Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/2ZyGVffjclDTXHS96f7xAwQ3oDA.roa
File: 2ZyGVffjclDTXHS96f7xAwQ3oDA.roa (raw, json)
Hash identifier: Md3Y/JYzvCZAiQOOqXWGXwJ5DZznz1wgR2MHKoJM24Q=
Subject key identifier: D9:9C:86:55:F7:E3:72:50:D3:5C:74:BD:E9:FE:F1:03:04:37:A0:30
Certificate issuer: /CN=83c8d01caf2b0751d035c537566f45627925e4f6
Certificate serial: 02401ADE
Authority key identifier: 83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/2ZyGVffjclDTXHS96f7xAwQ3oDA.roa
Signing time: Sat 01 Jan 2022 11:01:19 +0000
ROA not before: Sat 01 Jan 2022 11:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57824
IP address blocks: 176.109.144.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37755614 (0x2401ade)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83c8d01caf2b0751d035c537566f45627925e4f6
Validity
Not Before: Jan 1 11:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d99c8655f7e37250d35c74bde9fef1030437a030
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:11:00:43:5a:79:85:2a:dd:62:0a:58:83:
e2:ef:ad:ba:c6:0f:75:6a:a0:68:5b:cf:12:dc:fb:
b2:a4:83:5e:60:2f:02:6c:e0:5f:1b:cf:9f:5b:2f:
a3:43:7c:de:8e:66:90:6f:c3:62:74:03:3d:e8:70:
04:d4:56:35:7f:b3:1a:42:08:08:96:c1:a1:cc:10:
33:b2:82:79:ce:27:36:ae:ca:e5:63:1f:02:e8:21:
1e:dd:41:31:aa:4f:02:6d:8e:de:0e:51:58:94:f7:
de:3d:9b:31:7e:0a:84:48:7d:29:9d:6f:59:a7:46:
cd:6b:33:ab:f7:d7:78:fa:87:b4:bc:78:bf:cb:26:
b8:ac:88:2b:6e:a5:ea:a6:73:38:6a:d9:69:1b:b0:
d6:ae:7a:92:48:c1:23:11:81:35:df:49:64:2e:31:
a7:d5:01:7b:ef:77:c9:93:dd:bf:d5:8a:20:03:1a:
91:88:02:c3:82:e7:b5:6a:ec:3a:33:7b:75:8c:53:
e7:22:1d:c1:c1:a2:48:39:3a:df:b3:ae:8f:26:cc:
c9:f4:02:d8:1a:f5:f8:91:f4:92:7e:38:fc:3f:b3:
d2:f5:11:c4:dd:48:7c:28:58:98:10:3a:8e:de:2b:
ff:b4:de:72:39:09:1a:fa:35:6d:39:2c:64:b6:dc:
a1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:9C:86:55:F7:E3:72:50:D3:5C:74:BD:E9:FE:F1:03:04:37:A0:30
X509v3 Authority Key Identifier:
keyid:83:C8:D0:1C:AF:2B:07:51:D0:35:C5:37:56:6F:45:62:79:25:E4:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/2ZyGVffjclDTXHS96f7xAwQ3oDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/cfa7c3-f0c8-4622-8a47-9ab26b266aa7/1/g8jQHK8rB1HQNcU3Vm9FYnkl5PY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.109.144.0/20
Signature Algorithm: sha256WithRSAEncryption
0e:35:0c:ae:1a:bd:1f:fe:3a:0e:72:47:6e:a8:da:25:c9:cb:
fb:21:1e:d1:ea:b6:f6:a5:bd:ab:e8:c2:ac:df:6d:26:12:e9:
41:b9:02:21:09:8c:f0:bc:12:19:57:69:1a:1e:c2:d9:40:96:
d3:59:65:28:7f:a7:9a:6a:04:55:f1:2e:8f:2d:89:e7:25:c0:
b0:39:ea:1f:3e:ed:b6:de:96:b9:a3:12:88:a1:2f:a3:69:f4:
f0:79:52:93:f0:40:53:29:71:ee:c1:97:a6:fb:b7:99:68:25:
1b:ce:01:af:39:68:b3:6c:3b:f7:0d:d3:ce:c3:98:33:c9:8c:
bb:3a:61:7c:10:88:c6:a4:ba:46:37:e2:98:f7:c4:93:af:17:
30:e1:29:85:4f:cf:29:54:a4:d3:be:18:7e:d5:e9:28:ce:09:
46:9d:f3:2c:3c:86:12:9a:82:53:42:a0:0c:00:40:eb:cf:09:
55:bc:a8:b0:30:df:71:d3:a6:07:eb:ae:b0:57:f1:8d:ab:07:
43:18:8f:7c:f7:0e:3f:fc:95:d9:16:c2:dd:7e:73:eb:b7:3d:
25:fd:07:04:2c:fd:cb:e5:1e:2d:d3:84:de:a8:40:9d:59:9c:
bc:45:76:12:37:c9:7f:81:3c:9d:0b:25:32:05:2d:8c:13:87:
d7:83:e1:1d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAkAa3jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
M2M4ZDAxY2FmMmIwNzUxZDAzNWM1Mzc1NjZmNDU2Mjc5MjVlNGY2MB4XDTIyMDEw
MTExMDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDk5Yzg2NTVmN2Uz
NzI1MGQzNWM3NGJkZTlmZWYxMDMwNDM3YTAzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMX2EQBDWnmFKt1iCliD4u+tusYPdWqgaFvPEtz7sqSDXmAv
AmzgXxvPn1svo0N83o5mkG/DYnQDPehwBNRWNX+zGkIICJbBocwQM7KCec4nNq7K
5WMfAughHt1BMapPAm2O3g5RWJT33j2bMX4KhEh9KZ1vWadGzWszq/fXePqHtLx4
v8smuKyIK26l6qZzOGrZaRuw1q56kkjBIxGBNd9JZC4xp9UBe+93yZPdv9WKIAMa
kYgCw4LntWrsOjN7dYxT5yIdwcGiSDk637OujybMyfQC2Br1+JH0kn44/D+z0vUR
xN1IfChYmBA6jt4r/7TecjkJGvo1bTksZLbcoXcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTZnIZV9+NyUNNcdL3p/vEDBDegMDAfBgNVHSMEGDAWgBSDyNAcrysHUdA1
xTdWb0VieSXk9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2c4alFISzhyQjFIUU5jVTNWbTlGWW5rbDVQWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvY2ZhN2MzLWYwYzgtNDYyMi04YTQ3LTlhYjI2YjI2NmFhNy8x
LzJaeUdWZmZqY2xEVFhIUzk2Zjd4QXdRM29EQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
Y2ZhN2MzLWYwYzgtNDYyMi04YTQ3LTlhYjI2YjI2NmFhNy8xL2c4alFISzhyQjFI
UU5jVTNWbTlGWW5rbDVQWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLBtkDANBgkqhkiG9w0BAQsFAAOC
AQEADjUMrhq9H/46DnJHbqjaJcnL+yEe0eq29qW9q+jCrN9tJhLpQbkCIQmM8LwS
GVdpGh7C2UCW01llKH+nmmoEVfEujy2J5yXAsDnqHz7ttt6WuaMSiKEvo2n08HlS
k/BAUylx7sGXpvu3mWglG84Brzlos2w79w3TzsOYM8mMuzphfBCIxqS6RjfimPfE
k68XMOEphU/PKVSk074YftXpKM4JRp3zLDyGEpqCU0KgDABA688JVbyosDDfcdOm
B+uusFfxjasHQxiPfPcOP/yV2RbC3X5z67c9Jf0HBCz9y+UeLdOE3qhAnVmcvEV2
EjfJf4E8nQslMgUtjBOH14PhHQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:37 2023 by rpki-client on console-ams.rpki-client.org