Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/t9CPtv1jghEF6nrpCUem4opNxmY.roa
File: t9CPtv1jghEF6nrpCUem4opNxmY.roa (raw, json)
Hash identifier: mwGZgA7MIHCGNqLCuBMidBVb2ZZLBCXbhcNrbJd07kU=
Subject key identifier: B7:D0:8F:B6:FD:63:82:11:05:EA:7A:E9:09:47:A6:E2:8A:4D:C6:66
Certificate issuer: /CN=4e167ee5f8d2ac0d9cc0137b41912f181b0489b0
Certificate serial: 13F5D3C1
Authority key identifier: 4E:16:7E:E5:F8:D2:AC:0D:9C:C0:13:7B:41:91:2F:18:1B:04:89:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThZ-5fjSrA2cwBN7QZEvGBsEibA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/t9CPtv1jghEF6nrpCUem4opNxmY.roa
Signing time: Sat 01 Jan 2022 06:59:55 +0000
ROA not before: Sat 01 Jan 2022 06:59:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1930
IP address blocks: 192.26.231.0/24 maxlen: 24
192.80.20.0/24 maxlen: 24
192.107.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 334877633 (0x13f5d3c1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e167ee5f8d2ac0d9cc0137b41912f181b0489b0
Validity
Not Before: Jan 1 06:59:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b7d08fb6fd63821105ea7ae90947a6e28a4dc666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:7a:88:79:2f:da:c7:88:87:ed:09:e4:77:2e:
90:61:5f:ed:5c:c6:e3:60:e9:c7:16:68:a6:50:45:
11:08:87:93:65:31:0b:54:65:cf:83:42:57:9b:30:
2b:8b:d8:f2:fe:a2:13:b1:df:21:f5:2d:95:c4:c9:
ce:59:91:59:b9:c6:e7:44:48:f5:53:f2:f5:7f:4f:
45:52:3f:c8:5b:f0:a7:df:b7:5e:15:93:97:bb:3f:
49:75:ee:b8:f6:ad:b8:ea:c2:0e:e2:9d:1a:6b:8d:
64:b8:e0:fa:da:2f:b2:45:c4:9b:8d:30:8d:4f:67:
8b:6a:a3:c9:8f:bf:c4:0a:b9:cd:cb:88:fb:15:56:
77:be:8d:8c:41:1b:38:98:a4:c1:ca:39:97:dd:41:
68:25:67:bb:6e:47:7e:af:b2:6d:b3:ec:c9:ca:05:
74:ec:35:60:7f:de:26:6c:43:fd:dd:d9:39:5a:a9:
58:42:35:a6:1e:59:07:86:45:69:78:1c:43:08:55:
a4:e6:5c:12:11:02:16:12:9f:70:12:39:d9:f7:52:
2f:04:44:0f:92:d0:05:c4:29:bb:26:94:05:04:e5:
14:a1:27:8a:b6:d8:1f:4f:d1:d9:78:5e:d5:f1:94:
a8:23:f9:28:1f:61:e7:a9:f1:86:aa:82:a1:c7:84:
5f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:D0:8F:B6:FD:63:82:11:05:EA:7A:E9:09:47:A6:E2:8A:4D:C6:66
X509v3 Authority Key Identifier:
keyid:4E:16:7E:E5:F8:D2:AC:0D:9C:C0:13:7B:41:91:2F:18:1B:04:89:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThZ-5fjSrA2cwBN7QZEvGBsEibA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/t9CPtv1jghEF6nrpCUem4opNxmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/6e178e-9cbf-489e-aa3a-f662b0a65e8e/1/ThZ-5fjSrA2cwBN7QZEvGBsEibA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.26.231.0/24
192.80.20.0/24
192.107.122.0/24
