Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/lGkM9N1HnD3ois_WsKT3C3yxp58.roa
File: lGkM9N1HnD3ois_WsKT3C3yxp58.roa (raw, json)
Hash identifier: GU6n6hmHDMjyB8qlpKHPkjIP37pCOGO9f9fFjNQiKWA=
Subject key identifier: 94:69:0C:F4:DD:47:9C:3D:E8:8A:CF:D6:B0:A4:F7:0B:7C:B1:A7:9F
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 01853D9B6F9BD1CA1F24E05C282AE6C4A6DD
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/lGkM9N1HnD3ois_WsKT3C3yxp58.roa
Signing time: Fri 23 Dec 2022 06:11:14 +0000
ROA not before: Fri 23 Dec 2022 06:11:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35916
IP address blocks: 188.208.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3d:9b:6f:9b:d1:ca:1f:24:e0:5c:28:2a:e6:c4:a6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Dec 23 06:11:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94690cf4dd479c3de88acfd6b0a4f70b7cb1a79f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:5f:f5:a2:8e:d2:1d:a5:05:26:b9:0d:88:fa:
66:71:28:9b:97:61:10:96:1c:d2:6a:5a:5d:d2:d0:
67:a2:7f:75:4d:d8:1e:da:51:bb:c0:1b:c3:60:17:
0e:43:69:98:10:6c:97:18:3e:ec:63:fa:e6:a8:ad:
8c:cc:c8:0a:ab:14:4c:c7:ce:79:be:a0:f0:32:04:
4c:a7:e8:7b:63:2b:79:c7:ed:3d:cf:e7:82:ac:b6:
a3:a9:cc:7e:df:84:f5:52:c6:5f:b9:b1:dc:fd:59:
82:6d:9b:d8:dc:00:64:82:20:7f:ac:65:9e:99:3f:
55:00:25:a1:31:4a:ca:18:c4:b7:62:ab:3c:4e:0d:
cf:c4:7d:99:6e:fe:9c:d9:94:60:aa:16:ec:e6:f7:
4a:a1:4c:67:d9:04:61:78:75:aa:26:8c:cd:95:01:
04:ca:0e:0b:ba:21:35:f1:88:7e:8c:24:b7:c5:40:
e2:90:0f:7d:02:8a:b6:43:ca:5b:d8:a8:41:de:a2:
d0:07:4f:75:10:7a:6a:f5:f9:ef:2f:97:63:a6:88:
87:9a:fb:f5:09:db:f8:9b:6f:86:0b:43:c3:5c:59:
bc:80:be:ef:6c:7c:54:41:3e:27:2f:13:92:6d:f5:
92:2a:3c:43:3c:f4:70:f9:d7:78:61:0b:ae:f5:8d:
cc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:69:0C:F4:DD:47:9C:3D:E8:8A:CF:D6:B0:A4:F7:0B:7C:B1:A7:9F
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/lGkM9N1HnD3ois_WsKT3C3yxp58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.142.0/24
Signature Algorithm: sha256WithRSAEncryption
59:69:3f:4f:d4:de:19:c9:8b:3d:e8:50:e0:71:0a:ed:6f:76:
ab:51:8e:10:df:13:d8:0f:ef:12:f2:5a:01:2d:16:85:0c:e9:
b2:56:0d:82:01:00:40:c0:13:27:b6:71:34:f0:c8:c1:bc:7c:
3a:6d:93:29:6d:79:c9:b4:68:ce:e8:f1:d9:10:02:f3:f8:0b:
8e:a2:5c:57:b5:38:84:88:24:c5:e4:a0:04:8c:72:bf:92:e7:
12:dc:77:61:24:15:bf:54:a9:49:fe:93:2e:26:20:0d:44:ce:
5b:1d:91:86:34:72:df:be:af:eb:c1:23:1c:e5:25:0a:50:13:
2a:2d:1c:0d:ea:dc:c1:69:09:d2:fc:2a:bb:50:a3:f5:39:15:
1d:6d:35:f7:8c:75:72:34:f2:f3:67:6e:a0:4e:f7:4c:e7:dc:
54:af:f4:5e:95:5b:23:63:f5:fe:c1:6a:2e:5c:12:e1:d1:e4:
49:c2:e5:42:b4:6a:22:20:5c:22:bd:b1:f1:91:11:76:92:23:
4b:bd:38:bd:25:55:38:a2:25:f8:ee:20:ad:2c:a9:de:69:a6:
cf:28:ff:02:fc:57:ec:91:d6:7d:75:4a:7a:88:37:1a:06:64:
d2:9a:43:a7:de:fa:70:07:43:34:23:83:18:7d:58:1f:40:26:
8d:96:27:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU9m2+b0cofJOBcKCrmxKbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjIxMjIzMDYxMTE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY5MGNmNGRkNDc5YzNkZTg4YWNmZDZiMGE0ZjcwYjdjYjFhNzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA91/1oo7SHaUFJrkNiPpmcSibl2EQ
lhzSalpd0tBnon91Tdge2lG7wBvDYBcOQ2mYEGyXGD7sY/rmqK2MzMgKqxRMx855
vqDwMgRMp+h7Yyt5x+09z+eCrLajqcx+34T1UsZfubHc/VmCbZvY3ABkgiB/rGWe
mT9VACWhMUrKGMS3Yqs8Tg3PxH2Zbv6c2ZRgqhbs5vdKoUxn2QRheHWqJozNlQEE
yg4LuiE18Yh+jCS3xUDikA99Aoq2Q8pb2KhB3qLQB091EHpq9fnvL5djpoiHmvv1
Cdv4m2+GC0PDXFm8gL7vbHxUQT4nLxOSbfWSKjxDPPRw+dd4YQuu9Y3MKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRpDPTdR5w96IrP1rCk9wt8saefMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvbEdrTTlOMUhuRDNvaXNfV3NLVDNDM3l4cDU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNCOMA0G
CSqGSIb3DQEBCwUAA4IBAQBZaT9P1N4ZyYs96FDgcQrtb3arUY4Q3xPYD+8S8loB
LRaFDOmyVg2CAQBAwBMntnE08MjBvHw6bZMpbXnJtGjO6PHZEALz+AuOolxXtTiE
iCTF5KAEjHK/kucS3HdhJBW/VKlJ/pMuJiANRM5bHZGGNHLfvq/rwSMc5SUKUBMq
LRwN6tzBaQnS/Cq7UKP1ORUdbTX3jHVyNPLzZ26gTvdM59xUr/RelVsjY/X+wWou
XBLh0eRJwuVCtGoiIFwivbHxkRF2kiNLvTi9JVU4oiX47iCtLKneaabPKP8C/Ffs
kdZ9dUp6iDcaBmTSmkOn3vpwB0M0I4MYfVgfQCaNlidT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:32 2024 by rpki-client on console-ams.rpki-client.org