Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/c53b79-97d0-48cb-8a9b-4234e6a95d4a/1/Xj0lKSOYus_npbi_FIv0Xhf9cBg.roa
File: Xj0lKSOYus_npbi_FIv0Xhf9cBg.roa (raw, json)
Hash identifier: D3ubHzObSAk3aYrAL1e1WWyh0DYalwXOg63ahAHzpBs=
Subject key identifier: 5E:3D:25:29:23:98:BA:CF:E7:A5:B8:BF:14:8B:F4:5E:17:FD:70:18
Certificate issuer: /CN=f9b3937371b89908dfcee89e412c5e4b34af3ec0
Certificate serial: 4F0683
Authority key identifier: F9:B3:93:73:71:B8:99:08:DF:CE:E8:9E:41:2C:5E:4B:34:AF:3E:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-bOTc3G4mQjfzuieQSxeSzSvPsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/c53b79-97d0-48cb-8a9b-4234e6a95d4a/1/Xj0lKSOYus_npbi_FIv0Xhf9cBg.roa
Signing time: Sat 01 Jan 2022 02:52:35 +0000
ROA not before: Sat 01 Jan 2022 02:52:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211415
IP address blocks: 146.19.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5179011 (0x4f0683)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9b3937371b89908dfcee89e412c5e4b34af3ec0
Validity
Not Before: Jan 1 02:52:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e3d25292398bacfe7a5b8bf148bf45e17fd7018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9d:08:3a:74:1f:02:4f:b7:7d:73:fb:24:6a:
0c:0d:49:11:eb:4a:e4:56:ad:3a:c8:ba:1a:e4:eb:
81:3d:03:19:0c:eb:9d:ed:8d:91:6f:fb:f2:ed:91:
34:6d:d6:88:b8:77:2a:04:b0:e7:07:a3:47:f1:62:
a9:84:e6:1c:81:fd:8f:01:90:9e:8b:85:41:a4:06:
41:01:c9:1c:89:3a:32:ba:57:a7:88:83:61:69:d6:
e6:4b:2f:b1:72:ed:fc:91:40:9c:fb:b7:21:10:a5:
c9:5a:19:1a:37:3e:8f:e5:3e:17:8c:50:d9:d8:8e:
0a:1f:eb:c8:8e:fb:14:04:a3:93:10:ed:3a:2f:62:
c7:04:7e:79:e4:3f:31:ab:b7:98:c7:52:2c:a8:fd:
4c:71:eb:23:41:08:21:df:e4:41:ef:88:41:4c:6e:
97:58:88:c5:8b:d2:64:ed:e1:95:5b:73:44:c1:6a:
63:30:cc:2c:73:9f:30:8b:85:8c:5c:17:20:59:f3:
73:79:34:9d:9d:e1:29:c8:99:5c:9e:24:62:18:5f:
fb:82:b9:d5:31:d3:35:37:3a:a1:96:ab:c1:43:57:
c9:dc:09:c7:80:28:e6:1b:b4:3a:a8:bc:65:62:3f:
d6:93:09:58:38:b6:e5:96:9a:dd:6a:bb:92:a5:26:
34:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3D:25:29:23:98:BA:CF:E7:A5:B8:BF:14:8B:F4:5E:17:FD:70:18
X509v3 Authority Key Identifier:
keyid:F9:B3:93:73:71:B8:99:08:DF:CE:E8:9E:41:2C:5E:4B:34:AF:3E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-bOTc3G4mQjfzuieQSxeSzSvPsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c53b79-97d0-48cb-8a9b-4234e6a95d4a/1/Xj0lKSOYus_npbi_FIv0Xhf9cBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/c53b79-97d0-48cb-8a9b-4234e6a95d4a/1/1-bOTc3G4mQjfzuieQSxeSzSvPsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.171.0/24
Signature Algorithm: sha256WithRSAEncryption
