Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/Lst3hoW1hmPqs-4y2YlI8MZlbHk.roa
File: Lst3hoW1hmPqs-4y2YlI8MZlbHk.roa (raw, json)
Hash identifier: Gq/AGlIRdHsncft1JHQdf/wT9zf193RD1RzEcM1eC9Q=
Subject key identifier: 2E:CB:77:86:85:B5:86:63:EA:B3:EE:32:D9:89:48:F0:C6:65:6C:79
Certificate issuer: /CN=a3d31f1799bf5588ffa988e49286bfc70a4b34be
Certificate serial: 0182582431791AD9CE2B248CA7CC3D7B5071
Authority key identifier: A3:D3:1F:17:99:BF:55:88:FF:A9:88:E4:92:86:BF:C7:0A:4B:34:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o9MfF5m_VYj_qYjkkoa_xwpLNL4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/Lst3hoW1hmPqs-4y2YlI8MZlbHk.roa
Signing time: Mon 01 Aug 2022 06:42:23 +0000
ROA not before: Mon 01 Aug 2022 06:42:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20768
IP address blocks: 217.151.208.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:58:24:31:79:1a:d9:ce:2b:24:8c:a7:cc:3d:7b:50:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3d31f1799bf5588ffa988e49286bfc70a4b34be
Validity
Not Before: Aug 1 06:42:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ecb778685b58663eab3ee32d98948f0c6656c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:62:92:dc:28:c0:13:4f:6a:c3:5c:b2:fd:7e:
27:f9:4a:c4:29:b9:be:81:e6:f8:d6:3f:83:9c:3b:
32:97:8a:47:24:04:18:22:82:0e:a6:29:15:3f:c4:
b1:cc:3e:93:a1:d1:76:ab:80:71:16:c5:4e:05:16:
dd:be:5c:dd:7f:ba:ac:34:2b:3d:cc:93:45:fe:4b:
13:03:26:b6:84:51:b2:97:dc:60:24:38:67:b0:3a:
ee:58:b0:dd:81:71:58:3d:92:fc:f5:aa:a1:9f:89:
90:ef:fa:c8:9c:4d:95:bc:53:af:6c:3f:6d:e7:9f:
54:24:81:7c:00:bb:53:b7:a7:59:d8:77:85:26:ad:
8f:52:e6:82:57:d0:36:ae:fc:ac:a4:8c:e8:50:db:
2f:0a:c1:4e:46:08:97:34:c8:b5:99:e7:75:e7:2c:
ec:f9:86:69:88:ba:15:5d:3d:9f:05:be:ef:f7:fe:
ad:ac:0b:17:30:a5:47:f4:3b:20:9f:51:56:b1:e8:
f7:b3:b8:b2:72:ac:ce:10:15:30:9b:ca:e7:04:5e:
31:83:c3:5e:f2:59:02:17:07:9b:92:86:1d:4d:6e:
b9:c6:45:a6:63:a7:08:47:48:e3:07:4e:c8:90:28:
b7:72:4b:d9:3f:7a:5b:ca:aa:52:3c:1f:4e:28:03:
fa:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CB:77:86:85:B5:86:63:EA:B3:EE:32:D9:89:48:F0:C6:65:6C:79
X509v3 Authority Key Identifier:
keyid:A3:D3:1F:17:99:BF:55:88:FF:A9:88:E4:92:86:BF:C7:0A:4B:34:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o9MfF5m_VYj_qYjkkoa_xwpLNL4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/Lst3hoW1hmPqs-4y2YlI8MZlbHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/1acd6c-892f-45e1-b145-ade5261c1043/1/o9MfF5m_VYj_qYjkkoa_xwpLNL4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.151.208.0/20
