Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/ic7a6DBHtRuTGUlnQbcVKMqHDxQ.roa
File: ic7a6DBHtRuTGUlnQbcVKMqHDxQ.roa (raw, json)
Hash identifier: kpp0kRbqkf/6S3/vKzuM4Nv19z6hKqoGZekoukl3gd4=
Subject key identifier: 89:CE:DA:E8:30:47:B5:1B:93:19:49:67:41:B7:15:28:CA:87:0F:14
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 018421B6AE8D36DE42B39AA829A0E7120FCE
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/ic7a6DBHtRuTGUlnQbcVKMqHDxQ.roa
Signing time: Sat 29 Oct 2022 03:08:51 +0000
ROA not before: Sat 29 Oct 2022 03:08:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58507
IP address blocks: 159.197.192.0/19 maxlen: 24
161.8.192.0/18 maxlen: 24
161.8.0.0/18 maxlen: 24
159.197.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:21:b6:ae:8d:36:de:42:b3:9a:a8:29:a0:e7:12:0f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Oct 29 03:08:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89cedae83047b51b9319496741b71528ca870f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:87:cc:e8:18:35:c7:02:4a:d7:5d:c8:f4:3c:
0b:61:23:49:b7:39:df:b0:15:39:e0:1d:98:e9:b7:
b1:c8:cd:e2:d3:07:6a:34:89:36:7e:0d:76:65:98:
e5:b5:05:8a:fe:3f:2f:91:7e:dc:1e:e9:8e:7c:89:
2e:6c:7d:86:a5:7c:27:03:a6:a0:8e:e8:29:05:94:
30:a7:ef:0e:61:97:ea:22:18:32:b0:60:6f:e3:be:
47:25:b1:b6:c2:1e:95:f7:a2:20:46:73:52:ef:d9:
4d:c7:e7:d7:cd:3f:2b:27:a5:c5:64:70:8c:d7:8c:
9f:98:3e:5d:8e:af:62:36:d9:3b:fd:81:05:16:6a:
b3:c8:50:17:2c:f7:19:86:dd:77:c6:76:28:74:10:
69:99:04:cc:03:b2:11:b7:48:8e:d5:69:44:51:b8:
87:a9:a5:1b:43:48:cf:44:16:1e:0e:e6:86:a0:c9:
0a:74:dc:23:b5:e5:d5:38:ab:dc:eb:8c:2b:9d:47:
70:43:66:25:38:22:fb:10:fa:f3:88:df:62:e7:55:
94:2b:a8:fb:cc:5e:ca:d9:49:87:95:16:cf:fb:46:
7b:e6:e0:1b:6f:5d:e3:6e:54:b6:9b:bc:3b:14:e8:
22:67:af:3a:1e:56:bc:66:81:a9:81:0a:9b:41:0c:
12:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CE:DA:E8:30:47:B5:1B:93:19:49:67:41:B7:15:28:CA:87:0F:14
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/ic7a6DBHtRuTGUlnQbcVKMqHDxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.128.0-159.197.223.255
161.8.0.0/18
161.8.192.0/18
Signature Algorithm: sha256WithRSAEncryption
84:e6:26:15:1a:33:73:d9:ac:62:1f:b6:55:5e:2d:25:0f:22:
0c:c5:37:55:cc:29:54:cd:41:15:b0:63:1d:b8:8d:69:f3:13:
75:31:f9:37:01:18:e2:42:e5:19:f3:35:53:92:29:0c:2c:99:
15:fd:97:fc:18:99:2e:71:d8:70:d1:6f:22:af:af:9a:cb:72:
e9:ee:c7:91:11:b4:a4:54:44:b7:1c:c9:0a:41:6a:ac:35:94:
cc:c1:53:6b:e2:d9:46:68:cc:53:85:e0:a9:4d:5e:0d:79:b6:
60:63:96:f2:0d:b4:ae:53:c7:1c:11:74:58:35:b3:fb:eb:51:
68:91:00:5a:62:bd:f5:b7:0c:8c:64:49:d0:29:9b:96:82:ba:
24:7e:6e:dd:fd:52:98:68:3c:ec:4a:76:a0:b6:b0:d2:9a:80:
c6:a2:64:1e:51:97:10:98:cf:b0:cb:dc:5b:30:b0:53:1d:31:
3e:09:5b:8e:7f:3f:f6:1c:ee:09:d4:83:e0:a4:4a:b0:a7:3f:
a8:0e:15:4c:1f:70:9b:d9:9e:d9:5f:71:90:45:c7:a9:06:2d:
23:f9:4f:b6:3f:6d:14:e9:e7:87:2b:3f:c8:24:e9:33:e9:3d:
f9:a8:1b:be:81:c2:e1:97:c4:56:81:16:53:6a:34:82:c6:97:
71:cd:e4:ee
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYQhtq6NNt5Cs5qoKaDnEg/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjIxMDI5MDMwODUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNlZGFlODMwNDdiNTFiOTMxOTQ5Njc0MWI3MTUyOGNhODcwZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYfM6Bg1xwJK113I9DwLYSNJtznf
sBU54B2Y6bexyM3i0wdqNIk2fg12ZZjltQWK/j8vkX7cHumOfIkubH2GpXwnA6ag
jugpBZQwp+8OYZfqIhgysGBv475HJbG2wh6V96IgRnNS79lNx+fXzT8rJ6XFZHCM
14yfmD5djq9iNtk7/YEFFmqzyFAXLPcZht13xnYodBBpmQTMA7IRt0iO1WlEUbiH
qaUbQ0jPRBYeDuaGoMkKdNwjteXVOKvc64wrnUdwQ2YlOCL7EPrziN9i51WUK6j7
zF7K2UmHlRbP+0Z75uAbb13jblS2m7w7FOgiZ686Hla8ZoGpgQqbQQwSfwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFInO2ugwR7UbkxlJZ0G3FSjKhw8UMB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvaWM3YTZEQkh0UnVUR1VsblFiY1ZLTXFIRHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAefxYAD
BAWfxcADBAahCAADBAahCMAwDQYJKoZIhvcNAQELBQADggEBAITmJhUaM3PZrGIf
tlVeLSUPIgzFN1XMKVTNQRWwYx24jWnzE3Ux+TcBGOJC5RnzNVOSKQwsmRX9l/wY
mS5x2HDRbyKvr5rLcunux5ERtKRURLccyQpBaqw1lMzBU2vi2UZozFOF4KlNXg15
tmBjlvINtK5TxxwRdFg1s/vrUWiRAFpivfW3DIxkSdApm5aCuiR+bt39UphoPOxK
dqC2sNKagMaiZB5RlxCYz7DL3FswsFMdMT4JW45/P/Yc7gnUg+CkSrCnP6gOFUwf
cJvZntlfcZBFx6kGLSP5T7Y/bRTp54crP8gk6TPpPfmoG76BwuGXxFaBFlNqNILG
l3HN5O4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:23 2024 by rpki-client on console-fra.rpki-client.org