Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/8GrnM4AZwsbdGW1cySfli3W5mP0.roa
File: 8GrnM4AZwsbdGW1cySfli3W5mP0.roa (raw, json)
Hash identifier: hOr5ZYKrJmLJWjtylW44GUOENZe4mXAc2B0TcvPs/P0=
Subject key identifier: F0:6A:E7:33:80:19:C2:C6:DD:19:6D:5C:C9:27:E5:8B:75:B9:98:FD
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 0182D5A6B8C769E97DAB58E4806B3729A42F
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/8GrnM4AZwsbdGW1cySfli3W5mP0.roa
Signing time: Thu 25 Aug 2022 15:37:29 +0000
ROA not before: Thu 25 Aug 2022 15:37:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33657
IP address blocks: 159.197.144.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d5:a6:b8:c7:69:e9:7d:ab:58:e4:80:6b:37:29:a4:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Aug 25 15:37:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f06ae7338019c2c6dd196d5cc927e58b75b998fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f6:d1:6f:08:b2:e6:95:d6:f8:fc:1b:a1:c3:
43:fe:89:e0:c6:2c:b8:5e:0a:c2:84:fe:cd:ee:44:
a4:d6:c4:7d:4e:e7:4e:68:52:4d:08:1f:2c:37:81:
21:ed:bf:ad:4c:aa:15:a4:21:48:31:f6:7d:67:f2:
84:c9:05:4f:70:cf:d2:70:89:b9:79:42:95:13:70:
1d:5b:b0:18:ee:fe:d7:09:f1:88:25:39:01:a8:27:
67:31:a4:0d:4d:8f:86:e7:73:14:70:93:f9:cc:8e:
d1:e7:a3:b0:9b:4e:60:42:50:8d:f1:4c:6f:ad:43:
07:60:42:52:7d:99:72:34:53:62:f9:36:1f:fb:e5:
92:c5:41:dd:0d:64:1f:e9:5d:a1:50:14:60:c7:5c:
3e:0e:cc:26:b0:bd:e4:29:f6:3f:50:3c:70:ba:be:
d2:2c:c0:70:29:59:b6:ec:c2:a4:d9:60:8d:9b:ed:
dc:b2:5d:7b:91:5c:7d:b9:51:07:78:b2:f4:ad:94:
35:0a:17:fb:20:59:e1:30:9d:91:3e:62:13:a3:d0:
42:f4:fe:82:5d:ba:42:65:8e:52:e0:04:74:f1:9d:
77:70:41:b8:21:eb:94:b8:27:7e:79:6d:7f:28:15:
b1:0c:1c:0b:95:cc:53:7a:39:be:44:ba:64:bd:0c:
73:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6A:E7:33:80:19:C2:C6:DD:19:6D:5C:C9:27:E5:8B:75:B9:98:FD
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/8GrnM4AZwsbdGW1cySfli3W5mP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.144.0/20
Signature Algorithm: sha256WithRSAEncryption
31:39:3c:53:4f:b7:e5:1a:f1:e9:b9:91:48:91:a7:74:14:2a:
91:51:63:7a:97:af:a8:99:51:94:07:b9:e5:c3:3e:af:fd:84:
08:be:28:23:34:83:c5:25:e1:ca:83:84:52:16:c1:98:70:4e:
bb:29:84:42:ab:85:3e:32:73:e5:e4:53:29:d4:ac:fd:c2:dc:
3c:5c:29:58:e6:15:72:8e:bc:40:06:b5:e8:47:06:98:39:d9:
0d:ab:8b:45:c2:62:b4:ae:79:19:d8:d7:e1:d4:e6:04:7c:97:
4e:7d:9d:40:2a:22:a4:0f:3e:30:ef:8d:5f:e8:7e:46:40:f6:
3b:00:5a:74:a7:26:ab:0b:e4:d3:63:08:1d:14:25:4b:4b:d9:
08:d6:cd:fd:68:f6:bf:4c:5a:b0:6d:55:7c:8b:bf:91:68:f3:
28:ba:ce:c1:9a:11:44:39:c3:67:2c:e7:24:fd:c4:5d:c1:13:
43:b0:1c:de:65:e2:a9:ad:51:51:ba:02:d6:bc:1c:bd:b2:8e:
22:19:21:c7:25:34:a6:79:5a:6b:49:e2:7b:e7:bd:85:32:f4:
0e:34:6a:69:eb:b1:94:e7:47:fd:25:92:19:ac:2a:26:c7:7a:
d5:1e:a8:99:a8:ed:66:8e:e6:6e:b8:96:31:fb:db:b5:60:05:
5a:9d:d7:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYLVprjHael9q1jkgGs3KaQvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjIwODI1MTUzNzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDZhZTczMzgwMTljMmM2ZGQxOTZkNWNjOTI3ZTU4Yjc1Yjk5OGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufbRbwiy5pXW+PwbocND/ongxiy4
XgrChP7N7kSk1sR9TudOaFJNCB8sN4Eh7b+tTKoVpCFIMfZ9Z/KEyQVPcM/ScIm5
eUKVE3AdW7AY7v7XCfGIJTkBqCdnMaQNTY+G53MUcJP5zI7R56Owm05gQlCN8Uxv
rUMHYEJSfZlyNFNi+TYf++WSxUHdDWQf6V2hUBRgx1w+DswmsL3kKfY/UDxwur7S
LMBwKVm27MKk2WCNm+3csl17kVx9uVEHeLL0rZQ1Chf7IFnhMJ2RPmITo9BC9P6C
XbpCZY5S4AR08Z13cEG4IeuUuCd+eW1/KBWxDBwLlcxTejm+RLpkvQxzWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPBq5zOAGcLG3RltXMkn5Yt1uZj9MB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvOEdybk00QVp3c2JkR1cxY3lTZmxpM1c1bVAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEn8WQMA0G
CSqGSIb3DQEBCwUAA4IBAQAxOTxTT7flGvHpuZFIkad0FCqRUWN6l6+omVGUB7nl
wz6v/YQIvigjNIPFJeHKg4RSFsGYcE67KYRCq4U+MnPl5FMp1Kz9wtw8XClY5hVy
jrxABrXoRwaYOdkNq4tFwmK0rnkZ2Nfh1OYEfJdOfZ1AKiKkDz4w741f6H5GQPY7
AFp0pyarC+TTYwgdFCVLS9kI1s39aPa/TFqwbVV8i7+RaPMous7BmhFEOcNnLOck
/cRdwRNDsBzeZeKprVFRugLWvBy9so4iGSHHJTSmeVprSeJ7572FMvQONGpp67GU
50f9JZIZrComx3rVHqiZqO1mjuZuuJYx+9u1YAVanddd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org