Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/mh2CU7C1bQpW7kBRoupSjy7rcUc.roa
File: mh2CU7C1bQpW7kBRoupSjy7rcUc.roa (raw, json)
Hash identifier: cnhLLp0wCzK9I/LrPhPF1iKEitj64j85mo+kPliJE/o=
Subject key identifier: 9A:1D:82:53:B0:B5:6D:0A:56:EE:40:51:A2:EA:52:8F:2E:EB:71:47
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 018516A33DBBA684084A33F8F2092FEACC84
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/mh2CU7C1bQpW7kBRoupSjy7rcUc.roa
Signing time: Thu 15 Dec 2022 16:34:34 +0000
ROA not before: Thu 15 Dec 2022 16:34:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 171.22.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:a3:3d:bb:a6:84:08:4a:33:f8:f2:09:2f:ea:cc:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Dec 15 16:34:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a1d8253b0b56d0a56ee4051a2ea528f2eeb7147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a3:9d:29:1e:79:1d:93:f3:62:cc:d1:0e:96:
03:c9:09:ab:53:91:9c:75:3f:8f:62:55:96:48:00:
d6:2c:03:c2:61:6f:cd:2f:a1:86:c3:d6:7b:87:98:
5e:30:2c:a2:1a:c5:3c:b0:5f:54:d4:14:43:00:7b:
e2:30:7b:14:6d:21:49:a0:64:1d:ff:bf:dc:1f:52:
ad:6f:e3:a1:c0:54:df:64:e9:f4:ff:84:cd:0e:73:
5d:5c:e0:fe:12:28:10:8a:41:c5:e1:2d:11:fa:84:
4b:81:b6:cd:f8:4a:fa:ea:be:e1:9b:ff:60:f1:24:
5a:18:14:41:5e:c9:e3:3f:80:65:aa:0e:44:6a:65:
15:18:3a:8f:75:71:37:c7:0a:af:ef:42:2c:7a:bc:
55:10:b5:8a:69:4f:e5:72:13:98:14:f4:dd:0b:9b:
a4:38:28:b9:21:22:5d:2a:b5:ae:b1:5c:63:5a:68:
81:26:48:58:95:ce:23:91:ac:36:d4:9f:11:66:42:
6c:32:82:f5:60:77:69:0a:44:c1:ed:00:0c:8b:c2:
49:0d:e1:e3:8a:6f:8c:61:c5:e5:dc:db:b4:0a:7f:
f5:d9:e5:f9:86:b8:d2:2d:6e:47:e6:af:56:fd:93:
af:8c:cc:ba:85:4a:f1:c8:a4:4a:91:ce:57:13:17:
74:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1D:82:53:B0:B5:6D:0A:56:EE:40:51:A2:EA:52:8F:2E:EB:71:47
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/mh2CU7C1bQpW7kBRoupSjy7rcUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.147.0/24
Signature Algorithm: sha256WithRSAEncryption
58:08:a6:03:4d:cf:27:dd:66:68:e6:9c:14:31:8b:7c:20:6e:
1a:a1:dc:43:5d:5f:56:07:aa:be:46:a1:b6:c5:94:8c:7e:8c:
13:91:6e:b9:1a:1d:f0:0a:5d:72:e4:8e:47:d3:55:fe:22:fd:
17:1d:ca:c2:cc:34:9e:71:39:a5:90:97:4a:75:cf:09:99:00:
f4:c6:a7:72:d8:22:47:ac:ab:b7:b9:1e:d7:52:64:d4:8b:03:
5d:1a:8a:d8:08:a5:b2:5d:18:1f:67:0f:14:ea:d6:57:ec:80:
8f:4c:41:48:41:ab:5f:88:02:37:75:f6:c2:b4:b8:8d:3b:4e:
19:fe:aa:f5:3a:ad:9a:73:52:58:4b:be:c8:83:6c:92:96:81:
6c:b5:84:06:d6:a9:e9:0a:93:b5:43:09:56:26:e0:b6:40:1f:
33:d0:ad:20:36:5c:3e:1b:44:96:83:13:57:e5:0b:25:f7:08:
2e:d6:36:b1:e7:eb:f7:9e:30:e8:60:19:a3:b7:10:d5:c2:7a:
fe:c0:00:00:96:69:10:48:07:b4:d9:ab:36:77:ab:73:c3:80:
c7:cd:76:99:37:01:2b:17:b3:ee:49:7a:3b:cd:86:67:5c:cd:
eb:b9:57:52:da:49:f1:21:cb:44:45:2e:27:27:a2:08:90:a0:
97:4d:29:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUWoz27poQISjP48gkv6syEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIxMjE1MTYzNDM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFkODI1M2IwYjU2ZDBhNTZlZTQwNTFhMmVhNTI4ZjJlZWI3MTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaOdKR55HZPzYszRDpYDyQmrU5Gc
dT+PYlWWSADWLAPCYW/NL6GGw9Z7h5heMCyiGsU8sF9U1BRDAHviMHsUbSFJoGQd
/7/cH1Ktb+OhwFTfZOn0/4TNDnNdXOD+EigQikHF4S0R+oRLgbbN+Er66r7hm/9g
8SRaGBRBXsnjP4Blqg5EamUVGDqPdXE3xwqv70IserxVELWKaU/lchOYFPTdC5uk
OCi5ISJdKrWusVxjWmiBJkhYlc4jkaw21J8RZkJsMoL1YHdpCkTB7QAMi8JJDeHj
im+MYcXl3Nu0Cn/12eX5hrjSLW5H5q9W/ZOvjMy6hUrxyKRKkc5XExd0YQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJodglOwtW0KVu5AUaLqUo8u63FHMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvbWgyQ1U3QzFiUXBXN2tCUm91cFNqeTdyY1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxaTMA0G
CSqGSIb3DQEBCwUAA4IBAQBYCKYDTc8n3WZo5pwUMYt8IG4aodxDXV9WB6q+RqG2
xZSMfowTkW65Gh3wCl1y5I5H01X+Iv0XHcrCzDSecTmlkJdKdc8JmQD0xqdy2CJH
rKu3uR7XUmTUiwNdGorYCKWyXRgfZw8U6tZX7ICPTEFIQatfiAI3dfbCtLiNO04Z
/qr1Oq2ac1JYS77Ig2ySloFstYQG1qnpCpO1QwlWJuC2QB8z0K0gNlw+G0SWgxNX
5Qsl9wgu1jax5+v3njDoYBmjtxDVwnr+wAAAlmkQSAe02as2d6tzw4DHzXaZNwEr
F7PuSXo7zYZnXM3ruVdS2knxIctERS4nJ6IIkKCXTSkk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org