Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/o66SUv-K7q3bPIVyeUP3qeH17U4.roa
File: o66SUv-K7q3bPIVyeUP3qeH17U4.roa (raw, json)
Hash identifier: 0ylgsi/8pjlOCKboIBg2K6WZNxKZg9aRVaekqMosZfI=
Subject key identifier: A3:AE:92:52:FF:8A:EE:AD:DB:3C:85:72:79:43:F7:A9:E1:F5:ED:4E
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 048573EC
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/o66SUv-K7q3bPIVyeUP3qeH17U4.roa
Signing time: Sat 01 Jan 2022 12:06:36 +0000
ROA not before: Sat 01 Jan 2022 12:06:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41540
IP address blocks: 128.0.170.0/24 maxlen: 32
31.172.143.0/24 maxlen: 32
91.231.127.0/24 maxlen: 32
92.60.190.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75854828 (0x48573ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jan 1 12:06:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3ae9252ff8aeeaddb3c85727943f7a9e1f5ed4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:53:97:1e:d9:ab:c6:24:89:89:06:34:3f:5e:
7e:e4:c0:61:52:a2:8b:81:0a:c8:e9:31:73:db:82:
a4:23:ce:2c:9d:8b:09:1e:6d:90:10:d1:61:a5:c8:
c4:07:14:d8:85:48:4f:c6:5d:e5:69:ee:5e:d1:df:
91:2e:ff:3d:2a:2c:7d:df:db:24:0d:0b:c0:6d:8d:
fb:86:25:a2:d0:0c:cb:ed:57:c9:ce:e4:b3:a7:89:
7b:dc:6e:9d:a2:e2:d4:22:ed:1f:aa:8b:d9:01:1e:
74:fe:4d:dc:4e:07:24:55:c5:a9:b7:86:a1:bc:4f:
f0:3e:f0:e1:80:0b:de:71:c9:c0:28:44:c2:4d:c3:
ea:27:ac:ef:75:b6:86:3e:d6:eb:d2:53:ca:15:d0:
81:ca:d9:bd:f2:d7:7e:2a:45:1e:0c:5b:6f:0e:9a:
b8:cc:8a:2f:98:4a:ae:36:f3:cc:2c:eb:16:9c:7c:
f8:ff:46:63:6c:23:35:07:10:63:a3:0a:3f:9b:4a:
17:f5:36:38:e3:cb:ca:e5:8b:26:1f:b6:df:65:2a:
3a:9f:5f:19:a7:a9:be:c0:bf:d0:80:36:fb:7b:22:
01:e3:d7:26:80:5f:99:de:01:d2:d2:39:3f:54:88:
e4:c6:d6:3c:ba:6f:61:e1:f3:c1:bf:f9:72:de:b6:
3f:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AE:92:52:FF:8A:EE:AD:DB:3C:85:72:79:43:F7:A9:E1:F5:ED:4E
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/o66SUv-K7q3bPIVyeUP3qeH17U4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.143.0/24
91.231.127.0/24
92.60.190.0/23
128.0.170.0/24
Signature Algorithm: sha256WithRSAEncryption
38:da:9d:41:b0:30:17:01:ff:d3:4e:b7:ca:8c:73:92:07:0f:
d6:c4:17:65:4f:a9:0a:9b:64:da:85:a3:c5:7c:21:0b:c1:0c:
16:bc:c9:30:42:7a:6b:74:72:03:03:4c:5d:57:5c:e7:e5:91:
81:8e:b8:ed:ea:b0:0c:fb:a3:ed:b4:4f:b4:c8:e9:1d:a9:35:
