Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Z-_q0GTb5d2HqnBvqJT2GwOjvMo.roa
File: Z-_q0GTb5d2HqnBvqJT2GwOjvMo.roa (raw, json)
Hash identifier: X/o1dqmzxOaWVha22Dxk4CIFY5QxbEWYmnjWGgYh2w4=
Subject key identifier: 67:EF:EA:D0:64:DB:E5:DD:87:AA:70:6F:A8:94:F6:1B:03:A3:BC:CA
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01837A611F1F0202648D008187FD337CC4E1
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Z-_q0GTb5d2HqnBvqJT2GwOjvMo.roa
Signing time: Mon 26 Sep 2022 15:18:48 +0000
ROA not before: Mon 26 Sep 2022 15:18:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 996
IP address blocks: 2.59.204.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7a:61:1f:1f:02:02:64:8d:00:81:87:fd:33:7c:c4:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 26 15:18:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67efead064dbe5dd87aa706fa894f61b03a3bcca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b8:08:47:2a:9f:93:bc:05:1b:14:bf:03:58:
99:79:a4:57:ea:a3:0a:77:5f:41:79:71:ce:14:66:
7e:33:ed:f3:42:9f:b0:81:ac:22:f7:40:78:ee:83:
e4:a1:6c:da:9f:7e:3f:71:7f:b6:8d:9e:1f:83:12:
94:d1:07:f5:81:b8:e0:6c:0c:d0:c8:81:f5:dc:87:
22:5d:16:f9:cb:4f:8b:f7:16:bb:ca:85:60:e2:e9:
5f:af:89:86:7c:a9:8f:d5:4d:74:09:8e:02:0c:68:
79:89:3a:14:dc:d1:38:ba:e2:5a:9b:c9:c3:a2:9d:
80:9a:4b:24:5f:b1:cd:a4:1e:f3:36:f0:e2:25:e2:
9f:46:45:9b:4f:bb:12:46:37:73:ba:29:53:91:06:
54:75:2c:38:58:d4:e9:40:7f:72:d1:21:85:1f:f4:
1b:29:e7:a3:5f:ef:05:ae:ce:9c:58:a7:0c:d9:3b:
cd:f8:02:46:e5:d2:8a:d2:54:18:25:e1:ee:e4:02:
3a:93:b7:44:aa:9f:0a:41:ee:80:f6:0a:11:1e:a7:
9c:e9:63:69:e4:5d:16:52:ee:c6:45:0f:28:f2:bc:
84:17:10:25:7b:b4:20:ba:fe:6e:dc:3d:62:09:61:
06:a8:1f:61:04:b1:55:fc:55:1e:7b:50:dc:13:6d:
33:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EF:EA:D0:64:DB:E5:DD:87:AA:70:6F:A8:94:F6:1B:03:A3:BC:CA
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/Z-_q0GTb5d2HqnBvqJT2GwOjvMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.204.0/22
Signature Algorithm: sha256WithRSAEncryption
86:a5:8a:f5:c5:94:c9:e5:41:fa:12:a8:e6:d7:c1:4a:a3:ad:
67:6b:1a:8b:9e:e4:27:6a:f6:27:46:ba:11:fa:e4:66:dd:2d:
5b:36:f5:a0:b0:11:9e:1e:b9:7f:a5:5f:c3:e5:60:ce:bf:10:
de:77:ef:a4:84:24:f7:c2:b5:be:99:32:66:de:eb:66:f1:df:
38:a6:aa:05:fe:68:a4:df:ca:4e:a3:7d:1b:f7:62:e9:14:a1:
1e:f2:ba:13:14:f8:b8:d3:48:bb:ea:56:2c:e1:ed:d7:4f:d1:
52:f9:dc:d0:1b:02:04:4c:42:56:a0:00:89:90:62:95:fa:53:
92:16:3f:b4:1a:40:4b:f4:02:4a:b1:29:a5:b3:6e:0b:f4:e4:
83:0e:2d:c7:fd:ca:66:7d:23:4f:2f:76:96:ac:b8:f5:5b:89:
5b:b7:2a:b1:5a:01:97:84:17:cf:c8:11:86:91:a5:5e:2c:e6:
93:b4:c9:1f:1e:ff:06:e8:db:49:cf:65:18:94:d1:14:12:f2:
56:4a:32:ff:ab:29:c6:bf:25:95:bb:e6:82:46:19:18:72:b7:
d1:5c:a9:5b:06:fb:36:b5:8b:35:a2:d4:2c:1e:97:0b:53:d9:
a8:cd:fc:98:e2:15:c9:3d:d8:c4:f7:9f:e0:b5:b3:37:2f:65:
ca:96:d0:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN6YR8fAgJkjQCBh/0zfMThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwOTI2MTUxODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2VmZWFkMDY0ZGJlNWRkODdhYTcwNmZhODk0ZjYxYjAzYTNiY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7gIRyqfk7wFGxS/A1iZeaRX6qMK
d19BeXHOFGZ+M+3zQp+wgawi90B47oPkoWzan34/cX+2jZ4fgxKU0Qf1gbjgbAzQ
yIH13IciXRb5y0+L9xa7yoVg4ulfr4mGfKmP1U10CY4CDGh5iToU3NE4uuJam8nD
op2AmkskX7HNpB7zNvDiJeKfRkWbT7sSRjdzuilTkQZUdSw4WNTpQH9y0SGFH/Qb
KeejX+8Frs6cWKcM2TvN+AJG5dKK0lQYJeHu5AI6k7dEqp8KQe6A9goRHqec6WNp
5F0WUu7GRQ8o8ryEFxAle7Qguv5u3D1iCWEGqB9hBLFV/FUee1DcE20zxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGfv6tBk2+Xdh6pwb6iU9hsDo7zKMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWi1fcTBHVGI1ZDJIcW5CdnFKVDJHd09qdk1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjvMMA0G
CSqGSIb3DQEBCwUAA4IBAQCGpYr1xZTJ5UH6Eqjm18FKo61naxqLnuQnavYnRroR
+uRm3S1bNvWgsBGeHrl/pV/D5WDOvxDed++khCT3wrW+mTJm3utm8d84pqoF/mik
38pOo30b92LpFKEe8roTFPi400i76lYs4e3XT9FS+dzQGwIETEJWoACJkGKV+lOS
Fj+0GkBL9AJKsSmls24L9OSDDi3H/cpmfSNPL3aWrLj1W4lbtyqxWgGXhBfPyBGG
kaVeLOaTtMkfHv8G6NtJz2UYlNEUEvJWSjL/qynGvyWVu+aCRhkYcrfRXKlbBvs2
tYs1otQsHpcLU9mozfyY4hXJPdjE95/gtbM3L2XKltD7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org