Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/2xAg5l4nWpKctAHKx-R4b49TPws.roa
File: 2xAg5l4nWpKctAHKx-R4b49TPws.roa (raw, json)
Hash identifier: d7IO3fhkhxtUlgtRZ2juL3S85S3X5HjBrAQ+Jxk7+3g=
Subject key identifier: DB:10:20:E6:5E:27:5A:92:9C:B4:01:CA:C7:E4:78:6F:8F:53:3F:0B
Certificate issuer: /CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Certificate serial: 03713692
Authority key identifier: 3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/2xAg5l4nWpKctAHKx-R4b49TPws.roa
Signing time: Mon 14 Feb 2022 09:29:41 +0000
ROA not before: Mon 14 Feb 2022 09:29:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 835
IP address blocks: 152.89.192.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57751186 (0x3713692)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cdcc8bcdb6c744acdf43dd72d68d20451a179f6
Validity
Not Before: Feb 14 09:29:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=db1020e65e275a929cb401cac7e4786f8f533f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:f2:93:a6:9b:00:60:d3:40:f7:42:02:3e:07:
7b:24:f2:2b:a8:4a:1e:5d:7c:17:94:8e:72:98:26:
f0:e9:e7:b7:81:ce:7f:99:46:e9:46:fc:26:47:43:
db:d0:ad:01:a1:3a:a8:1e:97:38:25:31:af:13:a5:
ea:96:aa:bd:04:f8:69:ac:86:10:57:b5:34:58:af:
f0:53:cd:83:7c:c2:9c:c7:51:36:67:de:d1:97:a8:
02:d5:52:23:6a:bc:da:97:ab:7d:06:8a:69:35:ad:
ec:1a:a4:93:f1:d8:40:31:bd:55:3e:6a:2d:52:dc:
9d:df:09:b0:6b:f5:70:8f:ea:69:d5:10:3a:75:22:
9e:e6:5e:8c:0e:c1:46:03:fd:61:20:5b:44:f8:3c:
f6:00:3a:bc:1d:62:ea:4b:71:ef:95:7a:84:98:52:
28:3b:62:67:c8:22:a2:15:32:97:d8:f7:30:27:91:
f6:25:db:d9:46:ae:34:49:66:53:cb:4a:bb:a8:24:
e2:f0:56:0b:67:86:c6:8a:87:f3:5c:a5:cf:42:93:
e1:6c:5f:c1:58:07:38:40:eb:93:75:ec:c2:2b:ea:
ec:32:14:c6:64:40:99:a7:1a:b0:58:8c:e7:ff:32:
e0:cb:e3:20:12:13:2f:fb:45:88:7d:6c:50:88:fa:
d0:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:10:20:E6:5E:27:5A:92:9C:B4:01:CA:C7:E4:78:6F:8F:53:3F:0B
X509v3 Authority Key Identifier:
keyid:3C:DC:C8:BC:DB:6C:74:4A:CD:F4:3D:D7:2D:68:D2:04:51:A1:79:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PNzIvNtsdErN9D3XLWjSBFGhefY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/2xAg5l4nWpKctAHKx-R4b49TPws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/356826-fc10-4aa9-96a4-637b371da8e6/1/PNzIvNtsdErN9D3XLWjSBFGhefY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.192.0/23
Signature Algorithm: sha256WithRSAEncryption
57:99:1f:a6:9d:7f:6b:e2:c4:c4:19:48:c3:44:f6:0c:5d:52:
