Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/MoATW0r0wIyaya_5sh2uZM-qWzU.roa
File: MoATW0r0wIyaya_5sh2uZM-qWzU.roa (raw, json)
Hash identifier: 3o6xZjL8B70QehpZ5t4CkqqgaX+Flb+4M9vmIK8gD/g=
Subject key identifier: 32:80:13:5B:4A:F4:C0:8C:9A:C9:AF:F9:B2:1D:AE:64:CF:AA:5B:35
Certificate issuer: /CN=d0885b41ca81f93f583c1eca722b50558280c59a
Certificate serial: 0D84DA19
Authority key identifier: D0:88:5B:41:CA:81:F9:3F:58:3C:1E:CA:72:2B:50:55:82:80:C5:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0IhbQcqB-T9YPB7KcitQVYKAxZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/MoATW0r0wIyaya_5sh2uZM-qWzU.roa
Signing time: Sat 01 Jan 2022 16:06:36 +0000
ROA not before: Sat 01 Jan 2022 16:06:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24904
IP address blocks: 185.219.204.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226810393 (0xd84da19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0885b41ca81f93f583c1eca722b50558280c59a
Validity
Not Before: Jan 1 16:06:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3280135b4af4c08c9ac9aff9b21dae64cfaa5b35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ef:de:d4:a2:57:c7:9a:80:6e:92:25:5b:ac:
a1:14:97:ea:db:06:cf:f1:54:70:58:ef:0a:95:2d:
ac:ac:98:0f:5f:b3:e8:52:35:7f:0a:72:4e:11:53:
8e:c1:dd:9b:b3:03:7d:ba:2a:e9:2a:2d:dc:95:a2:
5d:24:46:06:cd:81:13:f9:d2:5f:98:4f:ef:c8:56:
cc:d7:65:68:2d:4f:b6:70:80:ec:c8:bb:39:22:4e:
78:87:d8:ec:c5:8c:6d:9c:6c:c0:32:b0:af:72:56:
00:51:04:33:f8:be:e2:d8:c8:27:0e:76:af:3a:d9:
cb:a0:c6:f1:bb:dd:c6:61:e7:41:65:0a:80:5b:52:
28:d2:1a:5b:c5:93:1a:db:41:23:dc:31:a5:79:ce:
8f:9e:dd:eb:99:a3:16:4a:68:40:4a:77:0a:b8:80:
04:ed:bb:7b:6f:e7:e5:07:68:5a:2e:a0:36:d9:9a:
96:53:bd:5b:ec:b2:a6:b2:bb:3a:5c:e9:88:31:9b:
ee:58:b9:94:c3:5f:ef:16:8b:8b:93:c9:e2:c4:f7:
7c:68:bd:4b:b6:84:b4:f3:ae:be:ad:f8:73:27:a7:
7d:c9:d6:d3:e9:26:25:17:24:4c:87:e8:89:47:f0:
85:87:c2:50:a7:d0:86:fc:e2:66:5e:19:3e:f0:ee:
0f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:80:13:5B:4A:F4:C0:8C:9A:C9:AF:F9:B2:1D:AE:64:CF:AA:5B:35
X509v3 Authority Key Identifier:
keyid:D0:88:5B:41:CA:81:F9:3F:58:3C:1E:CA:72:2B:50:55:82:80:C5:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0IhbQcqB-T9YPB7KcitQVYKAxZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/MoATW0r0wIyaya_5sh2uZM-qWzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/4916b7-000e-489d-9783-f2569ea4cd74/1/0IhbQcqB-T9YPB7KcitQVYKAxZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.204.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:ce:65:d2:76:ac:df:e5:ea:dc:b7:32:74:05:6b:ca:3f:52:
