Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/v2U3uFZtj97zFrlSOrk1nROher0.roa
File: v2U3uFZtj97zFrlSOrk1nROher0.roa (raw, json)
Hash identifier: xddvXgYAN++J7Wc3CTqiacf0PNgB0m5kmDXKCDbISHo=
Subject key identifier: BF:65:37:B8:56:6D:8F:DE:F3:16:B9:52:3A:B9:35:9D:13:A1:7A:BD
Certificate issuer: /CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Certificate serial: 01851B64E56AC890F01A01F676B719EF2776
Authority key identifier: CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/v2U3uFZtj97zFrlSOrk1nROher0.roa
Signing time: Fri 16 Dec 2022 14:44:35 +0000
ROA not before: Fri 16 Dec 2022 14:44:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 136923
IP address blocks: 85.133.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1b:64:e5:6a:c8:90:f0:1a:01:f6:76:b7:19:ef:27:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd5e39658a3ef6f13ca21cc11a4e33ebcd946702
Validity
Not Before: Dec 16 14:44:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf6537b8566d8fdef316b9523ab9359d13a17abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:14:8b:b8:ad:55:d1:cf:2f:45:8f:1b:14:27:
81:9e:67:ed:cf:8e:a9:b0:84:8b:b9:04:21:4d:9d:
c4:7f:57:5c:76:9f:07:aa:ae:5e:2e:04:cb:f3:3f:
8a:5d:db:f8:57:ac:85:db:28:29:ea:df:0d:9f:66:
4e:13:5b:2d:50:98:7b:96:f0:34:a8:bb:5e:f8:54:
a5:6d:11:92:64:a8:00:a1:34:e0:25:35:42:4f:43:
43:f7:70:13:76:5a:03:5c:55:f2:b2:3f:3b:85:27:
da:6c:a9:d9:f3:ce:03:32:79:02:e3:61:90:50:e8:
5c:82:ae:51:06:de:5c:dc:47:f4:33:be:72:d3:55:
54:a5:7a:d5:1d:99:94:3a:c9:78:09:00:8f:46:d2:
67:55:57:96:23:49:0a:25:e6:c9:65:1e:2c:1f:7a:
c4:60:12:11:95:4e:95:e6:69:76:cf:c6:7c:df:79:
ab:eb:d0:e1:7e:1b:d7:6a:26:28:96:6f:0f:17:b0:
20:90:9b:b6:d4:f5:4e:b0:f6:0e:c1:ed:f5:34:a2:
e9:d3:69:81:30:97:0f:fb:d3:30:eb:44:5e:b9:0d:
3e:bd:ce:69:31:fa:05:e9:36:c1:65:42:3c:9f:04:
d8:be:e5:b9:e0:99:99:e3:fe:d5:b2:2d:1f:5d:30:
ff:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:65:37:B8:56:6D:8F:DE:F3:16:B9:52:3A:B9:35:9D:13:A1:7A:BD
X509v3 Authority Key Identifier:
keyid:CD:5E:39:65:8A:3E:F6:F1:3C:A2:1C:C1:1A:4E:33:EB:CD:94:67:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zV45ZYo-9vE8ohzBGk4z682UZwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/v2U3uFZtj97zFrlSOrk1nROher0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ef536c-03d3-4ac5-b125-5d1fa66c363b/1/zV45ZYo-9vE8ohzBGk4z682UZwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.133.222.0/24
