Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/37cde7-e98c-4f26-9dd3-434f74d499d7/1/ot2Pxode8zZ3eGDteLI5cGW2Qps.roa
File: ot2Pxode8zZ3eGDteLI5cGW2Qps.roa (raw, json)
Hash identifier: ygHYkDkajPa1RWEiZ5gj7CoRHAI6fZZNGjUhAHGW4xs=
Subject key identifier: A2:DD:8F:C6:87:5E:F3:36:77:78:60:ED:78:B2:39:70:65:B6:42:9B
Certificate issuer: /CN=2307e7974fb8312a2e6aaa996f5ef8474a53107c
Certificate serial: 626A3E
Authority key identifier: 23:07:E7:97:4F:B8:31:2A:2E:6A:AA:99:6F:5E:F8:47:4A:53:10:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iwfnl0-4MSouaqqZb174R0pTEHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/37cde7-e98c-4f26-9dd3-434f74d499d7/1/ot2Pxode8zZ3eGDteLI5cGW2Qps.roa
Signing time: Sat 01 Jan 2022 00:54:17 +0000
ROA not before: Sat 01 Jan 2022 00:54:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 146.19.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6449726 (0x626a3e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2307e7974fb8312a2e6aaa996f5ef8474a53107c
Validity
Not Before: Jan 1 00:54:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2dd8fc6875ef336777860ed78b2397065b6429b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f6:ef:97:49:09:74:2b:44:64:4b:e0:5d:f2:
10:e8:08:9c:ac:1e:2f:02:86:57:2b:7a:86:bc:ca:
d7:c4:7f:d6:d5:0b:d5:69:4c:d6:88:46:9c:89:76:
58:91:28:08:0d:d2:dc:30:41:51:71:13:5b:7f:31:
8f:66:65:7e:0e:a9:f0:03:ac:7e:58:f7:f9:af:c2:
ac:9d:f7:9a:c1:13:cf:81:53:bc:fc:61:09:b7:17:
68:18:53:7c:4e:a2:a8:cd:d1:00:fb:f4:fe:f6:74:
c1:65:9f:41:e9:c4:bc:7e:ca:c4:a2:02:53:2c:fd:
69:4e:59:df:43:20:dd:57:05:7f:06:21:4b:94:97:
dc:63:9b:6d:27:ad:82:04:39:e2:5c:41:aa:91:ef:
12:d0:e6:20:6e:61:9f:52:c8:ef:0c:8a:ee:58:0e:
9d:1c:3c:a1:13:45:c6:f8:07:29:b1:ec:9d:f1:c7:
dc:24:2f:02:5d:e4:8e:47:2b:ae:43:43:4a:38:1b:
b3:ae:92:a1:93:06:26:d1:52:05:04:1a:93:8a:7a:
5b:83:ae:43:00:72:0a:d8:2a:d7:f1:f0:e3:83:07:
a3:cd:80:e5:81:8b:d6:1c:bd:46:75:ef:f0:af:ce:
60:de:f7:cd:1d:ec:41:bf:cb:8e:e4:a9:e7:23:e3:
8f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DD:8F:C6:87:5E:F3:36:77:78:60:ED:78:B2:39:70:65:B6:42:9B
X509v3 Authority Key Identifier:
keyid:23:07:E7:97:4F:B8:31:2A:2E:6A:AA:99:6F:5E:F8:47:4A:53:10:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iwfnl0-4MSouaqqZb174R0pTEHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37cde7-e98c-4f26-9dd3-434f74d499d7/1/ot2Pxode8zZ3eGDteLI5cGW2Qps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/37cde7-e98c-4f26-9dd3-434f74d499d7/1/Iwfnl0-4MSouaqqZb174R0pTEHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.189.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ed:83:68:55:49:09:e7:d6:08:f1:9a:1b:31:bd:86:78:79:
