Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/uN3XrQGP9buvwNyFpDlQ-Hv53mI.roa
File: uN3XrQGP9buvwNyFpDlQ-Hv53mI.roa (raw, json)
Hash identifier: P42CdWv7lBjAjpEMzlEeUL/jiC5og4eA6Y2L71VIaS8=
Subject key identifier: B8:DD:D7:AD:01:8F:F5:BB:AF:C0:DC:85:A4:39:50:F8:7B:F9:DE:62
Certificate issuer: /CN=4d23e2edb321e1a8a5ce9ee3e2d95aa40f0de8a0
Certificate serial: 01843D2AA336490B3BC09C7D82044323E4FF
Authority key identifier: 4D:23:E2:ED:B3:21:E1:A8:A5:CE:9E:E3:E2:D9:5A:A4:0F:0D:E8:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/uN3XrQGP9buvwNyFpDlQ-Hv53mI.roa
Signing time: Thu 03 Nov 2022 11:05:15 +0000
ROA not before: Thu 03 Nov 2022 11:05:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39122
IP address blocks: 185.204.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3d:2a:a3:36:49:0b:3b:c0:9c:7d:82:04:43:23:e4:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d23e2edb321e1a8a5ce9ee3e2d95aa40f0de8a0
Validity
Not Before: Nov 3 11:05:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8ddd7ad018ff5bbafc0dc85a43950f87bf9de62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:dd:5f:a2:4b:4f:10:a0:75:46:7d:b0:9c:ea:
53:b9:e6:30:b5:a1:96:ac:e5:a5:e4:f0:7b:60:d0:
e2:a9:34:fb:db:25:c5:9f:7b:56:67:48:28:d1:17:
9c:8c:57:b8:fc:16:15:47:1a:b9:a3:34:1c:08:5c:
b9:14:0b:9c:b1:3f:1a:b5:a0:17:7d:37:2b:39:79:
65:ca:15:8e:5b:f9:6d:dd:19:25:c6:0a:ec:53:1d:
34:00:bc:99:22:25:6c:f1:50:27:f9:a3:40:8a:41:
7d:ee:39:1c:ef:8a:6f:e8:b3:89:cd:0c:15:c6:0c:
95:ac:0f:19:a5:4b:15:a7:42:7e:63:c8:d4:ff:dc:
d0:4a:1e:c4:59:6b:89:98:bd:ff:e3:24:f1:56:55:
e3:46:74:48:cd:dc:17:8a:7c:d9:03:df:24:59:3f:
00:3c:5f:bc:74:57:17:68:d7:ef:6c:21:82:78:28:
40:35:89:6f:3a:49:37:40:3a:1b:7c:7b:6c:c0:b7:
eb:b8:4a:61:91:30:87:57:e7:a2:79:bd:d5:db:54:
54:df:30:2e:23:3b:dd:78:14:68:3c:be:80:6e:ff:
ed:48:ac:c3:90:9b:a6:da:c6:5b:9f:a9:56:ab:65:
5d:0d:aa:8c:d9:48:f9:8f:2a:74:0f:18:d9:06:d4:
53:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:DD:D7:AD:01:8F:F5:BB:AF:C0:DC:85:A4:39:50:F8:7B:F9:DE:62
X509v3 Authority Key Identifier:
keyid:4D:23:E2:ED:B3:21:E1:A8:A5:CE:9E:E3:E2:D9:5A:A4:0F:0D:E8:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TSPi7bMh4ailzp7j4tlapA8N6KA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/uN3XrQGP9buvwNyFpDlQ-Hv53mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e4e07e-15fc-4942-842a-538509f3a789/1/TSPi7bMh4ailzp7j4tlapA8N6KA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.136.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:04:fb:df:85:0f:3a:c7:0f:48:1c:dc:53:1b:f5:08:8b:e7:
