Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/aqt6bFBoKokq-UVj6WMnx1RKw-Q.roa
File: aqt6bFBoKokq-UVj6WMnx1RKw-Q.roa (raw, json)
Hash identifier: qudIS8/YPUAcqblKGyyuR7Y3lLNlJ0KIy+IWwywFyFI=
Subject key identifier: 6A:AB:7A:6C:50:68:2A:89:2A:F9:45:63:E9:63:27:C7:54:4A:C3:E4
Certificate issuer: /CN=98e2f4aba0bc9b3e3ab1856497a40071971b704a
Certificate serial: 03935786
Authority key identifier: 98:E2:F4:AB:A0:BC:9B:3E:3A:B1:85:64:97:A4:00:71:97:1B:70:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOL0q6C8mz46sYVkl6QAcZcbcEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/aqt6bFBoKokq-UVj6WMnx1RKw-Q.roa
Signing time: Sat 01 Jan 2022 15:57:45 +0000
ROA not before: Sat 01 Jan 2022 15:57:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8875
IP address blocks: 185.219.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59987846 (0x3935786)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98e2f4aba0bc9b3e3ab1856497a40071971b704a
Validity
Not Before: Jan 1 15:57:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6aab7a6c50682a892af94563e96327c7544ac3e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:00:97:21:ed:10:cf:b4:46:09:5b:a8:14:46:
8c:36:29:92:7f:fd:d4:09:af:53:cf:a1:13:56:50:
e8:56:0a:26:98:8d:3b:62:61:b6:1e:d5:f4:89:50:
44:62:e2:d7:62:59:f9:70:3d:d2:06:cd:d5:e3:b0:
f5:71:a8:5c:49:24:01:f5:35:3c:4e:fc:48:f5:40:
96:7e:8b:7f:06:ae:8c:eb:36:a8:7c:42:e8:e6:75:
07:70:25:6c:7b:74:a3:e1:35:54:53:67:78:55:ff:
d8:49:a8:02:7d:6c:f4:bd:d0:99:bb:8c:d9:51:01:
db:a6:88:f6:33:45:9a:a9:db:3d:04:fd:21:97:94:
c8:f6:51:ad:37:d3:d6:49:54:ea:12:4d:c4:94:15:
87:7a:90:23:8a:b0:fc:81:28:ab:31:91:ca:ca:b1:
f9:bd:57:f4:a5:0a:4b:04:a1:5e:6d:31:15:72:90:
a0:50:41:e9:17:45:13:23:96:66:ef:f5:43:14:26:
59:6b:0e:c6:12:fe:81:27:41:88:11:cd:dc:0c:e7:
46:fa:0b:36:88:91:1a:21:00:f2:8a:84:37:29:5b:
ba:ba:8a:3d:27:40:98:35:cd:56:86:63:4f:5c:fa:
3e:e4:0b:5d:46:1b:9a:bc:7b:22:b9:e4:ba:2d:95:
3c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:AB:7A:6C:50:68:2A:89:2A:F9:45:63:E9:63:27:C7:54:4A:C3:E4
X509v3 Authority Key Identifier:
keyid:98:E2:F4:AB:A0:BC:9B:3E:3A:B1:85:64:97:A4:00:71:97:1B:70:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOL0q6C8mz46sYVkl6QAcZcbcEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/aqt6bFBoKokq-UVj6WMnx1RKw-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/92d564-5d09-428e-af80-8882199bccb4/1/mOL0q6C8mz46sYVkl6QAcZcbcEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.152.0/22
Signature Algorithm: sha256WithRSAEncryption
