Route Origin Authorization
$ rpki-client -vvf ca.rg.net/rpki/RGnet-OU/kESYeBOyJpZanL2Rh1KyjQe0ao8.roa
File: kESYeBOyJpZanL2Rh1KyjQe0ao8.roa (raw, json)
Hash identifier: MJ6n1t6dU0ZzJtZd4m2kf1ty46kpjbFPnj9W8RV03Jg=
Subject key identifier: 90:44:98:78:13:B2:26:96:5A:9C:BD:91:87:52:B2:8D:07:B4:6A:8F
Certificate issuer: /CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Certificate serial: E9B3
Authority key identifier: 6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
Subject info access: rsync://ca.rg.net/rpki/RGnet-OU/kESYeBOyJpZanL2Rh1KyjQe0ao8.roa
Signing time: Fri 30 Sep 2022 03:24:06 +0000
ROA not before: Fri 30 Sep 2022 03:24:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3927
IP address blocks: 198.180.150.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 59827 (0xe9b3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d6fbfa9753db8d846433db5351d9a9ec07c96bd
Validity
Not Before: Sep 30 03:24:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9044987813B226965A9CBD918752B28D07B46A8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:da:e9:eb:1a:2a:b6:e7:e6:6e:61:6f:98:fd:
fa:c8:15:0f:65:79:df:a8:99:c5:b9:06:04:4c:3a:
7e:f3:59:65:06:39:61:52:52:10:31:c4:46:f8:a2:
5e:0a:f3:82:03:c0:be:dd:e0:98:67:0e:51:83:78:
c6:61:ab:15:a1:ff:93:25:8c:a0:d1:99:7d:9e:b1:
5a:46:15:82:04:43:28:7e:fe:b5:3e:97:6b:65:04:
63:06:c6:52:a1:cc:f2:e1:77:10:ac:08:87:54:4e:
0a:ec:c9:b4:83:1e:7b:32:cd:11:62:ee:89:1c:48:
6e:53:df:8f:11:b7:22:07:6c:6f:1e:24:4f:f9:dd:
0a:99:cf:62:b4:67:57:d7:d9:61:86:a7:46:c3:97:
ae:5b:23:fb:56:4b:39:4a:46:7f:71:0f:20:09:12:
98:44:27:e6:44:c2:2b:a9:78:b7:37:6b:dc:39:e1:
04:ed:47:4f:3d:17:5c:61:50:b1:a9:af:a5:ed:4a:
75:90:cd:5d:48:cc:85:36:d5:68:76:eb:e2:ef:e8:
2d:5b:d6:29:1e:7b:32:c6:5f:5c:38:4b:d1:b2:1a:
ad:a3:29:98:9a:50:b4:d1:25:fe:da:04:51:4d:09:
35:34:9d:dd:a0:99:f6:d2:f7:08:4d:10:8c:bf:b6:
20:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:44:98:78:13:B2:26:96:5A:9C:BD:91:87:52:B2:8D:07:B4:6A:8F
X509v3 Authority Key Identifier:
keyid:6D:6F:BF:A9:75:3D:B8:D8:46:43:3D:B5:35:1D:9A:9E:C0:7C:96:BD
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://ca.rg.net/rpki/RGnet-OU/bW-_qXU9uNhGQz21NR2ansB8lr0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bW-_qXU9uNhGQz21NR2ansB8lr0.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://ca.rg.net/rpki/RGnet-OU/kESYeBOyJpZanL2Rh1KyjQe0ao8.roa
RPKI Notify - URI:https://ca.rg.net/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
198.180.150.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:9e:61:3f:f8:a5:d3:57:03:12:98:15:84:50:62:9a:29:88:
