Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/tMHLmxR56YaGlYxAj6EoC-36Vqo.roa
File: tMHLmxR56YaGlYxAj6EoC-36Vqo.roa (raw, json)
Hash identifier: sPvPlxs/FgvNKzP6WywJ3WtSB12xQZlCarxXRZ5/KOg=
Subject key identifier: B4:C1:CB:9B:14:79:E9:86:86:95:8C:40:8F:A1:28:0B:ED:FA:56:AA
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 01847FA70AEC66E29443D8C635E2A35E4A12
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/tMHLmxR56YaGlYxAj6EoC-36Vqo.roa
Signing time: Wed 16 Nov 2022 08:56:04 +0000
ROA not before: Wed 16 Nov 2022 08:56:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14315
IP address blocks: 2.58.202.0/24 maxlen: 24
2.58.203.0/24 maxlen: 24
2.58.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:a7:0a:ec:66:e2:94:43:d8:c6:35:e2:a3:5e:4a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Nov 16 08:56:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4c1cb9b1479e98686958c408fa1280bedfa56aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bb:97:84:11:98:b2:16:d8:d8:8c:35:eb:68:
be:c8:9f:4f:92:5c:25:d8:f5:27:bc:74:88:dc:ed:
fe:ce:dd:7f:f6:68:ff:5c:b2:4e:12:a9:24:14:93:
55:9b:5e:ce:cb:d1:5c:03:77:a8:6b:f4:86:d8:c2:
2d:24:f9:28:c8:a5:31:f3:7a:12:66:1e:87:53:90:
46:00:11:29:9e:81:88:b6:16:5b:e4:b4:f2:07:9c:
27:50:82:c5:6c:64:6f:92:a9:f0:2f:a7:7e:ed:d7:
bb:20:19:99:ac:2c:f7:a2:ef:48:f5:2d:11:84:86:
18:6c:4c:fb:f4:17:02:7c:2f:de:99:2d:1e:3e:60:
db:e2:b8:e3:11:a3:5c:4d:51:bf:1b:ac:81:7e:43:
9a:19:ee:67:37:3d:67:24:a8:5d:7a:5b:32:e7:bf:
60:a9:51:53:34:0f:8f:47:e9:ec:ea:de:32:01:df:
58:77:bd:58:e2:55:46:90:1a:ad:52:b4:80:c9:4e:
b1:cd:0d:9d:a7:7e:25:dd:e3:81:bc:d2:76:22:22:
42:11:07:a2:60:39:14:bd:4e:43:4f:5d:dc:a6:1a:
1e:4c:7a:5b:49:fe:55:26:05:15:d7:b1:b2:0f:c3:
d5:b5:90:52:eb:8d:93:3a:fa:dc:05:25:b2:70:f6:
4d:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C1:CB:9B:14:79:E9:86:86:95:8C:40:8F:A1:28:0B:ED:FA:56:AA
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/tMHLmxR56YaGlYxAj6EoC-36Vqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.200.0/24
2.58.202.0/23
Signature Algorithm: sha256WithRSAEncryption
57:cf:26:fe:18:8d:68:83:ac:29:0d:1e:70:41:5b:e5:d6:bc:
78:bb:c7:f1:25:83:48:37:c0:f0:62:a4:f9:7a:6e:40:4d:7d:
f6:3c:65:89:ec:f9:3b:36:6d:65:9d:6d:17:f6:4c:51:e8:e9:
4f:09:0d:42:2e:71:4c:15:f6:9d:38:db:68:cc:0b:50:a0:c5:
b4:cf:61:5a:55:70:c7:2f:86:f6:be:99:45:91:ff:f9:64:d1:
85:c9:bf:cc:e1:e1:4d:90:b4:60:32:cc:f7:5e:31:be:f5:6d:
08:22:26:4c:fd:34:e7:35:5e:54:af:1d:4f:07:8c:fb:93:98:
d4:9e:8f:ac:65:f8:4b:ba:a5:35:49:83:a3:43:82:3f:17:e2:
d7:04:17:15:95:53:2a:2b:e3:6e:ca:aa:0d:48:99:4a:aa:c7:
28:18:c3:77:57:87:ed:a4:da:87:f4:cc:a0:27:3a:7b:6f:48:
97:25:58:7e:13:20:61:14:ff:e0:b3:23:91:9c:ee:8e:79:35:
2f:e4:c2:c0:19:7c:dd:95:f5:1a:79:60:74:48:91:6f:70:2d:
9d:8e:d3:66:5d:14:e9:36:6c:41:15:cc:41:d3:43:85:a6:41:
86:ff:de:19:d9:81:4a:b6:1c:79:dd:5c:4f:0f:7b:69:09:a6:
13:e7:b5:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR/pwrsZuKUQ9jGNeKjXkoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIxMTE2MDg1NjA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGMxY2I5YjE0NzllOTg2ODY5NThjNDA4ZmExMjgwYmVkZmE1NmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7uXhBGYshbY2Iw162i+yJ9Pklwl
2PUnvHSI3O3+zt1/9mj/XLJOEqkkFJNVm17Oy9FcA3eoa/SG2MItJPkoyKUx83oS
Zh6HU5BGABEpnoGIthZb5LTyB5wnUILFbGRvkqnwL6d+7de7IBmZrCz3ou9I9S0R
hIYYbEz79BcCfC/emS0ePmDb4rjjEaNcTVG/G6yBfkOaGe5nNz1nJKhdelsy579g
qVFTNA+PR+ns6t4yAd9Yd71Y4lVGkBqtUrSAyU6xzQ2dp34l3eOBvNJ2IiJCEQei
YDkUvU5DT13cphoeTHpbSf5VJgUV17GyD8PVtZBS642TOvrcBSWycPZNQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLTBy5sUeemGhpWMQI+hKAvt+laqMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvdE1ITG14UjU2WWFHbFl4QWo2RW9DLTM2VnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjrIAwQB
AjrKMA0GCSqGSIb3DQEBCwUAA4IBAQBXzyb+GI1og6wpDR5wQVvl1rx4u8fxJYNI
N8DwYqT5em5ATX32PGWJ7Pk7Nm1lnW0X9kxR6OlPCQ1CLnFMFfadONtozAtQoMW0
z2FaVXDHL4b2vplFkf/5ZNGFyb/M4eFNkLRgMsz3XjG+9W0IIiZM/TTnNV5Urx1P
B4z7k5jUno+sZfhLuqU1SYOjQ4I/F+LXBBcVlVMqK+NuyqoNSJlKqscoGMN3V4ft
pNqH9MygJzp7b0iXJVh+EyBhFP/gsyORnO6OeTUv5MLAGXzdlfUaeWB0SJFvcC2d
jtNmXRTpNmxBFcxB00OFpkGG/94Z2YFKthx53VxPD3tpCaYT57Xx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-ams.rpki-client.org