Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/tZyU3P2XvYpcvRCtN0-peeP_dfo.roa
File: tZyU3P2XvYpcvRCtN0-peeP_dfo.roa (raw, json)
Hash identifier: wTPlK9uUOjcQzW+h0NvOkZI3putr1n8pQ8X9p54qTEk=
Subject key identifier: B5:9C:94:DC:FD:97:BD:8A:5C:BD:10:AD:37:4F:A9:79:E3:FF:75:FA
Certificate issuer: /CN=9256ebf66b80f08135858d144ced6f785834f5f4
Certificate serial: 110F7624
Authority key identifier: 92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/tZyU3P2XvYpcvRCtN0-peeP_dfo.roa
Signing time: Sat 01 Jan 2022 09:01:18 +0000
ROA not before: Sat 01 Jan 2022 09:01:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35421
IP address blocks: 185.168.160.0/22 maxlen: 24
185.168.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286225956 (0x110f7624)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9256ebf66b80f08135858d144ced6f785834f5f4
Validity
Not Before: Jan 1 09:01:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b59c94dcfd97bd8a5cbd10ad374fa979e3ff75fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:41:c5:08:9c:ff:d3:82:6c:91:9a:f0:29:07:
28:a9:89:a8:3e:ff:20:ca:00:5b:99:7a:f0:1a:1a:
28:3d:ba:43:e0:e9:4c:b3:84:bc:2b:96:6b:1c:8c:
46:86:52:ef:77:c8:c3:88:bb:92:a7:8f:cc:e5:0a:
ee:60:17:5e:60:77:d1:af:f6:9e:9d:fd:92:5f:86:
d8:dd:f2:49:e6:72:b2:14:49:6b:47:43:5c:e7:9b:
f6:60:1e:32:48:d1:4b:a0:77:cd:6b:75:36:17:7f:
57:f0:d6:0d:0b:57:65:75:62:bb:7d:a3:00:8c:b5:
79:03:6e:f5:80:5e:2a:44:de:70:27:71:4d:ec:f3:
5a:b6:ca:01:04:39:31:39:c1:1d:af:88:c3:9d:ed:
72:18:ef:91:98:7c:16:20:fd:62:30:39:e9:dd:84:
d2:36:68:7f:d9:a2:59:c5:d9:a9:af:54:c6:c1:61:
dc:e6:80:46:86:c8:b4:a6:a3:cd:29:cf:06:45:bd:
f1:04:c5:79:5b:b1:97:bc:6e:6a:a1:d2:b2:2f:2b:
e9:df:0e:1e:22:04:1c:ab:20:ce:36:4f:7d:93:78:
7f:3a:8e:d6:07:88:aa:3f:a0:40:31:9c:a5:d8:31:
a8:25:e3:1b:8e:5d:c1:b4:0a:eb:44:42:5f:96:30:
5e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:9C:94:DC:FD:97:BD:8A:5C:BD:10:AD:37:4F:A9:79:E3:FF:75:FA
X509v3 Authority Key Identifier:
keyid:92:56:EB:F6:6B:80:F0:81:35:85:8D:14:4C:ED:6F:78:58:34:F5:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klbr9muA8IE1hY0UTO1veFg09fQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/tZyU3P2XvYpcvRCtN0-peeP_dfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/b717c5-a64b-4475-be3e-5da8d677d847/1/klbr9muA8IE1hY0UTO1veFg09fQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.168.160.0/22
Signature Algorithm: sha256WithRSAEncryption
57:04:7a:74:fd:9a:ac:8f:bb:d2:5d:d7:47:49:76:cf:3d:97:
56:02:6d:e9:f4:47:a3:93:1a:bc:18:e9:2a:03:bf:c5:fa:4a:
a7:12:5c:df:b7:90:30:66:60:fb:b2:b9:32:e5:91:89:2b:15:
e1:55:6a:dd:4f:71:37:f7:6f:6a:11:6e:f5:f5:80:d8:5f:dd:
6d:21:29:b1:2d:9b:73:44:a6:a5:ab:db:14:60:74:ab:4a:d7:
ac:7f:a3:12:a2:ac:46:fd:4d:c3:4c:77:9f:d8:58:07:68:86:
6c:00:28:a8:06:0b:7a:75:b9:bc:ed:f2:72:6a:d2:e9:fe:29:
dc:51:e1:97:e3:88:33:a0:55:52:49:de:dd:7e:f3:2b:f5:4f:
4f:dc:89:83:9d:3f:1b:10:ca:24:4a:a5:cf:02:c0:8b:8f:5e:
06:74:e0:2a:63:c4:46:fe:14:3b:f7:02:c5:5c:5e:5b:24:d3:
ef:39:9b:21:8d:8c:4b:cb:c6:da:ff:29:d6:ff:e0:c4:a8:6c:
c4:3b:60:3a:af:2c:4c:7b:2a:14:b9:3b:5e:69:07:16:ba:1d:
31:03:ec:61:1c:24:c7:ca:b2:e7:a9:a2:32:6d:16:59:78:35:
26:d8:1c:55:bb:f3:e7:9d:6a:85:bc:45:e6:0a:8b:2c:8e:11:
29:f0:72:a4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEQ92JDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjU2ZWJmNjZiODBmMDgxMzU4NThkMTQ0Y2VkNmY3ODU4MzRmNWY0MB4XDTIyMDEw
MTA5MDExOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU5Yzk0ZGNmZDk3
YmQ4YTVjYmQxMGFkMzc0ZmE5NzllM2ZmNzVmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZBxQic/9OCbJGa8CkHKKmJqD7/IMoAW5l68BoaKD26Q+Dp
TLOEvCuWaxyMRoZS73fIw4i7kqePzOUK7mAXXmB30a/2np39kl+G2N3ySeZyshRJ
a0dDXOeb9mAeMkjRS6B3zWt1Nhd/V/DWDQtXZXViu32jAIy1eQNu9YBeKkTecCdx
TezzWrbKAQQ5MTnBHa+Iw53tchjvkZh8FiD9YjA56d2E0jZof9miWcXZqa9UxsFh
3OaARobItKajzSnPBkW98QTFeVuxl7xuaqHSsi8r6d8OHiIEHKsgzjZPfZN4fzqO
1geIqj+gQDGcpdgxqCXjG45dwbQK60RCX5YwXskCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS1nJTc/Ze9ily9EK03T6l54/91+jAfBgNVHSMEGDAWgBSSVuv2a4DwgTWF
jRRM7W94WDT19DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tsYnI5bXVBOElFMWhZMFVUTzF2ZUZnMDlmUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvYjcxN2M1LWE2NGItNDQ3NS1iZTNlLTVkYThkNjc3ZDg0Ny8x
L3RaeVUzUDJYdllwY3ZSQ3ROMC1wZWVQX2Rmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
YjcxN2M1LWE2NGItNDQ3NS1iZTNlLTVkYThkNjc3ZDg0Ny8xL2tsYnI5bXVBOElF
MWhZMFVUTzF2ZUZnMDlmUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmooDANBgkqhkiG9w0BAQsFAAOC
AQEAVwR6dP2arI+70l3XR0l2zz2XVgJt6fRHo5MavBjpKgO/xfpKpxJc37eQMGZg
+7K5MuWRiSsV4VVq3U9xN/dvahFu9fWA2F/dbSEpsS2bc0SmpavbFGB0q0rXrH+j
EqKsRv1Nw0x3n9hYB2iGbAAoqAYLenW5vO3ycmrS6f4p3FHhl+OIM6BVUkne3X7z
K/VPT9yJg50/GxDKJEqlzwLAi49eBnTgKmPERv4UO/cCxVxeWyTT7zmbIY2MS8vG
2v8p1v/gxKhsxDtgOq8sTHsqFLk7XmkHFrodMQPsYRwkx8qy56miMm0WWXg1Jtgc
Vbvz551qhbxF5gqLLI4RKfBypA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:12 2023 by rpki-client on console-ams.rpki-client.org