Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/oggndw4vu4ujHJ1dx70nL_GI03M.roa
File: oggndw4vu4ujHJ1dx70nL_GI03M.roa (raw, json)
Hash identifier: tLsFaDbwuLqIIi1Ay8/+gMbqsz01uRJhGM2+7A8nupI=
Subject key identifier: A2:08:27:77:0E:2F:BB:8B:A3:1C:9D:5D:C7:BD:27:2F:F1:88:D3:73
Certificate issuer: /CN=43668474e7bb3dbdb26adc01838ce7062d70c498
Certificate serial: 01825EBA98371CFF7BC337B985EFD6B52099
Authority key identifier: 43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/oggndw4vu4ujHJ1dx70nL_GI03M.roa
Signing time: Tue 02 Aug 2022 13:24:23 +0000
ROA not before: Tue 02 Aug 2022 13:24:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209425
IP address blocks: 147.78.163.0/24 maxlen: 24
147.78.160.0/24 maxlen: 24
147.78.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5e:ba:98:37:1c:ff:7b:c3:37:b9:85:ef:d6:b5:20:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43668474e7bb3dbdb26adc01838ce7062d70c498
Validity
Not Before: Aug 2 13:24:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a20827770e2fbb8ba31c9d5dc7bd272ff188d373
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:70:c6:1f:34:ab:33:f4:6e:59:0f:64:f0:19:
25:b2:68:79:f8:29:de:15:57:be:7b:3d:1b:10:9d:
e5:f7:28:06:e4:18:8c:4e:02:44:5e:9c:af:6d:e1:
ec:c7:7c:69:73:08:c9:e1:30:ad:a3:10:8e:3d:7c:
c8:92:cb:cb:90:9b:20:80:f8:b0:a4:3b:76:ad:af:
8b:33:b5:78:33:a7:40:f9:e7:f0:64:bd:ad:d7:de:
52:34:6f:32:6d:21:82:ae:94:04:13:13:e1:e6:06:
f2:23:f6:91:13:c3:df:c8:64:6d:4d:85:64:c1:d4:
87:c6:a2:ec:b6:de:51:70:53:e5:40:91:14:d7:c0:
17:c1:0b:45:33:e8:88:cc:a7:d2:6f:03:9b:92:51:
8b:c4:b0:26:66:9b:83:07:bb:aa:06:1c:7c:63:6f:
1a:45:00:36:69:b2:f0:37:be:32:6e:ee:58:0c:0c:
66:c2:a5:9c:f7:40:76:65:71:08:54:7e:5e:a0:3f:
16:59:ab:ab:a0:d2:bf:3a:16:28:4d:9e:fe:f4:87:
7d:76:a1:ae:c1:7c:a5:75:fa:01:9e:7e:c9:88:ec:
ea:d9:c6:b5:42:34:42:9d:85:51:0b:e7:10:19:94:
b5:c5:ff:6a:b1:0d:f4:3b:be:36:9f:0a:1c:97:9b:
4e:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:08:27:77:0E:2F:BB:8B:A3:1C:9D:5D:C7:BD:27:2F:F1:88:D3:73
X509v3 Authority Key Identifier:
keyid:43:66:84:74:E7:BB:3D:BD:B2:6A:DC:01:83:8C:E7:06:2D:70:C4:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q2aEdOe7Pb2yatwBg4znBi1wxJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/oggndw4vu4ujHJ1dx70nL_GI03M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a4a577-1925-4df3-920d-fa2088cc5014/1/Q2aEdOe7Pb2yatwBg4znBi1wxJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.160.0/23
147.78.163.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:53:e9:46:bf:d9:a9:4d:0d:86:fc:15:26:b8:64:17:9e:c2:
