Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/us8dd-whrYGVaXBcowgq9ppUtPw.roa
File: us8dd-whrYGVaXBcowgq9ppUtPw.roa (raw, json)
Hash identifier: CrArI7rYAr8w89FDOLU27Hnb77c5M4VHTLvthw2sIFI=
Subject key identifier: BA:CF:1D:77:EC:21:AD:81:95:69:70:5C:A3:08:2A:F6:9A:54:B4:FC
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 018428DC3793EFE5D2B068B4DB16EF0FD55C
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/us8dd-whrYGVaXBcowgq9ppUtPw.roa
Signing time: Sun 30 Oct 2022 12:27:11 +0000
ROA not before: Sun 30 Oct 2022 12:27:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 399471
IP address blocks: 64.137.32.0/24 maxlen: 24
64.137.116.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:28:dc:37:93:ef:e5:d2:b0:68:b4:db:16:ef:0f:d5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 30 12:27:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bacf1d77ec21ad819569705ca3082af69a54b4fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:57:d3:0e:9c:4b:0d:9e:b9:57:ab:67:05:52:
23:f7:20:80:4c:2a:9e:6c:90:09:81:42:9a:b7:52:
3e:f8:7b:f1:92:0b:7e:8f:84:bd:e3:cb:a6:ee:42:
c5:50:66:6d:28:51:90:cb:f4:48:bf:46:bc:17:9c:
95:16:ad:98:89:19:0c:6d:e7:e0:e6:0f:9a:65:67:
6c:ec:26:dc:59:c1:9a:77:c3:4f:26:42:96:d2:89:
7a:3a:d9:e2:a7:78:c3:2f:ae:c8:01:fc:3e:f7:ac:
f8:d2:29:1c:ca:79:b8:c8:c7:da:10:e2:b2:80:82:
1e:b3:3e:b3:ad:4c:34:5e:dd:45:17:16:b1:b8:c2:
d6:86:a8:3a:ff:e0:79:8e:94:ad:60:03:31:25:9e:
dc:26:b8:06:73:3c:6d:67:4b:16:07:84:76:1c:14:
eb:21:79:0d:f1:11:64:13:0b:b2:5f:da:2d:c7:04:
73:9e:e8:65:b9:c7:d5:7c:35:e4:77:1c:ce:93:1c:
28:a9:31:81:7e:1b:19:9c:e8:9f:6f:ec:e5:b2:a7:
df:86:e7:ed:07:00:f5:7d:af:54:a9:bd:ec:d4:94:
0d:e9:bc:27:8b:c9:22:90:b4:9b:bf:a3:10:ef:a8:
de:eb:ef:00:86:28:ed:62:5d:ad:0e:a0:59:f8:b0:
2e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CF:1D:77:EC:21:AD:81:95:69:70:5C:A3:08:2A:F6:9A:54:B4:FC
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/us8dd-whrYGVaXBcowgq9ppUtPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.32.0/24
64.137.116.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:7d:76:9b:75:ac:a9:04:1a:c6:d7:dd:49:88:5b:57:08:88:
ba:0b:6f:aa:9b:ea:8e:22:d8:f9:75:f2:bb:58:30:7d:49:c7:
f0:cd:35:ec:48:77:7a:38:bf:9c:e9:22:6f:8c:f7:7a:86:d5:
7d:66:84:10:21:61:33:b8:09:a0:35:35:bb:51:40:94:06:fa:
30:21:a4:83:b5:1d:00:20:c3:c6:a0:a9:38:08:a5:0a:b4:2f:
4d:ae:d5:08:73:41:12:03:98:fa:52:1b:1d:80:a0:62:43:b6:
19:fe:93:7e:87:84:e4:70:d0:9e:e8:f3:bb:9d:08:7a:0a:68:
75:2c:2a:1c:50:e7:23:9c:1a:f7:f7:c1:71:48:4e:0b:18:4a:
de:d3:67:2a:1c:54:bf:65:5c:56:9f:4f:9c:94:51:74:bb:37:
d3:82:37:10:c7:fe:8f:4b:1b:5d:b4:c5:52:eb:21:41:b7:d0:
49:d0:0c:d7:e1:42:97:81:27:01:99:79:c7:29:0e:d7:59:bc:
f8:8a:25:a4:b6:52:7d:16:42:6b:67:9a:4b:0a:27:81:14:7b:
ae:b7:bf:3a:2c:3a:29:68:7e:98:f3:4c:0a:56:28:44:96:24:
73:45:82:26:0e:4b:9c:da:03:58:6f:ca:28:fc:df:1a:65:14:
12:62:4f:d6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQo3DeT7+XSsGi02xbvD9VcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjIxMDMwMTIyNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWNmMWQ3N2VjMjFhZDgxOTU2OTcwNWNhMzA4MmFmNjlhNTRiNGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilfTDpxLDZ65V6tnBVIj9yCATCqe
bJAJgUKat1I++Hvxkgt+j4S948um7kLFUGZtKFGQy/RIv0a8F5yVFq2YiRkMbefg
5g+aZWds7CbcWcGad8NPJkKW0ol6Otnip3jDL67IAfw+96z40ikcynm4yMfaEOKy
gIIesz6zrUw0Xt1FFxaxuMLWhqg6/+B5jpStYAMxJZ7cJrgGczxtZ0sWB4R2HBTr
IXkN8RFkEwuyX9otxwRznuhlucfVfDXkdxzOkxwoqTGBfhsZnOifb+zlsqffhuft
BwD1fa9Uqb3s1JQN6bwni8kikLSbv6MQ76je6+8AhijtYl2tDqBZ+LAuVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLrPHXfsIa2BlWlwXKMIKvaaVLT8MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvdXM4ZGQtd2hyWUdWYVhCY293Z3E5cHBVdFB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAQIkgAwQA
QIl0MA0GCSqGSIb3DQEBCwUAA4IBAQBrfXabdaypBBrG191JiFtXCIi6C2+qm+qO
Itj5dfK7WDB9ScfwzTXsSHd6OL+c6SJvjPd6htV9ZoQQIWEzuAmgNTW7UUCUBvow
IaSDtR0AIMPGoKk4CKUKtC9NrtUIc0ESA5j6UhsdgKBiQ7YZ/pN+h4TkcNCe6PO7
nQh6Cmh1LCocUOcjnBr398FxSE4LGEre02cqHFS/ZVxWn0+clFF0uzfTgjcQx/6P
SxtdtMVS6yFBt9BJ0AzX4UKXgScBmXnHKQ7XWbz4iiWktlJ9FkJrZ5pLCieBFHuu
t786LDopaH6Y80wKVihEliRzRYImDkuc2gNYb8oo/N8aZRQSYk/W
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:38 2023 by rpki-client on console-ams.rpki-client.org