Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/FhwSbkN_6jkAV-i7aazjRLDMGac.roa
File: FhwSbkN_6jkAV-i7aazjRLDMGac.roa (raw, json)
Hash identifier: fVDOQ5bwZKnI53JYXkMfkXD3DPItGS8QtkLpUAEj8do=
Subject key identifier: 16:1C:12:6E:43:7F:EA:39:00:57:E8:BB:69:AC:E3:44:B0:CC:19:A7
Certificate issuer: /CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
Certificate serial: 0184E3B34A2C8D5C18E314D51D772F2430D5
Authority key identifier: 88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/FhwSbkN_6jkAV-i7aazjRLDMGac.roa
Signing time: Mon 05 Dec 2022 19:11:28 +0000
ROA not before: Mon 05 Dec 2022 19:11:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34549
IP address blocks: 192.144.44.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:b3:4a:2c:8d:5c:18:e3:14:d5:1d:77:2f:24:30:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8821a39aed9da4ee3ab6639d244508fa1e8d20f6
Validity
Not Before: Dec 5 19:11:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=161c126e437fea390057e8bb69ace344b0cc19a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d8:98:ee:bf:0e:2f:a7:63:db:2f:7b:b0:91:
cf:23:1a:e2:18:47:02:0c:76:1c:fe:a7:d8:5c:6e:
0c:ae:b3:ce:fb:9e:df:98:a6:1c:0e:62:55:d5:b2:
a5:bd:f5:36:7f:0a:61:6a:a1:31:9b:b7:56:54:ab:
ff:7a:fd:4f:7c:8e:0f:bc:67:ac:35:8e:bb:93:26:
1d:32:fe:92:77:7c:aa:98:03:27:79:16:41:83:16:
e0:6d:96:8f:6e:0d:68:68:db:16:77:fb:6e:3c:37:
03:f8:7c:0a:1b:31:f7:19:2f:9d:6e:26:2c:9e:16:
d4:47:d9:a2:c5:4d:97:20:91:b5:9b:4d:26:b1:cd:
6e:69:16:d1:9b:6c:b4:e6:06:51:86:62:3d:21:2f:
c2:3f:83:51:dc:78:06:0c:be:c1:e5:f9:97:57:46:
66:ac:f0:d8:c0:fd:60:8d:44:1d:a5:67:f2:cb:8f:
df:31:bf:b6:74:53:a4:08:ba:69:92:42:24:f0:77:
56:6b:67:77:62:05:79:e5:3f:aa:0f:09:47:18:10:
ce:2e:d1:d1:c3:84:25:6f:6d:7f:29:9e:ea:28:90:
39:9b:00:a2:02:56:d0:79:05:55:33:00:5d:a4:fc:
24:55:9c:c5:32:2f:f3:6c:03:fa:77:56:0f:b9:42:
9b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:1C:12:6E:43:7F:EA:39:00:57:E8:BB:69:AC:E3:44:B0:CC:19:A7
X509v3 Authority Key Identifier:
keyid:88:21:A3:9A:ED:9D:A4:EE:3A:B6:63:9D:24:45:08:FA:1E:8D:20:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iCGjmu2dpO46tmOdJEUI-h6NIPY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/FhwSbkN_6jkAV-i7aazjRLDMGac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/496773-5018-48dc-a240-f60d6f7182a1/1/iCGjmu2dpO46tmOdJEUI-h6NIPY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.44.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:a6:43:a9:25:74:8d:0f:a8:7c:14:23:a6:82:cf:35:9b:79:
4b:dc:4b:d6:da:a9:c1:a5:26:d2:02:ac:02:0d:db:62:76:63:
b9:e3:ee:1a:e5:72:3d:9d:1e:e5:60:74:b8:a8:36:9e:49:53:
01:09:58:ca:88:1b:f6:b3:f9:db:13:54:9d:f8:c2:78:30:2b:
ef:35:7d:8d:db:c5:68:80:46:35:27:24:25:66:d1:7d:ef:21:
22:c8:f2:49:fb:f6:99:7e:f2:eb:c4:27:2c:2c:d4:0d:cc:98:
5f:00:a3:9c:82:bc:ed:f6:bc:76:19:30:50:66:c5:a3:6e:29:
13:9f:4a:07:af:06:11:ff:71:a2:70:5c:70:1d:5a:e4:33:78:
8c:7a:30:ab:8e:5a:cf:c2:07:7b:bc:63:cc:cc:97:69:13:6f:
89:a3:ac:36:6d:42:25:20:f2:b8:71:58:88:0f:c0:71:b3:9c:
e3:b5:ef:5e:0c:1b:12:66:99:4d:b6:78:33:00:56:bb:e3:b1:
38:5a:21:93:67:32:00:ad:4c:62:3c:8c:3d:f8:ac:62:ad:a1:
06:8b:ce:c5:9b:39:4d:7f:d0:17:44:3d:fb:40:de:07:2e:2d:
eb:4e:e4:57:a0:a4:bf:91:ac:42:fa:67:ae:b2:63:3c:a1:e7:
b3:4b:ea:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTjs0osjVwY4xTVHXcvJDDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MjFhMzlhZWQ5ZGE0ZWUzYWI2NjM5ZDI0NDUwOGZhMWU4
ZDIwZjYwHhcNMjIxMjA1MTkxMTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjFjMTI2ZTQzN2ZlYTM5MDA1N2U4YmI2OWFjZTM0NGIwY2MxOWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNiY7r8OL6dj2y97sJHPIxriGEcC
DHYc/qfYXG4MrrPO+57fmKYcDmJV1bKlvfU2fwphaqExm7dWVKv/ev1PfI4PvGes
NY67kyYdMv6Sd3yqmAMneRZBgxbgbZaPbg1oaNsWd/tuPDcD+HwKGzH3GS+dbiYs
nhbUR9mixU2XIJG1m00msc1uaRbRm2y05gZRhmI9IS/CP4NR3HgGDL7B5fmXV0Zm
rPDYwP1gjUQdpWfyy4/fMb+2dFOkCLppkkIk8HdWa2d3YgV55T+qDwlHGBDOLtHR
w4Qlb21/KZ7qKJA5mwCiAlbQeQVVMwBdpPwkVZzFMi/zbAP6d1YPuUKbFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBYcEm5Df+o5AFfou2ms40SwzBmnMB8GA1UdIwQY
MBaAFIgho5rtnaTuOrZjnSRFCPoejSD2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAt
ZjYwZDZmNzE4MmExLzEvRmh3U2JrTl82amtBVi1pN2FhempSTERNR2FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC80OTY3NzMtNTAxOC00OGRjLWEyNDAtZjYwZDZmNzE4MmEx
LzEvaUNHam11MmRwTzQ2dG1PZEpFVUktaDZOSVBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwJAsMA0G
CSqGSIb3DQEBCwUAA4IBAQBcpkOpJXSND6h8FCOmgs81m3lL3EvW2qnBpSbSAqwC
DdtidmO54+4a5XI9nR7lYHS4qDaeSVMBCVjKiBv2s/nbE1Sd+MJ4MCvvNX2N28Vo
gEY1JyQlZtF97yEiyPJJ+/aZfvLrxCcsLNQNzJhfAKOcgrzt9rx2GTBQZsWjbikT
n0oHrwYR/3GicFxwHVrkM3iMejCrjlrPwgd7vGPMzJdpE2+Jo6w2bUIlIPK4cViI
D8Bxs5zjte9eDBsSZplNtngzAFa747E4WiGTZzIArUxiPIw9+KxiraEGi87FmzlN
f9AXRD37QN4HLi3rTuRXoKS/kaxC+meusmM8oeezS+oB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:54 2023 by rpki-client on console-fra.rpki-client.org