Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/mU2A7W50dxBjM5dO0_suq3WADt8.roa
File: mU2A7W50dxBjM5dO0_suq3WADt8.roa (raw, json)
Hash identifier: O7qxecVRvRN2FiiF3IAeUwwVG4K22DtrK9fPMfURl8Y=
Subject key identifier: 99:4D:80:ED:6E:74:77:10:63:33:97:4E:D3:FB:2E:AB:75:80:0E:DF
Certificate issuer: /CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Certificate serial: 0184133B6CF523B04D33CB3FB516679C5136
Authority key identifier: E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/mU2A7W50dxBjM5dO0_suq3WADt8.roa
Signing time: Wed 26 Oct 2022 07:39:32 +0000
ROA not before: Wed 26 Oct 2022 07:39:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 185.234.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:3b:6c:f5:23:b0:4d:33:cb:3f:b5:16:67:9c:51:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3c7c19f8d9b50ea60cce7498af0fd8c3908119e
Validity
Not Before: Oct 26 07:39:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=994d80ed6e7477106333974ed3fb2eab75800edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:5e:fd:ed:7a:51:8e:74:c8:72:7d:97:63:20:
20:f6:0b:28:33:bb:e6:61:39:79:05:b9:4b:da:a8:
89:65:6b:ff:78:8d:b3:0c:96:38:02:ff:7e:80:ac:
ab:49:67:d0:1c:80:25:1d:29:46:d1:61:9c:6b:70:
6c:ea:b4:a5:00:11:04:ce:84:2c:08:0a:7a:60:7c:
19:3f:2a:05:9b:3a:57:7e:c0:5b:a3:23:8c:50:17:
39:15:f0:7c:70:10:4c:73:cb:9e:b9:e9:63:1a:f2:
52:2f:e5:d1:8a:67:5d:36:5e:f8:55:78:b0:7c:c9:
15:e2:9d:5e:0d:64:fa:56:03:22:9d:eb:db:fd:22:
12:a4:55:f4:0b:be:fb:41:ca:7e:07:82:8a:d0:fb:
69:9c:ee:e6:78:b1:16:ef:79:93:d8:c4:9d:6f:f5:
46:1f:52:c4:ba:d9:d6:67:52:70:1c:c6:86:3d:fe:
61:16:dc:0b:de:86:01:79:f7:ec:ce:91:e9:5c:c0:
34:50:66:5e:94:0c:5c:fe:ee:8a:2a:e7:cd:4f:8b:
10:2e:99:f4:27:02:43:6a:cb:98:19:24:75:cf:27:
64:da:ac:7a:52:f5:a1:75:f4:81:68:19:b0:5a:bd:
f3:81:1e:6a:54:d5:18:65:92:40:13:1a:d3:3f:89:
24:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:4D:80:ED:6E:74:77:10:63:33:97:4E:D3:FB:2E:AB:75:80:0E:DF
X509v3 Authority Key Identifier:
keyid:E3:C7:C1:9F:8D:9B:50:EA:60:CC:E7:49:8A:F0:FD:8C:39:08:11:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/48fBn42bUOpgzOdJivD9jDkIEZ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/mU2A7W50dxBjM5dO0_suq3WADt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/23929a-b247-4f3b-9cd1-8b1f5becdda2/1/48fBn42bUOpgzOdJivD9jDkIEZ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.234.219.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:a3:ab:e4:60:29:7b:01:e5:e8:a8:88:3f:5c:0c:02:d3:ad:
