Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/drPOTcEyd4fU5zMQjIw-9xu42Os.roa
File: drPOTcEyd4fU5zMQjIw-9xu42Os.roa (raw, json)
Hash identifier: uICGifIpb50lYqao3M1q7LpX6lfd5F2crV7U+/mH5fg=
Subject key identifier: 76:B3:CE:4D:C1:32:77:87:D4:E7:33:10:8C:8C:3E:F7:1B:B8:D8:EB
Certificate issuer: /CN=b91b91504983091506a1a944457a4558b94dab7f
Certificate serial: 0184CD0B9BB82DE702CE631D05DC7BF0C9CC
Authority key identifier: B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/drPOTcEyd4fU5zMQjIw-9xu42Os.roa
Signing time: Thu 01 Dec 2022 09:36:40 +0000
ROA not before: Thu 01 Dec 2022 09:36:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43289
IP address blocks: 178.175.128.0/19 maxlen: 24
178.17.160.0/20 maxlen: 24
178.175.160.0/20 maxlen: 24
103.197.148.0/22 maxlen: 24
2a00:1dc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cd:0b:9b:b8:2d:e7:02:ce:63:1d:05:dc:7b:f0:c9:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b91b91504983091506a1a944457a4558b94dab7f
Validity
Not Before: Dec 1 09:36:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76b3ce4dc1327787d4e733108c8c3ef71bb8d8eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:93:a2:38:85:c1:98:a5:66:ed:94:7f:eb:0b:
5e:b7:ef:d3:13:b1:bc:71:03:38:9b:bd:da:ef:35:
43:92:cd:a8:a8:be:0b:5b:d2:19:8c:c7:4a:ee:ca:
c6:ed:f5:e2:d9:04:fb:c3:1b:f7:74:ff:2d:4d:19:
0f:9d:3d:0a:0c:ed:f8:aa:10:7e:90:cc:57:d3:65:
81:27:6f:b4:cf:fe:dc:01:8f:96:38:5d:76:3f:00:
8f:03:d6:5a:0b:66:46:8d:c6:e2:7c:56:5e:33:0d:
f5:17:74:b4:26:cb:ac:6e:11:18:f8:0d:6e:6f:be:
b4:f6:e9:59:85:2c:47:46:71:5a:40:72:63:bd:96:
74:16:5e:71:86:a8:bb:c9:8a:87:ba:6a:ac:91:0b:
ab:38:ce:c6:49:f5:11:24:02:0e:b6:20:33:ee:1f:
cd:34:ac:12:1e:96:04:a9:1d:be:7c:36:fa:28:21:
9f:40:f7:f8:88:09:85:93:47:cd:b5:29:50:11:db:
2b:7f:5b:a7:35:a6:cf:3d:9d:db:fb:38:33:ed:b6:
99:c5:e6:bb:b2:63:6d:58:07:a0:dd:1d:a1:4b:b9:
a7:46:81:4f:f1:73:77:87:bf:ca:a9:e8:aa:f7:0c:
fc:d6:2f:94:5f:9f:af:ef:4b:f9:13:ca:f6:ea:50:
3b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:B3:CE:4D:C1:32:77:87:D4:E7:33:10:8C:8C:3E:F7:1B:B8:D8:EB
X509v3 Authority Key Identifier:
keyid:B9:1B:91:50:49:83:09:15:06:A1:A9:44:45:7A:45:58:B9:4D:AB:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRuRUEmDCRUGoalERXpFWLlNq38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/drPOTcEyd4fU5zMQjIw-9xu42Os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/74e17f-f9f4-4789-92b7-9dd6e88fcc8d/1/uRuRUEmDCRUGoalERXpFWLlNq38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.197.148.0/22
178.17.160.0/20