06:7b:00:34:53:b4:57:6f:48:f7:bf:f2:d5:9d:37:36:0b:e7:
73:19:4b:6f:eb:80:fc:9f:8f:11:7e:06:a8:fa:ef:03:21:6c:
ce:4c:20:fe:17:67:80:9c:2f:f8:4a:de:89:cc:7a:56:0d:66:
c8:6a:25:11:0e:39:55:f0:2c:3c:90:6a:8e:bc:3b:86:bb:04:
31:92:6d:66:25:32:b5:af:aa:a1:64:db:2e:40:05:03:96:4b:
ef:4e:af:e9:8c:c5:08:21:2b:ec:5d:6e:68:0e:e4:dc:53:1f:
00:a9:ac:37:87:0e:3f:b3:e3:b1:f8:51:59:ec:8b:9e:6f:09:
98:f9:f3:a6:fe:d2:ad:f7:8a:06:44:4d:5f:33:de:da:75:f5:
a4:7a:a6:cd:5d:77:5a:d1:ae:cd:c5:0a:b7:b5:12:4f:f7:55:
a4:59:6d:a9:69:20:c3:c3:ac:11:a3:0c:ce:94:0d:59:a5:1a:
cf:fe:6b:19
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBIVz7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZDg3MTQyYmRjMmIzZjBkMDg0OGEwZDgwMGI2OTMwYjFhYmIzNGJjMB4XDTIyMDEw
MTEyMDYzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNhZTkyNTJmZjhh
ZWVhZGRiM2M4NTcyNzk0M2Y3YTllMWY1ZWQ0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMJTlx7Zq8YkiYkGND9efuTAYVKii4EKyOkxc9uCpCPOLJ2L
CR5tkBDRYaXIxAcU2IVIT8Zd5WnuXtHfkS7/PSosfd/bJA0LwG2N+4YlotAMy+1X
yc7ks6eJe9xunaLi1CLtH6qL2QEedP5N3E4HJFXFqbeGobxP8D7w4YAL3nHJwChE
wk3D6ies73W2hj7W69JTyhXQgcrZvfLXfipFHgxbbw6auMyKL5hKrjbzzCzrFpx8
+P9GY2wjNQcQY6MKP5tKF/U2OOPLyuWLJh+232UqOp9fGaepvsC/0IA2+3siAePX
JoBfmd4B0tI5P1SI5MbWPLpvYeHzwb/5ct62P60CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSjrpJS/4rurds8hXJ5Q/ep4fXtTjAfBgNVHSMEGDAWgBQNhxQr3Cs/DQhI
oNgAtpMLGrs0vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RZY1VLOXdyUHcwSVNLRFlBTGFUQ3hxN05Mdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvOGY4Y2MwLWY2OTMtNDIxYy1iYzU0LWEzMTcwOGQ0MDM5MS8x
L282NlNVdi1LN3EzYlBJVnllVVAzcWVIMTdVNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
OGY4Y2MwLWY2OTMtNDIxYy1iYzU0LWEzMTcwOGQ0MDM5MS8xL0RZY1VLOXdyUHcw
SVNLRFlBTGFUQ3hxN05Mdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAB+sjwMEAFvnfwMEAVw8vgMEAIAA
qjANBgkqhkiG9w0BAQsFAAOCAQEAONqdQbAwFwH/0063yoxzkgcP1sQXZU+pCptk
2oWjxXwhC8EMFrzJMEJ6a3RyAwNMXVdc5+WRgY647eqwDPuj7bRPtMjpHak1BnsA
NFO0V29I97/y1Z03NgvncxlLb+uA/J+PEX4GqPrvAyFszkwg/hdngJwv+Ereicx6
Vg1myGolEQ45VfAsPJBqjrw7hrsEMZJtZiUyta+qoWTbLkAFA5ZL706v6YzFCCEr
7F1uaA7k3FMfAKmsN4cOP7PjsfhRWeyLnm8JmPnzpv7SrfeKBkRNXzPe2nX1pHqm
zV13WtGuzcUKt7UST/dVpFltqWkgw8OsEaMMzpQNWaUaz/5rGQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:01 2023 by rpki-client on console-fra.rpki-client.org