Signature Algorithm: sha256WithRSAEncryption
46:0d:b9:ef:cb:03:39:93:59:0f:97:48:95:77:4c:8b:ee:92:
9f:a2:a9:68:c4:21:00:a7:2e:6d:fe:31:f0:71:f2:1a:6f:54:
7c:58:0d:34:40:6e:46:73:bc:0d:80:f0:4b:85:b6:49:3b:43:
c6:7d:37:ac:fe:1b:e0:ff:3f:1b:63:42:8c:8a:b9:af:1d:90:
c3:06:14:f9:86:d7:83:84:6f:94:f6:e0:28:73:54:ad:d5:50:
8f:93:1c:f2:1c:79:26:9b:57:de:c6:0c:a0:5e:ac:d6:45:c1:
66:ae:0a:1f:8c:dd:94:68:68:9c:f7:76:24:3e:1a:66:ce:c8:
1e:47:d7:44:c3:2d:de:70:dd:88:45:ae:7b:5e:98:5d:bd:98:
1e:f8:10:1e:01:88:1b:c4:02:5a:b2:08:37:e7:1b:75:82:84:
d0:ea:4d:d4:59:ae:e3:9a:22:62:09:cd:f8:71:66:11:6d:4e:
bd:17:06:5c:89:f6:e7:47:38:67:77:69:ac:a7:e0:18:e6:b8:
5f:f1:51:fb:b4:ac:a4:2e:7a:5d:e9:6c:e3:1c:5b:c8:f5:8a:
49:b4:aa:f6:14:05:ba:11:7c:fe:43:43:78:4d:17:84:7c:0b:
cf:22:c8:14:27:70:01:aa:ff:e9:8d:a1:94:a9:17:15:6a:ec:
28:4a:2a:3e
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEE/XTwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZTE2N2VlNWY4ZDJhYzBkOWNjMDEzN2I0MTkxMmYxODFiMDQ4OWIwMB4XDTIyMDEw
MTA2NTk1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjdkMDhmYjZmZDYz
ODIxMTA1ZWE3YWU5MDk0N2E2ZTI4YTRkYzY2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJ6iHkv2seIh+0J5HcukGFf7VzG42DpxxZoplBFEQiHk2Ux
C1Rlz4NCV5swK4vY8v6iE7HfIfUtlcTJzlmRWbnG50RI9VPy9X9PRVI/yFvwp9+3
XhWTl7s/SXXuuPatuOrCDuKdGmuNZLjg+tovskXEm40wjU9ni2qjyY+/xAq5zcuI
+xVWd76NjEEbOJikwco5l91BaCVnu25Hfq+ybbPsycoFdOw1YH/eJmxD/d3ZOVqp
WEI1ph5ZB4ZFaXgcQwhVpOZcEhECFhKfcBI52fdSLwRED5LQBcQpuyaUBQTlFKEn
irbYH0/R2Xhe1fGUqCP5KB9h56nxhqqCoceEX40CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBS30I+2/WOCEQXqeukJR6biik3GZjAfBgNVHSMEGDAWgBROFn7l+NKsDZzA
E3tBkS8YGwSJsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RoWi01ZmpTckEyY3dCTjdRWkV2R0JzRWliQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTUvNmUxNzhlLTljYmYtNDg5ZS1hYTNhLWY2NjJiMGE2NWU4ZS8x
L3Q5Q1B0djFqZ2hFRjZucnBDVWVtNG9wTnhtWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTUv
NmUxNzhlLTljYmYtNDg5ZS1hYTNhLWY2NjJiMGE2NWU4ZS8xL1RoWi01ZmpTckEy
Y3dCTjdRWkV2R0JzRWliQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAMAa5wMEAMBQFAMEAMBrejANBgkq
hkiG9w0BAQsFAAOCAQEARg2578sDOZNZD5dIlXdMi+6Sn6KpaMQhAKcubf4x8HHy
Gm9UfFgNNEBuRnO8DYDwS4W2STtDxn03rP4b4P8/G2NCjIq5rx2QwwYU+YbXg4Rv
lPbgKHNUrdVQj5Mc8hx5JptX3sYMoF6s1kXBZq4KH4zdlGhonPd2JD4aZs7IHkfX
RMMt3nDdiEWue16YXb2YHvgQHgGIG8QCWrIIN+cbdYKE0OpN1Fmu45oiYgnN+HFm
EW1OvRcGXIn250c4Z3dprKfgGOa4X/FR+7SspC56Xels4xxbyPWKSbSq9hQFuhF8
/kNDeE0XhHwLzyLIFCdwAar/6Y2hlKkXFWrsKEoqPg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:36 2024 by rpki-client on console-ams.rpki-client.org