Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/e3fd0b-9f4a-4452-92af-be151839f366/1/pmM9bS3Fhr8KANpQlzRo4TS7MrE.roa
File: pmM9bS3Fhr8KANpQlzRo4TS7MrE.roa (raw, json)
Hash identifier: NjxYgm87Zu0dfQJrZ4Dn5xQEPZstfllstx0QZqBRsM4=
Subject key identifier: A6:63:3D:6D:2D:C5:86:BF:0A:00:DA:50:97:34:68:E1:34:BB:32:B1
Certificate issuer: /CN=077946f04742c66279acd322009be15e3d588a5a
Certificate serial: 084185B2
Authority key identifier: 07:79:46:F0:47:42:C6:62:79:AC:D3:22:00:9B:E1:5E:3D:58:8A:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B3lG8EdCxmJ5rNMiAJvhXj1Yilo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/e3fd0b-9f4a-4452-92af-be151839f366/1/pmM9bS3Fhr8KANpQlzRo4TS7MrE.roa
Signing time: Sat 01 Jan 2022 04:01:14 +0000
ROA not before: Sat 01 Jan 2022 04:01:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24806
IP address blocks: 85.255.0.0/20 maxlen: 32
185.186.20.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138511794 (0x84185b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=077946f04742c66279acd322009be15e3d588a5a
Validity
Not Before: Jan 1 04:01:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a6633d6d2dc586bf0a00da50973468e134bb32b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7a:43:3f:37:ac:2f:46:51:b6:8b:0a:c1:a9:
9a:54:52:1e:2a:da:0e:5a:2a:e8:b7:0b:15:8a:71:
83:43:e4:89:5f:09:a4:c5:07:4f:30:ae:b5:eb:10:
9f:dc:e6:47:9f:f1:11:1c:df:16:28:b9:86:e7:ce:
fd:33:38:69:d7:cb:53:93:cd:dc:bb:f0:1f:99:fe:
7a:4a:82:5b:9c:4b:2e:40:68:ec:24:a1:9f:67:7e:
1d:3f:d1:38:59:8b:ed:d3:51:86:fe:01:e7:ac:d8:
e7:84:20:4b:98:4f:78:ae:82:50:85:30:97:75:68:
07:c8:c2:16:a6:a6:9a:8d:ab:ff:57:59:ee:44:f4:
bb:5a:2c:d6:af:90:e5:e6:c8:58:a9:47:86:8f:49:
92:b3:57:b5:94:ce:c9:c9:b5:17:ff:29:4f:fa:b8:
df:c9:b3:1a:e0:b1:ad:6b:4c:45:69:f7:80:cf:fc:
d5:89:78:16:16:dd:54:ef:88:bf:4e:4b:7a:cf:ca:
02:ae:02:80:fa:29:b1:73:c4:a5:8b:91:ab:ff:85:
13:09:d1:7b:f4:b5:f8:9e:d6:cb:2f:c2:6a:69:82:
6d:8a:18:e4:06:3e:af:43:5e:d5:19:2c:53:68:b3:
d8:38:f9:e8:a8:95:c0:33:d5:fb:2a:5c:61:3d:3e:
6d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:63:3D:6D:2D:C5:86:BF:0A:00:DA:50:97:34:68:E1:34:BB:32:B1
X509v3 Authority Key Identifier:
keyid:07:79:46:F0:47:42:C6:62:79:AC:D3:22:00:9B:E1:5E:3D:58:8A:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B3lG8EdCxmJ5rNMiAJvhXj1Yilo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/e3fd0b-9f4a-4452-92af-be151839f366/1/pmM9bS3Fhr8KANpQlzRo4TS7MrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/e3fd0b-9f4a-4452-92af-be151839f366/1/B3lG8EdCxmJ5rNMiAJvhXj1Yilo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.0.0/20
