Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/97IkMrRwWMexoEsDPra8YcrSPy0.roa
File: 97IkMrRwWMexoEsDPra8YcrSPy0.roa (raw, json)
Hash identifier: 6OPSCi5GJtzJ+OWkjayWMy75z6nSm8ItD3lRGccSr0c=
Subject key identifier: F7:B2:24:32:B4:70:58:C7:B1:A0:4B:03:3E:B6:BC:61:CA:D2:3F:2D
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 08F9E77B
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/97IkMrRwWMexoEsDPra8YcrSPy0.roa
Signing time: Sat 01 Jan 2022 08:59:06 +0000
ROA not before: Sat 01 Jan 2022 08:59:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9583
IP address blocks: 159.151.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150595451 (0x8f9e77b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 08:59:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7b22432b47058c7b1a04b033eb6bc61cad23f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:bb:9f:7d:52:31:33:89:99:16:a1:01:88:89:
c2:11:e0:40:33:21:9d:b3:6e:41:d4:cd:74:bd:9d:
bc:bb:50:51:4f:dc:f1:23:ab:0f:d1:49:76:90:c2:
5f:95:0e:4d:d9:53:35:b3:14:68:dd:83:80:f2:07:
dc:27:36:bf:5c:ac:e7:43:d6:0b:59:27:9d:39:97:
af:56:dd:fb:20:51:a1:d0:9c:5e:8d:81:7a:6c:e2:
74:92:6c:af:fd:12:87:83:f0:2c:e9:a7:bf:18:9e:
85:04:e5:4e:a6:a5:66:18:35:c0:bf:c5:46:4d:3b:
3e:15:54:a4:08:d7:e0:65:1b:f1:0a:82:70:71:97:
83:39:17:c0:3c:90:d1:ca:fe:45:81:05:be:a6:b4:
f9:a9:2e:85:b2:1b:2d:f9:c3:ae:fe:ff:ee:8e:9f:
0c:a7:3f:c0:7c:c2:0a:ea:24:15:3f:89:15:d7:20:
a2:40:78:f1:08:63:11:3f:d0:21:d6:bc:8e:8f:a1:
de:c3:1b:b8:27:29:7c:12:a8:90:c2:02:e3:99:a2:
16:c9:f3:8d:21:ca:a5:d1:0c:0f:38:10:f8:7c:4d:
13:a0:ea:7c:70:54:c3:d2:fd:08:61:2f:86:91:1b:
21:ad:74:ab:4c:f2:6e:ae:d9:2f:4a:49:87:01:06:
14:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B2:24:32:B4:70:58:C7:B1:A0:4B:03:3E:B6:BC:61:CA:D2:3F:2D
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/97IkMrRwWMexoEsDPra8YcrSPy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.254.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:74:47:1f:fd:9c:84:89:9d:38:70:34:32:40:50:8d:8a:7c:
81:f7:7f:83:ab:90:f7:c6:ab:0a:77:07:c0:4a:da:b9:72:d4:
c3:61:57:0b:23:85:0b:87:33:aa:b0:23:6b:7c:42:36:38:a4:
c7:7e:cc:1b:08:b2:c9:7f:6a:40:30:21:a3:6c:4c:ad:5f:b4:
d5:b1:df:3a:fb:ba:a1:41:f9:14:d8:a8:34:f1:39:83:d8:ba:
5d:9e:0d:67:63:f9:be:59:18:82:fb:85:d8:dc:d7:fe:12:d6:
23:60:f6:54:4e:88:25:2d:ec:b9:c9:7a:11:69:20:b5:fa:1c:
a7:3b:e2:6f:e8:ec:ad:f5:dd:4d:78:d8:66:0b:f7:4c:aa:f6:
c8:d7:d2:80:14:4a:77:d3:0e:2f:23:e2:75:b8:da:28:ef:83:
4d:81:b6:81:12:e0:30:fb:ce:91:4e:e5:6e:28:5e:08:69:60:
d0:1b:e1:35:aa:24:76:44:de:4f:4c:91:af:cc:06:08:7a:4b:
90:62:95:28:aa:5d:5a:38:46:15:51:a4:b8:69:85:f5:89:af:
a8:20:e7:8a:dd:36:c4:2b:91:b4:07:7a:14:ab:e1:6b:a7:16:
48:28:6f:02:ad:51:49:5e:0a:f3:2e:9c:59:82:62:8d:e5:2c:
6f:c2:63:1c
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECPnnezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTM3ZDgwN2Q0ZjdjZGQzZTBhZmU0YWJjOGVlNWE4ODBjNjA5MGYxMB4XDTIyMDEw
MTA4NTkwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdiMjI0MzJiNDcw
NThjN2IxYTA0YjAzM2ViNmJjNjFjYWQyM2YyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJm7n31SMTOJmRahAYiJwhHgQDMhnbNuQdTNdL2dvLtQUU/c
8SOrD9FJdpDCX5UOTdlTNbMUaN2DgPIH3Cc2v1ys50PWC1knnTmXr1bd+yBRodCc
Xo2BemzidJJsr/0Sh4PwLOmnvxiehQTlTqalZhg1wL/FRk07PhVUpAjX4GUb8QqC
cHGXgzkXwDyQ0cr+RYEFvqa0+akuhbIbLfnDrv7/7o6fDKc/wHzCCuokFT+JFdcg
okB48QhjET/QIda8jo+h3sMbuCcpfBKokMIC45miFsnzjSHKpdEMDzgQ+HxNE6Dq
fHBUw9L9CGEvhpEbIa10q0zybq7ZL0pJhwEGFNkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT3siQytHBYx7GgSwM+trxhytI/LTAfBgNVHSMEGDAWgBQKN9gH1PfN0+Cv
5KvI7lqIDGCQ8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqZllCOVQzemRQZ3ItU3J5TzVhaUF4Z2tQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8x
Lzk3SWtNclJ3V01leG9Fc0RQcmE4WWNyU1B5MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8xL0NqZllCOVQzemRQ
Z3ItU3J5TzVhaUF4Z2tQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ+X/jANBgkqhkiG9w0BAQsFAAOC
AQEAbnRHH/2chImdOHA0MkBQjYp8gfd/g6uQ98arCncHwErauXLUw2FXCyOFC4cz
qrAja3xCNjikx37MGwiyyX9qQDAho2xMrV+01bHfOvu6oUH5FNioNPE5g9i6XZ4N
Z2P5vlkYgvuF2NzX/hLWI2D2VE6IJS3sucl6EWkgtfocpzvib+jsrfXdTXjYZgv3
TKr2yNfSgBRKd9MOLyPidbjaKO+DTYG2gRLgMPvOkU7lbiheCGlg0BvhNaokdkTe
T0yRr8wGCHpLkGKVKKpdWjhGFVGkuGmF9YmvqCDnit02xCuRtAd6FKvha6cWSChv
Aq1RSV4K8y6cWYJijeUsb8JjHA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-ams.rpki-client.org