Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/AJYIRgKLLVC3g7VItMw_ski6lpg.roa
File: AJYIRgKLLVC3g7VItMw_ski6lpg.roa (raw, json)
Hash identifier: nfv7QrnHp77OokoPEz8ZA04fI8fDA8H+mVjcCkm4I40=
Subject key identifier: 00:96:08:46:02:8B:2D:50:B7:83:B5:48:B4:CC:3F:B2:48:BA:96:98
Certificate issuer: /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial: 02E1D273
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/AJYIRgKLLVC3g7VItMw_ski6lpg.roa
Signing time: Sat 01 Jan 2022 10:04:31 +0000
ROA not before: Sat 01 Jan 2022 10:04:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 185.236.24.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48353907 (0x2e1d273)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Validity
Not Before: Jan 1 10:04:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00960846028b2d50b783b548b4cc3fb248ba9698
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1a:39:f9:6a:51:58:dd:1c:19:b9:3c:ac:b2:
ba:c9:dc:7d:36:9a:f9:20:4e:f0:76:be:c8:cc:4f:
ec:11:cc:dc:4f:ea:b2:60:af:ca:6d:e2:0a:9c:75:
0b:87:d7:97:4b:f4:25:f5:67:6c:8e:68:35:bc:5d:
88:63:93:90:bf:ad:92:8e:b7:6b:d1:ad:3a:77:ea:
7c:c3:3f:16:cd:bf:d2:d3:b4:96:5f:d7:40:17:ef:
b5:d2:d6:8f:b0:cf:5e:7e:a0:fa:5c:62:df:e9:71:
9f:5f:81:ac:31:bb:94:5d:69:07:1b:ac:3a:9e:e1:
fc:2e:5d:64:1b:d7:99:5c:38:d5:c5:0f:14:51:b3:
14:77:db:c0:ec:57:9a:22:08:0c:4c:f5:99:11:5d:
9c:1c:1d:f1:35:91:8f:e5:70:55:20:dd:95:8c:39:
90:f0:8b:c1:46:a5:d5:c0:92:cf:e5:50:a7:67:bc:
52:e3:ff:63:e0:7b:5f:fd:de:c9:09:2d:48:10:8f:
40:be:40:71:81:b3:b4:aa:a7:11:b1:f0:28:e7:64:
82:14:6c:3f:ee:ab:ca:c6:a5:2b:f1:92:9f:e1:95:
bb:66:09:e0:9a:7c:a0:3a:14:39:12:96:d2:18:00:
79:6b:5c:db:dc:8f:a8:37:31:78:15:f2:8d:9b:de:
cb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:96:08:46:02:8B:2D:50:B7:83:B5:48:B4:CC:3F:B2:48:BA:96:98
X509v3 Authority Key Identifier:
keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/AJYIRgKLLVC3g7VItMw_ski6lpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.24.0/22
Signature Algorithm: sha256WithRSAEncryption
68:79:36:8b:e4:36:a5:13:38:2c:dc:be:e0:3c:5d:23:dc:c8:
24:9c:f6:89:18:64:17:9c:65:f8:90:d3:87:68:a9:53:ca:07:
ca:ee:1c:b0:92:cb:c6:66:a0:89:04:64:98:1c:36:dd:f4:69:
3d:cd:ca:b0:90:b5:9b:48:31:f7:46:8e:f6:b1:21:c1:ba:40:
64:4d:23:f6:6c:08:1f:8f:11:7c:37:5c:4f:79:c8:0d:db:0b:
8d:d7:9f:b7:e4:4a:02:24:ed:a4:f5:66:c8:d7:21:4a:18:f8:
c6:ca:b5:22:45:e1:80:28:5d:47:89:bc:4d:74:54:45:75:3b:
d3:a1:72:46:f1:3a:80:15:59:cb:22:66:85:1f:71:e3:40:57:
1c:f1:63:4b:7d:c3:4a:d5:69:e9:7f:80:65:0a:e6:cf:66:4e:
ce:61:6f:85:d1:04:ac:18:11:ce:9d:96:11:52:6d:b3:62:69:
76:1f:db:e3:37:88:9f:94:73:42:5f:7f:65:f5:c2:6a:58:6b:
cf:fb:0e:47:07:94:18:31:4e:eb:38:fc:95:97:4c:a5:e9:9d:
53:ad:cc:6d:2e:c8:75:f1:3d:01:3d:06:d6:3b:ea:d0:5a:80:
aa:b1:c8:6f:5e:f0:0a:f5:88:d4:bd:d3:50:2c:6e:d0:8c:1c:
3f:c0:5e:a9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAuHSczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MWVlY2Q3MWMxOTNlNGFjMzBlZDAzZDBiOWYwNWRhMTAxYzYwM2QyMB4XDTIyMDEw
MTEwMDQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDA5NjA4NDYwMjhi
MmQ1MGI3ODNiNTQ4YjRjYzNmYjI0OGJhOTY5ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALsaOflqUVjdHBm5PKyyusncfTaa+SBO8Ha+yMxP7BHM3E/q
smCvym3iCpx1C4fXl0v0JfVnbI5oNbxdiGOTkL+tko63a9GtOnfqfMM/Fs2/0tO0
ll/XQBfvtdLWj7DPXn6g+lxi3+lxn1+BrDG7lF1pBxusOp7h/C5dZBvXmVw41cUP
FFGzFHfbwOxXmiIIDEz1mRFdnBwd8TWRj+VwVSDdlYw5kPCLwUal1cCSz+VQp2e8
UuP/Y+B7X/3eyQktSBCPQL5AcYGztKqnEbHwKOdkghRsP+6rysalK/GSn+GVu2YJ
4Jp8oDoUORKW0hgAeWtc29yPqDcxeBXyjZvey6kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQAlghGAostULeDtUi0zD+ySLqWmDAfBgNVHSMEGDAWgBQR7s1xwZPkrDDt
A9C58F2hAcYD0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VlN05jY0dUNUt3dzdRUFF1ZkJkb1FIR0E5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvNGZkOTVhLTUxNTctNGExYi1iODY4LTEzODk5NWM5OWI5Ny8x
L0FKWUlSZ0tMTFZDM2c3Vkl0TXdfc2tpNmxwZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
NGZkOTVhLTUxNTctNGExYi1iODY4LTEzODk5NWM5OWI5Ny8xL0VlN05jY0dUNUt3
dzdRUFF1ZkJkb1FIR0E5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnsGDANBgkqhkiG9w0BAQsFAAOC
AQEAaHk2i+Q2pRM4LNy+4DxdI9zIJJz2iRhkF5xl+JDTh2ipU8oHyu4csJLLxmag
iQRkmBw23fRpPc3KsJC1m0gx90aO9rEhwbpAZE0j9mwIH48RfDdcT3nIDdsLjdef
t+RKAiTtpPVmyNchShj4xsq1IkXhgChdR4m8TXRURXU706FyRvE6gBVZyyJmhR9x
40BXHPFjS33DStVp6X+AZQrmz2ZOzmFvhdEErBgRzp2WEVJts2Jpdh/b4zeIn5Rz
Ql9/ZfXCalhrz/sORweUGDFO6zj8lZdMpemdU63MbS7IdfE9AT0G1jvq0FqAqrHI
b17wCvWI1L3TUCxu0IwcP8BeqQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:34 2023 by rpki-client on console-fra.rpki-client.org