Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/AXazli7L8M-rYYJFyLAazooeEFE.roa
File: AXazli7L8M-rYYJFyLAazooeEFE.roa (raw, json)
Hash identifier: dlnMdRgGv1SxuIL76TXjc3yMdPtj4QFTdQm4k8J2kTc=
Subject key identifier: 01:76:B3:96:2E:CB:F0:CF:AB:61:82:45:C8:B0:1A:CE:8A:1E:10:51
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 0A41F550
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/AXazli7L8M-rYYJFyLAazooeEFE.roa
Signing time: Sat 01 Jan 2022 15:03:25 +0000
ROA not before: Sat 01 Jan 2022 15:03:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50247
IP address blocks: 185.129.124.0/23 maxlen: 23
185.129.126.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172094800 (0xa41f550)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: Jan 1 15:03:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0176b3962ecbf0cfab618245c8b01ace8a1e1051
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:1c:5b:b5:d3:bb:bc:f3:d4:a5:b8:68:90:9c:
da:55:2b:72:5d:92:85:7e:8c:13:15:d8:db:d3:7d:
b7:44:07:e1:ac:3d:cb:13:86:ce:37:a3:f1:53:b8:
db:8e:df:11:31:1e:e5:c2:78:20:d1:b3:3c:a3:9f:
3b:1c:46:85:36:54:7c:b4:c9:06:a7:2e:07:2b:4b:
eb:64:fc:ca:89:80:45:bd:b6:46:64:bf:6e:a4:ab:
84:bf:d1:e3:a8:23:27:f2:be:96:09:05:75:4d:63:
b8:0b:55:cc:06:e4:a3:bc:c3:c8:83:33:76:34:97:
49:f5:10:d1:43:6d:9a:58:a5:d8:9a:ff:e5:f8:23:
69:ef:2d:d9:cb:da:4c:ee:97:93:55:73:89:9d:7e:
f8:52:1b:1b:a4:00:3f:ba:56:3a:b1:e8:ff:d6:ac:
78:c5:b0:4d:42:51:3f:9d:7f:c9:4c:f9:ff:35:0b:
2d:0c:ce:3b:c9:40:b5:1f:90:d3:bb:98:5d:35:aa:
ae:f5:5b:cf:84:da:ce:4f:8a:5d:d0:2d:91:4e:3e:
2c:3b:e7:a1:2c:ba:8e:61:fb:d6:89:69:fa:f6:81:
5b:8d:aa:07:b1:21:0d:30:c8:7a:d8:62:dd:da:f2:
f7:c3:24:0d:72:61:00:24:55:fa:a8:33:86:dc:0e:
24:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:76:B3:96:2E:CB:F0:CF:AB:61:82:45:C8:B0:1A:CE:8A:1E:10:51
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/AXazli7L8M-rYYJFyLAazooeEFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.129.124.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:06:fe:2e:4e:26:6a:1d:6b:1f:50:e8:c0:23:51:f7:aa:9e:
dd:b1:fa:20:f1:bd:c1:13:c0:6d:a2:41:cd:64:47:ad:69:c6:
c4:1b:a8:22:ea:d9:a8:da:43:5d:73:72:48:e3:b1:8a:68:2a:
8c:6d:7c:d4:6a:b7:17:e8:bd:c5:68:db:12:36:9b:c6:12:27:
f9:b9:49:97:16:60:f5:66:3f:3d:35:33:5e:ba:b1:71:8e:c9:
0e:a5:9a:0a:8a:f4:71:3b:65:76:c6:8f:6b:ad:4c:c5:50:bb:
8d:40:c6:c1:31:10:5a:30:66:7d:ef:ec:0d:d0:de:40:27:ef:
e0:12:c9:68:9d:8d:ce:11:66:2d:99:2e:4d:f1:95:71:f5:51:
42:4b:3b:15:bd:db:83:28:67:52:9d:30:96:29:33:54:45:2c:
48:0e:d5:97:c2:3f:35:04:a1:7f:43:52:48:93:c6:27:1d:00:
a6:94:4a:5d:f3:d3:d7:c1:61:05:43:1d:d1:ad:1c:59:28:7e:
90:8f:47:ee:08:7d:f5:40:85:19:c9:63:26:31:86:df:b2:22:
a2:b4:cf:1d:21:71:30:e5:3a:cd:7c:37:d3:6f:a2:c8:65:69:
1a:d8:ac:fc:32:c9:b9:3c:5e:29:49:9e:e3:a1:a1:76:67:04:
9e:b2:b2:38
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECkH1UDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
M2Q1NmYwN2JlMTg0Y2JhNTJmNmZkYzA0OWU4MTE0ZDI2MTZjMzJhMB4XDTIyMDEw
MTE1MDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDE3NmIzOTYyZWNi
ZjBjZmFiNjE4MjQ1YzhiMDFhY2U4YTFlMTA1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMocW7XTu7zz1KW4aJCc2lUrcl2ShX6MExXY29N9t0QH4aw9
yxOGzjej8VO4247fETEe5cJ4INGzPKOfOxxGhTZUfLTJBqcuBytL62T8yomARb22
RmS/bqSrhL/R46gjJ/K+lgkFdU1juAtVzAbko7zDyIMzdjSXSfUQ0UNtmlil2Jr/
5fgjae8t2cvaTO6Xk1VziZ1++FIbG6QAP7pWOrHo/9aseMWwTUJRP51/yUz5/zUL
LQzOO8lAtR+Q07uYXTWqrvVbz4Tazk+KXdAtkU4+LDvnoSy6jmH71olp+vaBW42q
B7EhDTDIethi3dry98MkDXJhACRV+qgzhtwOJLcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQBdrOWLsvwz6thgkXIsBrOih4QUTAfBgNVHSMEGDAWgBTT1W8HvhhMulL2
/cBJ6BFNJhbDKjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzA5VnZCNzRZVExwUzl2M0FTZWdSVFNZV3d5by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNTc4NmFiLTA2N2UtNDQwYy1iMjc2LTFiMDZkMWM3MDRjMS8x
L0FYYXpsaTdMOE0tcllZSkZ5TEFhem9vZUVGRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NTc4NmFiLTA2N2UtNDQwYy1iMjc2LTFiMDZkMWM3MDRjMS8xLzA5VnZCNzRZVExw
Uzl2M0FTZWdSVFNZV3d5by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArmBfDANBgkqhkiG9w0BAQsFAAOC
AQEAegb+Lk4mah1rH1DowCNR96qe3bH6IPG9wRPAbaJBzWRHrWnGxBuoIurZqNpD
XXNySOOximgqjG181Gq3F+i9xWjbEjabxhIn+blJlxZg9WY/PTUzXrqxcY7JDqWa
Cor0cTtldsaPa61MxVC7jUDGwTEQWjBmfe/sDdDeQCfv4BLJaJ2NzhFmLZkuTfGV
cfVRQks7Fb3bgyhnUp0wlikzVEUsSA7Vl8I/NQShf0NSSJPGJx0AppRKXfPT18Fh
BUMd0a0cWSh+kI9H7gh99UCFGcljJjGG37IiorTPHSFxMOU6zXw302+iyGVpGtis
/DLJuTxeKUme46GhdmcEnrKyOA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:47 2023 by rpki-client on console-ams.rpki-client.org