Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/CVmdSMqwYuhs_cmeyTCHOgxaCaU.roa
File: CVmdSMqwYuhs_cmeyTCHOgxaCaU.roa (raw, json)
Hash identifier: SdM7yjnuoCftZY91RkN3IxDLFQw93TgfDNHAQB63w04=
Subject key identifier: 09:59:9D:48:CA:B0:62:E8:6C:FD:C9:9E:C9:30:87:3A:0C:5A:09:A5
Certificate issuer: /CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Certificate serial: 01857246DEC17F9E6C28BF01523EA3DDBF6A
Authority key identifier: 32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/CVmdSMqwYuhs_cmeyTCHOgxaCaU.roa
Signing time: Mon 02 Jan 2023 11:38:45 +0000
ROA not before: Mon 02 Jan 2023 11:38:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56574
IP address blocks: 192.166.232.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:de:c1:7f:9e:6c:28:bf:01:52:3e:a3:dd:bf:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Validity
Not Before: Jan 2 11:38:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09599d48cab062e86cfdc99ec930873a0c5a09a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:49:40:63:4b:7c:68:6d:4d:a2:0f:db:b6:0f:
8d:a3:57:c2:1b:66:d5:96:5d:cc:69:c3:d0:6b:44:
80:46:29:9c:b4:db:58:fb:ec:e8:af:20:11:e4:1f:
7b:a8:4e:76:5a:20:57:1c:50:cf:6d:19:c0:f5:50:
6f:57:a5:45:ba:cb:9c:6c:d2:ed:47:49:dd:6f:f4:
f7:57:35:c3:f0:04:89:36:ef:96:d5:91:a1:b0:bc:
e8:2b:9f:38:f3:21:ee:a0:9a:35:00:2b:4e:73:4d:
fd:e2:63:fe:92:76:38:95:8a:33:99:42:c1:ab:13:
cf:29:29:95:71:29:e0:bf:37:9b:57:22:03:ed:e7:
1d:21:de:60:a0:76:83:8a:01:cf:44:ac:58:b9:f9:
93:4b:7c:9d:b9:38:cc:c6:36:13:08:01:7f:15:88:
0a:3d:0e:f1:bb:92:ea:6b:3a:b5:f2:6a:ec:06:ae:
c3:3d:57:6c:17:5d:62:14:7d:da:eb:49:fe:21:13:
4c:92:cb:f9:20:db:36:3c:62:f8:15:76:5b:35:6c:
fd:97:e8:ba:a6:03:4e:06:f9:d7:55:11:67:95:42:
19:ce:ba:7d:6d:a7:94:10:80:fa:8c:28:d2:d3:e0:
4d:ca:b1:ef:b9:7d:e0:2b:44:d9:02:f2:c1:09:eb:
7f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:59:9D:48:CA:B0:62:E8:6C:FD:C9:9E:C9:30:87:3A:0C:5A:09:A5
X509v3 Authority Key Identifier:
keyid:32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/CVmdSMqwYuhs_cmeyTCHOgxaCaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.166.232.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:f1:04:c4:5a:02:c1:e0:ee:c6:88:97:3c:59:d7:4e:6b:9a:
49:47:39:12:d2:5f:df:a2:53:08:e5:b3:7f:96:4f:8d:fa:81:
70:9d:ea:67:5f:0f:92:7c:60:60:20:e5:60:a8:5c:02:4a:a1:
fd:ac:8f:88:40:ab:70:31:5c:95:85:c1:e7:80:7c:e4:4b:f9:
05:d0:7b:e7:70:4e:74:3f:57:dd:15:e8:eb:65:d5:fa:95:a7:
4e:e6:14:73:82:92:c1:9f:14:cc:5c:6e:db:2a:77:2d:0c:dd:
ba:9b:5a:d2:ac:2a:0b:39:20:37:be:1a:25:e3:6a:9b:db:e0:
f7:0d:c4:b7:81:c6:98:d6:fe:83:84:90:1d:16:af:0f:f4:49:
14:ca:54:27:6f:67:bc:d9:08:62:1c:64:07:ae:9f:bb:6b:e4:
0a:0d:6e:79:90:40:d6:7f:0b:b5:c5:f2:c7:0a:9d:2e:00:dd:
0b:41:50:8d:25:a1:a5:95:37:da:93:8b:d9:13:06:5b:d4:56:
85:a1:77:ec:ee:a7:cd:c9:a2:ae:b1:4b:f3:b3:94:e3:d2:12:
84:6c:a7:61:73:d7:ce:65:f3:ba:52:49:80:fa:86:ad:07:5d:
c6:8f:47:ba:93:b0:00:16:4a:82:17:62:a7:ab:d5:73:70:b3:
c2:ec:a5:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyRt7Bf55sKL8BUj6j3b9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyYTc3NDI3YzAzNzA5YjMzOWE5NWIwYWQ5YTRhYzlkMmM5
MmM5MDMwHhcNMjMwMTAyMTEzODQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTU5OWQ0OGNhYjA2MmU4NmNmZGM5OWVjOTMwODczYTBjNWEwOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyElAY0t8aG1Nog/btg+No1fCG2bV
ll3MacPQa0SARimctNtY++zoryAR5B97qE52WiBXHFDPbRnA9VBvV6VFusucbNLt
R0ndb/T3VzXD8ASJNu+W1ZGhsLzoK5848yHuoJo1ACtOc0394mP+knY4lYozmULB
qxPPKSmVcSngvzebVyID7ecdId5goHaDigHPRKxYufmTS3yduTjMxjYTCAF/FYgK
PQ7xu5Lqazq18mrsBq7DPVdsF11iFH3a60n+IRNMksv5INs2PGL4FXZbNWz9l+i6
pgNOBvnXVRFnlUIZzrp9baeUEID6jCjS0+BNyrHvuX3gK0TZAvLBCet/UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAlZnUjKsGLobP3JnskwhzoMWgmlMB8GA1UdIwQY
MBaAFDKndCfANwmzOalbCtmkrJ0skskDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmIt
N2Q0MGI3YzhmYjAxLzEvQ1ZtZFNNcXdZdWhzX2NtZXlUQ0hPZ3hhQ2FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9mMjUxZWQtNTk2Ny00ZGRkLTkzMmItN2Q0MGI3YzhmYjAx
LzEvTXFkMEo4QTNDYk01cVZzSzJhU3NuU3lTeVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKboMA0G
CSqGSIb3DQEBCwUAA4IBAQAN8QTEWgLB4O7GiJc8WddOa5pJRzkS0l/folMI5bN/
lk+N+oFwnepnXw+SfGBgIOVgqFwCSqH9rI+IQKtwMVyVhcHngHzkS/kF0HvncE50
P1fdFejrZdX6ladO5hRzgpLBnxTMXG7bKnctDN26m1rSrCoLOSA3vhol42qb2+D3
DcS3gcaY1v6DhJAdFq8P9EkUylQnb2e82QhiHGQHrp+7a+QKDW55kEDWfwu1xfLH
Cp0uAN0LQVCNJaGllTfak4vZEwZb1FaFoXfs7qfNyaKusUvzs5Tj0hKEbKdhc9fO
ZfO6UkmA+oatB13Gj0e6k7AAFkqCF2Knq9VzcLPC7KXc
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:46 2025 by rpki-client