f:4c:33:e4:49:3a:c7:e7:
5a:2f:76:e9:50:58:cb:3c:13:03:e4:53:fa:7f:2b:06:60:e7:
0d:92:0e:e6:9e:b5:6f:5b:57:ef:81:66:8b:8a:1c:40:f4:a6:
0a:e5:fc:06:8c:14:7e:27:a4:d9:2b:57:23:fa:c2:dd:67:b6:
4a:c9:7f:cb:1d:71:6c:ba:ee:0b:08:54:f0:3e:24:af:38:a6:
b9:f6:1f:07:cc:e2:e0:70:0e:55:cd:b3:1e:9c:7f:bd:d5:ea:
63:6b:bc:c8:25:9d:83:10:07:d9:3a:f2:41:1b:b5:22:fc:ca:
55:42:05:c5:fb:83:ef:83:92:cb:96:f3:64:c7:2f:c7:97:10:
32:2d:06:98:c9:56:62:e7:88:72:e9:11:29:41:72:4b:d6:cd:
99:b5:a0:50:d2:0f:89:48:cd:25:ef:b1:fc:c6:b4:94:07:0f:
f8:43:1c:7a:fd:78:8c:90:9e:d7:31:fe:ef:6f:5d:4c:f8:a7:
b0:3a:69:ae:4e:d5:f0:dd:07:c6:9a:47:8b:02:03:22:17:93:
8d:a7:28:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSkER1oXzXWsEtpTgdxMgsmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MTdjOWRlOTI3ZmE3NWJlYWVmNzg4NWYwZDg4ZjZmNGQy
YTBlZDYwHhcNMjIxMTIzMTAzODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmJiMTljZDFkYmM3YTU1ZjViNTAzMTMyOTVkZGNjODU5MTg1ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTS7EBaQmOKEfhzVnr9gdorJmhXS
uiS3N/ynMAOHVPeppivqP0d2nikjOWSD+vFEgGBIiSV6H0fZAhUY7AQML3eTZktQ
XDVu4t59Zg05EM0XR4o2wKr9WLkuBeYKEMzclmbWisS6HEYMHckfznxSD7b+DJlZ
GT1JgkY92HphbS8LwZkHpF9si/IVOll7xnefF11olfvcuEnzrexSzAV+MhW118uW
tqe+MoF1lkPLykxBAyMrvyWrkVsKVWMOKaruvs/ynD7HcOxfrbics5AFd4xzX75d
1gSct8m8TjBEyz9lIE+k4vSwJmfTgvInyqIweTCPuugSOJrZqtgieVFewQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGu7Gc0dvHpV9bUDEyld3MhZGF4EMB8GA1UdIwQY
MBaAFDUXyd6Sf6db6u94hfDYj29NKg7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTIt
ZmQzYjMwMDJjMGJiLzEvYTdzWnpSMjhlbFgxdFFNVEtWM2N5RmtZWGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85NTRhZGUtODRiNy00NDZkLWE2ZTItZmQzYjMwMDJjMGJi
LzEvTlJmSjNwSl9wMXZxNzNpRjhOaVBiMDBxRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZvrMA0G
CSqGSIb3DQEBCwUAA4IBAQA9Bt5zeRS8iQLjWu0vDz+x1JajXXg8WP36EOs0q8PC
0UhZrQDdDWZlEBkmVjkPL0wz5Ek6x+daL3bpUFjLPBMD5FP6fysGYOcNkg7mnrVv
W1fvgWaLihxA9KYK5fwGjBR+J6TZK1cj+sLdZ7ZKyX/LHXFsuu4LCFTwPiSvOKa5
9h8HzOLgcA5VzbMenH+91epja7zIJZ2DEAfZOvJBG7Ui/MpVQgXF+4Pvg5LLlvNk
xy/HlxAyLQaYyVZi54hy6REpQXJL1s2ZtaBQ0g+JSM0l77H8xrSUBw/4Qxx6/XiM
kJ7XMf7vb11M+KewOmmuTtXw3QfGmkeLAgMiF5ONpygy
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:33 2023 by rpki-client on console-ams.rpki-client.org