Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/AylQQKGMUavI88j9D2imuZAj0kI.roa
File: AylQQKGMUavI88j9D2imuZAj0kI.roa (raw, json)
Hash identifier: E9W/MyrSxBKNHJ6as1l1qRb01QHx68aSPgKJMZIS7jE=
Subject key identifier: 03:29:50:40:A1:8C:51:AB:C8:F3:C8:FD:0F:68:A6:B9:90:23:D2:42
Certificate issuer: /CN=e98dc5e78258e426739bd88c2d4c200aadf3bf13
Certificate serial: 0D651F1C
Authority key identifier: E9:8D:C5:E7:82:58:E4:26:73:9B:D8:8C:2D:4C:20:0A:AD:F3:BF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Y3F54JY5CZzm9iMLUwgCq3zvxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/AylQQKGMUavI88j9D2imuZAj0kI.roa
Signing time: Sat 01 Jan 2022 10:58:20 +0000
ROA not before: Sat 01 Jan 2022 10:58:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 185.1.2.0/24 maxlen: 24
2001:7f8:81::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224730908 (0xd651f1c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e98dc5e78258e426739bd88c2d4c200aadf3bf13
Validity
Not Before: Jan 1 10:58:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03295040a18c51abc8f3c8fd0f68a6b99023d242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:17:e4:cb:95:4e:55:e5:83:6d:e2:a6:a6:32:
f7:da:22:cc:52:74:34:69:43:18:36:25:27:90:7d:
13:02:6a:1c:84:5d:43:3f:89:05:23:0e:ab:f8:f0:
95:f3:cb:91:8d:4a:ea:bc:20:8f:9e:ee:bb:f7:c3:
1f:1f:df:d1:a3:f0:1e:2b:03:6d:cd:d6:f0:ad:c1:
55:1c:b1:50:73:3a:79:f9:ab:9c:95:bb:97:f2:65:
d1:36:21:25:a3:51:a8:b0:85:c7:52:1c:41:07:c8:
3a:28:80:c6:2f:77:c7:46:f9:f3:22:e1:f7:40:0b:
9d:d3:5c:4b:42:bc:e5:d0:51:e4:10:4f:d1:7f:3b:
8e:53:2c:49:1d:9e:72:50:07:e6:ff:9d:ba:12:76:
34:7a:d7:21:12:b5:71:29:ec:7f:34:03:73:55:02:
c5:dd:c5:51:8b:d7:e3:c1:12:78:2d:7a:ae:3e:30:
04:1a:10:fd:44:f6:50:08:8d:dc:93:94:98:a6:17:
14:a9:f3:96:87:7e:33:1d:64:1b:3e:23:c4:17:c9:
a1:e0:17:b6:d5:29:88:c3:11:9c:07:b5:2f:8a:ff:
fd:62:11:19:34:5a:f7:a4:92:77:f8:9e:90:95:13:
8b:97:b5:6d:59:bd:5c:21:f1:a4:71:4b:a6:5d:2c:
89:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:29:50:40:A1:8C:51:AB:C8:F3:C8:FD:0F:68:A6:B9:90:23:D2:42
X509v3 Authority Key Identifier:
keyid:E9:8D:C5:E7:82:58:E4:26:73:9B:D8:8C:2D:4C:20:0A:AD:F3:BF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Y3F54JY5CZzm9iMLUwgCq3zvxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/AylQQKGMUavI88j9D2imuZAj0kI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/4d7f6e-c6df-41d7-8ffd-5089b602bfc2/1/6Y3F54JY5CZzm9iMLUwgCq3zvxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.2.0/24
IPv6:
2001:7f8:81::/48
Signature Algorithm: sha256WithRSAEncryption
