Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/rbB5ykUxOyuKXeCxWqfAeSmJTV8.roa
File: rbB5ykUxOyuKXeCxWqfAeSmJTV8.roa (raw, json)
Hash identifier: nRzseRxsM9cv4vUcJN6k84lB4cM/yzZYsF0TeHyeDKg=
Subject key identifier: AD:B0:79:CA:45:31:3B:2B:8A:5D:E0:B1:5A:A7:C0:79:29:89:4D:5F
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 01837F2DC5921A81C144BB06D0267C10D9A9
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/rbB5ykUxOyuKXeCxWqfAeSmJTV8.roa
Signing time: Tue 27 Sep 2022 13:40:49 +0000
ROA not before: Tue 27 Sep 2022 13:40:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212238
IP address blocks: 109.166.38.0/24 maxlen: 24
109.166.37.0/24 maxlen: 24
109.166.36.0/24 maxlen: 24
151.248.68.0/24 maxlen: 24
151.248.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7f:2d:c5:92:1a:81:c1:44:bb:06:d0:26:7c:10:d9:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Sep 27 13:40:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=adb079ca45313b2b8a5de0b15aa7c07929894d5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ff:78:06:79:98:47:57:6e:d9:3a:ff:d2:71:
4a:4c:98:ed:83:2e:ed:02:5c:b3:30:8c:58:66:6f:
10:76:32:40:31:e1:6f:ab:f2:6e:4c:44:ca:2b:06:
83:98:82:2f:1b:03:50:51:12:87:e2:c4:eb:dd:cd:
98:23:be:38:d4:fa:66:40:b2:56:4e:65:42:b3:1d:
51:dd:47:e6:76:1a:ed:1d:4f:f8:75:d9:f7:cb:d7:
f5:d8:50:e7:0c:7d:fe:6b:96:97:d9:58:76:40:59:
d5:71:d2:37:12:ed:5f:b8:99:a6:7d:4c:4c:a5:fb:
fa:ea:bc:65:01:94:c7:34:26:fa:91:69:62:9b:6b:
7c:24:ed:4b:ef:ac:b8:d9:be:4f:2a:e2:2b:d0:78:
35:6c:e6:70:e7:4e:1e:4e:50:30:fb:26:e4:09:d7:
38:8d:3c:52:f3:9e:49:1e:9d:a7:02:ae:6b:c0:13:
95:df:9b:ef:b9:7c:e6:91:6f:29:61:b1:d8:6a:c3:
4d:a4:fe:d0:73:b2:12:cd:34:eb:cc:da:91:ac:30:
bc:7b:c8:9b:ef:a7:96:86:46:71:77:26:89:ba:0d:
ea:33:95:c4:24:39:67:d1:7b:8a:26:9a:9c:c5:f1:
eb:0e:ed:4f:19:ef:79:9d:d1:a4:21:dc:ac:cd:f3:
ab:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B0:79:CA:45:31:3B:2B:8A:5D:E0:B1:5A:A7:C0:79:29:89:4D:5F
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/rbB5ykUxOyuKXeCxWqfAeSmJTV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.166.36.0-109.166.38.255
151.248.68.0/23
Signature Algorithm: sha256WithRSAEncryption
17:4b:8f:e3:ca:90:82:6a:c1:00:37:cb:6a:96:9e:22:64:89:
c0:41:77:94:16:d3:4f:b6:d9:31:35:75:85:82:25:c7:e3:83:
b5:1e:c1:e0:18:a1:9d:5b:da:51:74:1b:df:b0:2f:dd:7e:52:
86:fb:fc:e5:28:23:48:de:a2:b5:f2:75:67:1f:a7:6e:2f:f2:
1d:46:31:9b:b2:c4:36:9d:d0:b6:a4:fe:32:87:40:38:f4:c8:
15:15:ab:f2:73:69:0d:24:8d:a7:8c:d3:2f:82:46:aa:21:44:
8b:b3:3f:5a:a2:2f:4d:e4:b8:a7:40:b8:e7:1c:f3:c9:5f:19:
8d:66:94:c7:f3:e9:a0:81:68:53:22:42:08:9e:8a:05:e3:f1:
4e:9d:f0:ba:d1:4e:2d:f3:f6:8c:3c:8d:c2:64:b5:22:62:df:
26:17:5a:d7:50:df:4a:c8:7b:71:9a:df:ef:41:6a:ef:1e:b9:
97:84:e3:3b:84:32:47:df:5f:33:7a:b3:b6:2d:6b:ea:85:f1:
3c:8d:37:00:5d:a5:b5:6d:f2:3a:22:7b:4d:9b:68:26:4c:38:
ac:e8:b9:ca:66:93:45:45:a7:4f:74:fd:04:f0:c8:03:8d:60:
52:39:0f:30:5c:2b:a9:bd:01:31:c9:9e:90:25:b7:11:25:43:
db:cd:eb:7e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYN/LcWSGoHBRLsG0CZ8ENmpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjIwOTI3MTM0MDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGIwNzljYTQ1MzEzYjJiOGE1ZGUwYjE1YWE3YzA3OTI5ODk0ZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/94BnmYR1du2Tr/0nFKTJjtgy7t
AlyzMIxYZm8QdjJAMeFvq/JuTETKKwaDmIIvGwNQURKH4sTr3c2YI7441PpmQLJW
TmVCsx1R3UfmdhrtHU/4ddn3y9f12FDnDH3+a5aX2Vh2QFnVcdI3Eu1fuJmmfUxM
pfv66rxlAZTHNCb6kWlim2t8JO1L76y42b5PKuIr0Hg1bOZw504eTlAw+ybkCdc4
jTxS855JHp2nAq5rwBOV35vvuXzmkW8pYbHYasNNpP7Qc7ISzTTrzNqRrDC8e8ib
76eWhkZxdyaJug3qM5XEJDln0XuKJpqcxfHrDu1PGe95ndGkIdyszfOr4QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFK2wecpFMTsril3gsVqnwHkpiU1fMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvcmJCNXlrVXhPeXVLWGVDeFdxZkFlU21KVFY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAJtpiQD
BABtpiYDBAGX+EQwDQYJKoZIhvcNAQELBQADggEBABdLj+PKkIJqwQA3y2qWniJk
icBBd5QW00+22TE1dYWCJcfjg7UeweAYoZ1b2lF0G9+wL91+Uob7/OUoI0jeorXy
dWcfp24v8h1GMZuyxDad0Lak/jKHQDj0yBUVq/JzaQ0kjaeM0y+CRqohRIuzP1qi
L03kuKdAuOcc88lfGY1mlMfz6aCBaFMiQgieigXj8U6d8LrRTi3z9ow8jcJktSJi
3yYXWtdQ30rIe3Ga3+9Bau8euZeE4zuEMkffXzN6s7Yta+qF8TyNNwBdpbVt8joi
e02baCZMOKzoucpmk0VFp090/QTwyAONYFI5DzBcK6m9ATHJnpAltxElQ9vN634=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:57 2023 by rpki-client on console-ams.rpki-client.org