Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9tsAUFdxtK7nT7k66MVCaye4bJQ.roa
File: 9tsAUFdxtK7nT7k66MVCaye4bJQ.roa (raw, json)
Hash identifier: PgCq+PF4NtGCMeIu5Nty0mGaqP24fJnqHIS7KZbmn/0=
Subject key identifier: F6:DB:00:50:57:71:B4:AE:E7:4F:B9:3A:E8:C5:42:6B:27:B8:6C:94
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0184BDD989EB1C17A024CDECECF82B475013
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9tsAUFdxtK7nT7k66MVCaye4bJQ.roa
Signing time: Mon 28 Nov 2022 10:47:40 +0000
ROA not before: Mon 28 Nov 2022 10:47:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8100
IP address blocks: 64.137.23.0/24 maxlen: 24
64.137.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bd:d9:89:eb:1c:17:a0:24:cd:ec:ec:f8:2b:47:50:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Nov 28 10:47:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f6db00505771b4aee74fb93ae8c5426b27b86c94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:31:d7:e3:31:a8:20:ff:5c:a5:aa:fb:aa:0f:
9f:c8:10:0a:2b:e3:92:31:eb:90:d9:e6:b9:9c:61:
10:e5:5e:41:8e:58:12:cc:80:e0:7d:d5:6f:8c:21:
17:aa:f5:1e:cb:a4:03:6b:8e:c4:62:a9:a6:5b:bd:
e5:3d:b1:d3:29:0b:52:6d:a1:25:41:7c:b4:58:7a:
3b:3b:a4:36:9f:b4:bf:38:02:1a:40:1f:b0:cd:44:
f5:31:c4:eb:81:5a:6e:c3:71:f6:28:e5:9b:3b:67:
32:34:ab:02:22:58:4c:59:2b:44:c7:b4:a5:0a:bd:
dd:13:14:64:50:82:ee:02:45:9b:a5:58:25:95:01:
11:db:5f:e2:df:1f:ec:a8:a6:d5:f7:bc:d4:03:cc:
e9:73:3a:96:10:64:85:3d:b0:48:98:69:49:93:30:
81:e1:88:14:5d:d9:7a:b9:20:23:d1:e3:f7:f2:7f:
f2:7d:07:a5:fe:7a:04:40:4c:9b:50:16:cf:1a:ed:
6f:ae:c3:8b:b6:c4:0a:af:9d:62:c8:09:12:6c:29:
f5:25:c6:79:fe:3c:25:84:4d:89:db:18:e2:9d:b0:
0b:7b:04:55:aa:85:50:f5:41:75:48:94:cc:52:bf:
5c:21:fb:42:a6:47:62:b1:22:35:90:50:ac:39:9f:
0d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:DB:00:50:57:71:B4:AE:E7:4F:B9:3A:E8:C5:42:6B:27:B8:6C:94
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/9tsAUFdxtK7nT7k66MVCaye4bJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.23.0/24
64.137.54.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:65:d8:35:7d:ca:ff:df:f1:97:34:5b:6f:44:a8:6b:af:c7:
16:ee:9e:ea:10:b4:19:85:2b:6b:39:40:b0:51:62:8c:29:8f:
c8:0d:c5:31:5d:c2:31:fa:bf:87:f8:cf:53:8c:97:50:95:2e:
14:aa:84:42:80:51:f8:1c:db:48:dd:86:99:01:95:d5:2b:0c:
7f:5a:8a:54:05:9b:02:f0:d2:28:ea:b5:27:84:18:d7:e7:b6:
70:16:c0:ea:73:84:01:d2:08:db:81:ec:b9:12:79:a2:ea:0d:
ae:30:85:4a:01:c0:29:4c:ec:94:03:da:f8:6c:19:3a:3a:1c:
94:65:27:4d:5d:3d:f4:77:5d:4b:0c:16:45:c3:3c:83:2c:5c:
ad:8a:1f:67:65:82:f2:53:87:b7:6e:bb:fb:0a:e0:7b:45:27:
ea:e4:28:14:29:28:1b:41:27:75:fa:31:a1:99:36:25:8c:28:
0e:2c:cb:7d:8f:6e:5f:b8:2d:aa:b1:eb:0b:5d:cc:c5:9a:17:
25:2f:d1:f8:2d:fd:9f:5c:bf:d6:34:8d:f8:e1:a6:bb:e1:0b:
86:c5:e7:ed:6e:d0:35:8d:c0:4a:65:a7:4f:30:e3:bc:e6:f4:
bc:ea:29:db:68:4f:63:0e:03:0d:69:6c:13:36:d4:f7:16:fa:
a9:e7:19:03
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYS92YnrHBegJM3s7PgrR1ATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMTI4MTA0NzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmRiMDA1MDU3NzFiNGFlZTc0ZmI5M2FlOGM1NDI2YjI3Yjg2Yzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjHX4zGoIP9cpar7qg+fyBAKK+OS
MeuQ2ea5nGEQ5V5BjlgSzIDgfdVvjCEXqvUey6QDa47EYqmmW73lPbHTKQtSbaEl
QXy0WHo7O6Q2n7S/OAIaQB+wzUT1McTrgVpuw3H2KOWbO2cyNKsCIlhMWStEx7Sl
Cr3dExRkUILuAkWbpVgllQER21/i3x/sqKbV97zUA8zpczqWEGSFPbBImGlJkzCB
4YgUXdl6uSAj0eP38n/yfQel/noEQEybUBbPGu1vrsOLtsQKr51iyAkSbCn1JcZ5
/jwlhE2J2xjinbALewRVqoVQ9UF1SJTMUr9cIftCpkdisSI1kFCsOZ8NmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPbbAFBXcbSu50+5OujFQmsnuGyUMB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvOXRzQVVGZHh0SzduVDdrNjZNVkNheWU0YkpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAQIkXAwQA
QIk2MA0GCSqGSIb3DQEBCwUAA4IBAQAuZdg1fcr/3/GXNFtvRKhrr8cW7p7qELQZ
hStrOUCwUWKMKY/IDcUxXcIx+r+H+M9TjJdQlS4UqoRCgFH4HNtI3YaZAZXVKwx/
WopUBZsC8NIo6rUnhBjX57ZwFsDqc4QB0gjbgey5Enmi6g2uMIVKAcApTOyUA9r4
bBk6OhyUZSdNXT30d11LDBZFwzyDLFytih9nZYLyU4e3brv7CuB7RSfq5CgUKSgb
QSd1+jGhmTYljCgOLMt9j25fuC2qsesLXczFmhclL9H4Lf2fXL/WNI344aa74QuG
xeftbtA1jcBKZadPMOO85vS86inbaE9jDgMNaWwTNtT3Fvqp5xkD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:56 2023 by rpki-client on console-fra.rpki-client.org