67:3a:ec:9f:32:4a:d3:3a:42:51:4c:5b:0d:14:75:0c:53:2c:
d1:ed:db:b5:43:c5:7b:8e:f9:76:04:81:b8:3d:29:40:d0:dc:
1d:bf:6f:ba:41:19:ea:b5:0b:52:37:e2:d7:fc:df:c2:61:c9:
34:88:23:f8:7f:3b:e8:70:ca:4a:8c:13:32:29:fd:b5:99:de:
4c:da:78:cd:72:5f:cc:23:fa:44:bb:c2:46:d7:18:ea:6e:f2:
1b:e0:13:63:3a:61:0d:10:6f:9c:b3:b5:a3:3c:0f:0e:49:24:
ae:47:5a:d5:27:bd:a5:b7:4f:e4:91:60:4d:f9:51:da:6f:0f:
dd:36:95:d0:11:f3:c0:68:95:74:fa:ea:f5:91:9a:3c:4f:bc:
ad:a0:2c:8f:e2:9d:71:fe:94:29:f0:a1:5d:7b:05:a2:1b:dd:
b9:5c:22:79:95:93:d2:78:c2:20:d3:1b:00:f8:2c:fc:ea:68:
42:fc:41:c3:5d:b5:6f:58:2c:02:03:8e:07:01:23:56:27:2c:
72:fd:de:e0:a0:c4:20:fa:20:f6:53:ef:d8:3a:b3:81:50:57:
28:8b:6a:42:83:5b:68:eb:05:75:e8:b6:3a:48:2c:97:92:2e:
2e:00:ba:fe:94:22:39:f3:02:6d:1d:db:02:b2:6e:d1:0f:87:
0b:21:58:82
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA5NXhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OGUyZjRhYmEwYmM5YjNlM2FiMTg1NjQ5N2E0MDA3MTk3MWI3MDRhMB4XDTIyMDEw
MTE1NTc0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmFhYjdhNmM1MDY4
MmE4OTJhZjk0NTYzZTk2MzI3Yzc1NDRhYzNlNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJoAlyHtEM+0RglbqBRGjDYpkn/91AmvU8+hE1ZQ6FYKJpiN
O2Jhth7V9IlQRGLi12JZ+XA90gbN1eOw9XGoXEkkAfU1PE78SPVAln6LfwaujOs2
qHxC6OZ1B3AlbHt0o+E1VFNneFX/2EmoAn1s9L3QmbuM2VEB26aI9jNFmqnbPQT9
IZeUyPZRrTfT1klU6hJNxJQVh3qQI4qw/IEoqzGRysqx+b1X9KUKSwShXm0xFXKQ
oFBB6RdFEyOWZu/1QxQmWWsOxhL+gSdBiBHN3AznRvoLNoiRGiEA8oqENylburqK
PSdAmDXNVoZjT1z6PuQLXUYbmrx7Irnkui2VPBkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRqq3psUGgqiSr5RWPpYyfHVErD5DAfBgNVHSMEGDAWgBSY4vSroLybPjqx
hWSXpABxlxtwSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21PTDBxNkM4bXo0NnNZVmtsNlFBY1pjYmNFby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvOTJkNTY0LTVkMDktNDI4ZS1hZjgwLTg4ODIxOTliY2NiNC8x
L2FxdDZiRkJvS29rcS1VVmo2V01ueDFSS3ctUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
OTJkNTY0LTVkMDktNDI4ZS1hZjgwLTg4ODIxOTliY2NiNC8xL21PTDBxNkM4bXo0
NnNZVmtsNlFBY1pjYmNFby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnbmDANBgkqhkiG9w0BAQsFAAOC
AQEAZzrsnzJK0zpCUUxbDRR1DFMs0e3btUPFe475dgSBuD0pQNDcHb9vukEZ6rUL
Ujfi1/zfwmHJNIgj+H876HDKSowTMin9tZneTNp4zXJfzCP6RLvCRtcY6m7yG+AT
YzphDRBvnLO1ozwPDkkkrkda1Se9pbdP5JFgTflR2m8P3TaV0BHzwGiVdPrq9ZGa
PE+8raAsj+Kdcf6UKfChXXsFohvduVwieZWT0njCINMbAPgs/OpoQvxBw121b1gs
AgOOBwEjVicscv3e4KDEIPog9lPv2DqzgVBXKItqQoNbaOsFdei2Okgsl5IuLgC6
/pQiOfMCbR3bArJu0Q+HCyFYgg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:08 2023 by rpki-client on console-fra.rpki-client.org