Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mhq12EzJTWYP8Noo9k-FBqcf1TA.roa
File: mhq12EzJTWYP8Noo9k-FBqcf1TA.roa (raw, json)
Hash identifier: 86GmBRXzZ8nntWSn6KUUyj/2m9jsJ7rHyPxQx3Z7VTM=
Subject key identifier: 9A:1A:B5:D8:4C:C9:4D:66:0F:F0:DA:28:F6:4F:85:06:A7:1F:D5:30
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01823DF10B004C0246912F9F8F09BE4DB090
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mhq12EzJTWYP8Noo9k-FBqcf1TA.roa
Signing time: Wed 27 Jul 2022 04:36:23 +0000
ROA not before: Wed 27 Jul 2022 04:36:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212552
IP address blocks: 82.115.16.0/24 maxlen: 24
82.115.20.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3d:f1:0b:00:4c:02:46:91:2f:9f:8f:09:be:4d:b0:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jul 27 04:36:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a1ab5d84cc94d660ff0da28f64f8506a71fd530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:70:e2:8d:43:82:07:15:d3:14:59:9d:5d:41:
04:d9:49:b5:34:4b:45:95:a1:e5:6d:c3:10:d4:85:
f0:a7:b2:bb:75:40:99:f0:a8:ce:a9:e1:98:71:4b:
86:50:c2:25:29:10:2d:97:4e:3f:9d:67:47:fb:f1:
c5:f1:5e:b9:bf:3a:25:01:f2:db:e7:8d:6d:01:a7:
3d:4b:1f:91:8b:5e:e4:01:e7:ed:3d:6c:7f:e4:3f:
07:16:9c:f0:ac:5e:75:b1:e0:48:b0:1f:79:e9:f6:
15:dd:7b:e9:08:d9:f9:5b:64:0d:97:6d:ce:f6:85:
70:4d:fa:62:5f:18:fa:1e:67:d8:54:39:f9:10:31:
5f:e0:85:c2:cf:3a:88:60:eb:59:a8:b4:18:05:6a:
0d:0c:03:76:d8:b0:c1:a8:03:55:a8:b0:db:1f:45:
6b:51:0b:ed:a3:e8:98:74:a4:b4:2d:ac:52:f0:a8:
e4:51:d0:00:d0:a9:14:5f:45:83:1d:a6:be:b3:62:
3b:3e:1b:b8:35:f3:37:4c:9e:42:dc:ef:b1:55:18:
e0:66:39:77:6c:a4:48:d8:dd:43:48:cc:7c:76:0d:
8c:31:f8:19:bc:97:52:1b:db:8b:87:8d:db:46:88:
ac:0b:90:7a:2d:7e:38:f7:32:24:bf:3a:b7:af:2b:
84:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1A:B5:D8:4C:C9:4D:66:0F:F0:DA:28:F6:4F:85:06:A7:1F:D5:30
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/mhq12EzJTWYP8Noo9k-FBqcf1TA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.16.0/24
82.115.20.0/23
Signature Algorithm: sha256WithRSAEncryption
c8:60:79:5c:09:cf:01:33:cd:cb:3e:ec:70:c3:93:99:64:3c:
ee:b2:e9:86:b6:a7:c8:a5:5e:a6:c5:20:22:7a:47:47:c8:fe:
4f:ed:30:a4:d9:3e:02:49:75:58:fc:23:f9:34:84:9c:bf:b3:
18:1a:0c:92:e3:90:5f:0f:ca:0e:0c:ae:72:52:30:96:ff:cf:
20:a8:17:b4:fe:63:f9:8f:55:f9:52:f0:e5:61:ea:8b:16:19:
0b:87:fc:18:17:ab:91:e7:ec:86:9c:d1:d7:67:f2:60:6b:07:
f4:a1:ef:6f:f6:7b:33:43:7e:a8:32:44:ba:4f:8d:5e:09:65:
e5:f1:d4:8f:b5:17:46:54:20:b5:f9:cc:c4:3f:4d:9f:56:9f:
06:10:60:8c:62:13:8c:69:03:74:6c:78:18:cc:02:82:4e:e2:
4d:f0:70:de:90:1a:97:1f:9c:e7:c9:a1:3f:47:84:45:6c:3d:
14:bd:8e:09:6a:41:67:3f:ea:91:cc:91:c3:88:dd:dd:8a:3a:
29:5b:77:e1:83:88:7b:b4:1a:90:15:49:6c:4b:d7:52:79:e1:
03:6b:87:1b:83:1d:93:54:bb:97:04:aa:83:89:d8:d9:6d:56:
3b:b4:cd:e6:58:81:f7:23:cb:e2:dd:85:e5:da:46:67:ac:11:
59:c0:1f:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYI98QsATAJGkS+fjwm+TbCQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIwNzI3MDQzNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTFhYjVkODRjYzk0ZDY2MGZmMGRhMjhmNjRmODUwNmE3MWZkNTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHDijUOCBxXTFFmdXUEE2Um1NEtF
laHlbcMQ1IXwp7K7dUCZ8KjOqeGYcUuGUMIlKRAtl04/nWdH+/HF8V65vzolAfLb
541tAac9Sx+Ri17kAeftPWx/5D8HFpzwrF51seBIsB956fYV3XvpCNn5W2QNl23O
9oVwTfpiXxj6HmfYVDn5EDFf4IXCzzqIYOtZqLQYBWoNDAN22LDBqANVqLDbH0Vr
UQvto+iYdKS0LaxS8KjkUdAA0KkUX0WDHaa+s2I7Phu4NfM3TJ5C3O+xVRjgZjl3
bKRI2N1DSMx8dg2MMfgZvJdSG9uLh43bRoisC5B6LX449zIkvzq3ryuEcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJoatdhMyU1mD/DaKPZPhQanH9UwMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvbWhxMTJFekpUV1lQOE5vbzlrLUZCcWNmMVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUnMQAwQB
UnMUMA0GCSqGSIb3DQEBCwUAA4IBAQDIYHlcCc8BM83LPuxww5OZZDzusumGtqfI
pV6mxSAiekdHyP5P7TCk2T4CSXVY/CP5NIScv7MYGgyS45BfD8oODK5yUjCW/88g
qBe0/mP5j1X5UvDlYeqLFhkLh/wYF6uR5+yGnNHXZ/Jgawf0oe9v9nszQ36oMkS6
T41eCWXl8dSPtRdGVCC1+czEP02fVp8GEGCMYhOMaQN0bHgYzAKCTuJN8HDekBqX
H5znyaE/R4RFbD0UvY4JakFnP+qRzJHDiN3dijopW3fhg4h7tBqQFUlsS9dSeeED
a4cbgx2TVLuXBKqDidjZbVY7tM3mWIH3I8vi3YXl2kZnrBFZwB8t
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:24 2023 by rpki-client on console-ams.rpki-client.org