Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/cmRPFh7Y5opmJCmbDTcN-pTSD9U.roa
File: cmRPFh7Y5opmJCmbDTcN-pTSD9U.roa (raw, json)
Hash identifier: rz2caVB63OWzkOMsqjqnad7TTFwYpPKMACe6FAxp3mM=
Subject key identifier: 72:64:4F:16:1E:D8:E6:8A:66:24:29:9B:0D:37:0D:FA:94:D2:0F:D5
Certificate issuer: /CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Certificate serial: 01843DB1C107F6AD469A703996C4851F5C84
Authority key identifier: E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/cmRPFh7Y5opmJCmbDTcN-pTSD9U.roa
Signing time: Thu 03 Nov 2022 13:32:50 +0000
ROA not before: Thu 03 Nov 2022 13:32:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211415
IP address blocks: 185.234.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:b1:c1:07:f6:ad:46:9a:70:39:96:c4:85:1f:5c:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Validity
Not Before: Nov 3 13:32:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72644f161ed8e68a6624299b0d370dfa94d20fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:aa:0d:cd:33:59:45:58:78:1c:b7:93:09:c0:
60:92:23:5a:8c:5a:e9:14:4f:cc:48:45:ab:73:da:
4e:1d:a5:ea:b5:5e:56:1f:e6:87:1c:13:59:45:64:
c9:27:95:82:a1:3b:f3:3a:07:92:1b:18:6c:3d:fe:
91:c2:2e:40:88:21:fb:d3:73:39:f8:cd:34:f2:4f:
54:7c:76:84:0c:82:80:05:a6:8f:dc:62:fc:94:ee:
4d:c7:ac:97:62:3e:f8:92:30:27:09:64:dc:1a:51:
66:3e:be:d6:89:9e:27:e9:6b:ef:8b:54:bf:9f:7a:
dd:00:c1:88:74:71:ec:fe:ac:75:47:46:69:0e:04:
9a:ab:f2:e5:89:5d:b2:45:aa:ab:a8:c9:b1:c8:24:
77:a3:00:94:52:1a:e9:a4:5b:38:5a:06:be:c1:92:
2b:76:29:70:dc:2d:47:15:5d:77:9a:05:04:e3:b9:
5f:c6:b7:ce:10:d8:b7:7c:93:0b:d1:e0:dc:70:04:
12:af:7f:c2:19:3f:59:06:aa:83:62:90:43:a1:84:
e5:20:8c:ee:f3:95:04:1b:f0:89:7f:09:cd:95:57:
51:45:af:52:18:ea:26:d1:b4:b5:d2:24:b3:d0:25:
07:11:7b:df:f9:09:69:0e:66:27:27:53:90:58:90:
60:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:64:4F:16:1E:D8:E6:8A:66:24:29:9B:0D:37:0D:FA:94:D2:0F:D5
X509v3 Authority Key Identifier:
keyid:E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/cmRPFh7Y5opmJCmbDTcN-pTSD9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/48fBn42bUOpgzOdJivD9jDkIEZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.219.0/24
Signature Algorithm: sha256WithRSAEncryption
65:34:a7:da:86:a7:d8:41:22:82:05:3b:ce:df:75:bc:3a:a8:
5a:5b:c5:38:ef:a9:bc:58:a8:93:3b:13:d6:11:2f:69:46:a6:
83:6f:0f:df:ef:29:b0:e5:92:9b:ca:57:e5:6c:c7:75:f3:16:
bf:e4:5c:3a:21:bb:01:1b:da:d0:a1:b2:55:32:50:ce:1c:2e:
e8:3b:e6:ff:49:7f:a0:ce:3c:3d:8c:d7:97:5e:fb:8a:d2:8b:
fa:7e:1d:b2:1a:90:87:3a:da:a8:27:44:9b:e4:91:8d:1d:76:
05:ac:dc:6f:6d:87:d4:b6:27:d6:0c:7b:dc:a3:3b:f5:42:99:
e3:ef:83:02:04:c7:9e:39:84:41:cd:b7:36:78:01:3e:af:35:
86:9b:42:d9:5f:f2:bf:b4:f6:5e:f4:4a:7c:7b:aa:62:14:e1:
b9:72:4b:f0:55:96:e1:1c:d2:8e:53:30:9b:a3:2e:80:9f:67:
37:0f:22:7b:7e:fe:b3:cc:1b:02:4e:ab:f2:ce:35:7d:50:ba:
58:86:c2:99:c8:42:ae:ed:fa:3b:99:69:10:69:f9:1f:4a:ea:
d4:0c:d6:22:2b:27:04:0e:c2:a1:6d:74:f6:06:08:60:9f:92:
76:c9:af:98:c6:df:9f:1d:67:e7:88:e3:de:c3:52:08:50:f1:
b5:72:d8:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ9scEH9q1GmnA5lsSFH1yEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYzdjMTlmOGQ5YjUwZWE2MGNjZTc0OThhZjBmZDhjMzkw
ODExOWUwHhcNMjIxMTAzMTMzMjUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjY0NGYxNjFlZDhlNjhhNjYyNDI5OWIwZDM3MGRmYTk0ZDIwZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjaoNzTNZRVh4HLeTCcBgkiNajFrp
FE/MSEWrc9pOHaXqtV5WH+aHHBNZRWTJJ5WCoTvzOgeSGxhsPf6Rwi5AiCH703M5
+M008k9UfHaEDIKABaaP3GL8lO5Nx6yXYj74kjAnCWTcGlFmPr7WiZ4n6Wvvi1S/
n3rdAMGIdHHs/qx1R0ZpDgSaq/LliV2yRaqrqMmxyCR3owCUUhrppFs4Wga+wZIr
dilw3C1HFV13mgUE47lfxrfOENi3fJML0eDccAQSr3/CGT9ZBqqDYpBDoYTlIIzu
85UEG/CJfwnNlVdRRa9SGOom0bS10iSz0CUHEXvf+QlpDmYnJ1OQWJBgcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJkTxYe2OaKZiQpmw03DfqU0g/VMB8GA1UdIwQY
MBaAFOPHwZ+Nm1DqYMznSYrw/Yw5CBGeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDhmQm40MmJVT3Bnek9kSml2RDlqRGtJRVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8yMzkyOWEtYjI0Ny00ZjNiLTljZDEt
OGIxZjViZWNkZGEyLzEvY21SUEZoN1k1b3BtSkNtYkRUY04tcFRTRDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8yMzkyOWEtYjI0Ny00ZjNiLTljZDEtOGIxZjViZWNkZGEy
LzEvNDhmQm40MmJVT3Bnek9kSml2RDlqRGtJRVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuerbMA0G
CSqGSIb3DQEBCwUAA4IBAQBlNKfahqfYQSKCBTvO33W8OqhaW8U476m8WKiTOxPW
ES9pRqaDbw/f7ymw5ZKbylflbMd18xa/5Fw6IbsBG9rQobJVMlDOHC7oO+b/SX+g
zjw9jNeXXvuK0ov6fh2yGpCHOtqoJ0Sb5JGNHXYFrNxvbYfUtifWDHvcozv1Qpnj
74MCBMeeOYRBzbc2eAE+rzWGm0LZX/K/tPZe9Ep8e6piFOG5ckvwVZbhHNKOUzCb
oy6An2c3DyJ7fv6zzBsCTqvyzjV9ULpYhsKZyEKu7fo7mWkQafkfSurUDNYiKycE
DsKhbXT2Bghgn5J2ya+Yxt+fHWfniOPew1IIUPG1ctim
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:33 2023 by rpki-client on console-ams.rpki-client.org