178.175.128.0-178.175.175.255
IPv6:
2a00:1dc0::/29
Signature Algorithm: sha256WithRSAEncryption
d5:2d:24:bd:ae:be:18:9f:13:ce:5f:87:80:34:61:b5:db:61:
48:d4:fa:f9:20:5d:cc:c9:81:e0:dc:c1:7a:1d:92:bf:5f:cd:
9a:d7:e3:6b:f1:7a:2d:f0:4f:53:58:39:0d:04:92:0e:d6:52:
38:57:fb:8d:ea:c1:ef:04:37:dc:51:66:79:7b:b6:97:f7:30:
b2:2e:39:74:50:b9:b1:d4:58:c6:01:e1:79:5e:1f:45:6a:32:
5f:86:0a:34:94:95:8a:fd:b9:d9:4c:a3:a1:8e:2b:54:c9:ed:
89:7c:1f:7e:ca:f4:85:6d:10:6a:bf:52:99:fe:dc:c1:d0:4c:
90:c7:af:6c:98:cb:66:2c:e4:a9:ca:a7:7b:bb:a3:f6:68:06:
f7:57:67:fd:95:53:6e:c3:2b:1f:5b:2f:33:dc:23:64:90:31:
f6:0f:32:e4:63:d1:47:15:9d:a7:3c:03:96:52:1b:cf:2d:c6:
00:5c:e3:91:22:e5:6f:2b:a3:22:b7:1f:a4:7e:15:b9:9a:d1:
39:a1:45:6d:08:a4:3f:54:71:03:be:c5:50:51:36:e1:a6:ba:
30:d4:af:1b:44:b4:c3:83:5e:b3:dd:17:c5:db:db:2f:96:31:
00:df:5d:bb:c2:25:5c:3f:3f:90:ac:1f:37:d6:c0:2a:62:9a:
2b:8b:83:58
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYTNC5u4LecCzmMdBdx78MnMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MWI5MTUwNDk4MzA5MTUwNmExYTk0NDQ1N2E0NTU4Yjk0
ZGFiN2YwHhcNMjIxMjAxMDkzNjQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmIzY2U0ZGMxMzI3Nzg3ZDRlNzMzMTA4YzhjM2VmNzFiYjhkOGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5OiOIXBmKVm7ZR/6wtet+/TE7G8
cQM4m73a7zVDks2oqL4LW9IZjMdK7srG7fXi2QT7wxv3dP8tTRkPnT0KDO34qhB+
kMxX02WBJ2+0z/7cAY+WOF12PwCPA9ZaC2ZGjcbifFZeMw31F3S0JsusbhEY+A1u
b7609ulZhSxHRnFaQHJjvZZ0Fl5xhqi7yYqHumqskQurOM7GSfURJAIOtiAz7h/N
NKwSHpYEqR2+fDb6KCGfQPf4iAmFk0fNtSlQEdsrf1unNabPPZ3b+zgz7baZxea7
smNtWAeg3R2hS7mnRoFP8XN3h7/Kqeiq9wz81i+UX5+v70v5E8r26lA7+wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFHazzk3BMneH1OczEIyMPvcbuNjrMB8GA1UdIwQY
MBaAFLkbkVBJgwkVBqGpREV6RVi5Tat/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjct
OWRkNmU4OGZjYzhkLzEvZHJQT1RjRXlkNGZVNXpNUWpJdy05eHU0Mk9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NGUxN2YtZjlmNC00Nzg5LTkyYjctOWRkNmU4OGZjYzhk
LzEvdVJ1UlVFbURDUlVHb2FsRVJYcEZXTGxOcTM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCZ8WUAwQE
shGgMAwDBAeyr4ADBASyr6AwDQQCAAIwBwMFAyoAHcAwDQYJKoZIhvcNAQELBQAD
ggEBANUtJL2uvhifE85fh4A0YbXbYUjU+vkgXczJgeDcwXodkr9fzZrX42vxei3w
T1NYOQ0Ekg7WUjhX+43qwe8EN9xRZnl7tpf3MLIuOXRQubHUWMYB4XleH0VqMl+G
CjSUlYr9udlMo6GOK1TJ7Yl8H37K9IVtEGq/Upn+3MHQTJDHr2yYy2Ys5KnKp3u7
o/ZoBvdXZ/2VU27DKx9bLzPcI2SQMfYPMuRj0UcVnac8A5ZSG88txgBc45Ei5W8r
oyK3H6R+Fbma0TmhRW0IpD9UcQO+xVBRNuGmujDUrxtEtMODXrPdF8Xb2y+WMQDf
XbvCJVw/P5CsHzfWwCpimiuLg1g=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:29 2023 by rpki-client on console-fra.rpki-client.org