Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/4hMpSJkDgFkumKEXOTCxAVxSPsY.roa
File: 4hMpSJkDgFkumKEXOTCxAVxSPsY.roa (raw, json)
Hash identifier: DlXxZVkft9389ScG/IiTXw0FX5UkYkgdQxxmSiFEq7s=
Subject key identifier: E2:13:29:48:99:03:80:59:2E:98:A1:17:39:30:B1:01:5C:52:3E:C6
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: D628
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/4hMpSJkDgFkumKEXOTCxAVxSPsY.roa
Signing time: Fri 17 Jun 2022 00:05:10 +0000
ROA not before: Fri 17 Jun 2022 00:05:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4128
IP address blocks: 198.180.152.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54824 (0xd628)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Jun 17 00:05:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=E2132948990380592E98A1173930B1015C523EC6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:4a:af:d3:51:bc:27:67:91:dc:db:73:2e:ee:
44:0a:72:20:5a:6b:cb:76:65:79:ca:81:64:b4:d2:
f9:33:7a:15:e7:24:42:80:e7:4c:07:8a:b9:72:9d:
3c:c4:1e:df:c8:e4:73:0e:0d:f0:41:b8:93:80:ad:
d5:16:30:42:7e:43:62:da:77:cc:be:b6:8d:fd:15:
ec:a3:be:2a:92:2a:90:6a:00:8c:30:9f:f0:d7:2f:
7c:39:16:d1:13:4f:96:67:b5:ca:26:e7:60:5b:e1:
db:cb:2f:23:ea:a5:2c:e0:70:58:e0:a0:2e:d1:55:
69:5c:34:87:53:45:8b:84:41:fb:23:e1:d8:01:43:
53:8c:19:6b:34:2d:cb:51:91:60:39:76:65:34:00:
8f:90:f9:19:64:a1:19:7b:e7:37:dd:d8:70:60:8a:
74:44:b1:b4:a3:bd:b3:4c:2b:7e:0d:19:e7:7d:81:
99:e0:51:17:6f:95:a7:2e:c1:a4:71:48:bc:89:3c:
65:01:f1:c4:7d:6e:6d:c6:2f:be:18:53:8c:87:6f:
c7:de:73:ff:80:c7:fd:ad:cc:8e:c0:87:ef:89:9a:
ae:d5:cf:4d:98:b6:29:85:55:dc:b9:84:c8:7e:ad:
5b:77:1b:c5:06:2e:56:81:8c:d3:0e:3a:0a:57:1c:
d7:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:13:29:48:99:03:80:59:2E:98:A1:17:39:30:B1:01:5C:52:3E:C6
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/4hMpSJkDgFkumKEXOTCxAVxSPsY.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
198.180.152.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:78:d1:be:df:8e:d4:4b:16:6c:04:33:d0:f7:4d:e6:66:ff:
39:8f:fc:31:7f:a9:bf:ce:5a:3c:02:f3:71:85:e8:b7:ca:1e:
f3:c8:7d:24:01:d6:25:f2:30:3f:1b:3a:f3:85:5a:79:32:94:
38:1a:81:7f:48:74:43:d5:57:88:66:24:ab:b9:bf:b3:ec:a7:
17:63:aa:55:e7:4d:2b:25:9b:43:1b:c2:73:0e:bc:c4:57:b3:
35:b7:bc:0e:74:ae:20:b1:25:6c:ee:43:b7:9a:e1:42:1b:35:
94:c7:72:43:57:c4:49:e0:50:cc:56:06:cd:85:e1:a5:b2:30:
55:43:c2:a5:9d:18:21:96:ba:c9:99:bf:34:ca:7d:80:64:87:
79:70:29:15:a7:79:ff:8c:fe:f1:87:b4:8c:2e:39:c4:62:1b:
c3:55:af:c2:1c:70:fc:f0:ce:d4:59:7d:6d:e0:d0:db:e1:16:
d5:b4:56:87:09:e2:b2:1d:cf:e8:ee:50:ad:0b:97:32:e5:08:
23:e9:44:70:fc:bf:bf:59:96:e8:28:ac:87:c7:3b:e1:ee:b9:
25:89:9e:86:a9:0d:b8:5f:27:5d:8e:21:32:65:9b:d4:f4:cf:
d2:77:69:50:c4:6f:fd:a8:9b:4f:92:6d:07:98:a2:19:7b:57:
ca:82:46:71
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDANYoMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjIwNjE3
MDAwNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhFMjEzMjk0ODk5MDM4
MDU5MkU5OEExMTczOTMwQjEwMTVDNTIzRUM2MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA80qv01G8J2eR3NtzLu5ECnIgWmvLdmV5yoFktNL5M3oV5yRC
gOdMB4q5cp08xB7fyORzDg3wQbiTgK3VFjBCfkNi2nfMvraN/RXso74qkiqQagCM
MJ/w1y98ORbRE0+WZ7XKJudgW+Hbyy8j6qUs4HBY4KAu0VVpXDSHU0WLhEH7I+HY
AUNTjBlrNC3LUZFgOXZlNACPkPkZZKEZe+c33dhwYIp0RLG0o72zTCt+DRnnfYGZ
4FEXb5WnLsGkcUi8iTxlAfHEfW5txi++GFOMh2/H3nP/gMf9rcyOwIfviZqu1c9N
mLYphVXcuYTIfq1bdxvFBi5WgYzTDjoKVxzX4QIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFOITKUiZA4BZLpihFzkwsQFcUj7GMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VLzRoTXBTSmtEZ0ZrdW1LRVhPVEN4QVZ4U1BzWS5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMa0mDANBgkqhkiG9w0BAQsFAAOCAQEAmnjR
vt+O1EsWbAQz0PdN5mb/OY/8MX+pv85aPALzcYXot8oe88h9JAHWJfIwPxs684Va
eTKUOBqBf0h0Q9VXiGYkq7m/s+ynF2OqVedNKyWbQxvCcw68xFezNbe8DnSuILEl
bO5Dt5rhQhs1lMdyQ1fESeBQzFYGzYXhpbIwVUPCpZ0YIZa6yZm/NMp9gGSHeXAp
Fad5/4z+8Ye0jC45xGIbw1Wvwhxw/PDO1Fl9beDQ2+EW1bRWhwnish3P6O5QrQuX
MuUII+lEcPy/v1mW6Cish8c74e65JYmehqkNuF8nXY4hMmWb1PTP0ndpUMRv/aib
T5JtB5iiGXtXyoJGcQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org