47:31:28:33:d8:3a:8e:21:bc:00:3c:54:59:00:53:4e:ba:d0:
7a:de:1a:8c:80:6e:81:e1:1b:16:c9:33:df:44:3e:62:ac:30:
1d:b6:39:be:01:fb:6d:7e:d8:fb:b2:c5:9e:67:d0:2c:68:74:
c9:f5:67:45:2f:92:f6:85:f6:7a:43:6d:85:89:b6:bf:d6:2d:
42:b3:7a:54:53:12:eb:d5:fc:3d:05:be:f2:5c:bd:e5:98:52:
74:72:51:21:5d:2e:ac:8a:1c:b3:98:5d:d7:a5:ee:bb:8a:78:
e3:49:35:87:9f:9e:10:53:e8:00:dc:5a:49:97:9e:cd:83:05:
e3:64:59:a1:48:ca:7a:28:62:25:b1:b2:3c:f8:29:c7:6e:94:
fe:6a:01:9c:49:0f:e8:ea:9c:64:c7:da:47:70:d1:45:2f:8c:
10:e9:88:6b:9d:36:c7:66:38:f0:09:ff:b3:9b:2b:9e:43:37:
b4:5b:66:0d:f4:08:26:cd:b3:0c:c0:b9:b1:0b:5b:dd:63:63:
62:37:fc:e7:22:9b:a4:48:16:e4:8d:52:ac:c5:af:4d:9c:1d:
56:d6:b0:fa:46:ef:c4:55:f1:89:5d:4c:51:d4:e2:a9:8c:5d:
84:58:7f:c3:6a:dd:43:55:ce:d6:42:dc:b0:0d:d8:f2:ef:06:
96:0f:36:70
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIDTwaDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGY5
YjM5MzczNzFiODk5MDhkZmNlZTg5ZTQxMmM1ZTRiMzRhZjNlYzAwHhcNMjIwMTAx
MDI1MjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZTNkMjUyOTIzOThi
YWNmZTdhNWI4YmYxNDhiZjQ1ZTE3ZmQ3MDE4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1Z0IOnQfAk+3fXP7JGoMDUkR60rkVq06yLoa5OuBPQMZDOud
7Y2Rb/vy7ZE0bdaIuHcqBLDnB6NH8WKphOYcgf2PAZCei4VBpAZBAckciToyulen
iINhadbmSy+xcu38kUCc+7chEKXJWhkaNz6P5T4XjFDZ2I4KH+vIjvsUBKOTEO06
L2LHBH555D8xq7eYx1IsqP1McesjQQgh3+RB74hBTG6XWIjFi9Jk7eGVW3NEwWpj
MMwsc58wi4WMXBcgWfNzeTSdneEpyJlcniRiGF/7grnVMdM1NzqhlqvBQ1fJ3AnH
gCjmG7Q6qLxlYj/WkwlYOLbllprdaruSpSY0XwIDAQABo4ICCzCCAgcwHQYDVR0O
BBYEFF49JSkjmLrP56W4vxSL9F4X/XAYMB8GA1UdIwQYMBaAFPmzk3NxuJkI387o
nkEsXks0rz7AMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEFBQcBAQRZMFcwVQYIKwYB
BQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MS1iT1RjM0c0bVFqZnp1aWVRU3hlU3pTdlBzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvYzUzYjc5LTk3ZDAtNDhjYi04YTliLTQyMzRlNmE5NWQ0YS8x
L1hqMGxLU09ZdXNfbnBiaV9GSXYwWGhmOWNCZy5yb2EwgYIGA1UdHwR7MHkwd6B1
oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
YzUzYjc5LTk3ZDAtNDhjYi04YTliLTQyMzRlNmE5NWQ0YS8xLzEtYk9UYzNHNG1R
amZ6dWllUVN4ZVN6U3ZQc0EuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACSE6swDQYJKoZIhvcNAQELBQAD
ggEBAEcxKDPYOo4hvAA8VFkAU0660HreGoyAboHhGxbJM99EPmKsMB22Ob4B+21+
2PuyxZ5n0CxodMn1Z0UvkvaF9npDbYWJtr/WLUKzelRTEuvV/D0FvvJcveWYUnRy
USFdLqyKHLOYXdel7ruKeONJNYefnhBT6ADcWkmXns2DBeNkWaFIynooYiWxsjz4
KcdulP5qAZxJD+jqnGTH2kdw0UUvjBDpiGudNsdmOPAJ/7ObK55DN7RbZg30CCbN
swzAubELW91jY2I3/Ocim6RIFuSNUqzFr02cHVbWsPpG78RV8YldTFHU4qmMXYRY
f8Nq3UNVztZC3LAN2PLvBpYPNnA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:53 2023 by rpki-client on console-ams.rpki-client.org