Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/_OCDcMFp-OXk7E3Y35sSCUmuVqw.roa
File: _OCDcMFp-OXk7E3Y35sSCUmuVqw.roa (raw, json)
Hash identifier: IV3/sFeV/atS6xvz7g6XsKh7oLCSShLeZjUAZTdLmmE=
Subject key identifier: FC:E0:83:70:C1:69:F8:E5:E4:EC:4D:D8:DF:9B:12:09:49:AE:56:AC
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: 9FA4
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/_OCDcMFp-OXk7E3Y35sSCUmuVqw.roa
Signing time: Sun 29 Aug 2021 23:37:54 +0000
ROA not before: Sun 29 Aug 2021 23:37:54 +0000
ROA not after: Fri 01 Jul 2022 00:00:00 +0000
asID: 3130
IP address blocks: 192.83.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40868 (0x9fa4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Aug 29 23:37:54 2021 GMT
Not After : Jul 1 00:00:00 2022 GMT
Subject: CN=FCE08370C169F8E5E4EC4DD8DF9B120949AE56AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a8:a6:16:38:e5:80:b1:79:d6:9b:f6:33:d1:
7f:7f:c5:71:54:70:22:de:4c:93:bf:fe:b1:eb:9b:
9e:7c:3a:5f:16:01:13:2f:5e:2f:18:3f:a0:96:bc:
c4:c8:1a:88:c4:03:1b:8b:76:8e:f7:3a:01:61:6d:
b1:5e:d3:41:1c:c3:d5:c4:0e:91:88:c1:75:35:ab:
7e:8a:4a:97:0d:11:d7:a2:ad:50:33:98:4b:51:f3:
0f:c3:21:b2:48:50:47:6a:26:44:7e:fa:6f:e4:48:
83:b1:d5:64:0c:97:79:08:40:47:d4:f5:f6:89:6b:
02:2a:75:d9:80:99:79:ee:02:36:92:0e:7d:fc:6f:
f9:4c:ac:d1:76:7a:a1:d2:80:e1:65:26:aa:20:ef:
55:f9:59:fc:64:9e:c0:01:e4:d9:05:93:c8:11:50:
55:12:74:c4:14:e9:f0:ff:84:cc:03:2b:36:57:e8:
36:4d:ff:cf:f3:88:80:f5:0b:8f:7e:8f:f0:a4:0b:
35:f7:62:79:36:61:d9:66:ed:e6:7a:77:7a:95:4d:
1c:3e:77:d3:4b:3d:97:60:21:a4:b6:05:a0:5c:89:
5c:81:b7:0e:05:36:82:76:a1:21:6e:4e:e7:26:a4:
dc:d5:b2:e2:30:e4:53:02:70:af:30:b6:98:f9:58:
8c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:E0:83:70:C1:69:F8:E5:E4:EC:4D:D8:DF:9B:12:09:49:AE:56:AC
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/_OCDcMFp-OXk7E3Y35sSCUmuVqw.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
192.83.230.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:98:7d:36:da:7a:f9:2d:f3:46:8e:74:4f:0b:ca:10:ec:08:
e0:3e:ce:74:b7:db:d5:8d:c3:ee:65:13:b3:10:45:45:41:4e:
c5:85:a4:ee:71:8c:9d:0d:8e:f6:cc:06:92:c4:9e:08:10:37:
aa:23:39:a6:c1:05:4c:97:89:3c:db:06:77:2a:6e:11:8e:25:
bc:89:86:83:fa:1d:00:11:a8:53:7a:ed:d6:01:5d:06:51:7b:
9b:16:f4:4b:d4:68:a6:5a:19:de:8b:dd:6c:4b:80:8a:50:0e:
4b:fb:ca:7f:b1:cb:52:ee:53:54:bc:1f:f9:70:14:fa:63:12:
85:99:e9:4f:51:ba:d9:3a:7f:6e:22:d3:34:fe:de:38:ff:dd:
1b:0b:2c:99:4e:47:7a:64:75:3e:66:76:f0:80:7b:cf:2d:59:
15:b8:3f:01:3c:46:fb:e3:45:5b:a9:97:f5:11:c0:db:dd:26:
6c:03:d5:f6:1d:9e:c2:3f:b8:14:d3:24:66:da:c2:89:53:a9:
ef:08:96:1c:c8:91:bc:eb:67:5d:0a:ba:41:fc:f2:99:1e:d6:
9b:fb:91:23:c0:2d:d3:35:5c:42:81:6a:41:28:c6:5a:d0:80:
1a:2f:bf:73:c5:19:60:9d:36:1d:11:9e:87:e2:7f:de:30:2f:
43:8f:81:61
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDAJ+kMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjEwODI5
MjMzNzU0WhcNMjIwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhGQ0UwODM3MEMxNjlG
OEU1RTRFQzRERDhERjlCMTIwOTQ5QUU1NkFDMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAw6imFjjlgLF51pv2M9F/f8VxVHAi3kyTv/6x65uefDpfFgET
L14vGD+glrzEyBqIxAMbi3aO9zoBYW2xXtNBHMPVxA6RiMF1Nat+ikqXDRHXoq1Q
M5hLUfMPwyGySFBHaiZEfvpv5EiDsdVkDJd5CEBH1PX2iWsCKnXZgJl57gI2kg59
/G/5TKzRdnqh0oDhZSaqIO9V+Vn8ZJ7AAeTZBZPIEVBVEnTEFOnw/4TMAys2V+g2
Tf/P84iA9QuPfo/wpAs192J5NmHZZu3mend6lU0cPnfTSz2XYCGktgWgXIlcgbcO
BTaCdqEhbk7nJqTc1bLiMORTAnCvMLaY+ViMZwIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFPzgg3DBafjl5OxN2N+bEglJrlasMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL19PQ0RjTUZwLU9YazdFM1kzNXNTQ1VtdVZxdy5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMBT5jANBgkqhkiG9w0BAQsFAAOCAQEAqZh9
Ntp6+S3zRo50TwvKEOwI4D7OdLfb1Y3D7mUTsxBFRUFOxYWk7nGMnQ2O9swGksSe
CBA3qiM5psEFTJeJPNsGdypuEY4lvImGg/odABGoU3rt1gFdBlF7mxb0S9RoploZ
3ovdbEuAilAOS/vKf7HLUu5TVLwf+XAU+mMShZnpT1G62Tp/biLTNP7eOP/dGwss
mU5HemR1PmZ28IB7zy1ZFbg/ATxG++NFW6mX9RHA290mbAPV9h2ewj+4FNMkZtrC
iVOp7wiWHMiRvOtnXQq6QfzymR7Wm/uRI8At0zVcQoFqQSjGWtCAGi+/c8UZYJ02
HRGeh+J/3jAvQ4+BYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:36:52 2024 by rpki-client on console-fra.rpki-client.org