Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/825e53-8c10-409c-8feb-6fd345e6dd36/1/yyEZHTtJKSKkFEZLTjowq1nNcpo.roa
File: yyEZHTtJKSKkFEZLTjowq1nNcpo.roa (raw, json)
Hash identifier: 4AZJsIBIAO11I9laEXomfxhjSsKTLZRYkYU2rNZDKx0=
Subject key identifier: CB:21:19:1D:3B:49:29:22:A4:14:46:4B:4E:3A:30:AB:59:CD:72:9A
Certificate issuer: /CN=b1df841f521236e2a0dd71b28d27964966039adc
Certificate serial: 6B0F2E
Authority key identifier: B1:DF:84:1F:52:12:36:E2:A0:DD:71:B2:8D:27:96:49:66:03:9A:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd-EH1ISNuKg3XGyjSeWSWYDmtw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/825e53-8c10-409c-8feb-6fd345e6dd36/1/yyEZHTtJKSKkFEZLTjowq1nNcpo.roa
Signing time: Sat 01 Jan 2022 00:59:16 +0000
ROA not before: Sat 01 Jan 2022 00:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 146.19.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7016238 (0x6b0f2e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1df841f521236e2a0dd71b28d27964966039adc
Validity
Not Before: Jan 1 00:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cb21191d3b492922a414464b4e3a30ab59cd729a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a4:33:93:8d:b0:a4:c3:b8:11:ee:af:c5:a6:
ae:76:dd:a2:43:2f:78:82:4f:32:72:8a:d6:57:37:
55:a7:3f:a9:62:5b:fc:0e:0b:54:df:c3:7f:7e:bc:
07:1d:a2:4e:95:1f:a6:fb:af:6c:24:64:80:96:12:
e2:01:79:95:f8:67:7c:1e:ac:df:b1:72:0d:27:f0:
d4:f2:ef:35:fd:f4:5c:21:4c:af:82:6f:4e:c3:5f:
f4:be:12:c3:d3:de:03:8f:02:c1:24:a1:bd:0f:0f:
29:63:af:17:2c:a3:3b:31:19:35:d4:20:ac:9d:fa:
6d:06:cd:41:f5:41:56:92:0f:1d:5a:0b:f1:96:c4:
46:9f:9d:37:37:c6:4b:9d:8c:88:57:dc:32:8d:16:
d2:69:1e:cb:98:6c:aa:3f:be:82:0c:ee:5d:67:b8:
14:92:3f:44:e9:40:80:f4:0d:ac:97:07:3b:d1:1d:
b2:25:31:f5:0d:cd:79:37:12:31:9a:99:b8:3b:8d:
7e:4f:58:a1:57:39:16:0d:cf:7d:b1:ba:48:be:9d:
ab:d8:21:64:0f:06:68:c7:50:64:1b:0c:33:bc:d9:
d6:36:61:cd:a9:ce:95:41:dc:03:f6:6f:c9:14:6f:
6d:df:55:95:6d:51:68:13:aa:b0:22:18:c8:12:6f:
0c:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:21:19:1D:3B:49:29:22:A4:14:46:4B:4E:3A:30:AB:59:CD:72:9A
X509v3 Authority Key Identifier:
keyid:B1:DF:84:1F:52:12:36:E2:A0:DD:71:B2:8D:27:96:49:66:03:9A:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd-EH1ISNuKg3XGyjSeWSWYDmtw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/825e53-8c10-409c-8feb-6fd345e6dd36/1/yyEZHTtJKSKkFEZLTjowq1nNcpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/825e53-8c10-409c-8feb-6fd345e6dd36/1/sd-EH1ISNuKg3XGyjSeWSWYDmtw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.153.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:fd:e5:e1:a1:2d:b9:3e:40:fd:55:62:be:40:3d:2f:af:7c:
8b:90:fd:ba:dc:fd:e7:38:65:92:8b:34:55:43:20:fe:7b:51:
e8:bb:be:d2:93:83:5b:bf:d9:d9:5d:65:9d:b2:08:e3:81:4e:
c1:cc:01:c9:e3:a3:f1:87:de:7f:36:9b:75:a5:00:8b:8d:58:
02:79:46:bf:53:b9:bf:5a:a4:a1:9e:ba:7d:a9:43:ff:92:dc:
bc:de:08:11:6c:8d:f9:8a:32:a0:6d:2e:b2:c3:ae:11:d6:3f:
98:35:b8:c7:9b:14:52:d0:c6:47:03:b0:7e:2c:d2:f9:b5:cf:
e0:fc:a1:3e:f1:c2:9e:ac:2c:f2:39:eb:5b:b4:1e:86:3a:e4:
59:93:bf:7e:b2:2c:43:f9:d7:3d:18:ed:8a:cd:f6:b9:74:57:
a2:3c:f9:c6:91:87:42:e9:d5:9a:b3:76:06:01:e0:7c:d8:70:
f9:f1:71:75:c8:51:4d:23:93:7b:a2:43:91:eb:fc:94:08:3a:
10:83:91:f3:2d:92:8e:f1:d9:67:d8:67:e1:c0:89:9b:36:0c:
51:aa:54:5d:59:6c:2f:4d:30:c7:4d:38:11:03:00:1e:2e:12:
3d:ba:86:11:22:8b:3f:07:89:57:1d:4b:cf:fe:e4:e0:35:9b:
0d:ca:33:43
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDaw8uMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGIx
ZGY4NDFmNTIxMjM2ZTJhMGRkNzFiMjhkMjc5NjQ5NjYwMzlhZGMwHhcNMjIwMTAx
MDA1OTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjYjIxMTkxZDNiNDky
OTIyYTQxNDQ2NGI0ZTNhMzBhYjU5Y2Q3MjlhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAw6Qzk42wpMO4Ee6vxaaudt2iQy94gk8ycorWVzdVpz+pYlv8
DgtU38N/frwHHaJOlR+m+69sJGSAlhLiAXmV+Gd8HqzfsXINJ/DU8u81/fRcIUyv
gm9Ow1/0vhLD094DjwLBJKG9Dw8pY68XLKM7MRk11CCsnfptBs1B9UFWkg8dWgvx
lsRGn503N8ZLnYyIV9wyjRbSaR7LmGyqP76CDO5dZ7gUkj9E6UCA9A2slwc70R2y
JTH1Dc15NxIxmpm4O41+T1ihVzkWDc99sbpIvp2r2CFkDwZox1BkGwwzvNnWNmHN
qc6VQdwD9m/JFG9t31WVbVFoE6qwIhjIEm8MFwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMshGR07SSkipBRGS046MKtZzXKaMB8GA1UdIwQYMBaAFLHfhB9SEjbioN1x
so0nlklmA5rcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
c2QtRUgxSVNOdUtnM1hHeWpTZVdTV1lEbXR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xOC84MjVlNTMtOGMxMC00MDljLThmZWItNmZkMzQ1ZTZkZDM2LzEv
eXlFWkhUdEpLU0trRkVaTFRqb3dxMW5OY3BvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC84
MjVlNTMtOGMxMC00MDljLThmZWItNmZkMzQ1ZTZkZDM2LzEvc2QtRUgxSVNOdUtn
M1hHeWpTZVdTV1lEbXR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhOZMA0GCSqGSIb3DQEBCwUAA4IB
AQCa/eXhoS25PkD9VWK+QD0vr3yLkP263P3nOGWSizRVQyD+e1Hou77Sk4Nbv9nZ
XWWdsgjjgU7BzAHJ46Pxh95/Npt1pQCLjVgCeUa/U7m/WqShnrp9qUP/kty83ggR
bI35ijKgbS6yw64R1j+YNbjHmxRS0MZHA7B+LNL5tc/g/KE+8cKerCzyOetbtB6G
OuRZk79+sixD+dc9GO2Kzfa5dFeiPPnGkYdC6dWas3YGAeB82HD58XF1yFFNI5N7
okOR6/yUCDoQg5HzLZKO8dln2GfhwImbNgxRqlRdWWwvTTDHTTgRAwAeLhI9uoYR
Ios/B4lXHUvP/uTgNZsNyjND
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:41 2023 by rpki-client on console-fra.rpki-client.org