Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/trBXwNQIG8sAxhGaF-tRFBp4-qM.roa
File: trBXwNQIG8sAxhGaF-tRFBp4-qM.roa (raw, json)
Hash identifier: lM8Cg41YnDyEdwVUxPXvgURnxwfSv1DWEM2t3VaQ20g=
Subject key identifier: B6:B0:57:C0:D4:08:1B:CB:00:C6:11:9A:17:EB:51:14:1A:78:FA:A3
Certificate issuer: /CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Certificate serial: 1991CDDD
Authority key identifier: 3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/trBXwNQIG8sAxhGaF-tRFBp4-qM.roa
Signing time: Sat 01 Jan 2022 10:54:54 +0000
ROA not before: Sat 01 Jan 2022 10:54:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 185.150.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 428985821 (0x1991cddd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c568c59d7a83199c3a79ea0e8375b946ed884e2
Validity
Not Before: Jan 1 10:54:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b6b057c0d4081bcb00c6119a17eb51141a78faa3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a2:ba:b7:dc:67:7d:94:9c:7c:69:4a:6f:20:
3d:e1:90:6f:53:d2:e1:9d:15:d0:1b:e3:96:b4:20:
77:31:81:90:fd:4c:69:0b:7b:d0:10:7b:cd:63:a6:
d4:44:ed:5d:46:8e:77:e2:2b:6f:69:1d:ae:a9:76:
52:14:8b:2e:03:ce:a9:5c:0f:5d:af:fe:33:7c:10:
08:1c:06:0d:2d:30:05:28:9c:f1:24:48:85:c4:97:
b3:33:02:ba:91:f1:22:43:16:8e:fc:27:19:c2:9c:
7c:95:08:f9:f0:18:21:2d:9a:ec:3d:8e:db:ea:d4:
44:6e:ee:63:5a:da:6f:98:60:03:e2:f4:b5:4a:3d:
fa:9b:0e:0f:59:da:20:71:57:4e:b5:16:65:06:95:
83:d2:67:36:dc:e9:a4:96:73:c1:57:a4:92:eb:24:
fb:46:29:55:f7:87:93:c4:82:fb:42:9c:9c:22:b8:
21:db:80:c7:9e:8f:10:f7:bc:2a:6d:a9:cf:32:dd:
18:78:0c:45:50:6d:0b:5c:5c:b7:f0:73:c3:67:e5:
a1:25:0a:e9:21:54:62:bd:9c:19:aa:1c:d1:1a:fa:
3e:9c:bd:44:8d:9b:e6:19:d9:50:ad:31:a4:3a:b0:
17:72:39:5d:8d:ca:b6:87:c7:3d:ba:bd:7c:cc:fa:
47:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B0:57:C0:D4:08:1B:CB:00:C6:11:9A:17:EB:51:14:1A:78:FA:A3
X509v3 Authority Key Identifier:
keyid:3C:56:8C:59:D7:A8:31:99:C3:A7:9E:A0:E8:37:5B:94:6E:D8:84:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PFaMWdeoMZnDp56g6DdblG7YhOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/trBXwNQIG8sAxhGaF-tRFBp4-qM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/6f36c2-d05c-4425-a9e4-5e37e7f3f15d/1/PFaMWdeoMZnDp56g6DdblG7YhOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.172.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:c0:fe:aa:16:63:ef:a1:41:b4:5f:47:d3:ce:a5:3c:21:a9:
