Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/svKIpQwOQW4IZ0aHYY-1zrd_CKw.roa
File: svKIpQwOQW4IZ0aHYY-1zrd_CKw.roa (raw, json)
Hash identifier: /cyE4H74pXoo0v+qtZE1fHlyft5hIv9XXn4cmZdl0Sw=
Subject key identifier: B2:F2:88:A5:0C:0E:41:6E:08:67:46:87:61:8F:B5:CE:B7:7F:08:AC
Certificate issuer: /CN=597a01de87e011803f890ae17749020f995f140c
Certificate serial: 01846B22A382C666EA09871A67B5C77BE8B3
Authority key identifier: 59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/svKIpQwOQW4IZ0aHYY-1zrd_CKw.roa
Signing time: Sat 12 Nov 2022 09:19:02 +0000
ROA not before: Sat 12 Nov 2022 09:19:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 164.18.96.0/21 maxlen: 21
2a07:b982:c000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6b:22:a3:82:c6:66:ea:09:87:1a:67:b5:c7:7b:e8:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=597a01de87e011803f890ae17749020f995f140c
Validity
Not Before: Nov 12 09:19:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b2f288a50c0e416e08674687618fb5ceb77f08ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f5:c6:ac:21:bb:78:1b:12:eb:26:06:af:85:
70:b4:76:55:9a:47:4b:18:0a:ac:89:79:b3:f1:a9:
29:9c:da:83:eb:83:27:ed:5a:ba:ef:50:90:97:06:
e4:be:22:fb:7b:d8:7e:68:f0:18:88:0b:19:c5:86:
de:64:77:9b:05:49:ab:c9:68:12:ce:b3:ca:c3:d3:
ea:53:ea:03:01:df:12:d1:6f:ac:ed:76:38:14:91:
08:da:ef:fd:05:4c:2d:57:33:b0:d6:dc:84:cb:e7:
28:8b:fd:7c:b0:5f:8a:5e:2b:07:64:ad:d2:e9:da:
57:ce:75:a9:c4:fa:13:de:13:04:fa:e7:1d:6f:33:
f9:00:e1:60:40:0b:4d:5a:f8:f9:e8:59:19:fc:d5:
8f:9a:d2:0d:ee:9f:75:3b:24:ad:83:8f:f3:a6:6b:
b3:41:c7:36:8e:7b:c7:ee:b0:90:45:3a:d9:42:9a:
b8:23:26:2d:90:a7:c3:1a:25:ca:3b:d1:98:1f:62:
38:89:83:63:8b:e1:59:33:9c:94:f5:c5:b1:6c:4b:
bb:4c:a0:e9:7a:c1:c2:68:4b:d2:25:51:49:0e:b2:
da:18:d2:44:c5:04:e7:a5:5b:ef:4c:c1:c9:40:99:
8c:fd:16:d0:e6:50:df:22:fb:54:62:ea:56:c9:ba:
1d:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:F2:88:A5:0C:0E:41:6E:08:67:46:87:61:8F:B5:CE:B7:7F:08:AC
X509v3 Authority Key Identifier:
keyid:59:7A:01:DE:87:E0:11:80:3F:89:0A:E1:77:49:02:0F:99:5F:14:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXoB3ofgEYA_iQrhd0kCD5lfFAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/svKIpQwOQW4IZ0aHYY-1zrd_CKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/23ed9a-1ca5-45ea-9b8c-73533de099c3/1/WXoB3ofgEYA_iQrhd0kCD5lfFAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.18.96.0/21
IPv6:
2a07:b982:c000::/48
Signature Algorithm: sha256WithRSAEncryption
