Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/t3zov1oqkw_MGrYDK6I3uhh2Bus.roa
File: t3zov1oqkw_MGrYDK6I3uhh2Bus.roa (raw, json)
Hash identifier: X6Y++p4ee+pxtpzhNScRywS6MmngX+LOfytxp3NVfuQ=
Subject key identifier: B7:7C:E8:BF:5A:2A:93:0F:CC:1A:B6:03:2B:A2:37:BA:18:76:06:EB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018359921B45269A4F347CF0EE74ECDE79D5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/t3zov1oqkw_MGrYDK6I3uhh2Bus.roa
Signing time: Tue 20 Sep 2022 06:24:50 +0000
ROA not before: Tue 20 Sep 2022 06:24:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 0
IP address blocks: 87.121.124.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:59:92:1b:45:26:9a:4f:34:7c:f0:ee:74:ec:de:79:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 20 06:24:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b77ce8bf5a2a930fcc1ab6032ba237ba187606eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:24:bc:07:81:59:bc:43:95:f5:5a:f0:a0:50:
c0:58:01:a4:a3:c2:f6:7a:b1:34:c0:c0:14:29:f2:
6c:fa:58:f8:45:a1:7c:af:90:57:b5:56:10:71:5d:
db:1f:e1:6f:ab:5c:a2:bb:a2:4f:aa:94:5c:ef:6b:
0c:cf:fe:92:c7:7c:49:ad:e4:fe:5f:05:7e:01:c3:
28:f9:04:84:37:d9:39:9a:12:95:f9:bf:cc:63:3a:
6f:57:c0:4d:a6:27:17:9c:cf:f8:d1:b3:85:e0:04:
12:41:6f:71:e4:55:79:90:ec:d2:79:5d:c1:7c:8c:
a4:c8:f8:e3:3d:92:5c:a6:5f:9b:7a:34:45:a3:d7:
0a:1a:4a:ff:b5:46:50:c7:55:3e:7d:0d:88:e0:da:
d3:b0:58:b9:30:76:8a:d1:46:1a:d6:bf:fe:27:4a:
ec:18:4f:21:3a:19:72:4c:10:81:4b:fc:01:8a:73:
33:7f:3b:b5:5e:39:6f:7c:1c:7c:59:ba:a1:69:a1:
84:42:f7:db:be:71:11:41:92:38:79:9e:c7:56:53:
f1:b1:7b:b0:5b:80:ab:17:ee:60:69:a5:03:99:81:
cb:90:24:31:33:6a:d7:74:1e:e5:a8:f5:f2:5f:9f:
f2:7c:bf:3f:26:7c:09:dd:5e:5a:38:c8:21:66:7c:
4a:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7C:E8:BF:5A:2A:93:0F:CC:1A:B6:03:2B:A2:37:BA:18:76:06:EB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/t3zov1oqkw_MGrYDK6I3uhh2Bus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.124.0/23
164.40.185.0/24
194.48.248.0/24
Signature Algorithm: sha256WithRSAEncryption
54:6f:e4:6d:8e:99:89:9e:a8:ed:69:e2:e6:3d:9a:f1:42:df:
1c:42:42:8c:0d:05:b4:83:7b:56:c3:e9:61:af:74:43:03:29:
55:8a:6b:74:6e:8d:f8:a7:c0:93:0c:ff:5e:6c:fd:4b:89:9f:
62:c4:32:8f:b3:a8:dd:92:06:e3:c9:bf:b7:f8:fe:29:b0:19:
7e:d3:1c:d6:e0:07:90:07:1b:b5:0a:bf:ae:0c:a7:95:87:e2:
b3:e1:fa:fa:55:ce:eb:87:85:54:b7:2c:fb:4a:36:e7:54:b8:
ac:0d:bc:51:25:f3:97:54:23:be:db:14:ab:95:8e:67:52:e8:
fe:88:4e:07:09:3b:f1:c0:d6:2b:07:7b:ea:55:10:8e:1f:b4:
46:c2:80:a6:1e:ac:e3:c5:1c:a7:8a:0d:2f:22:8a:ee:35:1d:
52:d2:dc:3f:98:b0:02:2a:ad:90:d9:7b:a0:b8:d9:28:08:87:
39:2e:3a:95:a8:9a:7a:89:5f:63:fa:b6:6f:7e:b1:d1:65:53:
8b:4d:54:ab:d1:70:4d:88:b4:e6:69:fc:a9:5d:8d:38:41:13:
09:0e:21:90:7c:ff:57:f9:29:64:0c:d1:27:bd:15:7d:7a:94:
79:57:46:cb:05:2d:c7:0c:9a:0f:97:ad:a9:b8:8e:a7:0f:19:
3b:74:99:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYNZkhtFJppPNHzw7nTs3nnVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTIwMDYyNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdjZThiZjVhMmE5MzBmY2MxYWI2MDMyYmEyMzdiYTE4NzYwNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyS8B4FZvEOV9VrwoFDAWAGko8L2
erE0wMAUKfJs+lj4RaF8r5BXtVYQcV3bH+Fvq1yiu6JPqpRc72sMz/6Sx3xJreT+
XwV+AcMo+QSEN9k5mhKV+b/MYzpvV8BNpicXnM/40bOF4AQSQW9x5FV5kOzSeV3B
fIykyPjjPZJcpl+bejRFo9cKGkr/tUZQx1U+fQ2I4NrTsFi5MHaK0UYa1r/+J0rs
GE8hOhlyTBCBS/wBinMzfzu1XjlvfBx8WbqhaaGEQvfbvnERQZI4eZ7HVlPxsXuw
W4CrF+5gaaUDmYHLkCQxM2rXdB7lqPXyX5/yfL8/JnwJ3V5aOMghZnxK5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLd86L9aKpMPzBq2AyuiN7oYdgbrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdDN6b3Yxb3Frd19NR3JZREs2STN1aGgyQnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBV3l8AwQA
pCi5AwQAwjD4MA0GCSqGSIb3DQEBCwUAA4IBAQBUb+RtjpmJnqjtaeLmPZrxQt8c
QkKMDQW0g3tWw+lhr3RDAylVimt0bo34p8CTDP9ebP1LiZ9ixDKPs6jdkgbjyb+3
+P4psBl+0xzW4AeQBxu1Cr+uDKeVh+Kz4fr6Vc7rh4VUtyz7SjbnVLisDbxRJfOX
VCO+2xSrlY5nUuj+iE4HCTvxwNYrB3vqVRCOH7RGwoCmHqzjxRynig0vIoruNR1S
0tw/mLACKq2Q2XuguNkoCIc5LjqVqJp6iV9j+rZvfrHRZVOLTVSr0XBNiLTmafyp
XY04QRMJDiGQfP9X+SlkDNEnvRV9epR5V0bLBS3HDJoPl62puI6nDxk7dJnT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org