Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/Z2qY4aXoEu23J802i3fGz1yvkPU.roa
File: Z2qY4aXoEu23J802i3fGz1yvkPU.roa (raw, json)
Hash identifier: jE2jDGgFyDV40kjKbIik0bdA67V3/B0NqZ+n/AG5UrI=
Subject key identifier: 67:6A:98:E1:A5:E8:12:ED:B7:27:CD:36:8B:77:C6:CF:5C:AF:90:F5
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: D629
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/Z2qY4aXoEu23J802i3fGz1yvkPU.roa
Signing time: Fri 17 Jun 2022 00:05:10 +0000
ROA not before: Fri 17 Jun 2022 00:05:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3927
IP address blocks: 198.180.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 54825 (0xd629)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Jun 17 00:05:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=676A98E1A5E812EDB727CD368B77C6CF5CAF90F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d5:f5:f4:44:3d:dd:0d:4c:f1:af:56:bc:9b:
06:ce:47:b5:e7:2a:ef:a5:62:39:0e:e6:07:d4:62:
ea:35:60:80:83:11:7b:4b:17:6a:c7:3d:07:f2:a2:
50:76:45:72:8c:f5:fa:39:ab:10:b7:75:28:96:89:
26:dd:70:d3:bd:ee:6f:95:fc:aa:9f:dc:a0:f6:c8:
3d:77:70:12:ec:0c:d2:b4:be:b3:67:16:27:f8:b2:
54:82:03:a9:c6:3c:dd:e1:af:6a:57:5d:3d:84:f3:
ba:92:fa:5e:ab:69:fa:d5:8e:82:d8:81:14:fb:a4:
00:04:f7:c4:97:d8:5e:3f:dc:c6:86:f4:a0:5d:90:
fe:e7:cb:2a:e9:ca:06:aa:2c:5c:50:9c:02:37:13:
f4:06:f4:92:b2:92:76:4f:19:5a:80:f1:d1:dd:7c:
32:31:6c:39:2e:0d:d3:e9:45:27:85:47:41:1e:85:
b1:d7:18:e7:24:3d:aa:bb:f4:5f:ed:6d:7f:66:6e:
e9:71:3f:60:1c:0c:1a:51:3e:ad:1f:d5:5b:e6:99:
07:40:08:64:06:49:d4:d6:36:0c:95:fe:13:54:a4:
52:9b:0a:74:10:7f:30:04:49:22:f2:2b:33:3c:af:
a6:c4:49:26:df:b3:2d:db:ab:d5:69:2f:e9:21:b2:
06:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6A:98:E1:A5:E8:12:ED:B7:27:CD:36:8B:77:C6:CF:5C:AF:90:F5
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/Z2qY4aXoEu23J802i3fGz1yvkPU.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
198.180.150.0/24
Signature Algorithm: sha256WithRSAEncryption
88:1f:5f:1e:80:61:01:6f:d0:33:3f:a6:91:7d:eb:ee:3c:72:
dd:dd:bb:d0:c6:5d:3f:7a:87:ac:35:f8:76:91:d3:3d:87:6c:
76:be:95:53:b2:24:72:33:b9:ba:d0:d5:ac:df:4f:96:94:63:
67:29:29:0a:b4:86:83:d7:28:a8:75:09:e1:a6:25:8c:08:db:
23:61:4d:c7:b2:da:e9:b2:87:39:47:bf:07:16:c7:b7:51:1c:
b9:0f:90:31:12:66:17:44:0a:8e:5a:7f:fa:d3:9c:fc:63:02:
02:f8:59:02:28:4f:11:ed:7a:48:09:8a:82:82:fc:a0:61:ba:
ca:c3:bc:b4:87:35:ab:1a:e9:e7:6d:d7:59:8e:2d:f2:32:1e:
b6:3c:e4:c5:ca:8a:78:46:71:d2:81:68:f8:51:75:5d:6b:6a:
2c:50:3d:87:ac:4e:76:d8:d5:75:6e:a4:54:45:9b:7b:dd:94:
ea:45:fa:05:64:99:7c:bb:a3:68:ea:58:28:a0:fa:57:a6:76:
0e:6d:87:8e:56:b3:00:83:04:68:10:22:5e:51:a5:7f:26:76:
78:50:46:49:f9:1d:9a:fa:94:f0:77:f6:b6:ac:33:f0:55:f3:
f9:48:0b:08:50:5e:f3:e6:95:76:ff:5b:c1:a9:33:bd:e1:53:
c7:ec:29:c0
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDANYpMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjIwNjE3
MDAwNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg2NzZBOThFMUE1RTgx
MkVEQjcyN0NEMzY4Qjc3QzZDRjVDQUY5MEY1MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArNX19EQ93Q1M8a9WvJsGzke15yrvpWI5DuYH1GLqNWCAgxF7
Sxdqxz0H8qJQdkVyjPX6OasQt3Uolokm3XDTve5vlfyqn9yg9sg9d3AS7AzStL6z
ZxYn+LJUggOpxjzd4a9qV109hPO6kvpeq2n61Y6C2IEU+6QABPfEl9heP9zGhvSg
XZD+58sq6coGqixcUJwCNxP0BvSSspJ2TxlagPHR3XwyMWw5Lg3T6UUnhUdBHoWx
1xjnJD2qu/Rf7W1/Zm7pcT9gHAwaUT6tH9Vb5pkHQAhkBknU1jYMlf4TVKRSmwp0
EH8wBEki8iszPK+mxEkm37Mt26vVaS/pIbIGXQIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFGdqmOGl6BLttyfNNot3xs9cr5D1MB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL1oycVk0YVhvRXUyM0o4MDJpM2ZHejF5dmtQVS5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMa0ljANBgkqhkiG9w0BAQsFAAOCAQEAiB9f
HoBhAW/QMz+mkX3r7jxy3d270MZdP3qHrDX4dpHTPYdsdr6VU7IkcjO5utDVrN9P
lpRjZykpCrSGg9coqHUJ4aYljAjbI2FNx7La6bKHOUe/BxbHt1EcuQ+QMRJmF0QK
jlp/+tOc/GMCAvhZAihPEe16SAmKgoL8oGG6ysO8tIc1qxrp523XWY4t8jIetjzk
xcqKeEZx0oFo+FF1XWtqLFA9h6xOdtjVdW6kVEWbe92U6kX6BWSZfLujaOpYKKD6
V6Z2Dm2HjlazAIMEaBAiXlGlfyZ2eFBGSfkdmvqU8Hf2tqwz8FXz+UgLCFBe8+aV
dv9bwakzveFTx+wpwA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org