Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/b7e78d-67d5-45af-b448-175383e82ef2/1/tKRImHws0Xk5EgfzqusOTv9MchU.roa
File: tKRImHws0Xk5EgfzqusOTv9MchU.roa (raw, json)
Hash identifier: nwmkDVqjqP8RyGYLOPQc2Xk6r+WLH1WU/ltaShcKuTs=
Subject key identifier: B4:A4:48:98:7C:2C:D1:79:39:12:07:F3:AA:EB:0E:4E:FF:4C:72:15
Certificate issuer: /CN=866dee727e83997c0203c0f718d33b93d77d821d
Certificate serial: 01821F8A2535380168D49DB14E1AED8E202A
Authority key identifier: 86:6D:EE:72:7E:83:99:7C:02:03:C0:F7:18:D3:3B:93:D7:7D:82:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hm3ucn6DmXwCA8D3GNM7k9d9gh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/b7e78d-67d5-45af-b448-175383e82ef2/1/tKRImHws0Xk5EgfzqusOTv9MchU.roa
Signing time: Thu 21 Jul 2022 06:55:23 +0000
ROA not before: Thu 21 Jul 2022 06:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 195.64.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1f:8a:25:35:38:01:68:d4:9d:b1:4e:1a:ed:8e:20:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=866dee727e83997c0203c0f718d33b93d77d821d
Validity
Not Before: Jul 21 06:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4a448987c2cd179391207f3aaeb0e4eff4c7215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a0:02:62:d7:12:7e:d5:3f:ea:e5:83:f5:51:
60:ff:97:98:1a:b6:43:ce:8a:34:6c:f7:38:26:2b:
62:52:c0:54:0d:53:fb:7c:b0:a1:8e:c6:be:72:57:
84:59:86:21:50:a7:ae:e4:b4:dd:86:21:61:8f:a0:
e7:ad:fb:ac:01:c7:20:ab:bb:01:d4:e1:9e:13:9c:
c1:68:08:c3:f2:ca:03:fc:f8:03:71:bf:f1:e4:81:
a7:63:ac:0d:85:7c:29:47:a3:91:53:c0:ba:22:60:
e3:86:34:98:ef:56:81:39:00:d4:22:54:94:42:b7:
6c:fb:25:01:78:bf:53:48:af:b5:b1:98:55:cf:d0:
e4:ed:92:44:47:ad:2c:43:03:63:31:d3:8c:95:79:
21:f0:be:db:36:1a:66:46:98:8f:0c:9a:93:a3:d2:
75:ab:1d:f5:e7:7b:34:da:dd:07:ab:54:87:2a:b1:
ea:59:1b:88:f8:23:eb:c5:0a:52:42:a9:ea:1d:06:
a1:66:43:ad:be:7f:5a:92:1c:3f:d0:08:71:f1:70:
9b:36:0b:db:82:5d:58:3f:d3:a4:07:dd:17:b4:31:
44:8c:04:34:db:05:31:78:f5:ea:45:d3:99:98:0d:
72:87:6c:78:13:18:55:f1:a4:6c:3b:43:7e:c6:a7:
15:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A4:48:98:7C:2C:D1:79:39:12:07:F3:AA:EB:0E:4E:FF:4C:72:15
X509v3 Authority Key Identifier:
keyid:86:6D:EE:72:7E:83:99:7C:02:03:C0:F7:18:D3:3B:93:D7:7D:82:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hm3ucn6DmXwCA8D3GNM7k9d9gh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b7e78d-67d5-45af-b448-175383e82ef2/1/tKRImHws0Xk5EgfzqusOTv9MchU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/b7e78d-67d5-45af-b448-175383e82ef2/1/hm3ucn6DmXwCA8D3GNM7k9d9gh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.64.123.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:9e:0a:9e:ed:dc:7c:63:f1:5e:e4:fe:ea:b7:ce:79:a0:45:
cd:d4:91:bd:4f:e7:9d:03:f7:7c:55:ec:ee:59:2a:b9:b3:54:
52:d2:75:95:45:b5:8c:18:a9:8f:ae:44:6d:04:33:be:4a:17:
87:9f:4a:d2:47:ef:06:4b:5e:f0:4f:8e:47:35:8a:9e:10:55:
21:0a:6b:d1:1e:61:a2:41:c8:37:97:57:0e:1c:de:68:78:32:
b5:b7:77:26:d4:35:dd:eb:15:a7:ab:6e:08:bb:6b:a3:dc:6d:
14:30:31:74:eb:72:da:b8:5f:c4:89:94:ab:30:dd:87:11:61:
02:8c:a1:a3:26:28:8b:d2:0b:ff:b2:2c:23:29:24:8f:b5:e2:
75:f1:e0:d3:3a:73:63:0a:d7:0a:56:f1:bd:f8:68:45:29:6c:
69:24:2a:66:54:04:b0:14:ba:b5:21:cd:72:f1:64:30:32:4c:
bc:43:0b:d0:f3:1e:4c:b7:7a:2b:e1:b3:dd:17:29:f6:36:10:
a6:ea:38:54:66:dd:4e:96:38:4e:68:4b:53:15:87:16:1f:32:
24:ee:fc:48:d8:af:be:64:87:ca:3b:dc:bd:74:59:83:c7:8b:
03:2e:83:20:4a:74:f0:3d:8c:cb:29:73:96:71:3d:73:9d:e4:
58:22:90:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIfiiU1OAFo1J2xThrtjiAqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NmRlZTcyN2U4Mzk5N2MwMjAzYzBmNzE4ZDMzYjkzZDc3
ZDgyMWQwHhcNMjIwNzIxMDY1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGE0NDg5ODdjMmNkMTc5MzkxMjA3ZjNhYWViMGU0ZWZmNGM3MjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraACYtcSftU/6uWD9VFg/5eYGrZD
zoo0bPc4JitiUsBUDVP7fLChjsa+cleEWYYhUKeu5LTdhiFhj6DnrfusAccgq7sB
1OGeE5zBaAjD8soD/PgDcb/x5IGnY6wNhXwpR6ORU8C6ImDjhjSY71aBOQDUIlSU
Qrds+yUBeL9TSK+1sZhVz9Dk7ZJER60sQwNjMdOMlXkh8L7bNhpmRpiPDJqTo9J1
qx3153s02t0Hq1SHKrHqWRuI+CPrxQpSQqnqHQahZkOtvn9akhw/0Ahx8XCbNgvb
gl1YP9OkB90XtDFEjAQ02wUxePXqRdOZmA1yh2x4ExhV8aRsO0N+xqcV5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSkSJh8LNF5ORIH86rrDk7/THIVMB8GA1UdIwQY
MBaAFIZt7nJ+g5l8AgPA9xjTO5PXfYIdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaG0zdWNuNkRtWHdDQThEM0dOTTdrOWQ5Z2gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9iN2U3OGQtNjdkNS00NWFmLWI0NDgt
MTc1MzgzZTgyZWYyLzEvdEtSSW1Id3MwWGs1RWdmenF1c09UdjlNY2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9iN2U3OGQtNjdkNS00NWFmLWI0NDgtMTc1MzgzZTgyZWYy
LzEvaG0zdWNuNkRtWHdDQThEM0dOTTdrOWQ5Z2gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0B7MA0G
CSqGSIb3DQEBCwUAA4IBAQC8ngqe7dx8Y/Fe5P7qt855oEXN1JG9T+edA/d8Vezu
WSq5s1RS0nWVRbWMGKmPrkRtBDO+SheHn0rSR+8GS17wT45HNYqeEFUhCmvRHmGi
Qcg3l1cOHN5oeDK1t3cm1DXd6xWnq24Iu2uj3G0UMDF063LauF/EiZSrMN2HEWEC
jKGjJiiL0gv/siwjKSSPteJ18eDTOnNjCtcKVvG9+GhFKWxpJCpmVASwFLq1Ic1y
8WQwMky8QwvQ8x5Mt3or4bPdFyn2NhCm6jhUZt1OljhOaEtTFYcWHzIk7vxI2K++
ZIfKO9y9dFmDx4sDLoMgSnTwPYzLKXOWcT1zneRYIpCL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:17 2023 by rpki-client on console-ams.rpki-client.org