Signature Algorithm: sha256WithRSAEncryption
45:ed:2e:52:79:0a:cb:3a:0c:64:34:4e:29:a9:fe:c2:dc:9b:
b2:2e:31:e2:91:55:b3:99:e9:0a:4f:30:39:eb:07:24:9c:41:
f6:3e:62:c2:a7:12:ba:55:bc:f6:12:77:67:15:5d:59:21:13:
e8:80:66:82:8b:75:3f:93:fa:6f:33:39:fc:c8:14:7c:70:b9:
7d:4f:6d:18:93:49:bd:88:38:da:1f:21:ec:37:ca:cf:75:19:
b5:fb:aa:26:db:5b:ee:d3:a0:e0:dc:d8:f9:7e:27:c7:46:e1:
e9:df:6d:4f:44:cb:50:e9:30:9b:74:8d:d3:57:0d:42:14:c5:
50:c6:f5:d3:74:66:3a:81:d6:24:41:e0:4d:79:b0:b1:45:1f:
a5:2a:e6:c9:0d:11:41:f9:23:52:94:d8:b1:8b:89:ed:ea:8f:
29:44:3f:05:e9:b6:13:de:ef:6f:28:81:49:d7:ab:27:9c:da:
19:3e:69:6a:32:f6:c6:5e:48:6b:5a:1b:4b:ae:02:e1:4e:cd:
bd:13:d9:e6:e8:bf:b4:ac:d9:45:58:68:c5:7e:6d:95:a3:91:
3b:b1:31:8d:40:0c:90:8e:a5:d0:c4:28:9c:fd:fb:23:80:fa:
aa:ce:63:41:08:6c:c4:ca:3f:1f:18:5e:ff:a4:87:7b:91:4d:
1f:77:9b:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJYJDF5GtnOKySMp8w9e1BxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZDMxZjE3OTliZjU1ODhmZmE5ODhlNDkyODZiZmM3MGE0
YjM0YmUwHhcNMjIwODAxMDY0MjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWNiNzc4Njg1YjU4NjYzZWFiM2VlMzJkOTg5NDhmMGM2NjU2Yzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmKS3CjAE09qw1yy/X4n+UrEKbm+
geb41j+DnDsyl4pHJAQYIoIOpikVP8SxzD6TodF2q4BxFsVOBRbdvlzdf7qsNCs9
zJNF/ksTAya2hFGyl9xgJDhnsDruWLDdgXFYPZL89aqhn4mQ7/rInE2VvFOvbD9t
559UJIF8ALtTt6dZ2HeFJq2PUuaCV9A2rvyspIzoUNsvCsFORgiXNMi1med15yzs
+YZpiLoVXT2fBb7v9/6trAsXMKVH9Dsgn1FWsej3s7iycqzOEBUwm8rnBF4xg8Ne
8lkCFwebkoYdTW65xkWmY6cIR0jjB07IkCi3ckvZP3pbyqpSPB9OKAP62wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7Ld4aFtYZj6rPuMtmJSPDGZWx5MB8GA1UdIwQY
MBaAFKPTHxeZv1WI/6mI5JKGv8cKSzS+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzlNZkY1bV9WWWpfcVlqa2tvYV94d3BMTkw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8xYWNkNmMtODkyZi00NWUxLWIxNDUt
YWRlNTI2MWMxMDQzLzEvTHN0M2hvVzFobVBxcy00eTJZbEk4TVpsYkhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8xYWNkNmMtODkyZi00NWUxLWIxNDUtYWRlNTI2MWMxMDQz
LzEvbzlNZkY1bV9WWWpfcVlqa2tvYV94d3BMTkw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2ZfQMA0G
CSqGSIb3DQEBCwUAA4IBAQBF7S5SeQrLOgxkNE4pqf7C3JuyLjHikVWzmekKTzA5
6wcknEH2PmLCpxK6Vbz2EndnFV1ZIRPogGaCi3U/k/pvMzn8yBR8cLl9T20Yk0m9
iDjaHyHsN8rPdRm1+6om21vu06Dg3Nj5fifHRuHp321PRMtQ6TCbdI3TVw1CFMVQ
xvXTdGY6gdYkQeBNebCxRR+lKubJDRFB+SNSlNixi4nt6o8pRD8F6bYT3u9vKIFJ
16snnNoZPmlqMvbGXkhrWhtLrgLhTs29E9nm6L+0rNlFWGjFfm2Vo5E7sTGNQAyQ
jqXQxCic/fsjgPqqzmNBCGzEyj8fGF7/pId7kU0fd5uw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:46 2023 by rpki-client on console-fra.rpki-client.org