ae:3b:40:06:d4:41:de:0d:17:1f:61:1d:80:fb:2d:4d:dc:62:
39:26:d4:9d:df:90:84:60:91:97:b4:5c:64:49:ac:ea:5d:55:
12:79:c9:95:ba:32:b9:9d:54:32:49:39:30:59:76:9d:cc:e1:
60:46:76:5d:e9:66:8b:f8:e9:21:4a:26:a1:a5:22:ca:0f:70:
eb:73:d0:55:ba:73:b4:55:69:e7:ed:ed:52:4e:11:4d:0e:ed:
ff:c4:55:db:43:72:08:43:bc:ae:af:3c:e3:68:73:ca:73:18:
8d:ab:f0:36:7e:eb:7a:39:62:f7:5e:7f:24:7d:d3:8c:25:f5:
f6:17:f8:e7:25:66:9f:67:ed:3a:84:f3:78:ed:40:c7:0c:f0:
f4:d3:a5:19:3c:87:ff:75:f3:5b:5d:34:1a:61:6e:ff:ed:dd:
4c:c0:c3:29:90:2f:c8:5d:d1:11:07:01:6e:7a:aa:e3:2d:ed:
04:41:4c:27:87:52:64:af:dd:32:b9:19:4f:96:34:b6:21:94:
11:ae:26:da:80:fc:a1:37:86:b1:6c:9b:f8:85:49:8c:6a:c1:
aa:0a:c0:a6:1d:9f:2c:5f:00:a1:28:e0:ce:8d:5a:94:33:cb:
e8:ab:1a:bc:12:c5:65:d4:3d:38:61:4b:cf:ea:3a:b8:27:9f:
a1:78:ff:90
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEDWUfHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OThkYzVlNzgyNThlNDI2NzM5YmQ4OGMyZDRjMjAwYWFkZjNiZjEzMB4XDTIyMDEw
MTEwNTgyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDMyOTUwNDBhMThj
NTFhYmM4ZjNjOGZkMGY2OGE2Yjk5MDIzZDI0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIMX5MuVTlXlg23ipqYy99oizFJ0NGlDGDYlJ5B9EwJqHIRd
Qz+JBSMOq/jwlfPLkY1K6rwgj57uu/fDHx/f0aPwHisDbc3W8K3BVRyxUHM6efmr
nJW7l/Jl0TYhJaNRqLCFx1IcQQfIOiiAxi93x0b58yLh90ALndNcS0K85dBR5BBP
0X87jlMsSR2eclAH5v+duhJ2NHrXIRK1cSnsfzQDc1UCxd3FUYvX48ESeC16rj4w
BBoQ/UT2UAiN3JOUmKYXFKnzlod+Mx1kGz4jxBfJoeAXttUpiMMRnAe1L4r//WIR
GTRa96SSd/iekJUTi5e1bVm9XCHxpHFLpl0siS0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQDKVBAoYxRq8jzyP0PaKa5kCPSQjAfBgNVHSMEGDAWgBTpjcXngljkJnOb
2IwtTCAKrfO/EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZZM0Y1NEpZNUNaem05aU1MVXdnQ3EzenZ4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTgvNGQ3ZjZlLWM2ZGYtNDFkNy04ZmZkLTUwODliNjAyYmZjMi8x
L0F5bFFRS0dNVWF2STg4ajlEMmltdVpBajBrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTgv
NGQ3ZjZlLWM2ZGYtNDFkNy04ZmZkLTUwODliNjAyYmZjMi8xLzZZM0Y1NEpZNUNa
em05aU1MVXdnQ3EzenZ4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALkBAjAPBAIAAjAJAwcAIAEH+ACB
MA0GCSqGSIb3DQEBCwUAA4IBAQCuO0AG1EHeDRcfYR2A+y1N3GI5JtSd35CEYJGX
tFxkSazqXVUSecmVujK5nVQySTkwWXadzOFgRnZd6WaL+OkhSiahpSLKD3Drc9BV
unO0VWnn7e1SThFNDu3/xFXbQ3IIQ7yurzzjaHPKcxiNq/A2fut6OWL3Xn8kfdOM
JfX2F/jnJWafZ+06hPN47UDHDPD006UZPIf/dfNbXTQaYW7/7d1MwMMpkC/IXdER
BwFueqrjLe0EQUwnh1Jkr90yuRlPljS2IZQRribagPyhN4axbJv4hUmMasGqCsCm
HZ8sXwChKODOjVqUM8voqxq8EsVl1D04YUvP6jq4J5+heP+Q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:58 2024 by rpki-client on console-fra.rpki-client.org