4b:bd:3e:83:74:b1:34:d2:74:ce:e0:5c:ca:a5:22:b0:ac:27:
dc:1b:62:0c:d7:74:ec:07:70:0c:55:01:82:a7:ca:ea:02:c9:
62:f1:41:72:36:4f:7f:1e:ac:1f:82:85:09:60:89:52:01:2a:
26:df:d3:df:c0:59:a3:00:56:9f:65:a1:24:ff:58:82:c6:f9:
42:12:dc:8b:e6:27:4e:4d:86:3e:1a:48:54:f2:cb:16:e3:34:
e9:38:65:dd:df:41:38:ff:2c:30:45:40:b2:42:55:7e:9c:28:
05:3b:51:0a:9b:de:f1:9c:8a:39:18:0d:c2:12:92:43:f1:ef:
7b:2f:78:ba:c3:ee:ef:e6:42:67:e0:5b:93:ab:da:1e:47:6c:
9a:16:c5:90:9c:00:2a:e3:71:56:1d:84:b5:08:82:ce:0d:66:
57:e8:08:38:e3:65:2f:3e:8b:c9:12:31:5d:03:22:95:df:ff:
f0:18:f7:87:41:1b:7b:ee:81:7a:ef:78:2e:54:74:cc:1b:8d:
8e:27:5d:92:4a:80:63:38:68:ec:8d:a2:42:46:be:1e:6c:3c:
db:6f:3a:c8:ec:71:de:2e:23:45:28:59:cb:b2:02:bd:95:77:
2e:32:9b:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJeupg3HP97wze5he/WtSCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNjY4NDc0ZTdiYjNkYmRiMjZhZGMwMTgzOGNlNzA2MmQ3
MGM0OTgwHhcNMjIwODAyMTMyNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA4Mjc3NzBlMmZiYjhiYTMxYzlkNWRjN2JkMjcyZmYxODhkMzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXDGHzSrM/RuWQ9k8Bklsmh5+Cne
FVe+ez0bEJ3l9ygG5BiMTgJEXpyvbeHsx3xpcwjJ4TCtoxCOPXzIksvLkJsggPiw
pDt2ra+LM7V4M6dA+efwZL2t195SNG8ybSGCrpQEExPh5gbyI/aRE8PfyGRtTYVk
wdSHxqLstt5RcFPlQJEU18AXwQtFM+iIzKfSbwObklGLxLAmZpuDB7uqBhx8Y28a
RQA2abLwN74ybu5YDAxmwqWc90B2ZXEIVH5eoD8WWauroNK/OhYoTZ7+9Id9dqGu
wXyldfoBnn7JiOzq2ca1QjRCnYVRC+cQGZS1xf9qsQ30O742nwocl5tOwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIIJ3cOL7uLoxydXce9Jy/xiNNzMB8GA1UdIwQY
MBaAFENmhHTnuz29smrcAYOM5wYtcMSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTJhRWRPZTdQYjJ5YXR3Qmc0em5CaTF3eEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hNGE1NzctMTkyNS00ZGYzLTkyMGQt
ZmEyMDg4Y2M1MDE0LzEvb2dnbmR3NHZ1NHVqSEoxZHg3MG5MX0dJMDNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hNGE1NzctMTkyNS00ZGYzLTkyMGQtZmEyMDg4Y2M1MDE0
LzEvUTJhRWRPZTdQYjJ5YXR3Qmc0em5CaTF3eEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBk06gAwQA
k06jMA0GCSqGSIb3DQEBCwUAA4IBAQB7U+lGv9mpTQ2G/BUmuGQXnsJLvT6DdLE0
0nTO4FzKpSKwrCfcG2IM13TsB3AMVQGCp8rqAsli8UFyNk9/HqwfgoUJYIlSASom
39PfwFmjAFafZaEk/1iCxvlCEtyL5idOTYY+GkhU8ssW4zTpOGXd30E4/ywwRUCy
QlV+nCgFO1EKm97xnIo5GA3CEpJD8e97L3i6w+7v5kJn4FuTq9oeR2yaFsWQnAAq
43FWHYS1CILODWZX6Ag442UvPovJEjFdAyKV3//wGPeHQRt77oF673guVHTMG42O
J12SSoBjOGjsjaJCRr4ebDzbbzrI7HHeLiNFKFnLsgK9lXcuMps+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:37 2023 by rpki-client on console-ams.rpki-client.org