Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/1-S67FgEkJmvKDdk34d0KJgCsi3E.roa
File: 1-S67FgEkJmvKDdk34d0KJgCsi3E.roa (raw, json)
Hash identifier: TXlBX92kGIdhjKXI3mHN8fIr3r7iNdzeeB9F0aMoibo=
Subject key identifier: F9:2E:BB:16:01:24:26:6B:CA:0D:D9:37:E1:DD:0A:26:00:AC:8B:71
Certificate issuer: /CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
Certificate serial: 04E0E7DC
Authority key identifier: 7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/1-S67FgEkJmvKDdk34d0KJgCsi3E.roa
Signing time: Sat 01 Jan 2022 12:59:15 +0000
ROA not before: Sat 01 Jan 2022 12:59:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 149.249.2.0/24 maxlen: 24
149.249.1.0/24 maxlen: 24
149.249.3.0/24 maxlen: 24
149.249.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 81848284 (0x4e0e7dc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a0a06564d3c717d2d6daa1e833c495976b0bada
Validity
Not Before: Jan 1 12:59:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f92ebb160124266bca0dd937e1dd0a2600ac8b71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:2e:f1:53:c6:33:4a:3c:89:23:5c:72:24:59:
68:89:9d:27:3e:de:21:69:8a:20:c4:bb:7a:91:df:
e1:0a:57:48:00:21:50:3b:98:e5:02:70:9d:70:c8:
e9:3f:47:d5:5e:55:bf:5c:58:2e:4a:69:fb:95:c0:
ce:4e:7b:f9:1c:ef:7a:b2:0e:bc:bd:df:74:62:3f:
8d:71:2f:eb:58:e2:9b:73:6d:9f:d4:23:b8:46:f1:
ff:51:65:90:5a:4f:b3:bc:c2:b3:fd:f7:39:1b:64:
f5:1d:75:c5:00:f0:c1:1b:6d:55:28:ef:24:ea:c2:
b5:3b:da:40:d3:79:dc:60:0e:d9:61:60:eb:3f:e3:
82:03:dd:a6:98:cc:c5:c7:db:0d:81:35:61:8d:13:
3a:b2:f2:cf:6e:2e:e3:66:3f:76:f5:98:5a:a4:33:
fa:fd:2a:97:c2:cf:c0:b0:af:8d:42:ce:47:bc:64:
f3:60:fb:d7:e9:d8:b4:92:6e:a6:70:b7:bd:c5:d2:
cd:04:0d:ec:ea:03:ac:37:93:e1:be:14:d7:e4:c0:
ec:47:a8:56:25:b8:fb:3f:7e:d6:53:a7:4c:c9:5b:
73:e8:cd:25:19:82:23:78:f4:5d:9e:fa:1e:f6:91:
9b:2a:03:41:8a:c7:99:e4:00:76:74:b2:8c:1b:6e:
f2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2E:BB:16:01:24:26:6B:CA:0D:D9:37:E1:DD:0A:26:00:AC:8B:71
X509v3 Authority Key Identifier:
keyid:7A:0A:06:56:4D:3C:71:7D:2D:6D:AA:1E:83:3C:49:59:76:B0:BA:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/egoGVk08cX0tbaoegzxJWXawuto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/1-S67FgEkJmvKDdk34d0KJgCsi3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/6f598d-a5c5-4c99-a1f0-548263eb6fb4/1/egoGVk08cX0tbaoegzxJWXawuto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.249.0.0/22
Signature Algorithm: sha256WithRSAEncryption
45:8f:2e:25:40:29:fa:9c:db:f2:e0:b3:e2:72:76:aa:3d:d9:
db:04:84:6b:15:e5:a4:a9:4d:4c:06:ff:4f:dc:8c:e4:97:15:
62:71:44:12:bd:14:8f:25:50:d2:e3:06:b3:8a:6b:7b:b9:b4:
18:e7:2b:f3:36:b7:d4:19:60:9a:76:39:99:b8:9f:2b:35:8b:
ba:d3:0a:63:9a:b1:72:f2:33:66:6b:99:77:65:d7:ed:d9:30:
56:d6:1e:31:d8:ad:bf:3a:f9:88:ab:28:1e:d7:a6:d6:00:b9:
7c:ba:6e:2c:5c:c5:69:87:ac:08:c2:08:7a:f7:f8:e8:d9:99:
b7:e4:60:cd:d8:dd:ac:73:8f:1f:cb:f6:1b:f6:79:2a:ef:30:
e2:36:7e:88:e4:9a:53:0a:82:92:05:ba:05:ee:e9:cd:74:7b:
a5:83:9d:c6:e9:86:76:0c:4d:57:b8:18:86:fb:76:a1:47:df:
19:4c:86:3c:d7:ef:48:d3:8b:76:91:67:00:cc:85:1c:00:93:
ce:44:ea:12:17:92:c0:44:09:14:60:32:cd:fd:49:0e:18:fc:
8c:6e:2c:8a:a6:59:70:26:96:e7:33:15:74:1e:fc:f6:74:10:
29:2a:20:1a:88:73:66:09:bb:e3:1e:6d:b9:4d:22:10:79:78:
03:d6:3f:dd
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBODn3DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YTBhMDY1NjRkM2M3MTdkMmQ2ZGFhMWU4MzNjNDk1OTc2YjBiYWRhMB4XDTIyMDEw
MTEyNTkxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjkyZWJiMTYwMTI0
MjY2YmNhMGRkOTM3ZTFkZDBhMjYwMGFjOGI3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOsu8VPGM0o8iSNcciRZaImdJz7eIWmKIMS7epHf4QpXSAAh
UDuY5QJwnXDI6T9H1V5Vv1xYLkpp+5XAzk57+RzverIOvL3fdGI/jXEv61jim3Nt
n9QjuEbx/1FlkFpPs7zCs/33ORtk9R11xQDwwRttVSjvJOrCtTvaQNN53GAO2WFg
6z/jggPdppjMxcfbDYE1YY0TOrLyz24u42Y/dvWYWqQz+v0ql8LPwLCvjULOR7xk
82D71+nYtJJupnC3vcXSzQQN7OoDrDeT4b4U1+TA7EeoViW4+z9+1lOnTMlbc+jN
JRmCI3j0XZ76HvaRmyoDQYrHmeQAdnSyjBtu8t8CAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT5LrsWASQma8oN2Tfh3QomAKyLcTAfBgNVHSMEGDAWgBR6CgZWTTxxfS1t
qh6DPElZdrC62jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Vnb0dWazA4Y1gwdGJhb2VnenhKV1hhd3V0by5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvNmY1OThkLWE1YzUtNGM5OS1hMWYwLTU0ODI2M2ViNmZiNC8x
LzEtUzY3RmdFa0ptdktEZGszNGQwS0pnQ3NpM0Uucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhi
LzZmNTk4ZC1hNWM1LTRjOTktYTFmMC01NDgyNjNlYjZmYjQvMS9lZ29HVmswOGNY
MHRiYW9lZ3p4SldYYXd1dG8uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKV+QAwDQYJKoZIhvcNAQELBQAD
ggEBAEWPLiVAKfqc2/Lgs+Jydqo92dsEhGsV5aSpTUwG/0/cjOSXFWJxRBK9FI8l
UNLjBrOKa3u5tBjnK/M2t9QZYJp2OZm4nys1i7rTCmOasXLyM2ZrmXdl1+3ZMFbW
HjHYrb86+YirKB7XptYAuXy6bixcxWmHrAjCCHr3+OjZmbfkYM3Y3axzjx/L9hv2
eSrvMOI2fojkmlMKgpIFugXu6c10e6WDncbphnYMTVe4GIb7dqFH3xlMhjzX70jT
i3aRZwDMhRwAk85E6hIXksBECRRgMs39SQ4Y/IxuLIqmWXAmluczFXQe/PZ0ECkq
IBqIc2YJu+MebblNIhB5eAPWP90=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:54 2023 by rpki-client on console-ams.rpki-client.org