Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/So9cLQlxYwxhPHED3hLG2SMPyrA.roa
File: So9cLQlxYwxhPHED3hLG2SMPyrA.roa (raw, json)
Hash identifier: mdzAkXfRLbXAeyd/A7d4/NPrDkFVlEUeP0S+VX6D504=
Subject key identifier: 4A:8F:5C:2D:09:71:63:0C:61:3C:71:03:DE:12:C6:D9:23:0F:CA:B0
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 01D11E58
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/So9cLQlxYwxhPHED3hLG2SMPyrA.roa
Signing time: Thu 03 Mar 2022 11:05:16 +0000
ROA not before: Thu 03 Mar 2022 11:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 138.128.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 30482008 (0x1d11e58)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Mar 3 11:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4a8f5c2d0971630c613c7103de12c6d9230fcab0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:6f:de:a5:84:30:f6:ed:b5:86:99:7c:c9:8d:
f0:54:c2:d2:5b:15:0d:ac:b0:18:29:a2:e6:65:48:
d5:7b:6d:e7:99:2b:37:29:79:04:d3:40:02:41:9e:
c8:a8:d2:1c:61:35:ff:4b:c0:ec:62:d1:93:ac:08:
6e:bb:1a:06:e7:3c:8d:1c:20:e7:81:f5:9c:d0:09:
f6:64:ab:87:18:16:65:3d:7e:e1:75:75:70:77:59:
3e:98:80:ef:bc:71:7d:87:cd:c2:aa:c2:11:59:47:
06:95:57:7e:41:cf:b1:ea:dd:ae:25:20:75:50:fd:
27:85:e2:cc:74:a2:05:a1:ef:96:91:db:e6:15:ec:
4c:7a:b3:04:e0:18:16:54:6a:2c:ac:b9:2b:06:6d:
ed:3f:ed:e7:ce:e0:17:6b:b7:d5:26:96:8e:3b:ed:
8d:7d:a7:08:74:de:f4:04:c6:4b:08:24:c3:ba:41:
1b:e4:07:6a:78:3a:4d:ae:c5:c7:88:ab:ba:77:9d:
f3:5c:c1:a9:d1:e6:08:06:23:35:5f:f6:90:01:fc:
29:11:b2:60:43:c1:c1:b6:13:26:80:07:ba:8d:99:
de:33:6f:d5:77:47:10:6a:bb:7f:c3:0c:7a:77:27:
6a:31:4a:35:8e:ce:fb:5e:95:1e:af:e5:3f:25:ff:
65:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:8F:5C:2D:09:71:63:0C:61:3C:71:03:DE:12:C6:D9:23:0F:CA:B0
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/So9cLQlxYwxhPHED3hLG2SMPyrA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.128.148.0/24
Signature Algorithm: sha256WithRSAEncryption
04:52:cf:2e:2f:36:6f:53:0e:0b:9b:ca:51:aa:68:a2:98:c8:
5b:a2:fa:1e:fd:f9:64:22:87:24:86:2b:ec:a0:04:ff:50:d6:
a4:4b:fc:ff:23:3a:fb:46:75:f3:46:58:40:5f:27:0b:dc:c3:
70:6c:df:4e:e8:42:24:d0:a8:f5:59:67:2e:4a:a1:01:72:b5:
ed:67:b8:07:5f:f8:9d:ba:f9:09:1e:d7:41:b6:58:dc:29:fd:
0c:89:19:87:f0:37:e0:2d:ba:7d:3e:f4:49:b0:a4:28:b4:4a:
f4:bf:d5:f9:59:6a:56:2c:23:b8:71:0d:f8:1a:8d:04:3e:15:
92:12:23:5c:1e:7a:7a:b1:24:ee:f2:11:a0:34:76:92:07:51:
f8:ec:d5:fa:f2:db:e4:6a:45:c9:dc:4e:c1:71:81:66:3e:5b:
b1:29:9b:d6:44:5a:a8:a3:af:b1:ba:85:0b:5c:db:f0:25:1d:
0a:fd:a3:94:56:4f:7e:a5:65:6f:65:aa:db:1c:75:78:06:ea:
49:80:ae:a1:b1:3a:68:c3:96:11:56:a4:7e:3d:19:c9:3c:5b:
cb:83:c9:05:30:67:a7:a1:a4:b4:5d:9a:ff:21:2d:af:77:e9:
f1:49:73:6f:a7:f5:e1:8c:b5:da:78:22:44:23:17:dc:ad:47:
25:27:b2:6a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAdEeWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDU4MWU2NzNkODBmNzQ3NDkzNmIyMTMzN2VhZmNjMWJkYzM4NWU5MB4XDTIyMDMw
MzExMDUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGE4ZjVjMmQwOTcx
NjMwYzYxM2M3MTAzZGUxMmM2ZDkyMzBmY2FiMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxv3qWEMPbttYaZfMmN8FTC0lsVDaywGCmi5mVI1Xtt55kr
Nyl5BNNAAkGeyKjSHGE1/0vA7GLRk6wIbrsaBuc8jRwg54H1nNAJ9mSrhxgWZT1+
4XV1cHdZPpiA77xxfYfNwqrCEVlHBpVXfkHPserdriUgdVD9J4XizHSiBaHvlpHb
5hXsTHqzBOAYFlRqLKy5KwZt7T/t587gF2u31SaWjjvtjX2nCHTe9ATGSwgkw7pB
G+QHang6Ta7Fx4iruned81zBqdHmCAYjNV/2kAH8KRGyYEPBwbYTJoAHuo2Z3jNv
1XdHEGq7f8MMencnajFKNY7O+16VHq/lPyX/ZY8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRKj1wtCXFjDGE8cQPeEsbZIw/KsDAfBgNVHSMEGDAWgBRgWB5nPYD3R0k2
shM36vzBvcOF6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lGZ2VaejJBOTBkSk5ySVROLXI4d2IzRGhlay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8x
L1NvOWNMUWx4WXd4aFBIRUQzaExHMlNNUHlyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmRkNjMzLWM2NTgtNDljNS05ZThmLWZiMDc5NTVmM2FhYS8xL1lGZ2VaejJBOTBk
Sk5ySVROLXI4d2IzRGhlay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIqAlDANBgkqhkiG9w0BAQsFAAOC
AQEABFLPLi82b1MOC5vKUapoopjIW6L6Hv35ZCKHJIYr7KAE/1DWpEv8/yM6+0Z1
80ZYQF8nC9zDcGzfTuhCJNCo9VlnLkqhAXK17We4B1/4nbr5CR7XQbZY3Cn9DIkZ
h/A34C26fT70SbCkKLRK9L/V+VlqViwjuHEN+BqNBD4VkhIjXB56erEk7vIRoDR2
kgdR+OzV+vLb5GpFydxOwXGBZj5bsSmb1kRaqKOvsbqFC1zb8CUdCv2jlFZPfqVl
b2Wq2xx1eAbqSYCuobE6aMOWEVakfj0ZyTxby4PJBTBnp6GktF2a/yEtr3fp8Ulz
b6f14Yy12ngiRCMX3K1HJSeyag==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org