Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/4lCa6kJPIl6J8h93YTuJSJL39I8.roa
File: 4lCa6kJPIl6J8h93YTuJSJL39I8.roa (raw, json)
Hash identifier: npm7cZxjmtUoYCuWMeN/aQe1BDey3mckUR8jWp5g0Lk=
Subject key identifier: E2:50:9A:EA:42:4F:22:5E:89:F2:1F:77:61:3B:89:48:92:F7:F4:8F
Certificate issuer: /CN=166dcaf076c3ec103117deaa67990c968bcd644d
Certificate serial: D4C862
Authority key identifier: 16:6D:CA:F0:76:C3:EC:10:31:17:DE:AA:67:99:0C:96:8B:CD:64:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fm3K8HbD7BAxF96qZ5kMlovNZE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/4lCa6kJPIl6J8h93YTuJSJL39I8.roa
Signing time: Sun 02 Jan 2022 09:19:49 +0000
ROA not before: Sun 02 Jan 2022 09:19:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 213.109.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13944930 (0xd4c862)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=166dcaf076c3ec103117deaa67990c968bcd644d
Validity
Not Before: Jan 2 09:19:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2509aea424f225e89f21f77613b894892f7f48f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:cd:47:95:9c:cb:df:ca:c7:f9:c7:52:c6:fc:
7f:0a:6e:20:9c:82:df:2d:04:17:e4:3b:29:86:81:
38:df:0c:61:20:5c:f8:71:56:c8:da:9c:03:71:4a:
18:74:6f:0a:0a:b8:e7:a2:3e:af:ec:93:41:15:98:
87:bd:78:89:0b:87:e2:d2:cb:3d:3a:5f:15:4a:ac:
0f:8d:9c:aa:52:b2:27:5a:bd:fe:f7:9c:a9:90:d7:
5d:6f:23:86:fe:4d:84:bb:5f:06:4f:98:31:6a:70:
07:f0:97:8f:57:4a:dc:95:de:1f:1d:db:1a:ad:13:
3e:cc:7b:74:9a:78:b8:1b:5c:4a:7e:a4:48:68:1e:
0b:65:43:d6:79:d8:dc:6d:36:f4:fa:c2:3a:fd:10:
6e:23:49:f1:da:1d:0b:eb:32:ee:8c:5c:c9:92:14:
8e:0d:12:50:22:e6:55:5d:42:29:24:87:64:51:b8:
e7:b7:3d:4b:2d:aa:ad:85:07:f4:b4:36:de:47:a6:
c4:86:15:4e:10:0b:08:66:b6:93:25:a9:8a:da:4c:
53:67:0e:31:40:b3:51:3b:68:0a:c5:e5:a1:50:0b:
b5:bf:84:21:8b:ff:24:94:24:e6:f4:98:18:ff:01:
35:53:81:e5:cb:13:9a:7f:62:7b:73:4e:f0:23:32:
70:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:50:9A:EA:42:4F:22:5E:89:F2:1F:77:61:3B:89:48:92:F7:F4:8F
X509v3 Authority Key Identifier:
keyid:16:6D:CA:F0:76:C3:EC:10:31:17:DE:AA:67:99:0C:96:8B:CD:64:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fm3K8HbD7BAxF96qZ5kMlovNZE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/4lCa6kJPIl6J8h93YTuJSJL39I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/3af1e6-7f6d-4ac8-a022-fab9bab2f894/1/Fm3K8HbD7BAxF96qZ5kMlovNZE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.154.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ed:60:34:db:a4:af:c1:4c:dc:f4:6b:a6:f1:9a:fa:0f:0b:
