Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/9b674c-3657-4c25-9953-3f7040997682/1/xgbs9n3n6ErrozPy7DuuG0-9l5o.roa
File: xgbs9n3n6ErrozPy7DuuG0-9l5o.roa (raw, json)
Hash identifier: QvAAObgW/s99eoqUjBGGPb1+capRoQ89BI1p/Lv3jWQ=
Subject key identifier: C6:06:EC:F6:7D:E7:E8:4A:EB:A3:33:F2:EC:3B:AE:1B:4F:BD:97:9A
Certificate issuer: /CN=e6234ed3d8ca96dc518d35c1e7c92bebfcf6ce4d
Certificate serial: 0914C60A
Authority key identifier: E6:23:4E:D3:D8:CA:96:DC:51:8D:35:C1:E7:C9:2B:EB:FC:F6:CE:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5iNO09jKltxRjTXB58kr6_z2zk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/9b674c-3657-4c25-9953-3f7040997682/1/xgbs9n3n6ErrozPy7DuuG0-9l5o.roa
Signing time: Sat 01 Jan 2022 07:58:04 +0000
ROA not before: Sat 01 Jan 2022 07:58:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137
IP address blocks: 151.97.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152356362 (0x914c60a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6234ed3d8ca96dc518d35c1e7c92bebfcf6ce4d
Validity
Not Before: Jan 1 07:58:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c606ecf67de7e84aeba333f2ec3bae1b4fbd979a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:98:86:85:73:af:f5:55:85:8c:d8:c8:5e:e0:
1b:d9:ff:0a:c5:3f:dc:bb:34:d8:0d:13:82:f7:89:
c9:81:37:b2:fa:4a:b7:8a:41:b5:f1:cc:0e:8b:38:
62:14:bc:ca:88:ac:f9:e2:32:a8:2a:5c:af:20:ad:
75:c8:b4:2c:31:97:6a:7b:4a:54:a2:58:74:a0:b3:
a1:55:77:c3:37:27:04:12:41:58:62:66:84:f3:2d:
43:c2:9a:17:f7:96:24:61:26:42:37:3a:a2:37:16:
6b:07:dc:04:42:07:7b:81:42:68:24:66:9a:0f:97:
79:98:64:cb:0b:e7:7d:26:d9:19:1d:11:53:9d:4c:
cf:84:60:3d:fa:b0:90:a0:9e:48:64:95:86:53:6d:
e9:2c:9a:72:a1:69:9e:ca:b6:5c:c0:7c:40:f9:2b:
a6:e3:c0:2a:d2:31:d3:fd:a8:a0:64:0e:26:b4:f2:
eb:08:de:86:89:61:61:da:7b:9c:5d:72:e6:57:21:
b5:5f:ea:d7:f3:30:93:78:b4:f9:13:f0:09:35:9b:
15:1d:65:9f:87:15:04:4d:f4:c0:c1:ad:7b:ad:b9:
1a:34:bd:5f:f2:79:38:b1:df:56:18:8f:64:09:27:
7d:ff:39:9f:3d:19:02:83:e6:49:14:fa:f5:57:b4:
8b:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:06:EC:F6:7D:E7:E8:4A:EB:A3:33:F2:EC:3B:AE:1B:4F:BD:97:9A
X509v3 Authority Key Identifier:
keyid:E6:23:4E:D3:D8:CA:96:DC:51:8D:35:C1:E7:C9:2B:EB:FC:F6:CE:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5iNO09jKltxRjTXB58kr6_z2zk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/9b674c-3657-4c25-9953-3f7040997682/1/xgbs9n3n6ErrozPy7DuuG0-9l5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/9b674c-3657-4c25-9953-3f7040997682/1/5iNO09jKltxRjTXB58kr6_z2zk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.97.0.0/16
