Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/0nlXFmOQJpkU8G1hnKoTvH5Ixy8.roa
File: 0nlXFmOQJpkU8G1hnKoTvH5Ixy8.roa (raw, json)
Hash identifier: RvvMfo8ABOSxr2Lz/bNskPPkzew4kqvY2AqtSJWHM1g=
Subject key identifier: D2:79:57:16:63:90:26:99:14:F0:6D:61:9C:AA:13:BC:7E:48:C7:2F
Certificate issuer: /CN=eb50d3084bf8aa9ea777d245b60d511be189eab2
Certificate serial: 0184CE8A4C1B75DF58F0CE2A66BE436C5FED
Authority key identifier: EB:50:D3:08:4B:F8:AA:9E:A7:77:D2:45:B6:0D:51:1B:E1:89:EA:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/61DTCEv4qp6nd9JFtg1RG-GJ6rI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/0nlXFmOQJpkU8G1hnKoTvH5Ixy8.roa
Signing time: Thu 01 Dec 2022 16:34:40 +0000
ROA not before: Thu 01 Dec 2022 16:34:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 164.138.248.0/21 maxlen: 24
2a0a:7d40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ce:8a:4c:1b:75:df:58:f0:ce:2a:66:be:43:6c:5f:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb50d3084bf8aa9ea777d245b60d511be189eab2
Validity
Not Before: Dec 1 16:34:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d27957166390269914f06d619caa13bc7e48c72f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e4:86:08:8b:a8:2b:21:9d:98:69:1a:47:ab:
47:7f:cd:93:25:7b:88:6c:34:34:15:7b:e5:26:b1:
fc:02:1a:b9:e8:8a:73:18:d2:7c:2a:1e:26:09:4b:
17:11:c7:f2:02:4e:49:e4:f5:64:fb:82:0d:e7:0b:
79:9b:81:fe:ac:da:bd:dd:8b:83:fa:e9:bd:27:62:
c8:2b:e7:7d:76:fc:f4:30:24:e2:41:92:19:31:b1:
d2:8b:d7:89:4f:18:58:d5:ff:46:5f:d5:04:5f:42:
4a:c6:cc:53:f8:95:6f:c6:31:0a:28:90:85:3a:93:
26:4a:3f:eb:69:bd:6a:f7:95:3e:a0:bb:59:0e:4d:
e9:b9:4c:94:85:c8:3e:52:e5:3e:86:37:66:55:dd:
47:1b:8f:d9:ee:05:0c:d6:53:48:a7:2c:f4:59:00:
c4:1c:33:4b:4e:02:ca:b2:83:66:4d:3f:48:e8:4b:
d7:eb:be:7d:33:01:5e:81:b2:74:15:80:e1:8c:c1:
3c:8e:bb:ee:65:ce:07:fd:09:e5:cc:e8:1c:5d:40:
99:c0:75:0b:4c:be:19:99:1d:c6:af:33:bc:36:18:
b4:fd:62:85:20:83:be:f0:43:e6:7e:97:ba:a7:3a:
19:71:e4:a0:72:d2:3e:b5:88:ba:f4:dd:73:ad:25:
0e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:79:57:16:63:90:26:99:14:F0:6D:61:9C:AA:13:BC:7E:48:C7:2F
X509v3 Authority Key Identifier:
keyid:EB:50:D3:08:4B:F8:AA:9E:A7:77:D2:45:B6:0D:51:1B:E1:89:EA:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/61DTCEv4qp6nd9JFtg1RG-GJ6rI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/0nlXFmOQJpkU8G1hnKoTvH5Ixy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/12e72c-7491-47e2-ac53-ac0c60100478/1/61DTCEv4qp6nd9JFtg1RG-GJ6rI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.248.0/21
IPv6:
2a0a:7d40::/32