ea:3e:8b:2e:50:75:2a:d9:70:87:44:cf:19:5d:f0:30:20:d3:
c3:61:59:5f:bd:37:60:d0:14:3d:a4:90:e5:59:62:97:ec:20:
22:26:7c:7e:48:46:f8:a8:4a:68:90:7b:c6:06:6f:a3:6f:06:
21:48:b7:d4:40:9c:ff:e4:9a:dc:9c:97:c4:18:4f:1d:22:5d:
fb:02:26:86:5d:e1:a2:9f:95:64:b0:4c:f8:3d:9c:2e:3b:85:
29:3a:06:77:d4:92:ff:9c:bb:40:49:64:23:cb:6f:f6:71:ba:
67:2c:94:38:d5:05:fd:8a:05:aa:b5:c4:41:01:53:85:a5:39:
e0:88:73:2b:83:5c:a6:d3:63:09:6e:00:96:c0:cc:7e:80:16:
19:74:95:da:eb:f5:72:0c:59:a2:4d:4a:a6:a4:43:73:ff:0f:
f1:11:2a:3a:dc:7f:42:32:24:8a:5c:8b:05:2e:56:a3:0e:ba:
20:da:da:cc:2c:e1:58:0e:84:64:55:ff:fe:45:21:3c:42:33:
b6:8e:09:0d:d2:23:79:39:fb:30:a5:e1:e9:87:4e:be:e5:7c:
91:a8:9e:52:f8:b1:63:60:5f:e0:ec:bc:4a:09:10:8b:1d:bc:
ec:98:86:fa
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGZHN3TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YzU2OGM1OWQ3YTgzMTk5YzNhNzllYTBlODM3NWI5NDZlZDg4NGUyMB4XDTIyMDEw
MTEwNTQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZiMDU3YzBkNDA4
MWJjYjAwYzYxMTlhMTdlYjUxMTQxYTc4ZmFhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiiurfcZ32UnHxpSm8gPeGQb1PS4Z0V0BvjlrQgdzGBkP1M
aQt70BB7zWOm1ETtXUaOd+Irb2kdrql2UhSLLgPOqVwPXa/+M3wQCBwGDS0wBSic
8SRIhcSXszMCupHxIkMWjvwnGcKcfJUI+fAYIS2a7D2O2+rURG7uY1rab5hgA+L0
tUo9+psOD1naIHFXTrUWZQaVg9JnNtzppJZzwVekkusk+0YpVfeHk8SC+0KcnCK4
IduAx56PEPe8Km2pzzLdGHgMRVBtC1xct/Bzw2floSUK6SFUYr2cGaoc0Rr6Ppy9
RI2b5hnZUK0xpDqwF3I5XY3KtofHPbq9fMz6RzUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS2sFfA1AgbywDGEZoX61EUGnj6ozAfBgNVHSMEGDAWgBQ8VoxZ16gxmcOn
nqDoN1uUbtiE4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BGYU1XZGVvTVpuRHA1Nmc2RGRibEc3WWhPSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvNmYzNmMyLWQwNWMtNDQyNS1hOWU0LTVlMzdlN2YzZjE1ZC8x
L3RyQlh3TlFJRzhzQXhoR2FGLXRSRkJwNC1xTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
NmYzNmMyLWQwNWMtNDQyNS1hOWU0LTVlMzdlN2YzZjE1ZC8xL1BGYU1XZGVvTVpu
RHA1Nmc2RGRibEc3WWhPSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmWrDANBgkqhkiG9w0BAQsFAAOC
AQEApMD+qhZj76FBtF9H086lPCGp6j6LLlB1Ktlwh0TPGV3wMCDTw2FZX703YNAU
PaSQ5Vlil+wgIiZ8fkhG+KhKaJB7xgZvo28GIUi31ECc/+Sa3JyXxBhPHSJd+wIm
hl3hop+VZLBM+D2cLjuFKToGd9SS/5y7QElkI8tv9nG6ZyyUONUF/YoFqrXEQQFT
haU54IhzK4NcptNjCW4AlsDMfoAWGXSV2uv1cgxZok1KpqRDc/8P8REqOtx/QjIk
ilyLBS5Wow66INrazCzhWA6EZFX//kUhPEIzto4JDdIjeTn7MKXh6YdOvuV8kaie
UvixY2Bf4Oy8SgkQix287JiG+g==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:19 2023 by rpki-client on console-fra.rpki-client.org