185.186.20.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:f6:18:64:d2:9b:d6:f8:63:da:b7:b2:51:6a:50:83:c2:90:
31:e2:aa:cd:97:7e:9c:c7:49:fe:79:70:fa:05:b2:02:12:22:
ad:33:7f:c3:5e:6a:61:d7:f4:94:00:29:3e:b4:e6:dd:18:46:
f9:a0:9b:3b:07:e5:26:47:68:93:c0:79:54:0a:bc:b9:94:60:
82:8c:87:35:84:67:bc:b3:12:ba:20:f7:24:5e:2e:a4:d8:38:
b4:8b:70:fc:73:c8:c7:6d:8b:1e:1a:4d:2a:d9:0f:ef:66:bd:
d3:ca:88:bb:56:f6:cc:6b:56:c1:4f:2f:15:2e:0e:1c:5c:96:
2b:ea:48:c7:5f:db:bb:df:9e:f0:fd:99:9d:e3:f4:3c:6f:df:
ca:ce:41:c2:f0:57:bf:5c:cc:8d:af:8a:fc:74:83:f2:ae:ec:
e3:5d:b1:ed:97:12:73:94:ce:03:7a:a7:6c:ba:34:01:41:d0:
d5:4b:75:84:c6:b5:48:7a:fd:58:56:00:9e:ce:03:3a:fd:ad:
fa:be:b5:82:10:3a:ea:53:c1:09:64:99:ac:1c:bd:8a:5a:d9:
d6:9b:7e:5e:4a:30:ef:af:ac:03:d7:04:cb:12:28:58:fc:4a:
d4:12:a1:98:9c:f9:f9:76:94:fc:b9:cc:9a:9b:7b:bc:63:c2:
d2:d3:e1:5e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECEGFsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
Nzc5NDZmMDQ3NDJjNjYyNzlhY2QzMjIwMDliZTE1ZTNkNTg4YTVhMB4XDTIyMDEw
MTA0MDExNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTY2MzNkNmQyZGM1
ODZiZjBhMDBkYTUwOTczNDY4ZTEzNGJiMzJiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI16Qz83rC9GUbaLCsGpmlRSHiraDloq6LcLFYpxg0PkiV8J
pMUHTzCutesQn9zmR5/xERzfFii5hufO/TM4adfLU5PN3LvwH5n+ekqCW5xLLkBo
7CShn2d+HT/ROFmL7dNRhv4B56zY54QgS5hPeK6CUIUwl3VoB8jCFqammo2r/1dZ
7kT0u1os1q+Q5ebIWKlHho9JkrNXtZTOycm1F/8pT/q438mzGuCxrWtMRWn3gM/8
1Yl4FhbdVO+Iv05Les/KAq4CgPopsXPEpYuRq/+FEwnRe/S1+J7Wyy/CammCbYoY
5AY+r0Ne1RksU2iz2Dj56KiVwDPV+ypcYT0+baECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSmYz1tLcWGvwoA2lCXNGjhNLsysTAfBgNVHSMEGDAWgBQHeUbwR0LGYnms
0yIAm+FePViKWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0IzbEc4RWRDeG1KNXJOTWlBSnZoWGoxWWlsby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvZTNmZDBiLTlmNGEtNDQ1Mi05MmFmLWJlMTUxODM5ZjM2Ni8x
L3BtTTliUzNGaHI4S0FOcFFselJvNFRTN01yRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
ZTNmZDBiLTlmNGEtNDQ1Mi05MmFmLWJlMTUxODM5ZjM2Ni8xL0IzbEc4RWRDeG1K
NXJOTWlBSnZoWGoxWWlsby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBFX/AAMEArm6FDANBgkqhkiG9w0B
AQsFAAOCAQEAOvYYZNKb1vhj2reyUWpQg8KQMeKqzZd+nMdJ/nlw+gWyAhIirTN/
w15qYdf0lAApPrTm3RhG+aCbOwflJkdok8B5VAq8uZRggoyHNYRnvLMSuiD3JF4u
pNg4tItw/HPIx22LHhpNKtkP72a908qIu1b2zGtWwU8vFS4OHFyWK+pIx1/bu9+e
8P2ZneP0PG/fys5BwvBXv1zMja+K/HSD8q7s412x7ZcSc5TOA3qnbLo0AUHQ1Ut1
hMa1SHr9WFYAns4DOv2t+r61ghA66lPBCWSZrBy9ilrZ1pt+Xkow76+sA9cEyxIo
WPxK1BKhmJz5+XaU/LnMmpt7vGPC0tPhXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:44 2024 by rpki-client on console-ams.rpki-client.org