Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/5aa619-dcca-49d5-901f-a5ab7b64155f/1/P4s8WaocbJNzh2Z68z-z3i-Zsho.roa
File: P4s8WaocbJNzh2Z68z-z3i-Zsho.roa (raw, json)
Hash identifier: Nq9J8ogC5Lk0lUlYIIPd2eVQV8z/EEbcvwUIpGJuy14=
Subject key identifier: 3F:8B:3C:59:AA:1C:6C:93:73:87:66:7A:F3:3F:B3:DE:2F:99:B2:1A
Certificate issuer: /CN=bc3a4697447d190308644a58bceaa124c074b7e1
Certificate serial: 09C1CB82
Authority key identifier: BC:3A:46:97:44:7D:19:03:08:64:4A:58:BC:EA:A1:24:C0:74:B7:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vDpGl0R9GQMIZEpYvOqhJMB0t-E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/5aa619-dcca-49d5-901f-a5ab7b64155f/1/P4s8WaocbJNzh2Z68z-z3i-Zsho.roa
Signing time: Sat 01 Jan 2022 02:53:34 +0000
ROA not before: Sat 01 Jan 2022 02:53:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209766
IP address blocks: 192.145.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163695490 (0x9c1cb82)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc3a4697447d190308644a58bceaa124c074b7e1
Validity
Not Before: Jan 1 02:53:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f8b3c59aa1c6c937387667af33fb3de2f99b21a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ed:42:4b:09:c4:8f:29:2d:3f:1d:e8:6e:a1:
a6:9a:d6:41:e4:b9:34:b3:5d:a9:d0:71:5a:9c:cb:
52:67:4c:7f:a1:43:cb:39:7a:9f:71:6b:ca:41:9e:
38:88:d4:46:f3:7d:e9:67:e2:86:81:33:2a:dd:f0:
00:fb:9f:a7:fc:8b:e8:19:21:76:69:b7:82:a5:c8:
4a:fd:6f:ce:c8:d2:55:ad:24:18:6d:c5:a2:2c:9d:
a7:1c:71:e6:a2:e2:21:bb:54:a6:b3:c6:72:2e:2a:
b5:61:25:d4:ed:05:43:a2:ed:d9:99:e0:08:a9:8b:
2b:78:74:d1:69:da:1a:2d:80:60:39:e0:e5:a6:7e:
ca:fc:91:a1:16:5b:86:58:23:60:39:17:39:6f:6f:
60:51:dd:5a:46:47:aa:c5:56:c8:22:a6:33:20:ea:
69:0a:1c:af:d3:79:1f:34:2a:4a:dd:cd:9b:19:0a:
1c:24:cf:83:91:07:5e:42:e4:fe:19:c6:47:0b:7d:
c8:85:4f:81:a7:7b:d8:1e:48:5b:45:ff:95:92:99:
9c:e2:0b:8c:e5:f0:e7:b9:47:08:6f:46:45:07:d6:
12:2b:5c:a9:a4:d2:55:a5:fb:cf:0b:6d:49:3c:9d:
8c:de:c9:81:c3:9d:75:f4:3a:39:21:e3:67:69:0e:
aa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:8B:3C:59:AA:1C:6C:93:73:87:66:7A:F3:3F:B3:DE:2F:99:B2:1A
X509v3 Authority Key Identifier:
keyid:BC:3A:46:97:44:7D:19:03:08:64:4A:58:BC:EA:A1:24:C0:74:B7:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vDpGl0R9GQMIZEpYvOqhJMB0t-E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/5aa619-dcca-49d5-901f-a5ab7b64155f/1/P4s8WaocbJNzh2Z68z-z3i-Zsho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/5aa619-dcca-49d5-901f-a5ab7b64155f/1/vDpGl0R9GQMIZEpYvOqhJMB0t-E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.145.4.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:62:80:0c:14:6d:73:5a:4a:4d:2f:ac:8d:46:c2:0c:24:41:
e9:c5:c1:81:00:76:c8:eb:31:d0:63:2e:d3:3a:98:9d:9c:a5:
f7:a7:53:ae:d1:78:5c:77:af:39:0e:2c:ef:72:c5:4e:f9:6e:
f0:95:69:6b:55:0b:ef:b3:5d:61:2d:20:70:24:f3:30:cb:0b:
1e:64:ef:0a:be:a8:dc:1d:eb:c6:41:2c:32:ad:0e:50:c1:de:
ff:0d:c4:e7:91:2a:c2:c3:a3:6a:96:9f:19:4f:41:f3:65:08:
05:9d:6c:41:a7:af:73:d4:4b:3e:b5:5f:ac:dc:05:c2:78:42:
a6:db:2d:3e:cb:ef:38:55:51:30:c2:85:7b:01:47:66:e2:f2:
f7:a2:74:82:92:50:24:96:25:73:37:51:49:d7:0c:4a:c1:35:
2e:51:64:fc:d2:c3:77:18:df:ac:28:d6:10:ed:60:e7:8a:e9:
27:5a:6a:07:cc:f6:42:f0:73:59:f5:34:83:6e:0c:93:76:60:
20:36:b0:ac:31:49:ab:a8:6d:f2:0e:62:83:7d:a8:ff:df:97:
1a:ee:ed:fe:59:9f:0c:0d:71:b3:55:47:0b:41:35:42:b7:f8:
d0:35:e2:15:6b:a2:20:d5:6e:89:94:b5:ae:73:ba:aa:f0:8c:
d6:26:26:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECcHLgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YzNhNDY5NzQ0N2QxOTAzMDg2NDRhNThiY2VhYTEyNGMwNzRiN2UxMB4XDTIyMDEw
MTAyNTMzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2Y4YjNjNTlhYTFj
NmM5MzczODc2NjdhZjMzZmIzZGUyZjk5YjIxYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPtQksJxI8pLT8d6G6hpprWQeS5NLNdqdBxWpzLUmdMf6FD
yzl6n3FrykGeOIjURvN96WfihoEzKt3wAPufp/yL6Bkhdmm3gqXISv1vzsjSVa0k
GG3Foiydpxxx5qLiIbtUprPGci4qtWEl1O0FQ6Lt2ZngCKmLK3h00WnaGi2AYDng
5aZ+yvyRoRZbhlgjYDkXOW9vYFHdWkZHqsVWyCKmMyDqaQocr9N5HzQqSt3NmxkK
HCTPg5EHXkLk/hnGRwt9yIVPgad72B5IW0X/lZKZnOILjOXw57lHCG9GRQfWEitc
qaTSVaX7zwttSTydjN7JgcOddfQ6OSHjZ2kOquECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ/izxZqhxsk3OHZnrzP7PeL5myGjAfBgNVHSMEGDAWgBS8OkaXRH0ZAwhk
Sli86qEkwHS34TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZEcEdsMFI5R1FNSVpFcFl2T3FoSk1CMHQtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvNWFhNjE5LWRjY2EtNDlkNS05MDFmLWE1YWI3YjY0MTU1Zi8x
L1A0czhXYW9jYkpOemgyWjY4ei16M2ktWnNoby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
NWFhNjE5LWRjY2EtNDlkNS05MDFmLWE1YWI3YjY0MTU1Zi8xL3ZEcEdsMFI5R1FN
SVpFcFl2T3FoSk1CMHQtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsCRBDANBgkqhkiG9w0BAQsFAAOC
AQEAqGKADBRtc1pKTS+sjUbCDCRB6cXBgQB2yOsx0GMu0zqYnZyl96dTrtF4XHev
OQ4s73LFTvlu8JVpa1UL77NdYS0gcCTzMMsLHmTvCr6o3B3rxkEsMq0OUMHe/w3E
55EqwsOjapafGU9B82UIBZ1sQaevc9RLPrVfrNwFwnhCptstPsvvOFVRMMKFewFH
ZuLy96J0gpJQJJYlczdRSdcMSsE1LlFk/NLDdxjfrCjWEO1g54rpJ1pqB8z2QvBz
WfU0g24Mk3ZgIDawrDFJq6ht8g5ig32o/9+XGu7t/lmfDA1xs1VHC0E1Qrf40DXi
FWuiINVuiZS1rnO6qvCM1iYmDg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:53 2023 by rpki-client on console-fra.rpki-client.org