Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/tWQ8SxjRBjxYYo-QaheDBM00qTk.roa
File: tWQ8SxjRBjxYYo-QaheDBM00qTk.roa (raw, json)
Hash identifier: 2WcqwHdkUM7RVLY2kS3hIBEYlwF1YPITid0nzokxqC4=
Subject key identifier: B5:64:3C:4B:18:D1:06:3C:58:62:8F:90:6A:17:83:04:CD:34:A9:39
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 09AFC7BE
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/tWQ8SxjRBjxYYo-QaheDBM00qTk.roa
Signing time: Sat 01 Jan 2022 09:56:57 +0000
ROA not before: Sat 01 Jan 2022 09:56:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211851
IP address blocks: 171.22.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162514878 (0x9afc7be)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jan 1 09:56:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5643c4b18d1063c58628f906a178304cd34a939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ab:52:a6:fe:ab:bc:41:c1:b4:86:d1:eb:3b:
62:6f:49:e6:f9:26:da:f7:c8:2b:2c:10:07:dc:9c:
13:fe:9f:36:37:0c:c9:09:6d:6d:0c:89:ed:86:4a:
bb:81:06:76:79:08:b5:f5:0b:7d:8d:18:62:cf:b0:
30:cb:c5:85:57:ee:70:a8:ca:d0:59:96:3a:b1:7b:
06:d0:53:76:b0:60:d1:1d:d3:49:55:c7:40:9f:cc:
6b:d3:a3:6d:a6:20:f6:6f:f5:f9:04:27:60:70:90:
64:a6:a5:7d:ec:6a:f1:27:d4:4c:94:ca:86:b2:57:
bc:32:e7:bf:1a:b9:f7:2b:81:d3:3a:3e:52:6a:ad:
b2:1c:68:6d:a8:b4:bb:6a:be:cd:35:03:c3:c9:47:
1e:34:28:03:48:ee:65:cc:10:53:68:46:bb:ce:e7:
37:03:49:48:53:15:d8:78:4c:eb:96:c6:7f:73:76:
d0:1f:35:72:0f:9e:19:11:f0:fc:ba:eb:3a:7b:8c:
cd:96:a3:e1:04:63:15:8b:eb:b6:8e:78:e6:af:72:
71:25:99:0f:6b:7e:09:b1:5b:6f:ca:3e:4d:9d:55:
dd:22:f7:ca:4a:85:d0:18:d5:06:26:0d:82:59:a9:
c6:a9:27:f1:09:af:f0:6d:3d:b0:15:25:a8:71:57:
cc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:64:3C:4B:18:D1:06:3C:58:62:8F:90:6A:17:83:04:CD:34:A9:39
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/tWQ8SxjRBjxYYo-QaheDBM00qTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.147.0/24
Signature Algorithm: sha256WithRSAEncryption
89:73:3c:c7:7e:21:89:eb:bd:ab:46:49:fc:63:19:e2:c5:13:
14:26:56:d0:ff:ad:78:3e:b4:13:30:84:84:db:4a:34:0f:ea:
5b:0b:a9:f6:2d:57:4f:59:50:1a:19:02:ed:62:75:51:eb:24:
d9:7c:cb:c3:4f:fa:0a:04:72:ce:14:67:ff:45:2f:06:60:b9:
52:05:01:7c:ba:71:45:b1:c5:ba:8c:e8:ab:33:7f:e5:c1:8b:
17:ae:d1:9f:32:2b:24:b1:12:df:cf:9c:a5:a9:e1:31:5b:84:
22:6d:c4:fb:ba:79:c7:f4:5f:df:39:9c:49:dd:d3:13:47:b9:
61:da:bc:7d:7a:04:76:6b:b1:e8:49:a1:18:df:90:c9:5a:a2:
c1:9f:4b:57:77:45:fc:bb:5b:12:4b:2f:e8:54:7b:6f:2c:fe:
8d:31:22:bd:90:61:9c:60:8c:05:f0:6a:e5:98:f8:7b:f4:9b:
d5:44:7a:82:83:3d:ac:07:e5:49:2e:6b:5f:9c:6d:23:89:d4:
62:17:9e:35:7a:11:45:02:06:50:9d:34:73:bf:83:49:d4:9f:
24:dc:dc:10:b3:41:b9:c3:db:be:89:a6:0f:dd:4b:79:92:d7:
95:6a:7e:71:69:24:aa:bd:1f:92:57:62:53:1e:49:1f:ef:72:
88:73:64:a7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECa/HvjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NDE2NmI3MDQ4NDNkM2Q5NzU0MDk1YzgzYTkxYjQ5MzgyODIwMGEyMB4XDTIyMDEw
MTA5NTY1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjU2NDNjNGIxOGQx
MDYzYzU4NjI4ZjkwNmExNzgzMDRjZDM0YTkzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK6rUqb+q7xBwbSG0es7Ym9J5vkm2vfIKywQB9ycE/6fNjcM
yQltbQyJ7YZKu4EGdnkItfULfY0YYs+wMMvFhVfucKjK0FmWOrF7BtBTdrBg0R3T
SVXHQJ/Ma9OjbaYg9m/1+QQnYHCQZKalfexq8SfUTJTKhrJXvDLnvxq59yuB0zo+
Umqtshxobai0u2q+zTUDw8lHHjQoA0juZcwQU2hGu87nNwNJSFMV2HhM65bGf3N2
0B81cg+eGRHw/LrrOnuMzZaj4QRjFYvrto545q9ycSWZD2t+CbFbb8o+TZ1V3SL3
ykqF0BjVBiYNglmpxqkn8Qmv8G09sBUlqHFXzPkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS1ZDxLGNEGPFhij5BqF4MEzTSpOTAfBgNVHSMEGDAWgBSUFmtwSEPT2XVA
lcg6kbSTgoIAojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xCWnJjRWhEMDlsMVFKWElPcEcwazRLQ0FLSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvNDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8x
L3RXUThTeGpSQmp4WVlvLVFhaGVEQk0wMHFUay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
NDNmZjhmLWNkNTQtNGNmMS04YWFmLTRiZTE4ZWYxMjhiNC8xL2xCWnJjRWhEMDls
MVFKWElPcEcwazRLQ0FLSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKsWkzANBgkqhkiG9w0BAQsFAAOC
AQEAiXM8x34hieu9q0ZJ/GMZ4sUTFCZW0P+teD60EzCEhNtKNA/qWwup9i1XT1lQ
GhkC7WJ1Uesk2XzLw0/6CgRyzhRn/0UvBmC5UgUBfLpxRbHFuozoqzN/5cGLF67R
nzIrJLES38+cpanhMVuEIm3E+7p5x/Rf3zmcSd3TE0e5Ydq8fXoEdmux6EmhGN+Q
yVqiwZ9LV3dF/LtbEksv6FR7byz+jTEivZBhnGCMBfBq5Zj4e/Sb1UR6goM9rAfl
SS5rX5xtI4nUYheeNXoRRQIGUJ00c7+DSdSfJNzcELNBucPbvommD91LeZLXlWp+
cWkkqr0fkldiUx5JH+9yiHNkpw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:01 2023 by rpki-client on console-fra.rpki-client.org