Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/vWVG9ECT2rLgXEFoMKH3a1MzGiU.roa
File: vWVG9ECT2rLgXEFoMKH3a1MzGiU.roa (raw, json)
Hash identifier: 3ZFgoyc/W+qw/0LX+ns7Ldg4P2OkseFvTvdogtF+k9M=
Subject key identifier: BD:65:46:F4:40:93:DA:B2:E0:5C:41:68:30:A1:F7:6B:53:33:1A:25
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0184EC086BBD3D9DC0844CDB59F6D47C00C3
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/vWVG9ECT2rLgXEFoMKH3a1MzGiU.roa
Signing time: Wed 07 Dec 2022 10:01:25 +0000
ROA not before: Wed 07 Dec 2022 10:01:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4787
IP address blocks: 163.171.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:08:6b:bd:3d:9d:c0:84:4c:db:59:f6:d4:7c:00:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Dec 7 10:01:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd6546f44093dab2e05c416830a1f76b53331a25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:33:83:b2:86:a5:b8:2b:e8:bd:bb:64:c2:a4:
1a:7c:89:07:c9:a8:ce:b3:d8:3f:da:2e:88:d8:6f:
44:94:cc:16:29:03:7e:81:49:0e:11:a3:98:6f:31:
13:12:fe:a3:1c:71:30:5a:4f:dc:9d:d3:39:4d:a1:
61:af:5f:aa:d5:c1:12:08:39:3e:17:54:cf:13:71:
8d:69:64:43:55:8f:eb:bb:24:ff:02:b4:6d:5d:5f:
69:06:8b:87:8f:fd:fd:0a:60:78:24:cf:0b:19:80:
50:37:39:68:83:04:8a:31:8d:d4:6d:9d:e7:ed:29:
70:db:4d:0f:e5:82:b9:1e:e4:48:ab:13:ae:14:e8:
7a:91:c3:43:53:ca:3c:b8:3b:2d:8a:2f:ea:07:56:
8d:82:89:5d:45:aa:54:5d:9f:57:8e:99:41:f5:51:
1f:dc:ce:f9:e8:8e:f1:20:55:f0:a9:8e:c8:18:78:
14:15:c3:ea:c3:db:eb:12:b6:1e:69:ae:24:e5:47:
f5:8d:49:ca:47:9c:4f:96:35:bf:3c:8c:19:ad:4e:
5c:de:25:a1:ed:f7:32:39:a3:42:20:31:6c:fa:4f:
c7:29:21:dd:a6:be:b7:fe:1e:19:fc:07:92:52:72:
c7:77:45:a2:59:20:87:4d:82:fb:e1:65:38:75:77:
2a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:65:46:F4:40:93:DA:B2:E0:5C:41:68:30:A1:F7:6B:53:33:1A:25
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/vWVG9ECT2rLgXEFoMKH3a1MzGiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.171.67.0/24
Signature Algorithm: sha256WithRSAEncryption
14:d6:17:7e:e6:c7:d7:91:ae:70:92:96:19:2e:d9:b4:17:90:
7b:ef:da:cd:0c:51:2b:f8:32:d6:7b:6a:45:a3:dd:b7:b3:8c:
81:4f:7c:5a:ee:11:3b:57:67:b4:04:89:67:6c:d7:f0:f3:4e:
b2:23:d0:25:6b:8e:2f:52:a3:77:93:7c:ff:30:6b:e5:13:66:
86:cf:cd:d4:d3:cb:0c:bf:1e:56:26:76:1e:38:2d:d3:19:a2:
d6:5b:97:02:c9:25:2e:74:79:2d:e4:e2:cc:72:dd:6c:fb:76:
9e:ba:a0:dc:4d:57:fd:f9:93:0f:bb:98:2e:35:0e:8f:f9:61:
5b:54:06:0b:2e:8b:84:ea:93:fb:10:ba:7d:b4:39:38:12:2f:
85:59:d6:47:e3:d5:9e:27:8a:ec:10:58:56:e7:02:7a:ac:e6:
00:b1:b6:5d:06:b0:07:04:9b:84:f4:3d:19:97:ac:f0:06:c6:
fb:b4:de:c4:cd:a6:b7:78:cd:38:65:8f:f4:36:fd:d3:67:4f:
8c:02:da:45:2b:86:ae:24:4e:4e:dc:b8:c1:4a:88:12:34:60:
5b:5e:fb:22:c8:dd:ff:1b:41:e0:7b:d5:df:75:93:88:2f:1d:
d8:0e:18:74:04:0e:e2:11:1b:c7:d5:34:b3:b7:21:16:0b:da:
f1:13:8d:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTsCGu9PZ3AhEzbWfbUfADDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjIxMjA3MTAwMTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDY1NDZmNDQwOTNkYWIyZTA1YzQxNjgzMGExZjc2YjUzMzMxYTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTODsoaluCvovbtkwqQafIkHyajO
s9g/2i6I2G9ElMwWKQN+gUkOEaOYbzETEv6jHHEwWk/cndM5TaFhr1+q1cESCDk+
F1TPE3GNaWRDVY/ruyT/ArRtXV9pBouHj/39CmB4JM8LGYBQNzlogwSKMY3UbZ3n
7Slw200P5YK5HuRIqxOuFOh6kcNDU8o8uDstii/qB1aNgoldRapUXZ9XjplB9VEf
3M756I7xIFXwqY7IGHgUFcPqw9vrErYeaa4k5Uf1jUnKR5xPljW/PIwZrU5c3iWh
7fcyOaNCIDFs+k/HKSHdpr63/h4Z/AeSUnLHd0WiWSCHTYL74WU4dXcqvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL1lRvRAk9qy4FxBaDCh92tTMxolMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvdldWRzlFQ1QyckxnWEVGb01LSDNhMU16R2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAo6tDMA0G
CSqGSIb3DQEBCwUAA4IBAQAU1hd+5sfXka5wkpYZLtm0F5B779rNDFEr+DLWe2pF
o923s4yBT3xa7hE7V2e0BIlnbNfw806yI9Ala44vUqN3k3z/MGvlE2aGz83U08sM
vx5WJnYeOC3TGaLWW5cCySUudHkt5OLMct1s+3aeuqDcTVf9+ZMPu5guNQ6P+WFb
VAYLLouE6pP7ELp9tDk4Ei+FWdZH49WeJ4rsEFhW5wJ6rOYAsbZdBrAHBJuE9D0Z
l6zwBsb7tN7Ezaa3eM04ZY/0Nv3TZ0+MAtpFK4auJE5O3LjBSogSNGBbXvsiyN3/
G0Hge9XfdZOILx3YDhh0BA7iERvH1TSztyEWC9rxE42j
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org