Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/sgBWnq9o1tAnbvW8oLR6Z0I9OUE.roa
File: sgBWnq9o1tAnbvW8oLR6Z0I9OUE.roa (raw, json)
Hash identifier: vgpa2PjD1UgcpH+GbN0GGEPRcOGfht6bR3zpxlA8CL0=
Subject key identifier: B2:00:56:9E:AF:68:D6:D0:27:6E:F5:BC:A0:B4:7A:67:42:3D:39:41
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 01845D44DF28BF04AAD99C7D75A0343E9D8B
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/sgBWnq9o1tAnbvW8oLR6Z0I9OUE.roa
Signing time: Wed 09 Nov 2022 16:41:45 +0000
ROA not before: Wed 09 Nov 2022 16:41:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 188.209.128.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5d:44:df:28:bf:04:aa:d9:9c:7d:75:a0:34:3e:9d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Nov 9 16:41:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b200569eaf68d6d0276ef5bca0b47a67423d3941
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:6b:9a:ae:57:d9:26:f8:63:19:45:7e:a1:59:
5a:ca:44:be:f6:b7:a7:6b:46:4d:af:04:a6:b8:ac:
20:38:e4:89:09:17:75:2a:8d:1f:69:15:74:cd:27:
96:53:37:0e:63:d1:33:e7:a9:1f:fe:dd:42:86:57:
1a:42:4e:f6:97:87:d3:f6:3f:dc:a6:c9:0a:70:28:
77:29:b4:ec:2e:a7:19:c3:d8:d4:d1:f5:d9:57:69:
ef:4a:dc:22:15:14:21:1b:22:5b:ef:7a:8f:92:5b:
a8:09:04:b2:40:53:52:af:27:fa:4e:88:14:40:4b:
89:b6:5c:2b:95:ba:df:f3:e7:3f:15:92:ae:27:fc:
33:fb:85:21:b5:be:84:df:c3:60:3e:6d:e3:4b:0d:
ed:59:a2:d7:08:26:73:b4:e5:4e:31:40:1c:ad:a8:
5f:56:61:51:a4:a1:2f:79:45:59:8e:97:e9:d8:5b:
47:cf:76:e6:12:39:38:7f:97:47:37:6d:cc:57:33:
89:aa:9a:0a:13:85:1b:a6:7e:b6:73:74:1f:0a:41:
80:45:e6:ea:6e:dd:8a:51:2f:50:88:13:ad:82:e4:
5c:60:36:e5:f0:1b:93:62:32:2e:cb:1a:7f:bc:bd:
2b:0a:ae:fb:ed:94:58:5d:70:ae:86:7d:f4:03:58:
9e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:00:56:9E:AF:68:D6:D0:27:6E:F5:BC:A0:B4:7A:67:42:3D:39:41
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/sgBWnq9o1tAnbvW8oLR6Z0I9OUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.128.0/22
Signature Algorithm: sha256WithRSAEncryption
10:2e:8f:55:c3:5a:8c:60:0f:b9:bd:88:18:2a:18:0e:fd:f9:
41:2e:14:c1:2c:f8:14:ae:4b:57:fa:0f:7c:38:b2:0e:ea:4d:
e8:ec:71:b8:a1:24:74:a4:4b:e3:f3:fd:d0:cf:fd:8f:eb:e2:
70:50:ca:72:4c:42:01:c1:3b:82:b4:93:e8:f6:89:bb:35:36:
32:8b:c1:02:11:8a:5b:0e:79:5c:b2:c0:70:78:d2:6a:69:9e:
4c:cc:77:d2:3b:1d:1b:f7:65:0f:68:3e:7f:60:55:94:5b:93:
44:49:fe:95:e9:4c:94:af:ae:fa:cd:43:82:5c:0f:38:2b:f9:
5d:e4:d3:1d:3b:e1:db:fa:29:69:46:ce:a7:f5:c3:e4:ab:7a:
e4:68:72:5c:b4:b4:27:48:9e:68:8b:66:31:e3:b6:26:9e:3f:
b1:e0:79:dd:f2:41:7a:aa:f1:87:1c:19:8f:4c:d5:92:10:b6:
96:10:a7:0e:12:b0:e6:11:6c:79:0c:4c:60:56:e5:dc:8f:c8:
f4:d1:0d:2d:b7:16:aa:27:69:b0:57:92:0b:86:27:8a:47:5b:
dc:12:92:7d:ad:d5:29:06:44:a0:31:dc:55:ad:b8:07:4f:92:
ed:6c:30:5c:79:27:c6:b6:44:24:84:4b:db:3a:66:b3:9d:a1:
90:3a:22:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRdRN8ovwSq2Zx9daA0Pp2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjIxMTA5MTY0MTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjAwNTY5ZWFmNjhkNmQwMjc2ZWY1YmNhMGI0N2E2NzQyM2QzOTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGuarlfZJvhjGUV+oVlaykS+9ren
a0ZNrwSmuKwgOOSJCRd1Ko0faRV0zSeWUzcOY9Ez56kf/t1ChlcaQk72l4fT9j/c
pskKcCh3KbTsLqcZw9jU0fXZV2nvStwiFRQhGyJb73qPkluoCQSyQFNSryf6TogU
QEuJtlwrlbrf8+c/FZKuJ/wz+4Uhtb6E38NgPm3jSw3tWaLXCCZztOVOMUAcrahf
VmFRpKEveUVZjpfp2FtHz3bmEjk4f5dHN23MVzOJqpoKE4Ubpn62c3QfCkGARebq
bt2KUS9QiBOtguRcYDbl8BuTYjIuyxp/vL0rCq777ZRYXXCuhn30A1ieXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIAVp6vaNbQJ271vKC0emdCPTlBMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvc2dCV25xOW8xdEFuYnZXOG9MUjZaMEk5T1VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCvNGAMA0G
CSqGSIb3DQEBCwUAA4IBAQAQLo9Vw1qMYA+5vYgYKhgO/flBLhTBLPgUrktX+g98
OLIO6k3o7HG4oSR0pEvj8/3Qz/2P6+JwUMpyTEIBwTuCtJPo9om7NTYyi8ECEYpb
DnlcssBweNJqaZ5MzHfSOx0b92UPaD5/YFWUW5NESf6V6UyUr676zUOCXA84K/ld
5NMdO+Hb+ilpRs6n9cPkq3rkaHJctLQnSJ5oi2Yx47Ymnj+x4Hnd8kF6qvGHHBmP
TNWSELaWEKcOErDmEWx5DExgVuXcj8j00Q0ttxaqJ2mwV5ILhieKR1vcEpJ9rdUp
BkSgMdxVrbgHT5LtbDBceSfGtkQkhEvbOmaznaGQOiJl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:59 2023 by rpki-client on console-ams.rpki-client.org