Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/2W9h1lBm3WkPxUpscn-GNw6uiQ0.roa
File: 2W9h1lBm3WkPxUpscn-GNw6uiQ0.roa (raw, json)
Hash identifier: /0VgzYAXLXJ3xL0encQo8kadklHyxzuvKZk4uW2xqAI=
Subject key identifier: D9:6F:61:D6:50:66:DD:69:0F:C5:4A:6C:72:7F:86:37:0E:AE:89:0D
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 01853D9B7001211BBC419E5C3DC75781C7DB
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/2W9h1lBm3WkPxUpscn-GNw6uiQ0.roa
Signing time: Fri 23 Dec 2022 06:11:14 +0000
ROA not before: Fri 23 Dec 2022 06:11:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43578
IP address blocks: 188.241.60.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3d:9b:70:01:21:1b:bc:41:9e:5c:3d:c7:57:81:c7:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Dec 23 06:11:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d96f61d65066dd690fc54a6c727f86370eae890d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a0:9a:a4:61:f8:1f:8d:89:c5:e9:a6:d1:cb:
46:2a:7a:cd:f0:9b:15:cb:da:77:00:f4:d4:4d:a6:
b6:69:32:8b:53:63:19:05:68:84:59:2b:f9:de:3d:
22:d3:3e:cb:21:86:e8:c9:91:1e:72:08:1d:50:6a:
23:a8:f7:94:e1:0b:2c:09:a4:80:96:33:5a:57:5b:
9a:53:c4:f7:ea:d4:15:8d:ba:21:6a:6e:30:99:d5:
14:fb:a1:45:0e:e0:40:12:94:80:00:bf:aa:92:1b:
57:80:03:fb:9a:ed:3a:86:61:a3:69:a4:ea:4a:a2:
60:d6:60:74:7e:44:a2:97:aa:9d:d8:53:e9:94:b0:
0f:01:36:85:84:5e:f4:53:7c:0b:89:5b:af:23:ef:
62:85:f1:8e:04:5c:99:8a:65:f3:1d:2f:e7:26:b4:
0b:36:a3:48:be:78:6b:97:e2:6d:66:16:e4:ae:b1:
e8:96:0e:cd:e6:a1:cc:01:51:63:56:17:f4:78:02:
29:ab:dc:c7:ce:ca:da:a4:f5:ce:6a:df:e4:82:f9:
28:c0:55:78:75:06:04:7a:59:0e:d0:fe:f1:5a:42:
5c:10:4c:fa:91:18:17:33:3b:63:b9:96:44:e8:d7:
06:03:47:03:b1:ef:b3:36:73:f5:71:4a:73:7e:96:
85:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:6F:61:D6:50:66:DD:69:0F:C5:4A:6C:72:7F:86:37:0E:AE:89:0D
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/2W9h1lBm3WkPxUpscn-GNw6uiQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.241.60.0/23
Signature Algorithm: sha256WithRSAEncryption
39:ef:8a:4a:4e:29:fe:00:ea:24:5b:be:0b:e3:24:7d:49:6c:
ce:7d:85:48:23:92:98:13:df:27:99:ec:89:76:d8:50:a8:bf:
31:f4:30:15:6d:c4:7f:7b:30:41:fe:65:4b:0e:5d:8d:fb:70:
cc:53:10:a1:7a:6c:d5:ce:45:03:e7:19:52:a4:91:fc:1c:cb:
ac:64:b6:af:03:da:8e:a0:1c:5b:6c:cb:75:7e:2b:93:f9:67:
a1:8b:92:e3:35:f9:c2:f0:58:ad:9d:71:da:8c:d2:88:d7:f9:
06:db:d1:c4:7c:3f:ee:0a:e5:bb:01:9f:b3:83:14:81:3f:d0:
49:c8:12:6e:3b:2c:8b:cc:70:fe:78:8b:e0:9a:b2:e6:51:6e:
7c:b2:e5:31:9a:73:27:99:02:67:41:33:6d:bb:a0:86:10:83:
04:dd:38:f1:7a:2a:ca:6d:53:09:49:58:91:be:3e:48:c9:04:
8a:78:33:7c:24:35:dc:9d:aa:b7:1d:9e:38:27:eb:58:af:16:
b2:8c:a6:92:98:88:71:f7:6f:c3:24:94:c2:e6:c9:ae:4a:d2:
f7:5b:6e:91:e2:46:57:1e:ce:0d:c8:bb:50:25:44:35:11:25:
e9:9e:e7:eb:9d:ad:96:7b:de:4f:cd:cb:a4:aa:db:ea:31:07:
44:51:ca:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU9m3ABIRu8QZ5cPcdXgcfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjIxMjIzMDYxMTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTZmNjFkNjUwNjZkZDY5MGZjNTRhNmM3MjdmODYzNzBlYWU4OTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaCapGH4H42Jxemm0ctGKnrN8JsV
y9p3APTUTaa2aTKLU2MZBWiEWSv53j0i0z7LIYboyZEecggdUGojqPeU4QssCaSA
ljNaV1uaU8T36tQVjboham4wmdUU+6FFDuBAEpSAAL+qkhtXgAP7mu06hmGjaaTq
SqJg1mB0fkSil6qd2FPplLAPATaFhF70U3wLiVuvI+9ihfGOBFyZimXzHS/nJrQL
NqNIvnhrl+JtZhbkrrHolg7N5qHMAVFjVhf0eAIpq9zHzsrapPXOat/kgvkowFV4
dQYEelkO0P7xWkJcEEz6kRgXMztjuZZE6NcGA0cDse+zNnP1cUpzfpaFJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlvYdZQZt1pD8VKbHJ/hjcOrokNMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvMlc5aDFsQm0zV2tQeFVwc2NuLUdOdzZ1aVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvPE8MA0G
CSqGSIb3DQEBCwUAA4IBAQA574pKTin+AOokW74L4yR9SWzOfYVII5KYE98nmeyJ
dthQqL8x9DAVbcR/ezBB/mVLDl2N+3DMUxChemzVzkUD5xlSpJH8HMusZLavA9qO
oBxbbMt1fiuT+Wehi5LjNfnC8FitnXHajNKI1/kG29HEfD/uCuW7AZ+zgxSBP9BJ
yBJuOyyLzHD+eIvgmrLmUW58suUxmnMnmQJnQTNtu6CGEIME3TjxeirKbVMJSViR
vj5IyQSKeDN8JDXcnaq3HZ44J+tYrxayjKaSmIhx92/DJJTC5smuStL3W26R4kZX
Hs4NyLtQJUQ1ESXpnufrna2We95PzcukqtvqMQdEUcrk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org