Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/d71c56-b8be-4d1a-bc22-037539631bb4/1/1hdls9Ao30cqysZRtO9b6y0jrBY.roa
File: 1hdls9Ao30cqysZRtO9b6y0jrBY.roa (raw, json)
Hash identifier: S954VJV6cRq/YcXt2y+50wp6HXZ5Ehu1X/NsX2TPr0o=
Subject key identifier: D6:17:65:B3:D0:28:DF:47:2A:CA:C6:51:B4:EF:5B:EB:2D:23:AC:16
Certificate issuer: /CN=711b4f3aa45dc4ec336d62e9a7e89d79b3efcab0
Certificate serial: 0181D7E8383AD39BFEA044354480B296FAD1
Authority key identifier: 71:1B:4F:3A:A4:5D:C4:EC:33:6D:62:E9:A7:E8:9D:79:B3:EF:CA:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cRtPOqRdxOwzbWLpp-idebPvyrA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/d71c56-b8be-4d1a-bc22-037539631bb4/1/1hdls9Ao30cqysZRtO9b6y0jrBY.roa
Signing time: Thu 07 Jul 2022 09:05:29 +0000
ROA not before: Thu 07 Jul 2022 09:05:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 91.238.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d7:e8:38:3a:d3:9b:fe:a0:44:35:44:80:b2:96:fa:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=711b4f3aa45dc4ec336d62e9a7e89d79b3efcab0
Validity
Not Before: Jul 7 09:05:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d61765b3d028df472acac651b4ef5beb2d23ac16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:95:49:f7:15:6b:12:c4:35:5a:77:4e:46:aa:
2f:39:20:7b:a1:7f:8b:32:7e:a3:ab:9b:fc:53:50:
11:aa:fe:ae:da:cd:67:39:16:a1:19:f7:43:bb:40:
ef:6a:91:44:02:3d:e6:15:01:96:d9:99:39:3f:55:
4f:fc:70:1a:96:52:81:fb:07:6a:c2:08:b3:1a:a1:
39:69:d3:17:da:d5:ed:c7:5e:84:54:75:1e:44:ce:
d9:a6:18:2c:4e:cb:74:0a:90:9c:74:f4:f9:4a:36:
c3:d1:b6:f5:f7:b0:56:68:64:22:b4:76:8e:47:70:
25:2f:0b:e7:63:ee:83:c1:83:1a:24:3e:67:a3:ca:
5e:a6:7b:c7:f1:e9:88:a3:c4:c5:4b:4e:72:be:c9:
ab:a4:2c:60:5f:3a:81:e3:c2:4b:22:dc:63:21:16:
84:af:d6:41:f3:33:83:74:a4:82:35:c8:1f:ed:2c:
5f:18:fd:23:8c:f5:0d:46:53:71:5b:17:95:83:35:
ba:f6:f1:a3:15:60:09:c8:11:50:51:54:41:35:21:
5f:85:96:c0:fe:40:36:4a:0a:cc:9f:b9:ff:47:b3:
b8:d6:56:4b:8e:65:cc:1f:ec:31:b9:32:ef:1a:40:
c1:40:07:e5:ae:7f:99:22:40:ea:f1:4f:6e:99:87:
19:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:17:65:B3:D0:28:DF:47:2A:CA:C6:51:B4:EF:5B:EB:2D:23:AC:16
X509v3 Authority Key Identifier:
keyid:71:1B:4F:3A:A4:5D:C4:EC:33:6D:62:E9:A7:E8:9D:79:B3:EF:CA:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cRtPOqRdxOwzbWLpp-idebPvyrA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d71c56-b8be-4d1a-bc22-037539631bb4/1/1hdls9Ao30cqysZRtO9b6y0jrBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/d71c56-b8be-4d1a-bc22-037539631bb4/1/cRtPOqRdxOwzbWLpp-idebPvyrA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.123.0/24