Signature Algorithm: sha256WithRSAEncryption
56:c0:89:67:e7:68:ca:ff:59:3c:49:a8:f5:df:a9:a4:dd:31:
f2:fa:dc:d6:38:09:f9:8e:50:f3:ad:47:b7:1d:43:71:87:81:
ce:65:b0:a5:27:60:af:de:bf:5f:5c:31:91:d2:8a:5d:2b:14:
16:87:99:a0:40:3a:e8:52:2c:a3:25:17:c8:c8:49:1c:5a:be:
49:aa:96:26:d7:27:8e:52:f7:32:f0:df:fb:56:a7:15:96:c4:
d9:3f:e5:06:42:fc:56:11:cc:4b:2c:78:3d:f2:c5:80:b8:6b:
93:9a:5e:68:f6:4d:74:8d:ca:d7:18:51:0b:9f:cf:07:95:7e:
b6:69:dd:3c:4e:7f:18:4c:53:1d:18:b3:f7:ac:68:e3:81:48:
b7:fc:85:17:d3:ff:3a:c9:56:87:2a:92:54:ae:b3:aa:a8:a6:
82:9f:a2:15:19:f8:88:2b:dc:34:d0:73:08:45:9e:f4:90:0c:
13:60:23:ee:98:e7:15:54:02:ef:fe:55:ec:3a:36:84:48:c1:
ba:0c:1e:24:39:88:e1:1d:39:c7:2f:9e:45:db:64:9e:a1:7c:
c1:a9:aa:0c:26:49:8d:61:0a:fa:ab:b1:f2:6f:d7:c4:9d:fd:
79:72:2a:70:f9:3f:6e:79:5b:d3:6c:36:c8:f1:e1:e5:46:b9:
d9:43:c0:a7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTOikwbdd9Y8M4qZr5DbF/tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViNTBkMzA4NGJmOGFhOWVhNzc3ZDI0NWI2MGQ1MTFiZTE4
OWVhYjIwHhcNMjIxMjAxMTYzNDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjc5NTcxNjYzOTAyNjk5MTRmMDZkNjE5Y2FhMTNiYzdlNDhjNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+SGCIuoKyGdmGkaR6tHf82TJXuI
bDQ0FXvlJrH8Ahq56IpzGNJ8Kh4mCUsXEcfyAk5J5PVk+4IN5wt5m4H+rNq93YuD
+um9J2LIK+d9dvz0MCTiQZIZMbHSi9eJTxhY1f9GX9UEX0JKxsxT+JVvxjEKKJCF
OpMmSj/rab1q95U+oLtZDk3puUyUhcg+UuU+hjdmVd1HG4/Z7gUM1lNIpyz0WQDE
HDNLTgLKsoNmTT9I6EvX6759MwFegbJ0FYDhjME8jrvuZc4H/QnlzOgcXUCZwHUL
TL4ZmR3GrzO8Nhi0/WKFIIO+8EPmfpe6pzoZceSgctI+tYi69N1zrSUOJQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNJ5VxZjkCaZFPBtYZyqE7x+SMcvMB8GA1UdIwQY
MBaAFOtQ0whL+Kqep3fSRbYNURvhieqyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjFEVENFdjRxcDZuZDlKRnRnMVJHLUdKNnJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xMmU3MmMtNzQ5MS00N2UyLWFjNTMt
YWMwYzYwMTAwNDc4LzEvMG5sWEZtT1FKcGtVOEcxaG5Lb1R2SDVJeHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xMmU3MmMtNzQ5MS00N2UyLWFjNTMtYWMwYzYwMTAwNDc4
LzEvNjFEVENFdjRxcDZuZDlKRnRnMVJHLUdKNnJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDpIr4MA0E
AgACMAcDBQAqCn1AMA0GCSqGSIb3DQEBCwUAA4IBAQBWwIln52jK/1k8Saj136mk
3THy+tzWOAn5jlDzrUe3HUNxh4HOZbClJ2Cv3r9fXDGR0opdKxQWh5mgQDroUiyj
JRfIyEkcWr5JqpYm1yeOUvcy8N/7VqcVlsTZP+UGQvxWEcxLLHg98sWAuGuTml5o
9k10jcrXGFELn88HlX62ad08Tn8YTFMdGLP3rGjjgUi3/IUX0/86yVaHKpJUrrOq
qKaCn6IVGfiIK9w00HMIRZ70kAwTYCPumOcVVALv/lXsOjaESMG6DB4kOYjhHTnH
L55F22SeoXzBqaoMJkmNYQr6q7Hyb9fEnf15cipw+T9ueVvTbDbI8eHlRrnZQ8Cn
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:33 2023 by rpki-client on console-ams.rpki-client.org