Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Jm_rQNGxR5yxhu-Jd0GHmQn69xQ.roa
File: Jm_rQNGxR5yxhu-Jd0GHmQn69xQ.roa (raw, json)
Hash identifier: qtcHRQzCrq/ueHHAD8iL+8uv2UQUKGgiHxi3K9mx8EM=
Subject key identifier: 26:6F:EB:40:D1:B1:47:9C:B1:86:EF:89:77:41:87:99:09:FA:F7:14
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01855EDF2A00B8E00E1E678DD6BF79E390C9
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Jm_rQNGxR5yxhu-Jd0GHmQn69xQ.roa
Signing time: Thu 29 Dec 2022 17:12:41 +0000
ROA not before: Thu 29 Dec 2022 17:12:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3170
IP address blocks: 192.144.32.0/24 maxlen: 24
2a09:ff00:103::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5e:df:2a:00:b8:e0:0e:1e:67:8d:d6:bf:79:e3:90:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Dec 29 17:12:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=266feb40d1b1479cb186ef897741879909faf714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:9b:18:c2:f0:93:c5:b4:f5:36:fa:0f:7c:14:
68:d4:d3:fc:63:7e:95:b0:21:5a:a3:ea:17:34:01:
c5:75:38:40:74:0e:0d:b4:97:6e:6a:b7:06:a6:58:
a3:0d:29:9c:f8:ac:eb:59:14:9d:01:d0:ef:22:b4:
67:6c:a3:36:c5:4b:f8:66:5c:73:b2:6f:57:f8:6d:
31:0b:51:c4:26:7d:63:1e:20:d3:fc:53:15:77:74:
03:5e:2e:db:65:0f:a9:1d:c4:a7:47:81:69:0c:39:
a9:0c:9d:fb:e6:a1:9a:5f:93:79:f1:87:59:64:85:
8f:70:bd:bd:7e:20:1b:1f:bf:a2:bf:2d:e2:8c:14:
4b:c1:b5:63:91:ac:4c:3a:de:7d:22:25:02:8f:d9:
cb:e3:f9:47:63:8c:05:ec:2d:65:3e:07:3c:2a:42:
31:43:a9:22:c7:16:92:91:1d:aa:e0:ea:4c:d6:7c:
96:93:60:73:e7:f8:34:b5:82:82:f4:be:9e:a9:62:
e9:56:5b:ca:aa:e3:b5:2e:a5:59:de:7c:a6:61:40:
17:64:c9:e1:5d:40:27:28:c2:45:59:4c:77:d0:b0:
fd:f3:3a:26:d6:82:7c:59:43:81:b9:fe:ba:15:e2:
9f:dd:39:ad:2c:60:35:66:ab:67:70:69:9b:3d:ef:
bd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:6F:EB:40:D1:B1:47:9C:B1:86:EF:89:77:41:87:99:09:FA:F7:14
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/Jm_rQNGxR5yxhu-Jd0GHmQn69xQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.32.0/24
IPv6:
2a09:ff00:103::/48
Signature Algorithm: sha256WithRSAEncryption
28:3d:5f:34:c4:57:a9:76:e4:75:39:9e:66:f0:d7:53:4d:96:
55:2c:d5:2f:05:ef:8b:76:f7:6c:a8:b3:04:8f:2d:52:b3:58:
80:9a:80:78:a9:9c:f7:f7:b0:9b:17:79:06:3c:04:6f:e9:c8:
59:ab:ba:8c:5a:6a:3f:74:ed:bb:1b:5d:fe:85:88:3a:a6:2c:
fd:5c:6f:ad:08:23:9c:95:8e:be:36:12:5b:7a:88:15:ab:08:
6b:dd:bc:e3:61:98:5d:c3:1b:d3:d8:9b:49:d4:f2:dd:a4:1e:
32:e7:e6:23:8a:28:cd:96:ad:a3:ec:8f:77:a6:d5:fe:43:59:
34:ad:46:9a:77:35:7b:ac:53:41:31:01:78:9d:42:46:68:75:
4d:ea:ae:71:9e:0a:18:e9:b4:21:fa:68:04:91:93:4b:d9:5e:
e9:af:5f:94:86:75:af:04:68:6f:fe:51:f1:7a:2f:b6:ab:45:
9f:c7:6b:8c:dd:e7:81:63:41:8b:8a:27:94:52:e3:bd:eb:bd:
18:d3:86:8b:57:9f:ac:e9:b1:60:29:cc:8a:d9:a2:32:9c:59:
05:e7:77:1d:97:3e:f1:af:fa:78:1a:6f:ae:31:db:41:c6:83:
3b:11:95:93:97:a7:46:f6:d2:fb:38:30:de:03:c9:7d:15:1d:
25:ea:aa:2c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVe3yoAuOAOHmeN1r9545DJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjIxMjI5MTcxMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjZmZWI0MGQxYjE0NzljYjE4NmVmODk3NzQxODc5OTA5ZmFmNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5sYwvCTxbT1NvoPfBRo1NP8Y36V
sCFao+oXNAHFdThAdA4NtJduarcGplijDSmc+KzrWRSdAdDvIrRnbKM2xUv4Zlxz
sm9X+G0xC1HEJn1jHiDT/FMVd3QDXi7bZQ+pHcSnR4FpDDmpDJ375qGaX5N58YdZ
ZIWPcL29fiAbH7+ivy3ijBRLwbVjkaxMOt59IiUCj9nL4/lHY4wF7C1lPgc8KkIx
Q6kixxaSkR2q4OpM1nyWk2Bz5/g0tYKC9L6eqWLpVlvKquO1LqVZ3nymYUAXZMnh
XUAnKMJFWUx30LD98zom1oJ8WUOBuf66FeKf3TmtLGA1ZqtncGmbPe+9tQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFCZv60DRsUecsYbviXdBh5kJ+vcUMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvSm1fclFOR3hSNXl4aHUtSmQwR0htUW42OXhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwJAgMA8E
AgACMAkDBwAqCf8AAQMwDQYJKoZIhvcNAQELBQADggEBACg9XzTEV6l25HU5nmbw
11NNllUs1S8F74t292yoswSPLVKzWICagHipnPf3sJsXeQY8BG/pyFmruoxaaj90
7bsbXf6FiDqmLP1cb60II5yVjr42Elt6iBWrCGvdvONhmF3DG9PYm0nU8t2kHjLn
5iOKKM2WraPsj3em1f5DWTStRpp3NXusU0ExAXidQkZodU3qrnGeChjptCH6aASR
k0vZXumvX5SGda8EaG/+UfF6L7arRZ/Ha4zd54FjQYuKJ5RS473rvRjThotXn6zp
sWApzIrZojKcWQXndx2XPvGv+ngab64x20HGgzsRlZOXp0b20vs4MN4DyX0VHSXq
qiw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-fra.rpki-client.org