Signature Algorithm: sha256WithRSAEncryption
96:0f:91:3e:bb:23:2a:b6:69:78:cd:4c:52:20:08:9e:7b:0f:
ee:66:a7:bd:14:6c:85:b8:11:34:0a:bf:d0:c6:9c:a6:88:34:
07:8c:8a:fc:b7:79:44:17:a2:1a:0f:be:25:85:7b:05:7a:89:
e0:8d:ff:05:30:52:45:50:17:17:25:65:25:22:91:43:ac:78:
9f:f8:e7:80:05:60:15:00:de:32:a1:42:ff:92:3b:28:db:3b:
bd:ce:7a:0f:db:1e:8f:5a:a3:88:69:0e:c4:50:49:51:a1:88:
94:be:8f:ef:33:4e:af:1b:6a:4f:f6:ab:14:f6:69:3c:ec:d2:
21:62:b0:30:d2:03:1a:4a:1d:3a:5e:73:39:c2:9c:c4:1c:81:
35:d2:a8:9c:a8:8e:11:88:36:ba:c1:dd:aa:83:d7:0e:b9:ab:
1e:3a:b0:fb:b5:95:23:00:38:6c:4c:e3:e6:79:c6:08:67:c2:
bb:23:f2:51:ae:0e:b5:d8:42:6d:ce:b9:df:65:d2:dd:9b:13:
88:c7:f4:23:a0:c5:76:3d:1c:52:76:7f:91:a8:7f:8f:3d:b4:
69:f5:66:af:1c:19:18:86:df:3e:52:e0:87:af:97:a0:5d:10:
ba:bd:a6:58:1b:a1:f8:6d:8e:c1:f9:49:85:00:5c:e4:0f:6e:
04:fb:32:ab
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUbZOVqyJDwGgH2drcZ7yd2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNWUzOTY1OGEzZWY2ZjEzY2EyMWNjMTFhNGUzM2ViY2Q5
NDY3MDIwHhcNMjIxMjE2MTQ0NDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjY1MzdiODU2NmQ4ZmRlZjMxNmI5NTIzYWI5MzU5ZDEzYTE3YWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBSLuK1V0c8vRY8bFCeBnmftz46p
sISLuQQhTZ3Ef1dcdp8Hqq5eLgTL8z+KXdv4V6yF2ygp6t8Nn2ZOE1stUJh7lvA0
qLte+FSlbRGSZKgAoTTgJTVCT0ND93ATdloDXFXysj87hSfabKnZ884DMnkC42GQ
UOhcgq5RBt5c3Ef0M75y01VUpXrVHZmUOsl4CQCPRtJnVVeWI0kKJebJZR4sH3rE
YBIRlU6V5ml2z8Z833mr69DhfhvXaiYolm8PF7AgkJu21PVOsPYOwe31NKLp02mB
MJcP+9Mw60ReuQ0+vc5pMfoF6TbBZUI8nwTYvuW54JmZ4/7Vsi0fXTD/qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL9lN7hWbY/e8xa5Ujq5NZ0ToXq9MB8GA1UdIwQY
MBaAFM1eOWWKPvbxPKIcwRpOM+vNlGcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUt
NWQxZmE2NmMzNjNiLzEvdjJVM3VGWnRqOTd6RnJsU09yazFuUk9oZXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9lZjUzNmMtMDNkMy00YWM1LWIxMjUtNWQxZmE2NmMzNjNi
LzEvelY0NVpZby05dkU4b2h6QkdrNHo2ODJVWndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYXeMA0G
CSqGSIb3DQEBCwUAA4IBAQCWD5E+uyMqtml4zUxSIAieew/uZqe9FGyFuBE0Cr/Q
xpymiDQHjIr8t3lEF6IaD74lhXsFeongjf8FMFJFUBcXJWUlIpFDrHif+OeABWAV
AN4yoUL/kjso2zu9znoP2x6PWqOIaQ7EUElRoYiUvo/vM06vG2pP9qsU9mk87NIh
YrAw0gMaSh06XnM5wpzEHIE10qicqI4RiDa6wd2qg9cOuaseOrD7tZUjADhsTOPm
ecYIZ8K7I/JRrg612EJtzrnfZdLdmxOIx/QjoMV2PRxSdn+RqH+PPbRp9WavHBkY
ht8+UuCHr5egXRC6vaZYG6H4bY7B+UmFAFzkD24E+zKr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:05 2023 by rpki-client on console-ams.rpki-client.org