Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/jVc9D_6TmpPO0gb251nnUWulNm0.roa
File: jVc9D_6TmpPO0gb251nnUWulNm0.roa (raw, json)
Hash identifier: CkWlFvohwRScPdX68j5nWpCmmyQaLuZnSlBH37o2adQ=
Subject key identifier: 8D:57:3D:0F:FE:93:9A:93:CE:D2:06:F6:E7:59:E7:51:6B:A5:36:6D
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 08F8F4F9
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/jVc9D_6TmpPO0gb251nnUWulNm0.roa
Signing time: Sat 01 Jan 2022 08:59:05 +0000
ROA not before: Sat 01 Jan 2022 08:59:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4755
IP address blocks: 192.109.146.0/24 maxlen: 24
2a07:8145::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 150533369 (0x8f8f4f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Jan 1 08:59:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d573d0ffe939a93ced206f6e759e7516ba5366d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f2:04:ca:09:4f:e1:de:15:ac:6e:8f:cb:85:
4a:03:2a:9e:8f:af:90:94:e8:27:67:7f:07:f2:9a:
7c:63:14:1c:81:fe:a0:ce:57:b4:86:d5:f3:3c:95:
95:04:fb:a4:2a:5c:75:f7:0c:b1:39:40:5b:4a:de:
5a:3c:ff:bd:dc:f7:5f:68:cf:46:62:f8:6d:72:1d:
0d:54:70:1a:7a:3c:80:c7:ee:ed:c9:bb:53:19:4c:
fb:27:d1:9e:ad:fb:ce:ba:45:92:4b:38:fa:66:ff:
76:b0:21:03:07:6f:3b:54:a3:18:16:66:60:90:62:
c3:37:5e:c8:9d:86:7b:bc:54:97:fa:99:2e:08:7f:
a4:f8:a3:c4:54:55:f1:6d:62:02:42:3a:af:f7:1a:
37:9a:fb:3d:5a:61:e2:df:ad:79:08:b9:80:75:d2:
14:e3:0e:49:07:48:73:18:99:6e:c7:f5:13:b6:27:
3b:7e:50:5f:6b:b5:0e:e2:79:72:7a:36:0f:4c:66:
1b:91:22:9f:bb:2a:aa:3b:88:e8:a7:4a:90:eb:3b:
70:0c:a9:b8:ae:02:1b:44:bc:d7:cf:b6:cd:1c:e7:
dd:b7:83:d0:28:25:4a:56:ce:e2:01:7d:49:d7:2c:
aa:81:86:be:18:b0:b7:46:d2:d5:31:6d:ea:3a:8c:
86:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:57:3D:0F:FE:93:9A:93:CE:D2:06:F6:E7:59:E7:51:6B:A5:36:6D
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/jVc9D_6TmpPO0gb251nnUWulNm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.146.0/24
IPv6:
2a07:8145::/36
Signature Algorithm: sha256WithRSAEncryption
1f:8f:06:44:f1:99:ec:9b:e2:a6:4a:c2:00:93:96:a6:7e:fd:
51:74:5a:3b:ba:0b:58:5d:fe:14:b8:74:7c:d5:2b:f7:61:96:
f3:8b:4f:b0:c8:b9:4e:1e:b9:0f:73:10:09:7f:46:c6:69:28:
8d:ba:36:6e:52:5e:2e:00:2e:4d:16:d6:0c:2e:15:d6:95:09:
73:9b:73:a3:7a:92:7a:cf:bd:eb:44:e9:cf:74:63:56:10:00:
04:e3:de:7b:a7:2a:1b:fb:cb:bc:2c:f8:a1:c2:ab:49:e7:0c:
fe:7f:a1:29:58:2a:9f:48:df:06:3f:44:29:b7:d9:86:26:4e:
6f:3b:16:12:5c:d9:7a:79:ef:21:c8:18:33:35:49:0e:02:a1:
e2:7a:93:96:3b:52:d5:4f:a2:7a:11:17:c7:d4:3f:2a:5c:e7:
16:6b:dc:ad:1a:1e:06:a7:8d:dd:50:d1:51:81:65:07:9a:67:
dd:ea:10:8e:57:b6:ba:bc:89:f3:c2:ca:26:5d:5f:81:75:87:
eb:36:2d:c9:69:f6:70:64:96:d4:34:02:31:95:a4:4d:1a:50:
f6:81:f5:f7:f8:b0:70:29:f3:bc:4d:0a:40:8e:f6:a4:be:58:
81:cf:dc:bf:90:2d:98:d5:81:a9:90:23:88:d8:ec:3e:2f:3a:
ff:af:81:b5
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIECPj0+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTM3ZDgwN2Q0ZjdjZGQzZTBhZmU0YWJjOGVlNWE4ODBjNjA5MGYxMB4XDTIyMDEw
MTA4NTkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGQ1NzNkMGZmZTkz
OWE5M2NlZDIwNmY2ZTc1OWU3NTE2YmE1MzY2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI7yBMoJT+HeFaxuj8uFSgMqno+vkJToJ2d/B/KafGMUHIH+
oM5XtIbV8zyVlQT7pCpcdfcMsTlAW0reWjz/vdz3X2jPRmL4bXIdDVRwGno8gMfu
7cm7UxlM+yfRnq37zrpFkks4+mb/drAhAwdvO1SjGBZmYJBiwzdeyJ2Ge7xUl/qZ
Lgh/pPijxFRV8W1iAkI6r/caN5r7PVph4t+teQi5gHXSFOMOSQdIcxiZbsf1E7Yn
O35QX2u1DuJ5cno2D0xmG5Ein7sqqjuI6KdKkOs7cAypuK4CG0S818+2zRzn3beD
0CglSlbO4gF9SdcsqoGGvhiwt0bS1TFt6jqMhssCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBSNVz0P/pOak87SBvbnWedRa6U2bTAfBgNVHSMEGDAWgBQKN9gH1PfN0+Cv
5KvI7lqIDGCQ8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqZllCOVQzemRQZ3ItU3J5TzVhaUF4Z2tQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8x
L2pWYzlEXzZUbXBQTzBnYjI1MW5uVVd1bE5tMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8xL0NqZllCOVQzemRQ
Z3ItU3J5TzVhaUF4Z2tQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEAMBtkjAOBAIAAjAIAwYEKgeBRQAw
DQYJKoZIhvcNAQELBQADggEBAB+PBkTxmeyb4qZKwgCTlqZ+/VF0Wju6C1hd/hS4
dHzVK/dhlvOLT7DIuU4euQ9zEAl/RsZpKI26Nm5SXi4ALk0W1gwuFdaVCXObc6N6
knrPvetE6c90Y1YQAATj3nunKhv7y7ws+KHCq0nnDP5/oSlYKp9I3wY/RCm32YYm
Tm87FhJc2Xp57yHIGDM1SQ4CoeJ6k5Y7UtVPonoRF8fUPypc5xZr3K0aHganjd1Q
0VGBZQeaZ93qEI5Xtrq8ifPCyiZdX4F1h+s2Lclp9nBkltQ0AjGVpE0aUPaB9ff4
sHAp87xNCkCO9qS+WIHP3L+QLZjVgamQI4jY7D4vOv+vgbU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:01 2023 by rpki-client on console-fra.rpki-client.org