Signature Algorithm: sha256WithRSAEncryption
58:9d:5b:61:5c:5e:26:35:9c:49:02:63:4e:84:df:38:f7:d6:
8d:ca:4f:45:6b:38:7c:54:7a:35:b6:21:4f:7a:06:bb:f4:88:
c1:48:c1:9c:f4:ef:b8:64:af:a0:01:ba:c8:64:7e:4e:76:cc:
dd:86:25:fa:7d:df:70:41:74:2d:f0:d0:f1:48:4f:23:03:7c:
e0:88:a0:f5:95:24:03:cc:18:df:d3:e9:46:0e:a1:26:9d:ff:
d5:2c:dc:c4:81:fc:94:fe:fc:1f:11:91:9b:0b:77:57:2c:fb:
4e:6b:63:cf:6a:89:cd:d0:01:60:1e:54:7c:04:07:35:48:02:
49:f0:23:52:92:49:f8:a7:6b:69:e7:b5:53:12:ad:84:e4:d3:
3a:07:59:fd:bb:c6:44:2c:46:06:5e:f7:4b:cc:75:98:9b:cc:
da:ea:69:22:79:10:d4:91:4b:82:e3:49:eb:8f:09:0f:21:64:
83:6f:0c:68:20:3f:31:f6:93:3e:c9:20:c0:77:e0:12:08:a3:
6b:7d:7e:e8:0e:74:56:5a:d4:2b:98:f3:05:aa:5a:c8:89:ad:
e9:bd:42:f3:99:21:96:20:c7:98:68:85:fc:d6:35:36:cc:99:
c1:27:9c:bf:31:a0:50:ab:82:5e:55:90:34:bf:12:82:89:b4:
ee:e0:e2:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHX6Dg605v+oEQ1RICylvrRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMWI0ZjNhYTQ1ZGM0ZWMzMzZkNjJlOWE3ZTg5ZDc5YjNl
ZmNhYjAwHhcNMjIwNzA3MDkwNTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjE3NjViM2QwMjhkZjQ3MmFjYWM2NTFiNGVmNWJlYjJkMjNhYzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5VJ9xVrEsQ1WndORqovOSB7oX+L
Mn6jq5v8U1ARqv6u2s1nORahGfdDu0DvapFEAj3mFQGW2Zk5P1VP/HAallKB+wdq
wgizGqE5adMX2tXtx16EVHUeRM7ZphgsTst0CpCcdPT5SjbD0bb197BWaGQitHaO
R3AlLwvnY+6DwYMaJD5no8pepnvH8emIo8TFS05yvsmrpCxgXzqB48JLItxjIRaE
r9ZB8zODdKSCNcgf7SxfGP0jjPUNRlNxWxeVgzW69vGjFWAJyBFQUVRBNSFfhZbA
/kA2SgrMn7n/R7O41lZLjmXMH+wxuTLvGkDBQAflrn+ZIkDq8U9umYcZ9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNYXZbPQKN9HKsrGUbTvW+stI6wWMB8GA1UdIwQY
MBaAFHEbTzqkXcTsM21i6afonXmz78qwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1J0UE9xUmR4T3d6YldMcHAtaWRlYlB2eXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9kNzFjNTYtYjhiZS00ZDFhLWJjMjIt
MDM3NTM5NjMxYmI0LzEvMWhkbHM5QW8zMGNxeXNaUnRPOWI2eTBqckJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9kNzFjNTYtYjhiZS00ZDFhLWJjMjItMDM3NTM5NjMxYmI0
LzEvY1J0UE9xUmR4T3d6YldMcHAtaWRlYlB2eXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+57MA0G
CSqGSIb3DQEBCwUAA4IBAQBYnVthXF4mNZxJAmNOhN8499aNyk9Fazh8VHo1tiFP
ega79IjBSMGc9O+4ZK+gAbrIZH5OdszdhiX6fd9wQXQt8NDxSE8jA3zgiKD1lSQD
zBjf0+lGDqEmnf/VLNzEgfyU/vwfEZGbC3dXLPtOa2PPaonN0AFgHlR8BAc1SAJJ
8CNSkkn4p2tp57VTEq2E5NM6B1n9u8ZELEYGXvdLzHWYm8za6mkieRDUkUuC40nr
jwkPIWSDbwxoID8x9pM+ySDAd+ASCKNrfX7oDnRWWtQrmPMFqlrIia3pvULzmSGW
IMeYaIX81jU2zJnBJ5y/MaBQq4JeVZA0vxKCibTu4OL4
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:39 2023 by rpki-client on console-ams.rpki-client.org