Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/asDXLW68UpYGDbmstlZRpjIvP9w.roa
File: asDXLW68UpYGDbmstlZRpjIvP9w.roa (raw, json)
Hash identifier: YtZLPSlZmLFl03xK5+Iq83IvCpp9++zaZRvE66y2Wdc=
Subject key identifier: 6A:C0:D7:2D:6E:BC:52:96:06:0D:B9:AC:B6:56:51:A6:32:2F:3F:DC
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 0185059924B3AB199C433B8975DF79031054
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/asDXLW68UpYGDbmstlZRpjIvP9w.roa
Signing time: Mon 12 Dec 2022 09:10:00 +0000
ROA not before: Mon 12 Dec 2022 09:10:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 178.21.144.0/23 maxlen: 23
2a02:2c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:99:24:b3:ab:19:9c:43:3b:89:75:df:79:03:10:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Dec 12 09:10:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ac0d72d6ebc5296060db9acb65651a6322f3fdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:63:62:20:44:5e:85:93:6b:4f:34:b2:5a:7a:
d5:cd:f5:77:76:89:43:64:12:77:b8:79:04:40:16:
2c:9d:f9:30:d4:5c:42:e6:c5:c9:b0:f9:46:03:d4:
a0:9d:71:00:c0:b9:d4:62:59:06:7d:f1:37:39:6a:
46:8a:41:66:4a:4c:0d:9b:06:6c:df:56:28:3b:5c:
72:27:6b:db:7b:f5:0f:42:be:cc:90:91:ad:7a:20:
6c:62:96:d6:f7:91:c8:34:5f:8e:21:97:2f:08:5f:
60:82:b1:ec:24:be:41:29:21:81:3a:93:0f:84:6b:
42:fc:49:a8:aa:7a:b5:d5:c4:c2:bb:3e:d9:75:dc:
b1:5a:02:ea:33:15:19:dd:7b:a6:cf:6a:24:8d:77:
01:64:0e:ce:e6:02:fb:dc:76:3b:75:14:5f:67:11:
6a:e2:30:37:a9:75:ab:af:01:00:2b:7f:81:8a:33:
8b:35:b8:e7:82:40:6b:c6:c8:33:01:98:13:1e:f8:
30:8a:36:f1:d1:d2:cb:49:67:5a:9a:2c:ea:4a:56:
08:98:0b:db:04:63:eb:74:e3:fc:e4:a7:ea:b2:86:
be:41:2b:90:d5:d0:ae:bb:d3:ce:95:39:fc:fb:a3:
da:76:de:aa:5e:41:b3:f7:c6:95:c1:f4:9c:2b:66:
38:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C0:D7:2D:6E:BC:52:96:06:0D:B9:AC:B6:56:51:A6:32:2F:3F:DC
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/asDXLW68UpYGDbmstlZRpjIvP9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0/23
IPv6:
2a02:2c0::/48
Signature Algorithm: sha256WithRSAEncryption
3a:f6:8c:9c:09:68:8d:94:ce:1c:19:d1:b6:8e:d9:c8:ee:03:
d5:e3:7b:33:33:55:06:d1:15:32:cd:c1:16:cd:f9:96:8d:a6:
9b:b3:ad:5e:d2:a3:fb:79:bd:8c:d5:6f:99:7e:26:2c:cf:9e:
cf:7c:97:7f:99:ef:be:86:1c:16:99:2c:41:45:15:cf:99:b5:
1c:32:cc:55:f6:d8:eb:b4:ef:3f:b3:66:6a:b1:1a:0e:f4:01:
6f:48:55:00:a1:e4:a9:f4:27:87:01:98:03:9b:be:8c:fe:58:
59:d0:18:f4:66:2b:fe:7c:4f:34:c9:67:df:1f:5e:eb:88:91:
cc:60:90:8a:a0:fe:42:43:5a:3c:4a:d7:64:63:f9:2c:de:b1:
16:73:4e:a4:1b:af:c5:40:9a:b6:7e:4d:52:48:ae:e2:0d:91:
4d:00:5f:40:9a:d5:c9:60:1c:1e:7b:ea:1b:ca:04:9c:c9:f0:
6c:04:9f:c9:62:dc:2b:43:ad:a2:1c:1d:17:e7:87:68:a6:49:
94:04:c2:e4:4b:28:b7:34:ac:7b:fa:d8:96:4e:82:8f:a1:87:
2d:63:57:8f:be:9d:57:f0:75:dc:5b:13:c9:dd:7b:9b:7c:5d:
e6:68:ea:af:6a:66:d4:a8:cb:5f:59:c6:56:c4:29:2f:57:7b:
74:9a:0d:ca
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYUFmSSzqxmcQzuJdd95AxBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjIxMjEyMDkxMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWMwZDcyZDZlYmM1Mjk2MDYwZGI5YWNiNjU2NTFhNjMyMmYzZmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmNiIERehZNrTzSyWnrVzfV3dolD
ZBJ3uHkEQBYsnfkw1FxC5sXJsPlGA9SgnXEAwLnUYlkGffE3OWpGikFmSkwNmwZs
31YoO1xyJ2vbe/UPQr7MkJGteiBsYpbW95HINF+OIZcvCF9ggrHsJL5BKSGBOpMP
hGtC/Emoqnq11cTCuz7ZddyxWgLqMxUZ3Xumz2okjXcBZA7O5gL73HY7dRRfZxFq
4jA3qXWrrwEAK3+BijOLNbjngkBrxsgzAZgTHvgwijbx0dLLSWdamizqSlYImAvb
BGPrdOP85Kfqsoa+QSuQ1dCuu9POlTn8+6Padt6qXkGz98aVwfScK2Y4cwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGrA1y1uvFKWBg25rLZWUaYyLz/cMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvYXNEWExXNjhVcFlHRGJtc3RsWlJwakl2UDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBshWQMA8E
AgACMAkDBwAqAgLAAAAwDQYJKoZIhvcNAQELBQADggEBADr2jJwJaI2UzhwZ0baO
2cjuA9XjezMzVQbRFTLNwRbN+ZaNppuzrV7So/t5vYzVb5l+JizPns98l3+Z776G
HBaZLEFFFc+ZtRwyzFX22Ou07z+zZmqxGg70AW9IVQCh5Kn0J4cBmAObvoz+WFnQ
GPRmK/58TzTJZ98fXuuIkcxgkIqg/kJDWjxK12Rj+SzesRZzTqQbr8VAmrZ+TVJI
ruINkU0AX0Ca1clgHB576hvKBJzJ8GwEn8li3CtDraIcHRfnh2imSZQEwuRLKLc0
rHv62JZOgo+hhy1jV4++nVfwddxbE8nde5t8XeZo6q9qZtSoy19ZxlbEKS9Xe3Sa
Dco=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:51 2023 by rpki-client on console-ams.rpki-client.org