Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/0jcWcT3DxBXU5eF5IkPn_b_iZB0.roa
File: 0jcWcT3DxBXU5eF5IkPn_b_iZB0.roa (raw, json)
Hash identifier: va2u37FaoZ3a7wnYyRZpxBIVaKMxmK32iFfHn05+I+k=
Subject key identifier: D2:37:16:71:3D:C3:C4:15:D4:E5:E1:79:22:43:E7:FD:BF:E2:64:1D
Certificate issuer: /CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Certificate serial: 021684B4
Authority key identifier: D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/0jcWcT3DxBXU5eF5IkPn_b_iZB0.roa
Signing time: Sat 01 Jan 2022 07:58:42 +0000
ROA not before: Sat 01 Jan 2022 07:58:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.225.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35030196 (0x21684b4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6aa89f7b722279c032942dcf24865f6d72d6501
Validity
Not Before: Jan 1 07:58:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d23716713dc3c415d4e5e1792243e7fdbfe2641d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6e:b3:59:eb:cd:1e:9c:a8:a2:63:98:82:97:
7e:73:f2:c0:ab:cd:52:6b:91:77:6b:2e:d3:1d:72:
42:cc:80:93:46:4a:57:99:83:4b:2b:c4:f2:5a:c0:
69:af:4d:a2:58:fc:ea:c7:c6:72:05:bc:a2:72:1e:
2e:90:22:74:cd:ba:f1:5c:ad:83:37:41:c6:19:01:
63:0e:40:15:96:67:41:e7:bc:28:c2:b7:ac:55:e6:
90:04:85:c4:dc:4d:c2:f3:95:d4:a2:f6:a4:a0:4c:
fc:31:84:aa:88:38:1f:cb:13:b4:b9:d0:bf:b2:b1:
03:0b:0a:e0:fb:b0:f4:c4:85:02:11:78:e9:2b:d0:
96:f1:c0:2c:b1:b4:45:5e:ce:11:35:64:8d:9d:1d:
35:0f:e7:48:84:43:b0:5e:71:93:79:b9:62:a8:8c:
5b:06:30:94:73:22:e2:e7:9b:8c:ad:53:da:2f:2d:
21:2e:b9:e4:dc:9f:88:1c:0f:53:90:fb:bd:f0:f2:
c3:f6:9a:94:63:dd:be:85:f9:ac:ce:6d:bb:e5:8b:
50:b9:ab:6e:32:13:58:32:e1:75:81:80:43:a6:42:
34:20:14:e6:53:5e:42:b7:77:e5:75:99:a5:30:57:
ac:82:ad:7c:e9:d0:90:f5:71:9a:34:8c:20:35:f9:
b3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:37:16:71:3D:C3:C4:15:D4:E5:E1:79:22:43:E7:FD:BF:E2:64:1D
X509v3 Authority Key Identifier:
keyid:D6:AA:89:F7:B7:22:27:9C:03:29:42:DC:F2:48:65:F6:D7:2D:65:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1qqJ97ciJ5wDKULc8khl9tctZQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/0jcWcT3DxBXU5eF5IkPn_b_iZB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/0e7e28-a829-47d2-80e6-8ba6888669cf/1/1qqJ97ciJ5wDKULc8khl9tctZQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.252.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:b7:fd:80:6d:f6:ab:43:a5:b1:ce:81:af:38:57:29:73:4f:
63:ac:0b:ab:a8:26:91:9e:2b:cc:ab:f9:1d:b0:88:b2:dc:02:
41:db:24:62:f0:f8:44:4d:9a:2d:30:5c:76:b4:e3:56:89:fc:
91:09:84:a9:89:2c:ac:dc:47:98:69:ad:9d:83:b9:eb:d8:b9:
3e:74:c6:be:89:10:78:d8:97:44:e5:53:ec:8b:27:23:0f:39:
ee:1f:e7:f6:a8:87:00:9a:f2:49:19:05:4c:1c:17:3f:c4:e1:
08:6e:83:af:aa:f5:f4:9d:c3:49:c0:33:30:18:a1:c8:05:f0:
ab:15:81:1d:1f:6b:5a:36:6c:cd:d9:11:03:3c:96:93:2e:72:
34:a1:f9:49:9a:ff:49:7d:83:37:19:0d:9d:aa:84:79:11:6f:
c1:bc:ef:f5:35:e5:3b:51:c4:f3:34:79:2d:ab:ea:2f:a0:b2:
f4:5f:96:0e:b8:a6:eb:8f:b0:dc:3a:f6:aa:a0:26:58:57:a7:
ef:cb:c8:cb:15:9e:f4:47:e8:67:71:0c:13:9e:54:06:06:d9:
d4:d2:49:91:b1:54:7d:a7:9c:10:2b:08:9e:e5:cd:f9:34:0c:
fe:53:fd:5f:43:ca:3a:95:2d:7f:21:d9:86:90:3e:66:d4:31:
81:4d:ae:b3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAhaEtDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NmFhODlmN2I3MjIyNzljMDMyOTQyZGNmMjQ4NjVmNmQ3MmQ2NTAxMB4XDTIyMDEw
MTA3NTg0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIzNzE2NzEzZGMz
YzQxNWQ0ZTVlMTc5MjI0M2U3ZmRiZmUyNjQxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5us1nrzR6cqKJjmIKXfnPywKvNUmuRd2su0x1yQsyAk0ZK
V5mDSyvE8lrAaa9Nolj86sfGcgW8onIeLpAidM268VytgzdBxhkBYw5AFZZnQee8
KMK3rFXmkASFxNxNwvOV1KL2pKBM/DGEqog4H8sTtLnQv7KxAwsK4Puw9MSFAhF4
6SvQlvHALLG0RV7OETVkjZ0dNQ/nSIRDsF5xk3m5YqiMWwYwlHMi4uebjK1T2i8t
IS655NyfiBwPU5D7vfDyw/aalGPdvoX5rM5tu+WLULmrbjITWDLhdYGAQ6ZCNCAU
5lNeQrd35XWZpTBXrIKtfOnQkPVxmjSMIDX5s1kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTSNxZxPcPEFdTl4XkiQ+f9v+JkHTAfBgNVHSMEGDAWgBTWqon3tyInnAMp
QtzySGX21y1lATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFxcUo5N2NpSjV3REtVTGM4a2hsOXRjdFpRRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvMGU3ZTI4LWE4MjktNDdkMi04MGU2LThiYTY4ODg2NjljZi8x
LzBqY1djVDNEeEJYVTVlRjVJa1BuX2JfaVpCMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
MGU3ZTI4LWE4MjktNDdkMi04MGU2LThiYTY4ODg2NjljZi8xLzFxcUo5N2NpSjV3
REtVTGM4a2hsOXRjdFpRRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnh/DANBgkqhkiG9w0BAQsFAAOC
AQEAarf9gG32q0Olsc6BrzhXKXNPY6wLq6gmkZ4rzKv5HbCIstwCQdskYvD4RE2a
LTBcdrTjVon8kQmEqYksrNxHmGmtnYO569i5PnTGvokQeNiXROVT7IsnIw857h/n
9qiHAJrySRkFTBwXP8ThCG6Dr6r19J3DScAzMBihyAXwqxWBHR9rWjZszdkRAzyW
ky5yNKH5SZr/SX2DNxkNnaqEeRFvwbzv9TXlO1HE8zR5LavqL6Cy9F+WDrim64+w
3Dr2qqAmWFen78vIyxWe9EfoZ3EME55UBgbZ1NJJkbFUfaecECsInuXN+TQM/lP9
X0PKOpUtfyHZhpA+ZtQxgU2usw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:38 2023 by rpki-client on console-ams.rpki-client.org