Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/mN7Gt8p4-g0aGYBPVcG3p_RLOVg.roa
File: mN7Gt8p4-g0aGYBPVcG3p_RLOVg.roa (raw, json)
Hash identifier: ML0ZvbKWwI+OcXutBuzn+2k9ViDbtIHplYhaxTLXPdg=
Subject key identifier: 98:DE:C6:B7:CA:78:FA:0D:1A:19:80:4F:55:C1:B7:A7:F4:4B:39:58
Certificate issuer: /CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Certificate serial: 0183A888112F9B17D5BB27C236ADDBF8E9AD
Authority key identifier: 4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/mN7Gt8p4-g0aGYBPVcG3p_RLOVg.roa
Signing time: Wed 05 Oct 2022 14:23:53 +0000
ROA not before: Wed 05 Oct 2022 14:23:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58507
IP address blocks: 159.197.192.0/19 maxlen: 24
161.8.192.0/18 maxlen: 24
161.8.0.0/18 maxlen: 24
159.197.160.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a8:88:11:2f:9b:17:d5:bb:27:c2:36:ad:db:f8:e9:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd954d3c77c9c4e37eebf753d86f3dcf091d4a9
Validity
Not Before: Oct 5 14:23:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98dec6b7ca78fa0d1a19804f55c1b7a7f44b3958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:70:5c:0b:2f:32:e9:5f:1a:56:79:d1:88:09:
59:2d:c0:61:0c:52:cd:df:07:be:c2:0c:fd:f0:66:
01:61:8f:04:ba:06:e7:ee:0a:03:04:63:26:e0:37:
fd:ef:02:96:ce:db:fa:c3:8e:90:e4:f6:c4:29:b7:
6d:01:ee:d1:c3:1c:62:71:d3:a5:7d:c3:19:94:a2:
54:08:57:16:83:94:6c:3f:53:a7:7b:4f:75:82:b6:
0a:e8:38:c8:03:a5:94:7e:c0:ba:f8:83:ff:cb:e7:
c1:6e:82:b1:3b:79:56:54:8a:cb:b5:66:f0:66:a5:
03:4f:ff:71:20:16:cc:11:18:36:0e:55:88:dd:ff:
06:51:0f:ef:3b:82:55:97:b3:0d:fa:01:6f:0e:8e:
51:11:c5:40:06:5c:4e:89:94:db:fa:35:dc:db:ea:
b6:f0:13:b7:b3:70:36:41:34:a8:f9:a8:4d:0c:ba:
ef:03:bd:50:24:fd:6a:cb:a8:2d:cd:50:ae:cb:a7:
e8:de:a6:f3:bd:58:94:22:87:b4:df:a0:42:3e:ec:
5a:9d:4c:7d:53:18:55:e6:35:5d:b8:4e:0a:42:72:
d0:3a:bf:b1:c3:8b:b2:b7:87:67:20:fa:4f:8a:0d:
f4:24:70:80:06:7b:31:b1:df:9f:2a:07:cc:9e:a5:
e9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:DE:C6:B7:CA:78:FA:0D:1A:19:80:4F:55:C1:B7:A7:F4:4B:39:58
X509v3 Authority Key Identifier:
keyid:4D:D9:54:D3:C7:7C:9C:4E:37:EE:BF:75:3D:86:F3:DC:F0:91:D4:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdlU08d8nE437r91PYbz3PCR1Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/mN7Gt8p4-g0aGYBPVcG3p_RLOVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/7a2a99-146c-4781-a302-eb7aaa6828be/1/TdlU08d8nE437r91PYbz3PCR1Kk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.197.160.0-159.197.223.255
