Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/9ROUIS1ta3i_IbKL8kHYhM_iyaE.roa
File: 9ROUIS1ta3i_IbKL8kHYhM_iyaE.roa (raw, json)
Hash identifier: FQW0R/Td2VQsL50eoWvRS3omR4c69w8qHiTl4cP0gRw=
Subject key identifier: F5:13:94:21:2D:6D:6B:78:BF:21:B2:8B:F2:41:D8:84:CF:E2:C9:A1
Certificate issuer: /CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Certificate serial: 0182A97C0CC5FAC07D7FF3FF89C951E03485
Authority key identifier: 8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/9ROUIS1ta3i_IbKL8kHYhM_iyaE.roa
Signing time: Wed 17 Aug 2022 01:47:35 +0000
ROA not before: Wed 17 Aug 2022 01:47:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207710
IP address blocks: 178.171.48.0/23 maxlen: 23
178.171.50.0/23 maxlen: 23
178.171.62.0/23 maxlen: 23
178.171.60.0/23 maxlen: 23
158.46.188.0/22 maxlen: 24
178.171.104.0/24 maxlen: 24
158.46.196.0/22 maxlen: 22
178.171.0.0/20 maxlen: 20
178.171.119.0/24 maxlen: 24
178.171.20.0/22 maxlen: 24
178.171.32.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:a9:7c:0c:c5:fa:c0:7d:7f:f3:ff:89:c9:51:e0:34:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d11cb015df9baab61228dbbce17dd4e00e63c13
Validity
Not Before: Aug 17 01:47:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f51394212d6d6b78bf21b28bf241d884cfe2c9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:81:06:bc:50:ec:8f:cd:cb:74:be:fc:ae:65:
70:a4:9f:27:a3:20:67:a9:de:b2:d0:fd:ad:3f:3c:
a7:4b:c8:9d:6b:9a:f7:67:e5:c4:5a:73:f1:16:06:
4a:3d:4a:d0:9a:29:f3:af:d6:8e:d5:32:b2:06:7a:
be:c0:c6:06:5e:2b:5d:05:31:f5:45:93:30:d0:23:
8f:b5:6b:11:94:e4:da:f7:2e:84:d7:72:b1:dd:48:
69:77:e0:9d:33:dd:54:65:80:43:92:f9:53:c6:f4:
99:00:bf:30:78:d1:2c:7f:76:9c:5b:d2:e5:18:39:
11:01:6d:45:96:fd:3e:63:50:fc:c1:ac:c2:3c:db:
87:27:f7:79:5e:26:48:a9:5a:e6:42:db:00:f0:77:
1f:d8:18:68:8f:7e:27:9c:ad:77:cd:15:db:8b:80:
7d:80:37:4b:09:55:31:0c:d7:fd:cf:c2:56:b6:f1:
b9:52:d6:db:9e:70:2e:4f:50:d4:50:df:90:3c:c9:
9a:a0:63:33:3b:b4:a4:ca:5d:78:3a:d8:e0:c1:a5:
a3:89:b8:2e:65:10:89:f1:c2:b6:70:61:78:a9:b7:
b6:66:2e:4c:24:92:54:51:ae:66:f1:d3:73:61:87:
d9:80:3f:9e:9c:5f:82:93:5e:4f:42:ca:73:13:2a:
58:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:13:94:21:2D:6D:6B:78:BF:21:B2:8B:F2:41:D8:84:CF:E2:C9:A1
X509v3 Authority Key Identifier:
keyid:8D:11:CB:01:5D:F9:BA:AB:61:22:8D:BB:CE:17:DD:4E:00:E6:3C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRHLAV35uqthIo27zhfdTgDmPBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/9ROUIS1ta3i_IbKL8kHYhM_iyaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/5d8915-c448-40e7-8caa-ba771ffd269c/1/jRHLAV35uqthIo27zhfdTgDmPBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.46.188.0/22
