Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/U_N8WScmAQCecrsLHtIKRjCIaRc.roa
File: U_N8WScmAQCecrsLHtIKRjCIaRc.roa (raw, json)
Hash identifier: q/BwheYDHjW9HRGDSR1C1fSeFgpRu+LIBULjsWUcbwo=
Subject key identifier: 53:F3:7C:59:27:26:01:00:9E:72:BB:0B:1E:D2:0A:46:30:88:69:17
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018254276214B69320A24A43A05AC0B09E59
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/U_N8WScmAQCecrsLHtIKRjCIaRc.roa
Signing time: Sun 31 Jul 2022 12:07:23 +0000
ROA not before: Sun 31 Jul 2022 12:07:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203790
IP address blocks: 171.22.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:54:27:62:14:b6:93:20:a2:4a:43:a0:5a:c0:b0:9e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jul 31 12:07:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53f37c59272601009e72bb0b1ed20a4630886917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cc:16:a0:48:be:32:16:c2:41:a6:25:39:b0:
c7:1a:d1:5e:60:6b:95:d2:4e:e7:8b:98:da:a4:f3:
fa:a5:69:25:ab:0c:9e:52:90:1a:2f:d4:45:9d:a0:
a1:7b:c4:97:1f:00:bf:a0:c1:f1:cc:3c:80:d9:53:
d6:7f:92:4d:9d:3d:bb:c5:e5:02:18:6e:de:de:7c:
44:33:c8:3e:c5:88:5c:1e:94:45:06:ad:43:3c:b4:
90:49:e4:1d:1a:4c:66:22:48:f4:c4:d6:41:6d:95:
40:fa:3b:4f:e3:c6:f4:02:ca:3b:ac:fa:32:ff:aa:
e0:ed:70:96:dd:31:d7:2e:b4:e0:95:5d:2f:a0:69:
c3:ee:83:19:df:50:b8:82:d6:e3:2f:f7:c5:05:7a:
ef:df:9c:d1:b7:11:11:35:f6:40:57:ee:b9:72:78:
66:00:0e:9e:1b:ba:61:67:c0:5a:94:5f:dd:92:cf:
b1:15:ce:7c:b2:d1:7e:9d:08:75:cc:25:7e:41:36:
eb:ec:72:53:10:2f:64:8d:a3:da:ef:37:59:cd:cf:
6f:64:e2:24:4e:32:95:1b:2b:f2:95:7e:a9:97:28:
48:fc:89:b3:fd:6d:93:ae:b4:a9:93:fb:92:41:d2:
1d:73:25:98:7b:e8:46:48:60:19:42:40:0f:ac:7d:
a5:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F3:7C:59:27:26:01:00:9E:72:BB:0B:1E:D2:0A:46:30:88:69:17
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/U_N8WScmAQCecrsLHtIKRjCIaRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.147.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:df:d1:a5:af:ea:f0:a4:de:ee:76:86:a9:9e:18:37:ec:c7:
f2:7c:c3:3e:c2:4a:0e:eb:bb:40:c6:32:51:af:a8:9e:e1:e0:
57:21:7a:eb:b2:e2:02:83:30:5f:4a:d4:3d:af:f1:82:17:8a:
8f:01:42:da:6a:5a:d9:37:25:9b:a3:7c:34:bc:97:28:90:d6:
21:bf:1f:3d:12:bf:30:b8:08:c2:5e:f6:ea:1d:2d:81:42:cc:
34:2b:27:0b:17:ce:f9:f0:c8:4c:64:ce:91:a9:e6:81:15:cd:
0d:a9:b5:5a:74:17:8b:dc:0f:76:61:08:e6:c7:8a:74:d1:87:
78:3d:c2:49:9b:9b:b9:c2:a8:28:95:f0:5a:c6:1a:ee:c1:c3:
f1:b0:7b:6d:4d:f4:0a:1b:f6:8e:2f:16:b7:40:6a:08:bc:48:
7d:df:17:28:20:ec:8d:8a:07:51:84:59:16:93:ef:f6:cc:7d:
6d:58:eb:63:88:38:b2:fe:1e:ff:62:49:7b:2a:0d:5d:a4:b6:
a0:43:61:53:bc:e8:6f:55:3b:5b:1c:77:73:45:7b:6c:29:75:
74:19:6c:96:7a:2f:16:42:85:e8:e0:59:c4:4a:94:0b:24:36:
5f:d3:df:75:df:76:58:c2:a5:fd:95:01:7e:66:81:62:51:eb:
7e:a7:29:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJUJ2IUtpMgokpDoFrAsJ5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIwNzMxMTIwNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2YzN2M1OTI3MjYwMTAwOWU3MmJiMGIxZWQyMGE0NjMwODg2OTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhswWoEi+MhbCQaYlObDHGtFeYGuV
0k7ni5japPP6pWklqwyeUpAaL9RFnaChe8SXHwC/oMHxzDyA2VPWf5JNnT27xeUC
GG7e3nxEM8g+xYhcHpRFBq1DPLSQSeQdGkxmIkj0xNZBbZVA+jtP48b0Aso7rPoy
/6rg7XCW3THXLrTglV0voGnD7oMZ31C4gtbjL/fFBXrv35zRtxERNfZAV+65cnhm
AA6eG7phZ8BalF/dks+xFc58stF+nQh1zCV+QTbr7HJTEC9kjaPa7zdZzc9vZOIk
TjKVGyvylX6plyhI/Imz/W2TrrSpk/uSQdIdcyWYe+hGSGAZQkAPrH2lzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPzfFknJgEAnnK7Cx7SCkYwiGkXMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvVV9OOFdTY21BUUNlY3JzTEh0SUtSakNJYVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxaTMA0G
CSqGSIb3DQEBCwUAA4IBAQBb39Glr+rwpN7udoapnhg37MfyfMM+wkoO67tAxjJR
r6ie4eBXIXrrsuICgzBfStQ9r/GCF4qPAULaalrZNyWbo3w0vJcokNYhvx89Er8w
uAjCXvbqHS2BQsw0KycLF8758MhMZM6RqeaBFc0NqbVadBeL3A92YQjmx4p00Yd4
PcJJm5u5wqgolfBaxhruwcPxsHttTfQKG/aOLxa3QGoIvEh93xcoIOyNigdRhFkW
k+/2zH1tWOtjiDiy/h7/Ykl7Kg1dpLagQ2FTvOhvVTtbHHdzRXtsKXV0GWyWei8W
QoXo4FnESpQLJDZf099133ZYwqX9lQF+ZoFiUet+pylQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:42 2023 by rpki-client on console-ams.rpki-client.org