Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/APhO1rXSyj-HKwmJSFvxaTXtnFY.roa
File: APhO1rXSyj-HKwmJSFvxaTXtnFY.roa (raw, json)
Hash identifier: KEh53WovWNLZgWUA0pF5/foTdpUIytxZ374cqdlMC78=
Subject key identifier: 00:F8:4E:D6:B5:D2:CA:3F:87:2B:09:89:48:5B:F1:69:35:ED:9C:56
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 08AD3A25
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/APhO1rXSyj-HKwmJSFvxaTXtnFY.roa
Signing time: Mon 04 Jul 2022 10:59:18 +0000
ROA not before: Mon 04 Jul 2022 10:59:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16190
IP address blocks: 217.113.0.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145570341 (0x8ad3a25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Jul 4 10:59:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00f84ed6b5d2ca3f872b0989485bf16935ed9c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a7:b6:5d:ed:ad:ce:5d:79:07:12:a3:41:f1:
0f:b7:b6:7a:3e:c3:00:85:53:01:2c:79:39:06:fd:
df:e7:7f:48:02:0e:a3:b4:e4:94:0d:e3:dc:f2:36:
94:38:f5:70:c4:cb:ed:da:79:ae:a1:f2:30:21:bd:
92:f2:ca:e2:d2:1c:b4:5a:a4:5e:7e:45:b5:50:2d:
f2:7a:32:85:21:51:7a:8d:20:2b:aa:08:b1:0a:d6:
32:50:41:98:4a:0a:22:1f:ea:bf:06:55:a9:c3:b1:
a5:fd:16:a8:e7:3d:e8:b7:ec:c4:3b:4d:47:99:2a:
fe:72:7b:70:09:68:89:a0:51:38:ac:79:4d:d2:52:
d6:17:8d:24:c8:95:9f:90:10:63:86:81:eb:9d:6d:
58:c0:e4:1d:7d:72:34:31:1c:89:f5:9c:c7:f7:e1:
0c:8b:1b:15:9a:4d:ee:96:9c:83:93:da:3f:91:54:
8e:ef:38:0d:12:0c:60:24:72:e7:e1:a3:2b:be:87:
f2:bb:91:56:fa:ce:90:cd:65:98:e7:73:e0:86:9c:
6e:13:c2:bc:10:52:b5:8f:56:5d:27:1e:61:96:ac:
c0:bc:7e:d4:3f:c7:19:fa:4e:0f:9d:b8:47:7e:e4:
8a:9e:71:1d:6f:e2:5b:8a:b2:39:6e:f7:26:cb:49:
21:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F8:4E:D6:B5:D2:CA:3F:87:2B:09:89:48:5B:F1:69:35:ED:9C:56
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/APhO1rXSyj-HKwmJSFvxaTXtnFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.0.0/21
Signature Algorithm: sha256WithRSAEncryption
97:b2:71:26:6f:91:cc:cc:b5:c8:5b:db:b6:62:a7:b2:ee:cb:
57:df:1b:76:35:b7:b2:bd:fc:79:b1:98:f2:2e:bb:ae:ab:2b:
3f:fd:a6:05:47:84:61:35:3d:05:1f:a4:c8:d0:86:e8:0b:59:
d5:be:0f:9c:58:f9:b1:6c:bf:b4:2a:5f:b7:0a:c0:d1:23:c6:
5f:e0:67:9a:23:bf:e9:2b:dd:32:c2:bf:e0:e3:d3:e7:82:de:
61:c0:b1:c8:fa:5d:e5:5c:f6:05:37:03:c0:3c:50:07:53:58:
56:81:8a:8e:a2:75:c8:39:9f:35:c1:06:01:0d:9f:ad:bd:30:
06:e9:be:38:e0:40:b5:4b:a6:37:5e:65:48:0a:8d:94:3e:08:
bb:e9:1c:f4:c4:29:b2:61:8b:0e:da:7d:09:8f:52:28:8e:82:
c0:5c:b2:ad:e6:4a:d7:0a:63:4d:63:4f:fd:96:df:07:66:18:
38:32:c7:22:04:40:55:bd:4b:f7:36:bb:0f:67:69:e9:38:78:
22:f6:fa:29:bd:86:ef:ce:4d:58:f2:d0:4a:a5:c3:2f:50:f9:
28:03:12:ab:81:4d:13:42:51:a8:9d:54:5d:89:a2:a1:c2:28:
f0:33:79:3f:87:d9:ce:e4:eb:11:f8:e5:c0:b3:1c:2b:50:41:
f5:a2:a2:d2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECK06JTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
M2U4ZjRlZDVkZDA2MzAxYzQyMzk4OGU3ODZkYWJmNTFjNWY1Njc0MB4XDTIyMDcw
NDEwNTkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDBmODRlZDZiNWQy
Y2EzZjg3MmIwOTg5NDg1YmYxNjkzNWVkOWM1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAImntl3trc5deQcSo0HxD7e2ej7DAIVTASx5OQb93+d/SAIO
o7TklA3j3PI2lDj1cMTL7dp5rqHyMCG9kvLK4tIctFqkXn5FtVAt8noyhSFReo0g
K6oIsQrWMlBBmEoKIh/qvwZVqcOxpf0WqOc96LfsxDtNR5kq/nJ7cAloiaBROKx5
TdJS1heNJMiVn5AQY4aB651tWMDkHX1yNDEcifWcx/fhDIsbFZpN7pacg5PaP5FU
ju84DRIMYCRy5+GjK76H8ruRVvrOkM1lmOdz4IacbhPCvBBStY9WXSceYZaswLx+
1D/HGfpOD524R37kip5xHW/iW4qyOW73JstJIcUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQA+E7WtdLKP4crCYlIW/FpNe2cVjAfBgNVHSMEGDAWgBST6PTtXdBjAcQj
mI54bav1HF9WdDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2stajA3VjNRWXdIRUk1aU9lRzJyOVJ4ZlZuUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGIvYTc4OTc5LWRkMjQtNGJlNy04MTk0LTFmYzE5ZWE3M2EyYS8x
L0FQaE8xclhTeWotSEt3bUpTRnZ4YVRYdG5GWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGIv
YTc4OTc5LWRkMjQtNGJlNy04MTk0LTFmYzE5ZWE3M2EyYS8xL2stajA3VjNRWXdI
RUk1aU9lRzJyOVJ4ZlZuUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9lxADANBgkqhkiG9w0BAQsFAAOC
AQEAl7JxJm+RzMy1yFvbtmKnsu7LV98bdjW3sr38ebGY8i67rqsrP/2mBUeEYTU9
BR+kyNCG6AtZ1b4PnFj5sWy/tCpftwrA0SPGX+BnmiO/6SvdMsK/4OPT54LeYcCx
yPpd5Vz2BTcDwDxQB1NYVoGKjqJ1yDmfNcEGAQ2frb0wBum+OOBAtUumN15lSAqN
lD4Iu+kc9MQpsmGLDtp9CY9SKI6CwFyyreZK1wpjTWNP/ZbfB2YYODLHIgRAVb1L
9za7D2dp6Th4Ivb6Kb2G785NWPLQSqXDL1D5KAMSq4FNE0JRqJ1UXYmiocIo8DN5
P4fZzuTrEfjlwLMcK1BB9aKi0g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:23 2023 by rpki-client on console-ams.rpki-client.org