ac:57:31:d3:3a:fb:2f:36:fb:f1:09:18:09:b4:7b:1f:f3:9a:
11:82:b1:da:65:16:01:88:59:10:01:13:0d:03:9a:5e:5f:af:
3e:08:6d:e3:8c:1a:c8:43:2e:08:81:e0:e2:71:c3:78:da:71:
7c:5f:4c:34:ce:fd:a0:57:d5:c9:22:15:82:1f:f9:40:a3:ed:
54:03:93:0e:82:95:c7:3e:6b:3d:45:3a:a9:2d:5a:1e:76:ea:
d2:62:ee:c7:ef:9b:f8:61:c3:e7:61:b1:02:45:b8:95:1b:72:
71:0f:78:fa:57:37:87:4d:94:fc:cd:40:2b:8e:27:f4:53:68:
d0:93:22:4c:3a:b9:38:6e:ee:ab:5e:e9:ad:32:db:e0:a8:b5:
84:cf:a7:3c:0c:d7:03:e5:1f:52:09:c3:70:29:8f:bb:74:17:
ad:a1:04:dd:d5:ca:88:0f:f3:f7:24:64:57:ea:21:de:78:f5:
7f:c2:1f:93:3d:41:f7:7f:a1:5a:5e:08:f9:1b:b0:78:f3:66:
5d:2c:36:30:b3:9e:8a:6d:1b:02:0b:ab:e4:70:ac:6c:ab:a0:
cc:6b:cf:b1:6c:58:75:75:30:5b:d8:b4:85:33:5c:a9:a7:3c:
0f:ca:03:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQTO2z1I7BNM8s/tRZnnFE2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYzdjMTlmOGQ5YjUwZWE2MGNjZTc0OThhZjBmZDhjMzkw
ODExOWUwHhcNMjIxMDI2MDczOTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTRkODBlZDZlNzQ3NzEwNjMzMzk3NGVkM2ZiMmVhYjc1ODAwZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjl797XpRjnTIcn2XYyAg9gsoM7vm
YTl5BblL2qiJZWv/eI2zDJY4Av9+gKyrSWfQHIAlHSlG0WGca3Bs6rSlABEEzoQs
CAp6YHwZPyoFmzpXfsBboyOMUBc5FfB8cBBMc8ueueljGvJSL+XRimddNl74VXiw
fMkV4p1eDWT6VgMinevb/SISpFX0C777Qcp+B4KK0PtpnO7meLEW73mT2MSdb/VG
H1LEutnWZ1JwHMaGPf5hFtwL3oYBeffszpHpXMA0UGZelAxc/u6KKufNT4sQLpn0
JwJDasuYGSR1zydk2qx6UvWhdfSBaBmwWr3zgR5qVNUYZZJAExrTP4kkSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJlNgO1udHcQYzOXTtP7Lqt1gA7fMB8GA1UdIwQY
MBaAFOPHwZ+Nm1DqYMznSYrw/Yw5CBGeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDhmQm40MmJVT3Bnek9kSml2RDlqRGtJRVo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS8yMzkyOWEtYjI0Ny00ZjNiLTljZDEt
OGIxZjViZWNkZGEyLzEvbVUyQTdXNTBkeEJqTTVkTzBfc3VxM1dBRHQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS8yMzkyOWEtYjI0Ny00ZjNiLTljZDEtOGIxZjViZWNkZGEy
LzEvNDhmQm40MmJVT3Bnek9kSml2RDlqRGtJRVo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuerbMA0G
CSqGSIb3DQEBCwUAA4IBAQBLo6vkYCl7AeXoqIg/XAwC062sVzHTOvsvNvvxCRgJ
tHsf85oRgrHaZRYBiFkQARMNA5peX68+CG3jjBrIQy4IgeDiccN42nF8X0w0zv2g
V9XJIhWCH/lAo+1UA5MOgpXHPms9RTqpLVoedurSYu7H75v4YcPnYbECRbiVG3Jx
D3j6VzeHTZT8zUArjif0U2jQkyJMOrk4bu6rXumtMtvgqLWEz6c8DNcD5R9SCcNw
KY+7dBetoQTd1cqID/P3JGRX6iHeePV/wh+TPUH3f6FaXgj5G7B482ZdLDYws56K
bRsCC6vkcKxsq6DMa8+xbFh1dTBb2LSFM1yppzwPygMz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:42 2023 by rpki-client on console-fra.rpki-client.org