9e:d3:94:9b:ab:9b:0a:01:8e:50:80:69:8f:86:6a:30:35:f1:
2f:a7:7e:ef:70:1b:eb:de:29:fe:81:24:31:e3:9b:24:91:00:
74:ac:2f:93:23:d2:20:0d:31:b6:d9:e2:c5:b7:e0:ec:64:09:
22:f4:2c:fa:fc:9c:ea:ba:ec:ea:ab:88:b4:21:0a:3c:59:2a:
d4:51:4d:32:e6:54:40:c4:77:56:3e:bf:04:c0:d2:52:06:a0:
d3:ec:80:e5:38:c9:03:fd:a1:19:64:92:c5:0f:10:d7:4d:53:
03:e7:75:e2:83:ed:97:78:fb:c4:09:06:ed:ed:9e:a7:36:ff:
76:6b:a6:04:70:40:dd:8b:a6:58:20:06:53:99:c9:5a:5c:e0:
f7:fd:f0:5f:e8:2f:76:93:27:24:87:73:df:f3:32:a1:23:bd:
a7:3e:ac:0c:af:c4:aa:dc:cf:fb:28:ae:be:3f:33:8d:c3:d7:
d0:3c:1d:4c:a9:33:1e:42:cf:e4:0a:04:a9:52:43:9d:1a:ad:
b1:1a:62:50:d3:eb:05:95:7d:57:7a:e7:03:cd:02:b3:46:58:
ea:bf:b6:20:de:1d:40:eb:2c:57:9f:b5:19:df:e9:25:cf:17:
d7:bb:5c:7d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDYTaGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDg4NWI0MWNhODFmOTNmNTgzYzFlY2E3MjJiNTA1NTgyODBjNTlhMB4XDTIyMDEw
MTE2MDYzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzI4MDEzNWI0YWY0
YzA4YzlhYzlhZmY5YjIxZGFlNjRjZmFhNWIzNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXv3tSiV8eagG6SJVusoRSX6tsGz/FUcFjvCpUtrKyYD1+z
6FI1fwpyThFTjsHdm7MDfboq6Sot3JWiXSRGBs2BE/nSX5hP78hWzNdlaC1PtnCA
7Mi7OSJOeIfY7MWMbZxswDKwr3JWAFEEM/i+4tjIJw52rzrZy6DG8bvdxmHnQWUK
gFtSKNIaW8WTGttBI9wxpXnOj57d65mjFkpoQEp3CriABO27e2/n5QdoWi6gNtma
llO9W+yyprK7OlzpiDGb7li5lMNf7xaLi5PJ4sT3fGi9S7aEtPOuvq34cyenfcnW
0+kmJRckTIfoiUfwhYfCUKfQhvziZl4ZPvDuD20CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQygBNbSvTAjJrJr/myHa5kz6pbNTAfBgNVHSMEGDAWgBTQiFtByoH5P1g8
HspyK1BVgoDFmjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBJaGJRY3FCLVQ5WVBCN0tjaXRRVllLQXhaby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjQvNDkxNmI3LTAwMGUtNDg5ZC05NzgzLWYyNTY5ZWE0Y2Q3NC8x
L01vQVRXMHIwd0l5YXlhXzVzaDJ1Wk0tcVd6VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQv
NDkxNmI3LTAwMGUtNDg5ZC05NzgzLWYyNTY5ZWE0Y2Q3NC8xLzBJaGJRY3FCLVQ5
WVBCN0tjaXRRVllLQXhaby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnbzDANBgkqhkiG9w0BAQsFAAOC
AQEADs5l0nas3+Xq3LcydAVryj9SntOUm6ubCgGOUIBpj4ZqMDXxL6d+73Ab694p
/oEkMeObJJEAdKwvkyPSIA0xttnixbfg7GQJIvQs+vyc6rrs6quItCEKPFkq1FFN
MuZUQMR3Vj6/BMDSUgag0+yA5TjJA/2hGWSSxQ8Q101TA+d14oPtl3j7xAkG7e2e
pzb/dmumBHBA3YumWCAGU5nJWlzg9/3wX+gvdpMnJIdz3/MyoSO9pz6sDK/EqtzP
+yiuvj8zjcPX0DwdTKkzHkLP5AoEqVJDnRqtsRpiUNPrBZV9V3rnA80Cs0ZY6r+2
IN4dQOssV5+1Gd/pJc8X17tcfQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:20 2023 by rpki-client on console-ams.rpki-client.org