ac:ee:d8:fc:60:ce:42:94:44:98:cb:e6:b5:9e:10:f0:cb:12:
21:2d:0d:ae:bf:5d:e5:06:a2:4f:86:b9:18:a1:e9:ca:7e:83:
99:0f:ff:ed:19:ed:49:2e:8a:48:80:16:22:ea:87:b7:ae:36:
c7:4a:c6:77:da:b9:a5:e6:6f:a7:d3:3d:9d:1f:e1:6d:33:40:
30:95:f8:e7:f0:eb:c6:f9:c4:af:bf:c9:32:c9:a0:c8:7a:a1:
39:74:54:69:27:03:51:e4:c0:cc:5f:89:7d:9d:bb:63:f2:bd:
c6:ba:7f:41:71:10:a7:95:c4:cf:c0:15:91:66:f5:a4:9e:21:
e0:10:56:ae:8e:d0:21:a1:50:7c:12:48:17:70:97:03:96:40:
d7:7a:d5:30:75:81:82:0d:a9:f1:83:b3:cf:5a:91:3a:1e:91:
13:af:88:16:fe:b0:e9:4c:0f:a2:5f:61:0b:3e:d1:fa:fa:53:
6c:09:37:66:5c:85:9f:5c:43:52:70:95:a5:fe:10:17:11:29:
30:07:7d:73:04:e2:e6:20:cb:fb:de:c5:3f:b3:09:17:ed:39:
09:7e:0f:b8:66:3c:d1:33:44:8c:67:9b:2a:2f:3a:c9:75:e2:
f6:24:fc:4c:bc:29:5a:9d:fe:bd:18:13:81:d3:74:aa:9e:0e:
23:f7:cc:87
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYRrIqOCxmbqCYcaZ7XHe+izMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5N2EwMWRlODdlMDExODAzZjg5MGFlMTc3NDkwMjBmOTk1
ZjE0MGMwHhcNMjIxMTEyMDkxOTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmYyODhhNTBjMGU0MTZlMDg2NzQ2ODc2MThmYjVjZWI3N2YwOGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvXGrCG7eBsS6yYGr4VwtHZVmkdL
GAqsiXmz8akpnNqD64Mn7Vq671CQlwbkviL7e9h+aPAYiAsZxYbeZHebBUmryWgS
zrPKw9PqU+oDAd8S0W+s7XY4FJEI2u/9BUwtVzOw1tyEy+coi/18sF+KXisHZK3S
6dpXznWpxPoT3hME+ucdbzP5AOFgQAtNWvj56FkZ/NWPmtIN7p91OyStg4/zpmuz
Qcc2jnvH7rCQRTrZQpq4IyYtkKfDGiXKO9GYH2I4iYNji+FZM5yU9cWxbEu7TKDp
esHCaEvSJVFJDrLaGNJExQTnpVvvTMHJQJmM/RbQ5lDfIvtUYupWybodrwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLLyiKUMDkFuCGdGh2GPtc63fwisMB8GA1UdIwQY
MBaAFFl6Ad6H4BGAP4kK4XdJAg+ZXxQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMt
NzM1MzNkZTA5OWMzLzEvc3ZLSXBRd09RVzRJWjBhSFlZLTF6cmRfQ0t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8yM2VkOWEtMWNhNS00NWVhLTliOGMtNzM1MzNkZTA5OWMz
LzEvV1hvQjNvZmdFWUFfaVFyaGQwa0NENWxmRkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQDpBJgMA8E
AgACMAkDBwAqB7mCwAAwDQYJKoZIhvcNAQELBQADggEBAKzu2PxgzkKURJjL5rWe
EPDLEiEtDa6/XeUGok+GuRih6cp+g5kP/+0Z7UkuikiAFiLqh7euNsdKxnfauaXm
b6fTPZ0f4W0zQDCV+Ofw68b5xK+/yTLJoMh6oTl0VGknA1HkwMxfiX2du2Pyvca6
f0FxEKeVxM/AFZFm9aSeIeAQVq6O0CGhUHwSSBdwlwOWQNd61TB1gYINqfGDs89a
kToekROviBb+sOlMD6JfYQs+0fr6U2wJN2ZchZ9cQ1JwlaX+EBcRKTAHfXME4uYg
y/vexT+zCRftOQl+D7hmPNEzRIxnmyovOsl14vYk/Ey8KVqd/r0YE4HTdKqeDiP3
zIc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:12 2023 by rpki-client on console-fra.rpki-client.org