b5:40:df:bd:ea:8f:9b:f1:a7:5a:c8:ce:e5:b5:f5:54:d5:c0:
1c:cc:66:42:98:7d:14:21:99:a0:46:b0:c0:89:cb:97:ec:c5:
29:86:f6:c4:1b:69:ed:96:07:59:92:ca:03:ef:1f:76:c6:82:
3f:ed:8f:a3:c6:94:8a:b5:bc:ff:a1:d0:26:d9:dc:be:37:e2:
55:d3:94:cc:46:30:c1:72:61:45:b3:64:93:87:78:97:15:3f:
83:22:2f:74:40:62:e5:8f:56:84:f8:f9:7f:a9:99:39:8b:ca:
df:ee:86:ef:d8:4c:b9:b3:14:f2:d8:69:16:31:6a:b8:91:70:
bb:0a:2d:e6:c8:80:13:c9:a8:ee:90:fe:a0:82:f5:be:de:c9:
05:fb:85:02:21:f6:9d:4f:e1:ad:63:6b:df:02:d4:c1:34:bf:
92:01:6b:ff:30:b5:67:b2:01:65:4f:14:70:b1:e5:8c:fe:bf:
2b:c8:b8:53:a5:a0:c6:f0:01:f8:17:2e:e4:95:23:52:5d:98:
67:9a:61:56:45:ff:83:99:61:03:ac:cd:02:0d:b4:02:c9:d9:
34:bd:8a:c2:a5:7e:14:27:93:07:6a:30:17:49:1b:af:70:e5:
10:ef:4f:8a
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDYmo+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIz
MDdlNzk3NGZiODMxMmEyZTZhYWE5OTZmNWVmODQ3NGE1MzEwN2MwHhcNMjIwMTAx
MDA1NDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhMmRkOGZjNjg3NWVm
MzM2Nzc3ODYwZWQ3OGIyMzk3MDY1YjY0MjliMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAt/bvl0kJdCtEZEvgXfIQ6AicrB4vAoZXK3qGvMrXxH/W1QvV
aUzWiEaciXZYkSgIDdLcMEFRcRNbfzGPZmV+DqnwA6x+WPf5r8KsnfeawRPPgVO8
/GEJtxdoGFN8TqKozdEA+/T+9nTBZZ9B6cS8fsrEogJTLP1pTlnfQyDdVwV/BiFL
lJfcY5ttJ62CBDniXEGqke8S0OYgbmGfUsjvDIruWA6dHDyhE0XG+Acpseyd8cfc
JC8CXeSORyuuQ0NKOBuzrpKhkwYm0VIFBBqTinpbg65DAHIK2CrX8fDjgwejzYDl
gYvWHL1Gde/wr85g3vfNHexBv8uO5KnnI+OPVwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFKLdj8aHXvM2d3hg7XiyOXBltkKbMB8GA1UdIwQYMBaAFCMH55dPuDEqLmqq
mW9e+EdKUxB8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SXdmbmwwLTRNU291YXFxWmIxNzRSMHBURUh3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC81Yi8zN2NkZTctZTk4Yy00ZjI2LTlkZDMtNDM0Zjc0ZDQ5OWQ3LzEv
b3QyUHhvZGU4elozZUdEdGVMSTVjR1cyUXBzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8z
N2NkZTctZTk4Yy00ZjI2LTlkZDMtNDM0Zjc0ZDQ5OWQ3LzEvSXdmbmwwLTRNU291
YXFxWmIxNzRSMHBURUh3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhO9MA0GCSqGSIb3DQEBCwUAA4IB
AQAq7YNoVUkJ59YI8ZobMb2GeHm1QN+96o+b8adayM7ltfVU1cAczGZCmH0UIZmg
RrDAicuX7MUphvbEG2ntlgdZksoD7x92xoI/7Y+jxpSKtbz/odAm2dy+N+JV05TM
RjDBcmFFs2STh3iXFT+DIi90QGLlj1aE+Pl/qZk5i8rf7obv2Ey5sxTy2GkWMWq4
kXC7Ci3myIATyajukP6ggvW+3skF+4UCIfadT+GtY2vfAtTBNL+SAWv/MLVnsgFl
TxRwseWM/r8ryLhTpaDG8AH4Fy7klSNSXZhnmmFWRf+DmWEDrM0CDbQCydk0vYrC
pX4UJ5MHajAXSRuvcOUQ70+K
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:39 2023 by rpki-client on console-ams.rpki-client.org