Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/rNdZOvF9KBbY60MjMTFEevZ9ucE.roa
File: rNdZOvF9KBbY60MjMTFEevZ9ucE.roa (raw, json)
Hash identifier: HES+uqwWqwhmRKfAbwGBDXRln5PdWyvW4mV38iL8lJo=
Subject key identifier: AC:D7:59:3A:F1:7D:28:16:D8:EB:43:23:31:31:44:7A:F6:7D:B9:C1
Certificate issuer: /CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Certificate serial: 027E7D74
Authority key identifier: BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/rNdZOvF9KBbY60MjMTFEevZ9ucE.roa
Signing time: Sat 01 Jan 2022 15:55:20 +0000
ROA not before: Sat 01 Jan 2022 15:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202829
IP address blocks: 151.248.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41844084 (0x27e7d74)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Validity
Not Before: Jan 1 15:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=acd7593af17d2816d8eb43233131447af67db9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7f:02:fc:74:88:b2:e7:d2:44:e8:a1:be:7a:
01:d3:5a:40:cd:3b:74:e3:cb:7a:87:cb:39:ac:bc:
47:3d:c5:c5:91:b5:07:81:fb:21:d6:fd:9c:80:a0:
80:e0:ad:77:9f:c9:65:a7:d8:0b:ca:ed:09:9b:87:
80:a0:c6:81:c8:a3:11:59:a4:12:ce:7e:25:c8:7c:
32:50:b3:c7:bf:51:e6:b8:05:cf:00:1a:9a:a9:ae:
54:5b:5b:eb:9c:42:6b:ac:0c:9b:4a:bd:51:f5:41:
ae:11:44:c8:32:42:d2:2a:ba:65:fb:13:0e:16:b3:
e0:e0:43:91:73:b0:4d:dc:32:93:3c:df:0c:f7:d8:
9a:c9:02:6f:a7:e6:a8:ce:07:3b:7b:08:0f:5d:ba:
a5:fb:55:a9:cd:3d:ee:1e:d7:99:ff:7c:16:d9:85:
93:ee:24:62:d7:19:10:a9:0d:60:15:40:da:75:a5:
ce:6e:c5:54:fa:5c:7b:43:48:6c:37:4c:bf:bf:bd:
da:f9:89:d0:86:f5:fb:c2:e0:79:a7:c3:50:00:bb:
5b:5f:8c:fb:cc:8a:0b:f6:dc:7e:85:87:af:dc:29:
2e:9e:f4:0f:d2:ba:35:cd:52:3c:69:82:dd:e0:c0:
d1:1c:3b:ab:7d:f4:96:74:02:0d:59:d3:4a:f2:37:
71:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D7:59:3A:F1:7D:28:16:D8:EB:43:23:31:31:44:7A:F6:7D:B9:C1
X509v3 Authority Key Identifier:
keyid:BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/rNdZOvF9KBbY60MjMTFEevZ9ucE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/vxB-B5UsBpNYzT-CquzrTGlIPKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.20.0/22
Signature Algorithm: sha256WithRSAEncryption
61:c0:0f:ca:8e:6a:04:86:83:ca:c2:44:ed:fd:48:9d:33:01:
0c:6b:93:31:41:fe:82:3a:d9:2e:0b:ce:76:6a:f2:4c:a1:21:
f8:1f:24:6b:ab:b3:9d:ec:bf:ca:be:94:22:4f:55:da:f8:5f:
cf:1f:ee:82:ed:b3:c8:da:67:a4:98:bf:ac:ce:c7:b9:0c:0a:
8f:e7:1f:cb:67:17:1d:25:84:9e:fa:7a:1b:70:fe:b8:69:ce:
75:c1:02:a8:d6:8e:91:b7:a1:5e:8d:60:27:f4:8f:13:80:f8:
42:63:a1:38:1f:75:c9:88:01:c9:dc:86:cc:d8:b4:5f:39:8a:
64:cf:be:7d:48:a2:0d:4e:cb:80:2c:35:4a:fd:7d:e8:fd:0b:
8a:c2:1f:fa:f6:b3:4d:db:de:10:94:67:a8:bb:3c:1d:83:6d:
bd:62:cc:07:e3:d2:2d:9d:f6:38:6d:bb:e8:73:ec:20:79:93:
f3:58:4a:05:0a:c6:fd:67:98:7e:88:18:32:b5:bd:1f:ce:b5:
7a:bf:62:33:45:ac:34:00:b4:90:1d:81:fb:c3:4d:ea:3e:f8:
47:65:dc:dd:4b:fb:a1:17:aa:76:68:c5:cf:67:2a:01:ac:10:
c2:db:4d:64:6c:e0:ac:28:39:97:7b:de:30:e8:80:45:56:bc:
0f:cb:16:71
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAn59dDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZjEwN2UwNzk1MmMwNjkzNThjZDNmODJhYWVjZWI0YzY5NDgzY2E5MB4XDTIyMDEw
MTE1NTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWNkNzU5M2FmMTdk
MjgxNmQ4ZWI0MzIzMzEzMTQ0N2FmNjdkYjljMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALp/Avx0iLLn0kToob56AdNaQM07dOPLeofLOay8Rz3FxZG1
B4H7Idb9nICggOCtd5/JZafYC8rtCZuHgKDGgcijEVmkEs5+Jch8MlCzx79R5rgF
zwAamqmuVFtb65xCa6wMm0q9UfVBrhFEyDJC0iq6ZfsTDhaz4OBDkXOwTdwykzzf
DPfYmskCb6fmqM4HO3sID126pftVqc097h7Xmf98FtmFk+4kYtcZEKkNYBVA2nWl
zm7FVPpce0NIbDdMv7+92vmJ0Ib1+8LgeafDUAC7W1+M+8yKC/bcfoWHr9wpLp70
D9K6Nc1SPGmC3eDA0Rw7q330lnQCDVnTSvI3ca8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSs11k68X0oFtjrQyMxMUR69n25wTAfBgNVHSMEGDAWgBS/EH4HlSwGk1jN
P4Kq7OtMaUg8qTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Z4Qi1CNVVzQnBOWXpULUNxdXpyVEdsSVBLay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvN2UyOGVlLWM2NWQtNDUyOS1hNDdiLTQ4NjMzZDcxODU5MC8x
L3JOZFpPdkY5S0JiWTYwTWpNVEZFZXZaOXVjRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
N2UyOGVlLWM2NWQtNDUyOS1hNDdiLTQ4NjMzZDcxODU5MC8xL3Z4Qi1CNVVzQnBO
WXpULUNxdXpyVEdsSVBLay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApf4FDANBgkqhkiG9w0BAQsFAAOC
AQEAYcAPyo5qBIaDysJE7f1InTMBDGuTMUH+gjrZLgvOdmryTKEh+B8ka6uzney/
yr6UIk9V2vhfzx/ugu2zyNpnpJi/rM7HuQwKj+cfy2cXHSWEnvp6G3D+uGnOdcEC
qNaOkbehXo1gJ/SPE4D4QmOhOB91yYgBydyGzNi0XzmKZM++fUiiDU7LgCw1Sv19
6P0LisIf+vazTdveEJRnqLs8HYNtvWLMB+PSLZ32OG276HPsIHmT81hKBQrG/WeY
fogYMrW9H861er9iM0WsNAC0kB2B+8NN6j74R2Xc3Uv7oReqdmjFz2cqAawQwttN
ZGzgrCg5l3veMOiARVa8D8sWcQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:13:36 2024 by rpki-client on console-ams.rpki-client.org