f0:2d:d4:96:1d:7d:6b:40:fa:68:64:30:b8:fc:ff:dc:bf:f9:
55:49:24:1b:3e:90:54:51:6f:91:13:94:fa:bb:f1:f4:2d:2d:
0e:aa:38:89:18:39:69:42:64:57:98:e2:c5:78:fa:fd:8d:26:
82:03:2b:46:db:3f:1d:91:42:5c:2d:06:82:0a:59:51:2e:d3:
07:43:4f:cc:81:3d:2d:35:54:ce:07:a4:99:e5:ef:87:92:f2:
a0:40:99:01:06:65:37:d1:a9:e6:fe:06:66:f0:df:09:b1:7d:
a3:02:91:2f:9c:77:d9:76:bc:9f:8c:98:17:71:13:00:42:cd:
93:a9:bd:7d:52:49:d3:e3:9f:50:b6:35:96:06:34:44:3b:d0:
06:1d:c5:ae:a0:d7:50:ce:fa:8f:48:13:7e:b4:e3:0a:24:ec:
fd:cb:77:be:42:46:b7:68:40:48:bf:41:f4:ae:af:7a:f4:7c:
13:28:1f:cb:10:ae:aa:5d:9e:d6:1a:44:ea:fe:f6:c6:64:6a:
29:20:8b:e5:a3:6e:3f:9f:3e:4d:d5:25:f0:5f:95:78:3b:29:
cf:5c:ee:58:9b:0b:e3:5a:14:17:8d:38:65:90:dd:36:98:5b:
60:63:3b:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANTIYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NjZkY2FmMDc2YzNlYzEwMzExN2RlYWE2Nzk5MGM5NjhiY2Q2NDRkMB4XDTIyMDEw
MjA5MTk0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTI1MDlhZWE0MjRm
MjI1ZTg5ZjIxZjc3NjEzYjg5NDg5MmY3ZjQ4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvNR5Wcy9/Kx/nHUsb8fwpuIJyC3y0EF+Q7KYaBON8MYSBc
+HFWyNqcA3FKGHRvCgq456I+r+yTQRWYh714iQuH4tLLPTpfFUqsD42cqlKyJ1q9
/vecqZDXXW8jhv5NhLtfBk+YMWpwB/CXj1dK3JXeHx3bGq0TPsx7dJp4uBtcSn6k
SGgeC2VD1nnY3G029PrCOv0QbiNJ8dodC+sy7oxcyZIUjg0SUCLmVV1CKSSHZFG4
57c9Sy2qrYUH9LQ23kemxIYVThALCGa2kyWpitpMU2cOMUCzUTtoCsXloVALtb+E
IYv/JJQk5vSYGP8BNVOB5csTmn9ie3NO8CMycIcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTiUJrqQk8iXonyH3dhO4lIkvf0jzAfBgNVHSMEGDAWgBQWbcrwdsPsEDEX
3qpnmQyWi81kTTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZtM0s4SGJEN0JBeEY5NnFaNWtNbG92TlpFMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvM2FmMWU2LTdmNmQtNGFjOC1hMDIyLWZhYjliYWIyZjg5NC8x
LzRsQ2E2a0pQSWw2SjhoOTNZVHVKU0pMMzlJOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
M2FmMWU2LTdmNmQtNGFjOC1hMDIyLWZhYjliYWIyZjg5NC8xL0ZtM0s4SGJEN0JB
eEY5NnFaNWtNbG92TlpFMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANVtmjANBgkqhkiG9w0BAQsFAAOC
AQEAKu1gNNukr8FM3PRrpvGa+g8L8C3Ulh19a0D6aGQwuPz/3L/5VUkkGz6QVFFv
kROU+rvx9C0tDqo4iRg5aUJkV5jixXj6/Y0mggMrRts/HZFCXC0GggpZUS7TB0NP
zIE9LTVUzgekmeXvh5LyoECZAQZlN9Gp5v4GZvDfCbF9owKRL5x32Xa8n4yYF3ET
AELNk6m9fVJJ0+OfULY1lgY0RDvQBh3FrqDXUM76j0gTfrTjCiTs/ct3vkJGt2hA
SL9B9K6vevR8EygfyxCuql2e1hpE6v72xmRqKSCL5aNuP58+TdUl8F+VeDspz1zu
WJsL41oUF404ZZDdNphbYGM7Qw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:27 2023 by rpki-client on console-fra.rpki-client.org