Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/fFStRhmDxZhv343t-Nu8FdTHAdU.roa
File: fFStRhmDxZhv343t-Nu8FdTHAdU.roa (raw, json)
Hash identifier: Zsa9dGUbEqGQObRDgOu8lrqotq7tnzF5rRjCCOIxHBw=
Subject key identifier: 7C:54:AD:46:19:83:C5:98:6F:DF:8D:ED:F8:DB:BC:15:D4:C7:01:D5
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 33001BE8
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/fFStRhmDxZhv343t-Nu8FdTHAdU.roa
Signing time: Sat 01 Jan 2022 01:51:29 +0000
ROA not before: Sat 01 Jan 2022 01:51:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16085
IP address blocks: 146.109.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 855645160 (0x33001be8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: Jan 1 01:51:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c54ad461983c5986fdf8dedf8dbbc15d4c701d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7a:75:a4:31:46:4d:23:09:75:3d:32:21:2c:
4d:16:6b:df:aa:68:90:eb:18:2b:fd:e8:8c:53:90:
ae:7f:7f:4e:a4:9a:7b:f1:28:c4:e4:a7:cd:7b:c9:
47:16:d2:b3:66:1c:a4:e5:ae:7a:89:a6:6a:d3:80:
33:be:ab:d2:5e:04:94:84:c3:81:8a:ab:35:60:27:
f4:50:5f:24:ba:bb:17:a4:8b:c0:ad:b1:8b:59:4f:
b1:a4:3e:cc:7c:f0:da:6e:70:7d:4c:95:db:f5:8d:
a0:6d:88:a0:1a:f3:7c:f5:52:b1:04:d5:fa:d7:2b:
18:0a:3d:79:0f:39:8f:1b:1c:47:6c:08:07:35:81:
f7:f7:6d:2e:c6:cf:a2:ac:4b:67:cc:2e:72:a2:62:
c4:2d:8b:31:03:70:8e:6c:7a:d5:be:5f:ea:43:c8:
88:97:c8:8a:56:8a:ab:a5:88:32:f7:30:2e:7d:8f:
27:2b:09:0a:56:be:41:4c:46:05:c7:4c:4f:d9:60:
ca:e0:bf:8d:20:be:8c:38:6f:f4:a9:08:04:16:c1:
44:4e:1a:b4:94:f1:97:87:1c:5b:07:8e:e4:2c:76:
34:48:5f:bc:09:85:c4:8e:e3:ab:d0:77:94:cd:3a:
44:19:02:01:b6:63:62:9e:1a:18:31:4d:40:71:9c:
fb:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:54:AD:46:19:83:C5:98:6F:DF:8D:ED:F8:DB:BC:15:D4:C7:01:D5
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/fFStRhmDxZhv343t-Nu8FdTHAdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.109.8.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:8c:98:ff:be:ca:bc:1f:af:36:cb:e1:56:77:4a:6f:dd:e7:
21:76:72:93:45:4b:04:71:c8:c3:80:a3:9b:4c:ff:62:7e:c0:
9e:5e:8c:da:69:cd:b1:0d:a1:91:eb:cd:21:cf:40:f2:5c:6d:
15:a5:9f:6b:17:8c:7e:61:64:7e:ea:d3:47:4d:f1:0a:e5:0e:
8f:72:19:98:de:26:48:e5:4a:a6:3a:fc:a1:e4:31:17:d2:0f:
e8:31:f3:86:de:16:08:32:37:58:a8:40:72:3b:89:bd:8c:57:
8a:da:48:ca:54:48:34:6f:c8:92:37:60:8d:58:7b:1b:50:e3:
7f:6f:38:3d:ec:93:27:ca:c3:43:76:c4:f4:e7:1e:6c:8e:ae:
71:28:fd:04:38:df:a2:da:2a:c2:21:4e:8b:b0:ce:1e:98:11:
9b:c9:8a:53:95:88:c4:af:a1:95:85:08:5e:16:60:2d:dc:6f:
49:a2:15:74:b6:4e:34:9d:8a:5d:4c:16:06:a8:2f:49:77:92:
08:3f:11:d0:d4:8f:05:22:de:ee:83:9b:5e:8b:90:4f:53:61:
61:a5:27:c0:ba:f6:24:98:52:3f:a2:da:66:bf:cf:b7:1f:54:
58:a2:11:fc:78:97:2a:65:3e:72:ac:12:51:5d:4a:dc:6f:55:
24:8e:01:4f
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEMwAb6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Y2Y0Mjc3NmJlNTMyYmQwNTc1MzMyODU1ZDhjNDJjNDk1MmVkOTMxMB4XDTIyMDEw
MTAxNTEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M1NGFkNDYxOTgz
YzU5ODZmZGY4ZGVkZjhkYmJjMTVkNGM3MDFkNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALZ6daQxRk0jCXU9MiEsTRZr36pokOsYK/3ojFOQrn9/TqSa
e/EoxOSnzXvJRxbSs2YcpOWueommatOAM76r0l4ElITDgYqrNWAn9FBfJLq7F6SL
wK2xi1lPsaQ+zHzw2m5wfUyV2/WNoG2IoBrzfPVSsQTV+tcrGAo9eQ85jxscR2wI
BzWB9/dtLsbPoqxLZ8wucqJixC2LMQNwjmx61b5f6kPIiJfIilaKq6WIMvcwLn2P
JysJCla+QUxGBcdMT9lgyuC/jSC+jDhv9KkIBBbBRE4atJTxl4ccWweO5Cx2NEhf
vAmFxI7jq9B3lM06RBkCAbZjYp4aGDFNQHGc+38CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR8VK1GGYPFmG/fje3427wV1McB1TAfBgNVHSMEGDAWgBTs9Cd2vlMr0FdT
MoVdjELElS7ZMTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdQUW5kcjVUSzlCWFV6S0ZYWXhDeEpVdTJURS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvZWJkNDlmLWY1NjktNDE1Mi1iMGI4LTVlNTNjMjNiNTViMC8x
L2ZGU3RSaG1EeFpodjM0M3QtTnU4RmRUSEFkVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
ZWJkNDlmLWY1NjktNDE1Mi1iMGI4LTVlNTNjMjNiNTViMC8xLzdQUW5kcjVUSzlC
WFV6S0ZYWXhDeEpVdTJURS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApJtCDANBgkqhkiG9w0BAQsFAAOC
AQEAPIyY/77KvB+vNsvhVndKb93nIXZyk0VLBHHIw4Cjm0z/Yn7Anl6M2mnNsQ2h
kevNIc9A8lxtFaWfaxeMfmFkfurTR03xCuUOj3IZmN4mSOVKpjr8oeQxF9IP6DHz
ht4WCDI3WKhAcjuJvYxXitpIylRING/IkjdgjVh7G1Djf284PeyTJ8rDQ3bE9Oce
bI6ucSj9BDjfotoqwiFOi7DOHpgRm8mKU5WIxK+hlYUIXhZgLdxvSaIVdLZONJ2K
XUwWBqgvSXeSCD8R0NSPBSLe7oObXouQT1NhYaUnwLr2JJhSP6LaZr/Ptx9UWKIR
/HiXKmU+cqwSUV1K3G9VJI4BTw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:34 2023 by rpki-client on console-ams.rpki-client.org