Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s79dGaryJnSfkJ_wgQ9KUZmZDBc.roa
File: s79dGaryJnSfkJ_wgQ9KUZmZDBc.roa (raw, json)
Hash identifier: ckR4S353uAXa3A23S+O/tfKLkVgS3F6RM+sVtfKSgAc=
Subject key identifier: B3:BF:5D:19:AA:F2:26:74:9F:90:9F:F0:81:0F:4A:51:99:99:0C:17
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0182AABB915732C226A035A71E40177DE223
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s79dGaryJnSfkJ_wgQ9KUZmZDBc.roa
Signing time: Wed 17 Aug 2022 07:36:35 +0000
ROA not before: Wed 17 Aug 2022 07:36:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 87.121.124.0/23 maxlen: 24
87.121.122.0/23 maxlen: 24
193.222.99.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:aa:bb:91:57:32:c2:26:a0:35:a7:1e:40:17:7d:e2:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 17 07:36:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3bf5d19aaf226749f909ff0810f4a5199990c17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:73:16:b4:0c:7b:0e:be:77:ab:15:ee:38:79:
10:17:f3:6c:c7:72:9d:65:ec:e2:77:b3:a1:f8:4f:
9c:8e:2c:8e:13:19:46:bb:90:71:50:d4:62:3b:c7:
d1:dc:ad:5c:25:8a:6d:d0:cd:2e:78:cd:25:f5:46:
43:39:c1:23:de:f9:36:73:91:05:d5:0d:d1:bf:73:
7b:97:63:38:cb:39:33:3d:47:ed:60:f3:e9:df:46:
13:65:0d:a3:5b:41:a0:1a:67:0c:64:56:2f:56:b1:
06:72:18:37:69:54:ee:09:ba:d9:11:38:ef:a4:e2:
7f:41:1f:b1:c0:b5:0b:86:85:d9:e3:de:a4:a1:ce:
da:30:a0:6c:a3:c6:32:5a:bd:a8:e4:2b:32:6b:a0:
99:b5:85:b6:cd:c7:70:cb:9d:fa:8b:fb:75:38:1a:
2e:39:ed:40:76:aa:f7:30:8a:61:f6:33:83:21:0c:
47:30:ce:7e:72:96:85:dd:23:c6:fc:ab:96:bf:f3:
83:26:59:fa:94:fb:d1:1b:e1:f5:c5:14:ae:c1:b2:
e3:c3:a7:20:02:7b:9f:bf:a9:74:d2:8b:a1:1b:c0:
16:74:c2:d2:f5:d9:0e:f8:87:71:82:86:bc:f5:fa:
40:c2:81:a7:e5:39:5b:9b:c3:bd:e6:77:94:82:db:
2c:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:BF:5D:19:AA:F2:26:74:9F:90:9F:F0:81:0F:4A:51:99:99:0C:17
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/s79dGaryJnSfkJ_wgQ9KUZmZDBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.122.0-87.121.125.255
193.47.60.0/24
193.222.99.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:9c:26:a6:16:93:04:89:6f:e4:d9:e1:95:17:1d:e5:4d:4a:
e5:4a:9a:0f:44:29:eb:71:ad:5e:2d:04:74:c1:b5:67:a6:d0:
89:57:79:3d:76:3e:a5:4d:2a:cf:49:5c:1a:15:14:56:66:9c:
25:47:01:8d:ac:73:53:7c:16:58:1a:10:10:62:9a:d7:d8:98:
42:01:c8:cf:a7:c7:00:ed:2b:4d:d5:c8:4c:62:a1:13:de:14:
62:bd:23:32:cc:e5:74:8d:fb:51:3f:f2:5f:c8:84:2a:9d:23:
e4:f3:a9:b0:0f:76:dd:2a:41:06:af:c0:b4:41:a7:bb:bd:7c:
75:6a:93:f7:a7:55:57:25:59:82:9d:6c:a5:91:99:71:4b:2d:
61:d4:89:91:1a:32:2e:f0:6b:08:83:fe:29:04:7d:bc:25:2e:
9c:a4:88:b1:c1:59:f4:45:00:07:a6:3b:14:b5:68:8b:7d:64:
27:a6:4d:b8:dc:70:ee:10:23:9b:68:07:78:ff:23:90:d1:32:
71:2b:23:05:5f:cb:f3:8e:e9:0d:4e:c2:2d:ca:a3:cc:5f:77:
d0:3a:fe:cd:bf:4d:e4:2b:ed:e2:dc:74:15:74:75:a1:28:86:
bd:80:51:2c:c6:20:8b:c5:07:bc:d2:59:c3:8f:2f:e2:2c:ba:
77:62:74:ea
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYKqu5FXMsImoDWnHkAXfeIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwODE3MDczNjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2JmNWQxOWFhZjIyNjc0OWY5MDlmZjA4MTBmNGE1MTk5OTkwYzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXMWtAx7Dr53qxXuOHkQF/Nsx3Kd
Zezid7Oh+E+cjiyOExlGu5BxUNRiO8fR3K1cJYpt0M0ueM0l9UZDOcEj3vk2c5EF
1Q3Rv3N7l2M4yzkzPUftYPPp30YTZQ2jW0GgGmcMZFYvVrEGchg3aVTuCbrZETjv
pOJ/QR+xwLULhoXZ496koc7aMKBso8YyWr2o5Csya6CZtYW2zcdwy536i/t1OBou
Oe1Adqr3MIph9jODIQxHMM5+cpaF3SPG/KuWv/ODJln6lPvRG+H1xRSuwbLjw6cg
Anufv6l00ouhG8AWdMLS9dkO+Idxgoa89fpAwoGn5Tlbm8O95neUgtssTQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLO/XRmq8iZ0n5Cf8IEPSlGZmQwXMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvczc5ZEdhcnlKblNma0pfd2dROUtVWm1aREJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFXeXoD
BAFXeXwDBADBLzwDBADB3mMwDQYJKoZIhvcNAQELBQADggEBAC+cJqYWkwSJb+TZ
4ZUXHeVNSuVKmg9EKetxrV4tBHTBtWem0IlXeT12PqVNKs9JXBoVFFZmnCVHAY2s
c1N8FlgaEBBimtfYmEIByM+nxwDtK03VyExioRPeFGK9IzLM5XSN+1E/8l/IhCqd
I+TzqbAPdt0qQQavwLRBp7u9fHVqk/enVVclWYKdbKWRmXFLLWHUiZEaMi7wawiD
/ikEfbwlLpykiLHBWfRFAAemOxS1aIt9ZCemTbjccO4QI5toB3j/I5DRMnErIwVf
y/OO6Q1Owi3Ko8xfd9A6/s2/TeQr7eLcdBV0daEohr2AUSzGIIvFB7zSWcOPL+Is
undidOo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-ams.rpki-client.org