2c:3a:52:33:76:a4:7e:97:86:bb:34:b4:5c:e6:95:b7:25:1e:
b4:69:d2:d2:e2:41:e8:bf:ff:1a:3b:3a:f9:a3:d1:cd:a0:d0:
01:7d:4d:26:f1:01:43:80:37:ae:e4:bb:87:1c:d9:dd:b3:07:
2a:d2:1b:33:5c:b3:3c:75:76:a9:a0:fc:04:a8:52:34:42:64:
40:29:1c:d6:dc:38:3e:81:1f:92:af:e8:91:90:23:36:72:77:
18:d0:89:a6:12:80:db:bb:66:39:ec:b3:da:d3:e7:3b:6d:2e:
e9:8a:4d:1b:d5:67:73:de:9f:40:a2:3b:a9:b4:fd:ca:be:6b:
39:4a:47:47:e2:77:0b:4b:c3:d4:ff:31:67:9e:4a:e3:50:6d:
22:cd:04:2a:ae:be:a2:56:49:d7:36:b3:75:b6:3e:51:18:21:
df:23:44:93:dc:c5:28:b8:f3:8a:00:b2:e6:ff:2a:9a:c9:dc:
19:61:e2:3b:6c:40:f4:c3:bb:7d:62:92:91:76:83:42:52:90:
23:e9:bc:23:46:4f:46:fd:83:a6:4c:8d:2e:b0:41:57:ca:f5:
02:9b:86:fc:b1:62:20:65:8f:31:af:e5:44:e1:f7:e3:57:27:
02:1a:86:7c
-----BEGIN CERTIFICATE-----
MIIEuTCCA6GgAwIBAgIDAOmzMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDZk
NmZiZmE5NzUzZGI4ZDg0NjQzM2RiNTM1MWQ5YTllYzA3Yzk2YmQwHhcNMjIwOTMw
MDMyNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5MDQ0OTg3ODEzQjIy
Njk2NUE5Q0JEOTE4NzUyQjI4RDA3QjQ2QThGMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAz9rp6xoqtufmbmFvmP36yBUPZXnfqJnFuQYETDp+81llBjlh
UlIQMcRG+KJeCvOCA8C+3eCYZw5Rg3jGYasVof+TJYyg0Zl9nrFaRhWCBEMofv61
PpdrZQRjBsZSoczy4XcQrAiHVE4K7Mm0gx57Ms0RYu6JHEhuU9+PEbciB2xvHiRP
+d0Kmc9itGdX19lhhqdGw5euWyP7Vks5SkZ/cQ8gCRKYRCfmRMIrqXi3N2vcOeEE
7UdPPRdcYVCxqa+l7Up1kM1dSMyFNtVoduvi7+gtW9YpHnsyxl9cOEvRshqtoymY
mlC00SX+2gRRTQk1NJ3doJn20vcITRCMv7YgqQIDAQABo4IB1DCCAdAwHQYDVR0O
BBYEFJBEmHgTsiaWWpy9kYdSso0HtGqPMB8GA1UdIwQYMBaAFG1vv6l1PbjYRkM9
tTUdmp7AfJa9MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwUAYDVR0fBEkwRzBF
oEOgQYY/cnN5bmM6Ly9jYS5yZy5uZXQvcnBraS9SR25ldC1PVS9iVy1fcVhVOXVO
aEdRejIxTlIyYW5zQjhscjAuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEFBQcw
AoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iVy1f
cVhVOXVOaEdRejIxTlIyYW5zQjhscjAuY2VyMA4GA1UdDwEB/wQEAwIHgDCBigYI
KwYBBQUHAQsEfjB8MEsGCCsGAQUFBzALhj9yc3luYzovL2NhLnJnLm5ldC9ycGtp
L1JHbmV0LU9VL2tFU1llQk95SnBaYW5MMlJoMUt5alFlMGFvOC5yb2EwLQYIKwYB
BQUHMA2GIWh0dHBzOi8vY2EucmcubmV0L3JyZHAvbm90aWZ5LnhtbDAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAMa0ljANBgkqhkiG9w0BAQsFAAOCAQEATp5h
P/il01cDEpgVhFBimimILDpSM3akfpeGuzS0XOaVtyUetGnS0uJB6L//Gjs6+aPR
zaDQAX1NJvEBQ4A3ruS7hxzZ3bMHKtIbM1yzPHV2qaD8BKhSNEJkQCkc1tw4PoEf
kq/okZAjNnJ3GNCJphKA27tmOeyz2tPnO20u6YpNG9Vnc96fQKI7qbT9yr5rOUpH
R+J3C0vD1P8xZ55K41BtIs0EKq6+olZJ1zazdbY+URgh3yNEk9zFKLjzigCy5v8q
msncGWHiO2xA9MO7fWKSkXaDQlKQI+m8I0ZPRv2DpkyNLrBBV8r1ApuG/LFiIGWP
Ma/lROH341cnAhqGfA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:50 2023 by rpki-client on console-ams.rpki-client.org