Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/2gX9qcggHINWjt6xqYdYYYd9-i0.roa
File: 2gX9qcggHINWjt6xqYdYYYd9-i0.roa (raw, json)
Hash identifier: WqziYFE2NiNY+Hgr28iQsoLu/9G5g352scWteKIY6y4=
Subject key identifier: DA:05:FD:A9:C8:20:1C:83:56:8E:DE:B1:A9:87:58:61:87:7D:FA:2D
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 0185217FB2FA22499F2C49547911E9B0E656
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/2gX9qcggHINWjt6xqYdYYYd9-i0.roa
Signing time: Sat 17 Dec 2022 19:11:35 +0000
ROA not before: Sat 17 Dec 2022 19:11:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33185
IP address blocks: 147.189.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:21:7f:b2:fa:22:49:9f:2c:49:54:79:11:e9:b0:e6:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Dec 17 19:11:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da05fda9c8201c83568edeb1a9875861877dfa2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:63:83:f6:33:a6:42:db:74:1d:bc:ed:77:0e:
9b:86:ac:7a:4c:a3:30:79:86:35:13:f2:f9:04:7f:
61:37:3c:68:2c:9a:69:a8:47:85:cc:2a:57:a5:1e:
4d:00:3f:f9:90:16:51:27:88:6d:43:d7:f3:64:24:
c0:4f:1e:54:14:2b:8e:b1:ff:e7:ac:c2:1c:57:af:
04:21:bb:09:11:51:07:ea:44:b3:1b:d5:c5:df:9a:
c7:78:4b:60:75:32:68:66:c7:49:21:3e:6f:de:54:
aa:f1:c1:2c:a1:64:c2:36:2c:25:db:df:ee:66:83:
16:7d:33:03:2d:50:e8:f9:3c:a5:a3:62:29:ff:15:
ff:38:6b:a7:ad:51:e3:8d:10:38:d2:62:38:f8:17:
14:6b:36:00:f8:04:79:7f:1b:a8:8c:d8:c3:43:cc:
47:d4:1b:d9:49:2e:48:1b:e2:cc:51:6f:6c:08:70:
22:92:93:36:9d:44:05:29:2e:f5:95:76:31:ad:f8:
d9:9e:28:c4:47:a3:bb:c5:74:b6:c4:41:5e:53:61:
07:58:24:40:b9:7a:ad:d8:3e:64:2a:2b:d6:d9:37:
78:93:fc:b6:76:3a:32:28:1d:b7:e6:21:22:27:a9:
ce:e4:5c:dd:16:78:e5:1b:da:f3:b9:ba:99:6a:78:
30:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:05:FD:A9:C8:20:1C:83:56:8E:DE:B1:A9:87:58:61:87:7D:FA:2D
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/2gX9qcggHINWjt6xqYdYYYd9-i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.136.0/24
Signature Algorithm: sha256WithRSAEncryption
22:46:34:4c:4a:8b:28:0d:64:79:4f:b4:3c:72:7a:5e:2c:9d:
15:c4:65:38:3a:19:d7:f3:54:a1:60:c5:73:bc:46:cc:e0:f3:
75:da:8b:9e:ef:11:5e:e2:17:26:c9:1b:95:dd:fd:95:e1:1b:
bf:61:5e:ce:6f:f7:eb:3e:ed:55:46:c7:ba:12:01:c4:96:51:
bc:71:61:e8:fb:f7:0f:8c:51:22:83:f8:76:9c:6a:18:b3:9f:
1d:63:18:8a:50:1e:b9:47:6c:f5:96:e5:74:cd:26:ed:fa:3c:
33:e5:28:d6:b7:94:5c:48:85:b3:a6:46:78:15:93:37:66:04:
4d:8f:0e:04:65:bd:7b:24:68:1f:95:50:74:2d:88:fe:f3:51:
1d:c6:f8:2d:78:d5:80:fe:96:4b:f4:61:b9:b2:54:35:be:7b:
87:11:31:6e:e8:80:e3:f6:71:0c:f5:3d:07:8b:aa:bc:a4:cd:
12:7a:9a:a2:ef:1c:15:97:2b:99:8e:f4:48:29:c0:2f:ae:ba:
ee:66:f0:e1:16:00:e4:e3:b9:33:06:d3:0f:f7:f0:ee:59:81:
44:15:51:8c:3c:c6:6c:a2:b6:c7:07:23:66:7a:fa:50:21:8c:
3b:c8:e6:ba:8e:e4:31:c1:5a:92:fb:25:58:5a:d3:64:f8:f3:
c0:e6:f5:34
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYUhf7L6IkmfLElUeRHpsOZWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjIxMjE3MTkxMTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTA1ZmRhOWM4MjAxYzgzNTY4ZWRlYjFhOTg3NTg2MTg3N2RmYTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWOD9jOmQtt0Hbztdw6bhqx6TKMw
eYY1E/L5BH9hNzxoLJppqEeFzCpXpR5NAD/5kBZRJ4htQ9fzZCTATx5UFCuOsf/n
rMIcV68EIbsJEVEH6kSzG9XF35rHeEtgdTJoZsdJIT5v3lSq8cEsoWTCNiwl29/u
ZoMWfTMDLVDo+Tylo2Ip/xX/OGunrVHjjRA40mI4+BcUazYA+AR5fxuojNjDQ8xH
1BvZSS5IG+LMUW9sCHAikpM2nUQFKS71lXYxrfjZnijER6O7xXS2xEFeU2EHWCRA
uXqt2D5kKivW2Td4k/y2djoyKB235iEiJ6nO5FzdFnjlG9rzubqZangwVwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFNoF/anIIByDVo7esamHWGGHffotMB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xLzJnWDlxY2dnSElOV2p0NnhxWWRZWVlkOS1pMC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACTvYgw
DQYJKoZIhvcNAQELBQADggEBACJGNExKiygNZHlPtDxyel4snRXEZTg6GdfzVKFg
xXO8Rszg83Xai57vEV7iFybJG5Xd/ZXhG79hXs5v9+s+7VVGx7oSAcSWUbxxYej7
9w+MUSKD+Hacahiznx1jGIpQHrlHbPWW5XTNJu36PDPlKNa3lFxIhbOmRngVkzdm
BE2PDgRlvXskaB+VUHQtiP7zUR3G+C141YD+lkv0YbmyVDW+e4cRMW7ogOP2cQz1
PQeLqrykzRJ6mqLvHBWXK5mO9EgpwC+uuu5m8OEWAOTjuTMG0w/38O5ZgUQVUYw8
xmyitscHI2Z6+lAhjDvI5rqO5DHBWpL7JVha02T488Dm9TQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:48 2023 by rpki-client on console-fra.rpki-client.org