Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7GV7rr3GWffQ_m5e78QKUSkrczQ.roa
File: 7GV7rr3GWffQ_m5e78QKUSkrczQ.roa (raw, json)
Hash identifier: p0Snpg5l5h3NSG8eKhSyJ6o5GUF+gFJVFB+tHKs2PIg=
Subject key identifier: EC:65:7B:AE:BD:C6:59:F7:D0:FE:6E:5E:EF:C4:0A:51:29:2B:73:34
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01846790F3C5D016D7CB7133030F0C354673
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7GV7rr3GWffQ_m5e78QKUSkrczQ.roa
Signing time: Fri 11 Nov 2022 16:41:03 +0000
ROA not before: Fri 11 Nov 2022 16:41:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38337
IP address blocks: 109.206.243.0/24 maxlen: 24
194.180.49.0/24 maxlen: 24
185.225.75.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:67:90:f3:c5:d0:16:d7:cb:71:33:03:0f:0c:35:46:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 11 16:41:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec657baebdc659f7d0fe6e5eefc40a51292b7334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a4:1b:ad:7b:6e:3d:16:59:b9:b4:83:cf:35:
93:f2:12:f0:c2:eb:e6:4a:35:8e:c6:7f:71:a5:34:
7c:cb:ab:d5:b5:4f:63:4b:42:be:99:48:17:b9:1f:
71:e6:84:df:51:a9:e5:5b:de:4c:97:3a:de:77:9c:
7a:61:c7:6f:f1:ac:a9:29:b5:b3:b5:fa:17:57:8c:
cf:1f:62:5d:f0:17:bc:76:27:da:78:d9:1f:ed:1b:
8c:b8:fc:12:72:40:43:3a:aa:67:76:a3:5c:af:5e:
84:bf:95:2e:26:c9:b1:ec:46:79:e8:25:5f:08:05:
cb:53:47:a7:ba:21:c1:60:3a:de:c4:82:b2:0e:3f:
ed:ca:16:90:a9:32:ca:4d:5a:dd:6b:a0:fa:9d:68:
af:ea:f3:b5:55:a8:92:3a:85:db:81:f1:80:af:f7:
15:52:98:1f:d9:05:41:81:ec:44:ee:fe:18:d1:ec:
d4:05:d8:74:46:16:a8:7f:cd:64:2b:20:d8:f2:79:
bd:5b:ad:d6:fa:d3:20:dc:7f:0c:13:2f:6e:7a:51:
a8:1f:60:c2:1e:0d:21:0f:74:d4:a8:59:c1:c1:8b:
21:4e:a9:c9:a3:2b:b3:04:9d:b1:77:7f:70:89:a8:
37:d2:d1:be:97:57:10:b7:ce:07:f1:55:63:ae:8a:
a2:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:65:7B:AE:BD:C6:59:F7:D0:FE:6E:5E:EF:C4:0A:51:29:2B:73:34
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7GV7rr3GWffQ_m5e78QKUSkrczQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.243.0/24
185.225.75.0/24
194.180.49.0/24
Signature Algorithm: sha256WithRSAEncryption
94:9e:34:99:5b:69:4e:30:47:9e:56:0c:97:91:0b:f3:df:5b:
47:98:ff:45:b7:e7:0c:3c:73:28:05:79:9a:3e:55:a1:33:f7:
cd:b3:9d:a3:c9:49:2f:b8:5e:8f:43:b2:e1:e7:a9:f3:4d:94:
20:6b:6d:64:c0:8a:62:2b:a1:c5:1c:77:35:27:ec:91:56:75:
86:1e:6a:41:61:e2:d3:3d:cf:4c:9b:ae:eb:73:21:26:41:d9:
13:88:c3:e5:e6:5b:52:80:77:17:16:7d:aa:b5:c1:8c:a7:cf:
93:e9:bf:82:4f:d4:6b:48:40:cc:ec:06:f5:10:2e:94:ee:00:
14:b3:8b:2a:93:bf:7c:07:aa:ff:c3:fb:c0:7c:2b:47:6f:e9:
e8:96:f2:2c:d4:45:58:7a:bf:c0:bd:97:08:b3:c4:59:a9:44:
b0:ff:81:ca:89:79:92:70:b2:e2:1b:15:5a:ab:3d:f7:fd:c0:
87:31:ca:43:5d:44:e8:6e:e7:6b:ae:9b:dc:6b:71:f4:18:ff:
9f:6d:fc:de:bd:12:aa:4d:58:f3:f4:ee:75:6b:79:62:86:bc:
49:57:af:e5:a7:2e:66:1f:71:f5:38:b9:c6:1f:a7:ad:cf:dd:
7d:ba:f5:33:72:31:3c:4c:fb:fe:c4:6d:43:29:de:6c:fa:00:
10:3a:fe:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRnkPPF0BbXy3EzAw8MNUZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTExMTY0MTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzY1N2JhZWJkYzY1OWY3ZDBmZTZlNWVlZmM0MGE1MTI5MmI3MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6QbrXtuPRZZubSDzzWT8hLwwuvm
SjWOxn9xpTR8y6vVtU9jS0K+mUgXuR9x5oTfUanlW95Mlzred5x6Ycdv8aypKbWz
tfoXV4zPH2Jd8Be8difaeNkf7RuMuPwSckBDOqpndqNcr16Ev5UuJsmx7EZ56CVf
CAXLU0enuiHBYDrexIKyDj/tyhaQqTLKTVrda6D6nWiv6vO1VaiSOoXbgfGAr/cV
Upgf2QVBgexE7v4Y0ezUBdh0Rhaof81kKyDY8nm9W63W+tMg3H8MEy9uelGoH2DC
Hg0hD3TUqFnBwYshTqnJoyuzBJ2xd39wiag30tG+l1cQt84H8VVjroqiTQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOxle669xln30P5uXu/EClEpK3M0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN0dWN3JyM0dXZmZRX201ZTc4UUtVU2tyY3pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbc7zAwQA
ueFLAwQAwrQxMA0GCSqGSIb3DQEBCwUAA4IBAQCUnjSZW2lOMEeeVgyXkQvz31tH
mP9Ft+cMPHMoBXmaPlWhM/fNs52jyUkvuF6PQ7Lh56nzTZQga21kwIpiK6HFHHc1
J+yRVnWGHmpBYeLTPc9Mm67rcyEmQdkTiMPl5ltSgHcXFn2qtcGMp8+T6b+CT9Rr
SEDM7Ab1EC6U7gAUs4sqk798B6r/w/vAfCtHb+nolvIs1EVYer/AvZcIs8RZqUSw
/4HKiXmScLLiGxVaqz33/cCHMcpDXUTobudrrpvca3H0GP+fbfzevRKqTVjz9O51
a3lihrxJV6/lpy5mH3H1OLnGH6etz919uvUzcjE8TPv+xG1DKd5s+gAQOv7Z
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:32 2023 by rpki-client on console-ams.rpki-client.org