Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/YKzaFtLK2ydhPP0wIfLbt3rbYTI.roa
File: YKzaFtLK2ydhPP0wIfLbt3rbYTI.roa (raw, json)
Hash identifier: FxgLWVXggH7X9rTfBTd/C0j8vP6Cw7GtxNEErewPuec=
Subject key identifier: 60:AC:DA:16:D2:CA:DB:27:61:3C:FD:30:21:F2:DB:B7:7A:DB:61:32
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: D626
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/YKzaFtLK2ydhPP0wIfLbt3rbYTI.roa
Signing time: Fri 17 Jun 2022 00:05:09 +0000
ROA not before: Fri 17 Jun 2022 00:05:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3130
IP address blocks: 192.83.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54822 (0xd626)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Jun 17 00:05:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=60ACDA16D2CADB27613CFD3021F2DBB77ADB6132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:72:49:ca:ec:e4:f2:97:22:30:77:f5:84:4c:
72:53:1f:f3:95:67:32:48:12:ec:1c:dc:36:ce:2d:
b6:2e:a7:b9:58:e2:c7:10:0f:33:c8:17:2f:b5:ac:
33:e0:1c:c1:cc:92:5a:4b:39:97:30:1d:40:d4:95:
69:f1:be:9b:36:b3:ed:43:f6:aa:28:02:20:8c:18:
1d:42:74:7c:c6:ac:7c:2e:e5:eb:18:53:cf:64:6e:
55:be:b2:c0:c9:d1:c5:2e:26:b7:0f:54:ff:c8:ca:
e0:cb:1e:de:e4:0b:fd:d6:aa:7b:ac:69:9a:5b:94:
52:52:76:3f:d2:08:c1:12:5a:d4:89:b1:3d:76:33:
1d:37:d0:d4:dc:a8:3c:37:a6:bf:dd:85:e0:2a:d4:
f0:f1:44:49:1e:99:0b:f4:2c:e8:22:a8:b3:a2:72:
3b:a7:e8:fa:7f:3c:e3:e2:c8:db:3a:65:3e:6c:9b:
b6:15:02:ea:c9:57:b0:46:f3:bc:75:26:81:fa:cb:
03:40:d0:3c:d4:e5:9c:d2:70:b4:31:d9:83:68:d4:
25:02:41:96:41:f2:2f:68:33:35:c4:36:c4:c8:70:
8b:f4:bb:64:54:a1:ea:f8:fe:f1:96:c2:51:13:9f:
2b:75:69:be:01:b9:09:04:35:15:6f:cc:ce:a5:65:
00:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:AC:DA:16:D2:CA:DB:27:61:3C:FD:30:21:F2:DB:B7:7A:DB:61:32
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/YKzaFtLK2ydhPP0wIfLbt3rbYTI.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.83.230.0/24
Signature Algorithm: sha256WithRSAEncryption
46:df:22:a6:94:9d:46:71:c5:9b:74:c6:01:5a:49:f6:ac:72:
fc:6f:11:fd:90:0b:6d:15:49:3e:bd:28:3b:b7:73:3a:46:cf:
04:cf:ce:c0:ad:11:8b:98:09:4b:02:57:05:0f:70:ba:ba:dd:
9f:fe:29:e0:9d:f7:d0:db:6c:d5:a0:ae:9f:40:a4:3b:39:64:
eb:1a:23:de:24:43:66:2e:88:9b:1b:87:d3:09:2a:35:9f:1e:
a0:08:db:e8:6a:a0:ef:0f:b4:f8:df:66:4f:5f:d5:f5:1d:ff:
c5:24:74:3a:fa:15:e3:50:d4:0d:2d:54:46:74:15:ad:b9:b9:
96:40:8b:50:ee:7d:6d:23:2d:73:24:76:0b:f3:67:d6:45:07:
8d:f0:5b:cf:38:e6:5a:f6:42:17:d0:ce:62:17:8c:2d:0d:81:
87:43:a5:5f:86:81:fd:59:03:4f:fb:3e:ac:96:83:7d:22:a6:
83:a7:06:55:de:14:79:5f:af:d8:73:c1:62:63:0b:88:93:91:
11:7e:c2:65:a5:92:0b:ac:4c:76:b9:2d:1f:6a:cd:c7:97:35:
e0:12:2b:ed:ba:f3:aa:dc:2b:21:cc:70:42:f0:2e:32:8a:a3:
34:ab:67:44:e1:63:6d:b7:57:a2:d4:17:18:29:46:af:16:9b:
82:2b:5b:7e
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDANYmMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjIwNjE3
MDAwNTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2MEFDREExNkQyQ0FE
QjI3NjEzQ0ZEMzAyMUYyREJCNzdBREI2MTMyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqHJJyuzk8pciMHf1hExyUx/zlWcySBLsHNw2zi22Lqe5WOLH
EA8zyBcvtawz4BzBzJJaSzmXMB1A1JVp8b6bNrPtQ/aqKAIgjBgdQnR8xqx8LuXr
GFPPZG5VvrLAydHFLia3D1T/yMrgyx7e5Av91qp7rGmaW5RSUnY/0gjBElrUibE9
djMdN9DU3Kg8N6a/3YXgKtTw8URJHpkL9CzoIqizonI7p+j6fzzj4sjbOmU+bJu2
FQLqyVewRvO8dSaB+ssDQNA81OWc0nC0MdmDaNQlAkGWQfIvaDM1xDbEyHCL9Ltk
VKHq+P7xlsJRE58rdWm+AbkJBDUVb8zOpWUAUwIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFGCs2hbSytsnYTz9MCHy27d622EyMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL1lLemFGdExLMnlkaFBQMHdJZkxidDNyYllUSS5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBT5jANBgkqhkiG9w0BAQsFAAOCAQEARt8i
ppSdRnHFm3TGAVpJ9qxy/G8R/ZALbRVJPr0oO7dzOkbPBM/OwK0Ri5gJSwJXBQ9w
urrdn/4p4J330Nts1aCun0CkOzlk6xoj3iRDZi6ImxuH0wkqNZ8eoAjb6Gqg7w+0
+N9mT1/V9R3/xSR0OvoV41DUDS1URnQVrbm5lkCLUO59bSMtcyR2C/Nn1kUHjfBb
zzjmWvZCF9DOYheMLQ2Bh0OlX4aB/VkDT/s+rJaDfSKmg6cGVd4UeV+v2HPBYmML
iJOREX7CZaWSC6xMdrktH2rNx5c14BIr7brzqtwrIcxwQvAuMoqjNKtnROFjbbdX
otQXGClGrxabgitbfg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:35 2023 by rpki-client on console-fra.rpki-client.org