Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/xJYk834GIE3qDQLXCFi4uuai3yI.roa
File: xJYk834GIE3qDQLXCFi4uuai3yI.roa (raw, json)
Hash identifier: L0D/BsBydTjiG9kyVFeepSH3MovmXeq8N2DIBkUALb0=
Subject key identifier: C4:96:24:F3:7E:06:20:4D:EA:0D:02:D7:08:58:B8:BA:E6:A2:DF:22
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0181DAB6D290615B43FCA40D65240DB501A1
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/xJYk834GIE3qDQLXCFi4uuai3yI.roa
Signing time: Thu 07 Jul 2022 22:10:23 +0000
ROA not before: Thu 07 Jul 2022 22:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 198.105.124.0/22 maxlen: 24
198.105.126.0/24 maxlen: 24
155.254.36.0/22 maxlen: 24
107.181.140.0/22 maxlen: 24
198.105.100.0/22 maxlen: 24
198.105.116.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:da:b6:d2:90:61:5b:43:fc:a4:0d:65:24:0d:b5:01:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Jul 7 22:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c49624f37e06204dea0d02d70858b8bae6a2df22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:24:52:f1:ea:ac:70:fa:2b:e3:85:2b:94:74:
2a:c7:cd:bf:9e:2b:30:2e:7d:12:a6:cf:0f:c2:58:
24:12:b3:0b:c9:36:65:27:ca:5a:18:26:26:9a:52:
a4:1e:ac:c0:04:be:ca:02:b8:df:73:27:ff:c4:74:
45:8a:91:0b:a1:35:d7:5c:98:43:1a:78:7a:7e:ea:
cd:98:8e:3b:f4:f6:a4:cc:4c:78:e0:7e:2e:86:1b:
33:c0:0c:69:c2:f5:95:1b:41:f5:c4:81:a9:1a:3c:
fa:f8:67:48:90:01:3d:37:de:e5:af:64:d8:54:ad:
50:31:75:48:3c:a8:78:a5:e7:94:6e:b3:51:fd:ac:
22:b3:da:58:09:d2:a5:cb:c3:11:47:b7:fc:0f:aa:
24:4a:5a:b7:62:1e:5f:50:fa:21:fc:06:e9:0b:34:
79:86:4b:60:d0:97:7c:ee:9b:b8:0b:86:4d:4c:4e:
09:b3:81:ca:ed:ca:19:6b:68:c1:36:20:ff:60:9d:
52:d1:72:04:a1:84:8c:33:99:65:b0:85:26:fb:94:
d3:7f:0c:37:9b:65:e8:55:80:81:bf:10:02:54:18:
70:78:ea:f7:2d:1f:d4:9c:cb:f8:e5:a0:52:d9:59:
c7:4d:bf:71:78:36:56:9c:21:9c:50:e4:49:0b:a1:
05:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:96:24:F3:7E:06:20:4D:EA:0D:02:D7:08:58:B8:BA:E6:A2:DF:22
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/xJYk834GIE3qDQLXCFi4uuai3yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
107.181.140.0/22
155.254.36.0/22
198.105.100.0/22
198.105.116.0/22
198.105.124.0/22
Signature Algorithm: sha256WithRSAEncryption
54:4d:9e:fa:05:cd:78:cc:ba:cc:72:c6:b7:e5:6f:08:9e:16:
db:dd:2e:4c:c8:e6:ff:02:7a:de:1b:c4:eb:ac:63:69:be:34:
82:c8:3e:ac:5d:f4:70:8d:71:c1:f6:ca:63:0c:ae:ee:da:9d:
a7:66:e9:91:ab:d0:14:79:8e:2f:c6:b9:1d:ed:14:57:c4:03:
45:5a:44:c1:6a:de:82:17:8b:c7:ce:4b:39:e8:2c:d9:f7:37:
44:8f:d1:82:49:4d:13:60:e6:9e:87:d7:b2:96:de:e2:4d:47:
e2:8a:81:9f:8e:a1:51:ee:4c:b7:38:57:0e:39:09:be:c8:52:
49:f2:5c:d7:be:3f:d0:ec:38:67:bc:03:20:b5:2b:9a:44:24:
98:92:c1:92:aa:cd:2a:bd:98:6d:0d:f1:bb:b6:1e:20:26:18:
b3:3b:93:b3:91:2d:1f:71:ce:0e:f1:9d:8d:30:78:88:49:bf:
45:d3:16:86:9f:23:96:7e:ff:c4:e1:70:65:54:e9:6b:63:f5:
16:26:bf:ca:e9:f6:81:b6:df:6e:8a:e5:15:39:fe:bb:31:04:
db:21:79:3a:db:31:e1:52:4e:90:b9:b2:98:e0:05:1f:4f:06:
ef:49:8d:c0:53:61:83:8e:60:c6:a8:e8:4f:61:15:aa:20:9b:
fd:0a:04:75
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYHattKQYVtD/KQNZSQNtQGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjIwNzA3MjIxMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDk2MjRmMzdlMDYyMDRkZWEwZDAyZDcwODU4YjhiYWU2YTJkZjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCRS8eqscPor44UrlHQqx82/nisw
Ln0Sps8PwlgkErMLyTZlJ8paGCYmmlKkHqzABL7KArjfcyf/xHRFipELoTXXXJhD
Gnh6furNmI479PakzEx44H4uhhszwAxpwvWVG0H1xIGpGjz6+GdIkAE9N97lr2TY
VK1QMXVIPKh4peeUbrNR/awis9pYCdKly8MRR7f8D6okSlq3Yh5fUPoh/AbpCzR5
hktg0Jd87pu4C4ZNTE4Js4HK7coZa2jBNiD/YJ1S0XIEoYSMM5llsIUm+5TTfww3
m2XoVYCBvxACVBhweOr3LR/UnMv45aBS2VnHTb9xeDZWnCGcUORJC6EF0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMSWJPN+BiBN6g0C1whYuLrmot8iMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEveEpZazgzNEdJRTNxRFFMWENGaTR1dWFpM3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCa7WMAwQC
m/4kAwQCxmlkAwQCxml0AwQCxml8MA0GCSqGSIb3DQEBCwUAA4IBAQBUTZ76Bc14
zLrMcsa35W8Inhbb3S5MyOb/AnreG8TrrGNpvjSCyD6sXfRwjXHB9spjDK7u2p2n
ZumRq9AUeY4vxrkd7RRXxANFWkTBat6CF4vHzks56CzZ9zdEj9GCSU0TYOaeh9ey
lt7iTUfiioGfjqFR7ky3OFcOOQm+yFJJ8lzXvj/Q7DhnvAMgtSuaRCSYksGSqs0q
vZhtDfG7th4gJhizO5OzkS0fcc4O8Z2NMHiISb9F0xaGnyOWfv/E4XBlVOlrY/UW
Jr/K6faBtt9uiuUVOf67MQTbIXk62zHhUk6QubKY4AUfTwbvSY3AU2GDjmDGqOhP
YRWqIJv9CgR1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:20 2023 by rpki-client on console-fra.rpki-client.org