Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/25qy6NBkvbHX_9FJag391nkcBTk.roa
File: 25qy6NBkvbHX_9FJag391nkcBTk.roa (raw, json)
Hash identifier: hos5eNoCRt5GLg35lTy5vitlKLzIxjmIUQ3AE3cAcjE=
Subject key identifier: DB:9A:B2:E8:D0:64:BD:B1:D7:FF:D1:49:6A:0D:FD:D6:79:1C:05:39
Certificate issuer: /CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Certificate serial: 01852FEEEEA929A03C0A903920297B7A5CA3
Authority key identifier: 31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/25qy6NBkvbHX_9FJag391nkcBTk.roa
Signing time: Tue 20 Dec 2022 14:27:45 +0000
ROA not before: Tue 20 Dec 2022 14:27:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33103
IP address blocks: 202.22.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:ee:ee:a9:29:a0:3c:0a:90:39:20:29:7b:7a:5c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Validity
Not Before: Dec 20 14:27:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db9ab2e8d064bdb1d7ffd1496a0dfdd6791c0539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f3:8e:a0:ac:4b:3c:49:31:58:53:92:ff:ec:
ab:d2:4d:71:3b:05:23:35:f1:b5:64:eb:e5:2d:23:
70:8e:35:9e:d3:76:7e:ed:5c:16:d8:d8:df:88:4c:
a7:9c:ba:7b:c4:cd:e7:20:e3:20:18:dc:2a:fd:db:
3e:4a:d9:f8:d4:7e:d6:1c:50:45:a4:02:7b:28:b0:
c1:fe:ee:bd:cf:cc:01:ca:93:86:d5:31:26:5b:90:
82:b7:3c:2a:a6:fb:4c:df:9c:7e:a3:15:0c:11:ad:
6e:0f:93:5c:85:68:2a:29:a2:32:00:21:1b:fe:5e:
04:8c:48:90:af:22:36:c9:21:28:f1:27:d0:f9:28:
e0:f6:6e:08:52:ec:51:01:e1:7a:83:ae:a7:da:0f:
a7:a1:c9:89:08:ee:40:53:a0:c7:2d:33:62:02:44:
6b:ba:d3:55:7d:39:4e:c6:11:15:72:83:ef:ce:a7:
8a:d0:41:07:d7:47:0a:dc:d3:2b:d3:29:9f:05:33:
07:d9:b6:a4:98:6a:45:5e:4f:74:5e:b9:5d:4a:58:
fb:b7:bb:55:2f:93:53:10:ee:51:74:89:51:84:ec:
74:3a:5d:3b:bc:de:d0:80:7b:20:46:32:ad:4a:dc:
5d:b3:39:49:0f:9f:7e:a8:5e:a9:a3:55:3a:0b:16:
a3:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:9A:B2:E8:D0:64:BD:B1:D7:FF:D1:49:6A:0D:FD:D6:79:1C:05:39
X509v3 Authority Key Identifier:
keyid:31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/25qy6NBkvbHX_9FJag391nkcBTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.22.167.0/24
Signature Algorithm: sha256WithRSAEncryption
35:a5:90:c0:b2:ca:b0:1d:0f:24:9b:ab:58:c3:cb:eb:9b:e0:
87:85:4e:84:f9:2c:47:06:5f:59:d7:00:9c:37:1d:fe:89:a9:
ab:03:a4:5f:ec:c0:d1:2f:f5:9a:ac:98:c9:b1:f6:30:a7:50:
af:39:91:7f:54:04:55:a4:db:36:ad:1b:7e:67:d3:36:06:ee:
d3:16:57:dd:1c:61:be:09:01:7e:72:9f:d6:30:df:5e:48:8c:
c9:32:79:48:1d:d7:7c:81:9d:dc:6e:09:54:3b:d2:80:58:ec:
7a:a6:4d:54:f0:e3:8c:3e:19:3f:98:a5:6b:80:22:b2:c9:1d:
89:d1:53:67:f6:c3:db:00:3f:08:d0:68:d9:30:b0:76:0f:b6:
99:c0:59:9d:3e:bb:f2:6c:fc:e4:f6:cf:d5:d2:3b:8d:0e:af:
4e:57:1e:1e:e7:2e:a1:12:ab:68:ac:36:fe:94:37:2d:32:5b:
52:38:71:09:44:df:8f:71:5f:19:73:e1:c5:a3:a7:3d:94:52:
41:f8:1a:97:da:66:1d:6b:fb:63:d0:08:e8:f6:eb:51:be:4c:
48:42:fb:1e:ff:97:29:30:62:e3:f4:a0:36:ef:9e:4a:e9:13:
be:50:1e:e5:67:7b:59:c1:71:f2:fa:c1:23:fa:46:58:ae:f9:
a9:d8:7a:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUv7u6pKaA8CpA5ICl7elyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZWI5YjJkYjRhM2JkZGY4YzkyZmM1MGI5NzEzMDQzZGQ1
NmRjMzgwHhcNMjIxMjIwMTQyNzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjlhYjJlOGQwNjRiZGIxZDdmZmQxNDk2YTBkZmRkNjc5MWMwNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPOOoKxLPEkxWFOS/+yr0k1xOwUj
NfG1ZOvlLSNwjjWe03Z+7VwW2NjfiEynnLp7xM3nIOMgGNwq/ds+Stn41H7WHFBF
pAJ7KLDB/u69z8wBypOG1TEmW5CCtzwqpvtM35x+oxUMEa1uD5NchWgqKaIyACEb
/l4EjEiQryI2ySEo8SfQ+Sjg9m4IUuxRAeF6g66n2g+nocmJCO5AU6DHLTNiAkRr
utNVfTlOxhEVcoPvzqeK0EEH10cK3NMr0ymfBTMH2bakmGpFXk90XrldSlj7t7tV
L5NTEO5RdIlRhOx0Ol07vN7QgHsgRjKtStxdszlJD59+qF6po1U6CxajlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNuasujQZL2x1//RSWoN/dZ5HAU5MB8GA1UdIwQY
MBaAFDHrmy20o73fjJL8ULlxMEPdVtw4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgt
YmQyNGYwMDM1NzhmLzEvMjVxeTZOQmt2YkhYXzlGSmFnMzkxbmtjQlRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgtYmQyNGYwMDM1Nzhm
LzEvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyhanMA0G
CSqGSIb3DQEBCwUAA4IBAQA1pZDAssqwHQ8km6tYw8vrm+CHhU6E+SxHBl9Z1wCc
Nx3+iamrA6Rf7MDRL/WarJjJsfYwp1CvOZF/VARVpNs2rRt+Z9M2Bu7TFlfdHGG+
CQF+cp/WMN9eSIzJMnlIHdd8gZ3cbglUO9KAWOx6pk1U8OOMPhk/mKVrgCKyyR2J
0VNn9sPbAD8I0GjZMLB2D7aZwFmdPrvybPzk9s/V0juNDq9OVx4e5y6hEqtorDb+
lDctMltSOHEJRN+PcV8Zc+HFo6c9lFJB+BqX2mYda/tj0Ajo9utRvkxIQvse/5cp
MGLj9KA2755K6RO+UB7lZ3tZwXHy+sEj+kZYrvmp2HqD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:33 2024 by rpki-client on console-ams.rpki-client.org