Signature Algorithm: sha256WithRSAEncryption
25:4b:2a:ed:80:01:0e:cf:89:91:b9:a5:90:55:e7:56:66:bc:
6e:32:4c:f8:d2:73:4c:21:a1:b2:28:20:59:f7:b7:f2:5f:2d:
e9:4b:a1:9a:d9:37:f0:97:49:d1:c9:b4:34:b4:84:25:8a:d9:
ae:2b:e2:5d:2a:df:e5:f6:ef:a1:a7:99:45:1b:d1:0d:82:89:
77:2b:39:09:2e:43:0d:75:84:c7:56:65:47:b2:b6:a9:b9:5e:
89:dd:f0:0b:d4:14:e1:2b:12:84:29:9e:74:3a:1c:92:fa:06:
15:41:af:ea:5a:5b:39:40:50:65:8a:f8:2a:57:2a:f2:9f:63:
f6:5b:ea:88:dd:67:be:d7:9a:61:c8:8d:3b:bc:e4:f5:98:e9:
fe:35:cc:b3:b7:a9:d7:05:c6:fe:56:d0:26:0e:28:75:a9:5a:
20:11:c7:c6:e4:06:77:23:95:d5:7b:ea:0f:66:32:96:05:7a:
9b:83:d0:f8:01:99:d4:d0:9d:c2:93:d8:26:72:67:77:33:ef:
8f:cb:40:9c:ea:7e:d4:37:80:ba:0e:cd:f0:4b:e9:d4:26:c6:
b2:bb:70:31:92:9f:c0:ff:83:b9:55:68:5e:f9:3a:5b:6a:4d:
ac:02:63:bc:78:85:22:fe:70:bf:54:de:61:bf:f0:b9:f7:52:
c9:cc:f9:5c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECRTGCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NjIzNGVkM2Q4Y2E5NmRjNTE4ZDM1YzFlN2M5MmJlYmZjZjZjZTRkMB4XDTIyMDEw
MTA3NTgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzYwNmVjZjY3ZGU3
ZTg0YWViYTMzM2YyZWMzYmFlMWI0ZmJkOTc5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMKYhoVzr/VVhYzYyF7gG9n/CsU/3Ls02A0TgveJyYE3svpK
t4pBtfHMDos4YhS8yois+eIyqCpcryCtdci0LDGXantKVKJYdKCzoVV3wzcnBBJB
WGJmhPMtQ8KaF/eWJGEmQjc6ojcWawfcBEIHe4FCaCRmmg+XeZhkywvnfSbZGR0R
U51Mz4RgPfqwkKCeSGSVhlNt6SyacqFpnsq2XMB8QPkrpuPAKtIx0/2ooGQOJrTy
6wjeholhYdp7nF1y5lchtV/q1/Mwk3i0+RPwCTWbFR1ln4cVBE30wMGte625GjS9
X/J5OLHfVhiPZAknff85nz0ZAoPmSRT69Ve0i3kCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBTGBuz2fefoSuujM/LsO64bT72XmjAfBgNVHSMEGDAWgBTmI07T2MqW3FGN
NcHnySvr/PbOTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVpTk8wOWpLbHR4UmpUWEI1OGtyNl96MnprMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvOWI2NzRjLTM2NTctNGMyNS05OTUzLTNmNzA0MDk5NzY4Mi8x
L3hnYnM5bjNuNkVycm96UHk3RHV1RzAtOWw1by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
OWI2NzRjLTM2NTctNGMyNS05OTUzLTNmNzA0MDk5NzY4Mi8xLzVpTk8wOWpLbHR4
UmpUWEI1OGtyNl96MnprMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJdhMA0GCSqGSIb3DQEBCwUAA4IB
AQAlSyrtgAEOz4mRuaWQVedWZrxuMkz40nNMIaGyKCBZ97fyXy3pS6Ga2Tfwl0nR
ybQ0tIQlitmuK+JdKt/l9u+hp5lFG9ENgol3KzkJLkMNdYTHVmVHsrapuV6J3fAL
1BThKxKEKZ50OhyS+gYVQa/qWls5QFBlivgqVyryn2P2W+qI3We+15phyI07vOT1
mOn+Ncyzt6nXBcb+VtAmDih1qVogEcfG5AZ3I5XVe+oPZjKWBXqbg9D4AZnU0J3C
k9gmcmd3M++Py0Cc6n7UN4C6Ds3wS+nUJsayu3Axkp/A/4O5VWhe+Tpbak2sAmO8
eIUi/nC/VN5hv/C591LJzPlc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:23 2023 by rpki-client on console-ams.rpki-client.org