161.8.0.0/18
161.8.192.0/18
Signature Algorithm: sha256WithRSAEncryption
7f:05:f0:88:a3:f9:64:f6:32:96:69:b0:bb:44:a1:61:65:d5:
2a:12:d9:ad:fe:96:5b:c6:04:8a:f5:dc:ed:84:7c:ff:f0:fd:
18:62:fa:fd:99:37:d6:50:c9:4d:de:3b:c1:2a:1a:87:9d:f1:
99:a2:26:bb:dc:67:ac:f7:44:01:6c:6d:af:f3:22:9b:7b:e7:
87:ea:c8:a5:51:2e:a6:eb:5a:3d:02:9e:74:ad:a1:d9:2a:52:
7a:75:91:95:44:a4:35:f1:7e:ca:47:80:44:9c:fe:3b:54:59:
67:ed:06:6b:0b:e8:72:b3:70:1d:b4:fe:00:92:7e:38:cf:8d:
82:7b:16:16:02:97:38:e0:7d:81:da:01:b0:87:62:02:a1:2c:
c3:47:8b:e1:96:ae:5f:13:9a:f1:bf:f0:e5:0b:24:10:ae:7f:
ef:8c:0c:86:b1:3e:fb:50:9b:86:76:7c:07:e4:1d:da:36:a7:
06:25:4c:85:4f:84:17:cb:fc:8e:1a:4f:c1:b3:39:90:a0:32:
1e:27:92:64:98:1e:2a:d3:ad:71:95:9c:62:25:32:42:de:fc:
85:c4:43:37:76:49:49:d5:1b:bb:c5:30:35:20:51:ef:be:a0:
e5:4a:94:82:f3:57:58:e4:1c:a7:e8:54:e1:65:de:92:39:3a:
af:f8:01:4e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYOoiBEvmxfVuyfCNq3b+OmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDk1NGQzYzc3YzljNGUzN2VlYmY3NTNkODZmM2RjZjA5
MWQ0YTkwHhcNMjIxMDA1MTQyMzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGRlYzZiN2NhNzhmYTBkMWExOTgwNGY1NWMxYjdhN2Y0NGIzOTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXBcCy8y6V8aVnnRiAlZLcBhDFLN
3we+wgz98GYBYY8Eugbn7goDBGMm4Df97wKWztv6w46Q5PbEKbdtAe7RwxxicdOl
fcMZlKJUCFcWg5RsP1One091grYK6DjIA6WUfsC6+IP/y+fBboKxO3lWVIrLtWbw
ZqUDT/9xIBbMERg2DlWI3f8GUQ/vO4JVl7MN+gFvDo5REcVABlxOiZTb+jXc2+q2
8BO3s3A2QTSo+ahNDLrvA71QJP1qy6gtzVCuy6fo3qbzvViUIoe036BCPuxanUx9
UxhV5jVduE4KQnLQOr+xw4uyt4dnIPpPig30JHCABnsxsd+fKgfMnqXp0QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJjexrfKePoNGhmAT1XBt6f0SzlYMB8GA1UdIwQY
MBaAFE3ZVNPHfJxON+6/dT2G89zwkdSpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDIt
ZWI3YWFhNjgyOGJlLzEvbU43R3Q4cDQtZzBhR1lCUFZjRzNwX1JMT1ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC83YTJhOTktMTQ2Yy00NzgxLWEzMDItZWI3YWFhNjgyOGJl
LzEvVGRsVTA4ZDhuRTQzN3I5MVBZYnozUENSMUtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAWfxaAD
BAWfxcADBAahCAADBAahCMAwDQYJKoZIhvcNAQELBQADggEBAH8F8Iij+WT2MpZp
sLtEoWFl1SoS2a3+llvGBIr13O2EfP/w/Rhi+v2ZN9ZQyU3eO8EqGoed8ZmiJrvc
Z6z3RAFsba/zIpt754fqyKVRLqbrWj0CnnStodkqUnp1kZVEpDXxfspHgESc/jtU
WWftBmsL6HKzcB20/gCSfjjPjYJ7FhYClzjgfYHaAbCHYgKhLMNHi+GWrl8TmvG/
8OULJBCuf++MDIaxPvtQm4Z2fAfkHdo2pwYlTIVPhBfL/I4aT8GzOZCgMh4nkmSY
HirTrXGVnGIlMkLe/IXEQzd2SUnVG7vFMDUgUe++oOVKlILzV1jkHKfoVOFl3pI5
Oq/4AU4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:14 2024 by rpki-client on console-ams.rpki-client.org