c5:35:7c:ea:44:40:ee:8c:0a:a0:5f:11:f1:07:5a:10:ad:52:
aa:0c:5a:24:c4:80:9e:1c:59:6f:2e:81:73:d9:da:42:e1:ef:
fc:d8:f2:e7:ae:45:b9:b6:d1:29:f8:ef:95:6e:df:3a:c6:a7:
3d:9d:63:5c:91:e4:5f:f0:a0:95:7b:e5:dc:e3:58:9d:db:4c:
c4:87:02:9c:04:d8:07:53:f5:3f:47:b0:e7:a1:43:8e:61:b7:
7d:d1:5f:ff:62:68:9c:17:3d:fe:9a:ea:f5:8d:96:9a:87:f5:
d5:05:bd:b4:37:ba:2c:2b:8f:a3:a7:05:80:50:a7:09:f7:1e:
ca:f4:19:7f:10:10:7c:b1:ad:a3:85:24:e1:4c:a9:e3:67:95:
42:7d:eb:56:75:63:c5:9b:b7:56:1f:c8:43:dc:2f:19:74:ae:
a3:a1:00:23:e6:bf:a3:0a:aa:66:0f:22:b3:11:a7:64:9d:d3:
90:bc:b3:19:7b:26:9b:b1:60:82:fe:d7:6e:95:8a:78:97:8f:
eb:1b:0c:10:98:c4:3a:f7:ad:23:f1:6c:60:cd:e0:61:72:e7:
f5:dd:25:52:22:c2:80:6a:87:77:44:03:06:88:1b:4c:4a:60:
e8:c5:cf:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ9KqM2SQs7wJx9ggRDI+T/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMjNlMmVkYjMyMWUxYThhNWNlOWVlM2UyZDk1YWE0MGYw
ZGU4YTAwHhcNMjIxMTAzMTEwNTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOGRkZDdhZDAxOGZmNWJiYWZjMGRjODVhNDM5NTBmODdiZjlkZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt1foktPEKB1Rn2wnOpTueYwtaGW
rOWl5PB7YNDiqTT72yXFn3tWZ0go0RecjFe4/BYVRxq5ozQcCFy5FAucsT8ataAX
fTcrOXllyhWOW/lt3RklxgrsUx00ALyZIiVs8VAn+aNAikF97jkc74pv6LOJzQwV
xgyVrA8ZpUsVp0J+Y8jU/9zQSh7EWWuJmL3/4yTxVlXjRnRIzdwXinzZA98kWT8A
PF+8dFcXaNfvbCGCeChANYlvOkk3QDobfHtswLfruEphkTCHV+eieb3V21RU3zAu
IzvdeBRoPL6Abv/tSKzDkJum2sZbn6lWq2VdDaqM2Uj5jyp0DxjZBtRTLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLjd160Bj/W7r8DchaQ5UPh7+d5iMB8GA1UdIwQY
MBaAFE0j4u2zIeGopc6e4+LZWqQPDeigMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lNGUwN2UtMTVmYy00OTQyLTg0MmEt
NTM4NTA5ZjNhNzg5LzEvdU4zWHJRR1A5YnV2d055RnBEbFEtSHY1M21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lNGUwN2UtMTVmYy00OTQyLTg0MmEtNTM4NTA5ZjNhNzg5
LzEvVFNQaTdiTWg0YWlsenA3ajR0bGFwQThONktBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucyIMA0G
CSqGSIb3DQEBCwUAA4IBAQCdBPvfhQ86xw9IHNxTG/UIi+fFNXzqREDujAqgXxHx
B1oQrVKqDFokxICeHFlvLoFz2dpC4e/82PLnrkW5ttEp+O+Vbt86xqc9nWNckeRf
8KCVe+Xc41id20zEhwKcBNgHU/U/R7DnoUOOYbd90V//YmicFz3+mur1jZaah/XV
Bb20N7osK4+jpwWAUKcJ9x7K9Bl/EBB8sa2jhSThTKnjZ5VCfetWdWPFm7dWH8hD
3C8ZdK6joQAj5r+jCqpmDyKzEadkndOQvLMZeyabsWCC/tdulYp4l4/rGwwQmMQ6
960j8WxgzeBhcuf13SVSIsKAaod3RAMGiBtMSmDoxc/C
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:50 2023 by rpki-client on console-ams.rpki-client.org