158.46.196.0/22
178.171.0.0/20
178.171.20.0/22
178.171.32.0/22
178.171.48.0/22
178.171.60.0/22
178.171.104.0/24
178.171.119.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:11:f1:91:d0:dc:2a:31:96:64:cb:8d:3d:92:11:94:94:ef:
55:ca:61:74:1b:60:b4:5c:bc:ca:64:9d:5e:25:25:10:b8:ff:
a9:2d:fb:98:f6:10:7c:89:f0:dd:a1:7d:dd:82:d4:75:2d:16:
3f:38:ce:c2:ef:82:f5:ff:83:cf:fa:ca:56:cc:04:13:91:fb:
75:09:d2:81:86:d0:5b:99:92:89:d2:9e:f5:41:59:08:fb:cf:
e7:4e:8a:d8:de:c8:73:bd:5a:c9:48:0a:49:8c:12:6f:75:d3:
4d:3f:be:e1:1e:26:34:22:4b:22:06:9f:d8:e4:3a:24:ac:4d:
ad:e5:0c:47:17:9b:85:c3:d8:1d:eb:97:cd:f3:0e:12:cc:cf:
c4:72:ba:0a:37:ee:57:a0:ac:9d:9c:bf:e1:76:1a:60:71:73:
57:b9:5b:06:4b:b5:4f:74:c2:27:67:dc:90:5d:ad:cc:0b:df:
9b:b8:f5:fe:23:03:88:9d:16:56:9a:67:7a:96:86:63:cf:74:
1e:0d:28:f6:5d:2e:36:56:bf:87:88:4c:c3:90:29:d9:29:fa:
60:89:34:e8:2d:c3:46:67:33:99:e7:c1:ab:c0:88:69:b0:c7:
26:9b:40:a6:a9:46:73:a3:1f:09:59:a5:3c:44:37:be:2e:2b:
40:80:40:73
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYKpfAzF+sB9f/P/iclR4DSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMTFjYjAxNWRmOWJhYWI2MTIyOGRiYmNlMTdkZDRlMDBl
NjNjMTMwHhcNMjIwODE3MDE0NzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTEzOTQyMTJkNmQ2Yjc4YmYyMWIyOGJmMjQxZDg4NGNmZTJjOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YEGvFDsj83LdL78rmVwpJ8noyBn
qd6y0P2tPzynS8ida5r3Z+XEWnPxFgZKPUrQminzr9aO1TKyBnq+wMYGXitdBTH1
RZMw0COPtWsRlOTa9y6E13Kx3Uhpd+CdM91UZYBDkvlTxvSZAL8weNEsf3acW9Ll
GDkRAW1Flv0+Y1D8wazCPNuHJ/d5XiZIqVrmQtsA8Hcf2Bhoj34nnK13zRXbi4B9
gDdLCVUxDNf9z8JWtvG5UtbbnnAuT1DUUN+QPMmaoGMzO7Skyl14OtjgwaWjibgu
ZRCJ8cK2cGF4qbe2Zi5MJJJUUa5m8dNzYYfZgD+enF+Ck15PQspzEypYBQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPUTlCEtbWt4vyGyi/JB2ITP4smhMB8GA1UdIwQY
MBaAFI0RywFd+bqrYSKNu84X3U4A5jwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEt
YmE3NzFmZmQyNjljLzEvOVJPVUlTMXRhM2lfSWJLTDhrSFloTV9peWFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni81ZDg5MTUtYzQ0OC00MGU3LThjYWEtYmE3NzFmZmQyNjlj
LzEvalJITEFWMzV1cXRoSW8yN3poZmRUZ0RtUEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCni68AwQC
ni7EAwQEsqsAAwQCsqsUAwQCsqsgAwQCsqswAwQCsqs8AwQAsqtoAwQAsqt3MA0G
CSqGSIb3DQEBCwUAA4IBAQC7EfGR0NwqMZZky409khGUlO9VymF0G2C0XLzKZJ1e
JSUQuP+pLfuY9hB8ifDdoX3dgtR1LRY/OM7C74L1/4PP+spWzAQTkft1CdKBhtBb
mZKJ0p71QVkI+8/nTorY3shzvVrJSApJjBJvddNNP77hHiY0IksiBp/Y5DokrE2t
5QxHF5uFw9gd65fN8w4SzM/EcroKN+5XoKydnL/hdhpgcXNXuVsGS7VPdMInZ9yQ
Xa3MC9+buPX+IwOInRZWmmd6loZjz3QeDSj2XS42Vr+HiEzDkCnZKfpgiTToLcNG
ZzOZ58GrwIhpsMcmm0CmqUZzox8JWaU8RDe+LitAgEBz
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:04 2023 by rpki-client on console-ams.rpki-client.org