Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/Y8gEEVQyzoId4Jv3JVZG9FxozOU.roa
File: Y8gEEVQyzoId4Jv3JVZG9FxozOU.roa (raw, json)
Hash identifier: 3OnAcvm7c73GQ7BMEf1shTGzfzd1WDcQdmqDp1ApdbU=
Subject key identifier: 63:C8:04:11:54:32:CE:82:1D:E0:9B:F7:25:56:46:F4:5C:68:CC:E5
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 443B086B
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/Y8gEEVQyzoId4Jv3JVZG9FxozOU.roa
Signing time: Sat 01 Jan 2022 09:54:50 +0000
ROA not before: Sat 01 Jan 2022 09:54:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197068
IP address blocks: 192.166.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1144719467 (0x443b086b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Jan 1 09:54:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63c804115432ce821de09bf7255646f45c68cce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:47:d4:16:09:ba:6c:a5:7c:09:93:dd:2d:ae:
f9:5f:e5:a4:f8:12:e9:25:b1:79:64:84:98:43:43:
2a:56:18:6b:bd:65:ff:c8:c1:09:37:ea:1b:55:38:
3a:fb:a4:a3:75:a4:ac:e3:31:f1:30:7f:03:1a:20:
93:f7:a2:5d:e5:04:16:7c:20:53:85:4b:38:a8:86:
63:04:42:86:1e:f7:cd:61:13:29:d4:ea:23:a4:da:
6b:d0:cb:fb:54:ea:fc:f7:91:a6:42:97:cc:40:3b:
e3:4d:67:18:04:d8:9c:66:9b:80:9d:84:d6:47:92:
83:6b:6c:51:09:0b:e5:1d:a9:4a:08:d6:a8:a6:e7:
1b:d4:3d:77:e8:2e:d8:8f:6d:f7:b8:e2:64:41:17:
dd:6a:44:7e:c8:bc:d8:b3:5f:51:e2:28:fd:f5:f2:
9c:df:1d:51:45:a3:f5:4c:2e:25:54:d5:90:8c:4d:
67:cf:9f:89:60:b7:99:4a:8a:74:66:d5:41:87:46:
d3:04:57:c1:b2:5e:71:9e:37:2f:a0:f4:dd:e1:ac:
01:db:6d:b5:fb:4a:99:21:1d:6e:36:d2:43:ed:0c:
25:08:28:2b:7d:9c:95:86:27:2f:de:62:c5:18:3d:
df:f0:de:da:42:2d:77:25:ae:bf:74:3a:87:cd:de:
4f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:C8:04:11:54:32:CE:82:1D:E0:9B:F7:25:56:46:F4:5C:68:CC:E5
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/Y8gEEVQyzoId4Jv3JVZG9FxozOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.48.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:c3:55:9a:0c:ab:a2:ed:e5:8a:77:43:cf:e1:13:09:a7:cb:
eb:34:9c:1f:a0:2f:34:30:af:d0:90:09:47:1b:eb:40:eb:ae:
15:36:43:3e:1e:d0:d0:3d:ac:0d:56:df:39:15:81:40:26:5c:
7b:8d:80:b5:61:ce:c9:6b:35:0f:4f:5c:70:f6:f1:0e:dd:c2:
c9:a5:b3:3f:07:03:15:d8:c1:36:d4:91:b7:5f:4a:86:6b:f7:
a7:8d:97:9d:af:56:3c:b6:76:e0:65:e7:02:0c:35:e2:75:22:
24:db:fc:d5:bb:c7:3b:4b:e2:d3:c0:7f:f6:88:6a:77:12:fd:
7b:f1:1e:b8:34:04:88:dc:e9:03:bd:cd:d3:f7:4f:18:39:f7:
d2:fe:83:5b:c4:cd:02:8d:0a:63:aa:93:64:ec:ef:76:3c:2e:
20:82:73:91:88:7b:c7:66:e2:68:c1:f6:2e:5d:c2:97:ac:98:
b4:48:25:a4:19:21:20:bf:f6:30:d4:3d:c2:df:bc:55:eb:76:
bd:98:68:d4:52:4b:d1:c3:2c:2f:2d:8f:1b:76:15:3d:cd:67:
d2:77:51:e3:3b:fa:36:54:8f:91:5c:01:ed:3d:d2:5f:8f:3d:
2b:00:6e:f0:ed:0c:ca:7a:38:b1:3c:77:20:cb:e2:ce:77:88:
68:b2:2e:78
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIERDsIazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YWQ3MTAwZTc3ZWQ5MTE5ZDY2ZTIzMjFiYjY3MTFkN2U3NjA5ODJiMB4XDTIyMDEw
MTA5NTQ1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjNjODA0MTE1NDMy
Y2U4MjFkZTA5YmY3MjU1NjQ2ZjQ1YzY4Y2NlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANdH1BYJumylfAmT3S2u+V/lpPgS6SWxeWSEmENDKlYYa71l
/8jBCTfqG1U4Ovuko3WkrOMx8TB/Axogk/eiXeUEFnwgU4VLOKiGYwRChh73zWET
KdTqI6Taa9DL+1Tq/PeRpkKXzEA7401nGATYnGabgJ2E1keSg2tsUQkL5R2pSgjW
qKbnG9Q9d+gu2I9t97jiZEEX3WpEfsi82LNfUeIo/fXynN8dUUWj9UwuJVTVkIxN
Z8+fiWC3mUqKdGbVQYdG0wRXwbJecZ43L6D03eGsAdtttftKmSEdbjbSQ+0MJQgo
K32clYYnL95ixRg93/De2kItdyWuv3Q6h83eT/cCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRjyAQRVDLOgh3gm/clVkb0XGjM5TAfBgNVHSMEGDAWgBT61xAOd+2RGdZu
IyG7ZxHX52CYKzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzNlLzAxZDQxMS1kOTE1LTQyNzctOGZlMi03NmIwZGRhMmJmM2Uv
MS9ZOGdFRVZReXpvSWQ0SnYzSlZaRzlGeG96T1Uucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNl
LzAxZDQxMS1kOTE1LTQyNzctOGZlMi03NmIwZGRhMmJmM2UvMS8xLXRjUURuZnRr
Um5XYmlNaHUyY1IxLWRnbUNzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKYwMA0GCSqGSIb3DQEBCwUA
A4IBAQC2w1WaDKui7eWKd0PP4RMJp8vrNJwfoC80MK/QkAlHG+tA664VNkM+HtDQ
PawNVt85FYFAJlx7jYC1Yc7JazUPT1xw9vEO3cLJpbM/BwMV2ME21JG3X0qGa/en
jZedr1Y8tnbgZecCDDXidSIk2/zVu8c7S+LTwH/2iGp3Ev178R64NASI3OkDvc3T
908YOffS/oNbxM0CjQpjqpNk7O92PC4ggnORiHvHZuJowfYuXcKXrJi0SCWkGSEg
v/Yw1D3C37xV63a9mGjUUkvRwywvLY8bdhU9zWfSd1HjO/o2VI+RXAHtPdJfjz0r
AG7w7QzKejixPHcgy+LOd4hosi54
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:55 2023 by rpki-client on console-fra.rpki-client.org