32:27:90:09:2b:7a:c1:1f:f8:1a:9f:1a:9a:f0:2a:77:c0:21:
43:40:2a:ff:5c:45:d5:a8:f2:f2:2a:17:83:af:66:67:13:e1:
f0:71:92:09:96:7d:15:16:5d:6c:c1:44:46:ba:05:57:fb:65:
cc:82:14:5f:da:08:cf:77:16:29:a8:67:7b:70:27:cb:f8:a8:
60:db:a0:61:75:92:d6:3b:c4:1d:a6:0e:16:b4:e9:f3:b4:2d:
16:53:1d:fc:de:40:5d:0f:d9:e4:57:04:3f:f9:53:fe:df:db:
9e:c0:e4:af:b1:93:11:75:2d:b6:a9:56:d0:76:01:2f:8b:76:
af:ca:3c:fe:ee:2b:8c:b8:fd:93:1a:62:de:cd:ce:e1:d1:d1:
f3:bb:b5:30:61:29:cf:ed:fd:12:b8:05:00:f8:38:04:29:35:
b5:95:ea:1f:b3:c3:0a:17:40:3d:64:42:54:8e:92:8d:2c:cd:
6a:3e:14:0c:21:e1:ac:25:ad:0d:e4:f0:0d:9e:5c:62:f9:df:
f7:83:55:bd:d5:27:1f:51:62:8f:b6:6b:28:3c:6d:b1:57:bf:
7a:eb:1d:d0:0a:21:1f:d2:99:e3:43:97:26:46:96:ce:42:e9:
9f:17:87:90
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA3E2kjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
Y2RjYzhiY2RiNmM3NDRhY2RmNDNkZDcyZDY4ZDIwNDUxYTE3OWY2MB4XDTIyMDIx
NDA5Mjk0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGIxMDIwZTY1ZTI3
NWE5MjljYjQwMWNhYzdlNDc4NmY4ZjUzM2YwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPPyk6abAGDTQPdCAj4HeyTyK6hKHl18F5SOcpgm8Onnt4HO
f5lG6Ub8JkdD29CtAaE6qB6XOCUxrxOl6paqvQT4aayGEFe1NFiv8FPNg3zCnMdR
Nmfe0ZeoAtVSI2q82perfQaKaTWt7Bqkk/HYQDG9VT5qLVLcnd8JsGv1cI/qadUQ
OnUinuZejA7BRgP9YSBbRPg89gA6vB1i6ktx75V6hJhSKDtiZ8giohUyl9j3MCeR
9iXb2UauNElmU8tKu6gk4vBWC2eGxoqH81ylz0KT4WxfwVgHOEDrk3Xswivq7DIU
xmRAmacasFiM5/8y4MvjIBITL/tFiH1sUIj60OMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTbECDmXidakpy0AcrH5Hhvj1M/CzAfBgNVHSMEGDAWgBQ83Mi822x0Ss30
PdctaNIEUaF59jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1BOekl2TnRzZEVyTjlEM1hMV2pTQkZHaGVmWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzEvMzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8x
LzJ4QWc1bDRuV3BLY3RBSEt4LVI0YjQ5VFB3cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzEv
MzU2ODI2LWZjMTAtNGFhOS05NmE0LTYzN2IzNzFkYThlNi8xL1BOekl2TnRzZEVy
TjlEM1hMV2pTQkZHaGVmWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZhZwDANBgkqhkiG9w0BAQsFAAOC
AQEAV5kfpp1/a+LExBlIw0T2DF1SMieQCSt6wR/4Gp8amvAqd8AhQ0Aq/1xF1ajy
8ioXg69mZxPh8HGSCZZ9FRZdbMFERroFV/tlzIIUX9oIz3cWKahne3Any/ioYNug
YXWS1jvEHaYOFrTp87QtFlMd/N5AXQ/Z5FcEP/lT/t/bnsDkr7GTEXUttqlW0HYB
L4t2r8o8/u4rjLj9kxpi3s3O4dHR87u1MGEpz+39ErgFAPg4BCk1tZXqH7PDChdA
PWRCVI6SjSzNaj4UDCHhrCWtDeTwDZ5cYvnf94NVvdUnH1Fij7ZrKDxtsVe/eusd
0AohH9KZ40OXJkaWzkLpnxeHkA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:28 2023 by rpki-client on console-ams.rpki-client.org