Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7HgC88tm3OpMCggbnimnU5k5X60.roa
File: 7HgC88tm3OpMCggbnimnU5k5X60.roa (raw, json)
Hash identifier: FUNyfatgN1IN90j9Ck5GUJSNTAXh8IsAnKAkBUoonxo=
Subject key identifier: EC:78:02:F3:CB:66:DC:EA:4C:0A:08:1B:9E:29:A7:53:99:39:5F:AD
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018321DCD18232B0E0B2ADD3DD89FC558E02
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7HgC88tm3OpMCggbnimnU5k5X60.roa
Signing time: Fri 09 Sep 2022 10:47:43 +0000
ROA not before: Fri 09 Sep 2022 10:47:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202890
IP address blocks: 45.9.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:21:dc:d1:82:32:b0:e0:b2:ad:d3:dd:89:fc:55:8e:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Sep 9 10:47:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec7802f3cb66dcea4c0a081b9e29a75399395fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d6:50:83:72:34:37:9d:3d:44:45:a7:9b:83:
c6:aa:12:dc:52:5a:86:f2:3e:64:ac:c4:98:ae:39:
ef:60:ea:a4:0c:0d:27:f0:ff:53:1f:f2:02:4e:2d:
b1:d5:b9:3d:30:a4:45:15:c7:9a:53:bf:51:f9:62:
71:56:41:39:e4:58:b2:d7:56:a2:bc:78:ff:f1:57:
41:e6:62:18:49:76:d8:9c:e4:9e:df:f6:27:8f:25:
f9:d6:68:ec:d8:42:63:b1:22:bb:f6:b9:ae:5e:d0:
99:20:ec:35:1f:0f:ea:50:f6:a9:77:67:65:fd:69:
28:d1:34:f3:80:ec:af:20:9b:a9:99:cc:ab:a5:ec:
fe:e1:3a:ff:0e:10:59:40:56:9f:c4:54:cc:df:f5:
6a:d1:2d:b9:af:20:15:8b:02:30:b7:62:e9:69:df:
a8:35:14:f1:95:bf:f9:36:d3:80:13:fd:5c:f3:cc:
f5:d7:29:dc:5c:36:98:c6:6d:cb:ff:14:74:99:cb:
2a:eb:bd:f9:42:28:3f:83:31:0a:73:ca:6b:0c:90:
3f:b8:b5:69:82:5b:8a:f9:f6:62:c4:2c:60:be:55:
0f:ef:1d:00:bb:07:e0:4c:f9:6b:fb:8a:f6:b2:cc:
f1:bc:51:ea:46:d2:98:8b:48:2e:e6:b5:16:3a:22:
9d:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:78:02:F3:CB:66:DC:EA:4C:0A:08:1B:9E:29:A7:53:99:39:5F:AD
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/7HgC88tm3OpMCggbnimnU5k5X60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.28.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:33:f7:23:a9:85:62:a9:e5:d7:fc:a1:6f:7a:5b:97:07:01:
7f:f1:62:5a:6f:bd:59:29:40:60:25:a9:f2:f2:dc:92:4b:6c:
b0:fc:55:90:4b:cb:39:77:fd:23:5c:85:f3:88:25:92:65:72:
04:a3:a4:9a:d3:16:24:5e:a1:60:f6:f6:67:04:78:6f:cf:7e:
ab:9d:5b:8a:cf:22:f8:d3:e3:9d:e4:de:68:64:a0:81:06:6a:
76:08:dd:71:18:cf:03:7d:11:37:fd:be:b7:6e:cb:e5:d9:0e:
b0:66:84:48:9b:33:60:48:39:d0:71:9d:65:be:a6:05:fa:8b:
90:ab:53:c3:b4:68:1c:14:fc:11:c4:fc:ee:01:0e:b4:4c:4e:
c5:1d:1c:bb:9b:96:d1:81:d5:42:0a:32:7f:44:20:00:e3:de:
c7:4e:3e:bd:31:85:50:99:7f:9e:fe:7b:97:6e:4e:67:2b:7a:
6b:11:90:a9:3f:d2:7a:82:76:06:62:8b:f5:bb:7a:a0:e9:36:
d7:e1:a3:16:d9:72:ae:6b:6f:ce:35:26:10:95:26:b9:78:59:
b7:3e:b6:76:d0:eb:c7:67:80:4b:83:57:a2:6c:6e:ef:a3:7a:
d0:a6:16:4d:27:3c:23:9b:e9:ed:a4:a5:3b:0f:2b:46:19:ed:
7b:1d:98:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMh3NGCMrDgsq3T3Yn8VY4CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIwOTA5MTA0NzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzc4MDJmM2NiNjZkY2VhNGMwYTA4MWI5ZTI5YTc1Mzk5Mzk1ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9ZQg3I0N509REWnm4PGqhLcUlqG
8j5krMSYrjnvYOqkDA0n8P9TH/ICTi2x1bk9MKRFFceaU79R+WJxVkE55Fiy11ai
vHj/8VdB5mIYSXbYnOSe3/YnjyX51mjs2EJjsSK79rmuXtCZIOw1Hw/qUPapd2dl
/Wko0TTzgOyvIJupmcyrpez+4Tr/DhBZQFafxFTM3/Vq0S25ryAViwIwt2Lpad+o
NRTxlb/5NtOAE/1c88z11yncXDaYxm3L/xR0mcsq6735Qig/gzEKc8prDJA/uLVp
gluK+fZixCxgvlUP7x0AuwfgTPlr+4r2sszxvFHqRtKYi0gu5rUWOiKdyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOx4AvPLZtzqTAoIG54pp1OZOV+tMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvN0hnQzg4dG0zT3BNQ2dnYm5pbW5VNWs1WDYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQkcMA0G
CSqGSIb3DQEBCwUAA4IBAQCuM/cjqYViqeXX/KFveluXBwF/8WJab71ZKUBgJany
8tySS2yw/FWQS8s5d/0jXIXziCWSZXIEo6Sa0xYkXqFg9vZnBHhvz36rnVuKzyL4
0+Od5N5oZKCBBmp2CN1xGM8DfRE3/b63bsvl2Q6wZoRImzNgSDnQcZ1lvqYF+ouQ
q1PDtGgcFPwRxPzuAQ60TE7FHRy7m5bRgdVCCjJ/RCAA497HTj69MYVQmX+e/nuX
bk5nK3prEZCpP9J6gnYGYov1u3qg6TbX4aMW2XKua2/ONSYQlSa5eFm3PrZ20OvH
Z4BLg1eibG7vo3rQphZNJzwjm+ntpKU7DytGGe17HZg3
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:32 2023 by rpki-client on console-fra.rpki-client.org