Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/98yPPUx9oOHiDLfLEhHvs3Hp2Zw.roa
File: 98yPPUx9oOHiDLfLEhHvs3Hp2Zw.roa (raw, json)
Hash identifier: 52+Xw4Yd0hj+a053Skdze1Fz5cp8QJ/+l2dRGeWsJTc=
Subject key identifier: F7:CC:8F:3D:4C:7D:A0:E1:E2:0C:B7:CB:12:11:EF:B3:71:E9:D9:9C
Certificate issuer: /CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
Certificate serial: 04FD8AF3
Authority key identifier: D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/98yPPUx9oOHiDLfLEhHvs3Hp2Zw.roa
Signing time: Sat 01 Jan 2022 14:07:19 +0000
ROA not before: Sat 01 Jan 2022 14:07:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 192.118.70.0/24 maxlen: 24
192.118.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83725043 (0x4fd8af3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2c1d5fd4e20ade5f11b66afb10a54c8ffe4b040
Validity
Not Before: Jan 1 14:07:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7cc8f3d4c7da0e1e20cb7cb1211efb371e9d99c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:1e:01:e8:89:bb:50:d9:9c:42:5a:80:6a:6b:
d5:90:43:09:31:c3:1e:bd:86:9b:1b:f0:c4:f7:8d:
80:2f:2d:71:50:4d:6c:6c:b8:6b:8d:25:ca:09:f0:
4d:e5:2b:50:fb:63:ae:3a:40:d8:d2:87:38:14:fe:
b6:dc:7d:94:1a:95:d6:f7:e1:06:d6:1c:58:57:05:
35:63:fa:a7:36:42:ad:2b:6b:c6:50:42:e2:02:1d:
09:86:42:50:29:2d:2e:01:a1:38:35:0b:13:2d:5d:
04:b6:2b:9f:88:93:d7:5d:e6:c4:4b:8f:3b:45:10:
ca:32:da:b9:34:3c:9e:88:bf:1a:f2:5d:3e:34:04:
c0:9b:ec:90:d6:4b:bd:fd:8f:f4:0c:fe:ef:61:1d:
4f:f8:41:b7:77:bf:e0:6d:0e:cd:21:9c:cc:88:8f:
9b:06:ba:ab:d8:81:50:1d:bd:ee:f7:ee:1f:26:20:
b3:ca:a8:b9:40:2c:d7:af:55:df:64:02:47:9d:a6:
ec:e9:d5:46:c0:5c:f3:09:1e:68:f2:d3:11:74:6f:
93:36:ae:e2:60:e4:9f:9e:e6:2e:9e:7f:47:07:12:
de:a8:63:cc:e1:f3:a1:f2:be:7e:5b:99:f3:fc:2b:
6c:90:0a:5d:29:c1:9d:3a:dc:b7:e6:fa:57:05:7a:
71:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CC:8F:3D:4C:7D:A0:E1:E2:0C:B7:CB:12:11:EF:B3:71:E9:D9:9C
X509v3 Authority Key Identifier:
keyid:D2:C1:D5:FD:4E:20:AD:E5:F1:1B:66:AF:B1:0A:54:C8:FF:E4:B0:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0sHV_U4greXxG2avsQpUyP_ksEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/98yPPUx9oOHiDLfLEhHvs3Hp2Zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/8613ad-4f5f-45fd-8799-a09a875f5903/1/0sHV_U4greXxG2avsQpUyP_ksEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.118.70.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:88:85:a9:2f:1b:d9:93:d4:e7:db:aa:39:5c:21:c3:ee:93:
26:9b:94:e4:a6:3a:cc:ff:55:b1:6d:83:78:c9:6a:3d:a0:f3:
f1:0e:2c:e9:56:dd:37:04:c5:c2:de:37:ec:9a:9f:11:b6:a5:
21:07:ec:cc:62:42:37:40:3f:1e:23:50:ed:17:7d:ea:ed:e7:
9a:2b:96:ae:3d:7c:7b:95:61:88:94:f7:84:dc:a1:94:66:82:
6e:ec:57:7c:8c:a9:0a:21:a0:14:b7:9e:68:13:81:bd:5c:a3:
ec:44:cd:7d:81:46:08:71:b1:25:20:c2:44:59:3e:21:0c:cd:
07:aa:6d:89:5d:9a:3f:c1:3c:5d:2b:43:5a:9c:d5:89:00:39:
c7:4f:81:f8:f5:1a:c0:2a:82:d7:d1:26:b9:9c:00:60:4c:2e:
72:05:33:f0:58:df:5d:95:40:ed:af:9f:bf:85:ff:0c:4f:60:
9e:9a:e0:ad:fc:75:93:21:3e:26:17:11:7a:a1:72:cf:e6:43:
e7:97:bf:32:76:5d:cb:81:31:60:18:e1:92:4b:86:9b:60:13:
4e:c5:45:5d:45:b7:c2:e0:20:b9:07:53:fe:39:bb:94:21:1b:
cd:ff:4f:5f:71:d7:00:d5:5d:4b:18:bc:45:3e:2a:75:64:8a:
84:52:eb:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBP2K8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MmMxZDVmZDRlMjBhZGU1ZjExYjY2YWZiMTBhNTRjOGZmZTRiMDQwMB4XDTIyMDEw
MTE0MDcxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdjYzhmM2Q0Yzdk
YTBlMWUyMGNiN2NiMTIxMWVmYjM3MWU5ZDk5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPYeAeiJu1DZnEJagGpr1ZBDCTHDHr2GmxvwxPeNgC8tcVBN
bGy4a40lygnwTeUrUPtjrjpA2NKHOBT+ttx9lBqV1vfhBtYcWFcFNWP6pzZCrStr
xlBC4gIdCYZCUCktLgGhODULEy1dBLYrn4iT113mxEuPO0UQyjLauTQ8noi/GvJd
PjQEwJvskNZLvf2P9Az+72EdT/hBt3e/4G0OzSGczIiPmwa6q9iBUB297vfuHyYg
s8qouUAs169V32QCR52m7OnVRsBc8wkeaPLTEXRvkzau4mDkn57mLp5/RwcS3qhj
zOHzofK+fluZ8/wrbJAKXSnBnTrct+b6VwV6cWsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT3zI89TH2g4eIMt8sSEe+zcenZnDAfBgNVHSMEGDAWgBTSwdX9TiCt5fEb
Zq+xClTI/+SwQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBzSFZfVTRncmVYeEcyYXZzUXBVeVBfa3NFQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvODYxM2FkLTRmNWYtNDVmZC04Nzk5LWEwOWE4NzVmNTkwMy8x
Lzk4eVBQVXg5b09IaURMZkxFaEh2czNIcDJady5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ODYxM2FkLTRmNWYtNDVmZC04Nzk5LWEwOWE4NzVmNTkwMy8xLzBzSFZfVTRncmVY
eEcyYXZzUXBVeVBfa3NFQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcB2RjANBgkqhkiG9w0BAQsFAAOC
AQEAnYiFqS8b2ZPU59uqOVwhw+6TJpuU5KY6zP9VsW2DeMlqPaDz8Q4s6VbdNwTF
wt437JqfEbalIQfszGJCN0A/HiNQ7Rd96u3nmiuWrj18e5VhiJT3hNyhlGaCbuxX
fIypCiGgFLeeaBOBvVyj7ETNfYFGCHGxJSDCRFk+IQzNB6ptiV2aP8E8XStDWpzV
iQA5x0+B+PUawCqC19EmuZwAYEwucgUz8FjfXZVA7a+fv4X/DE9gnprgrfx1kyE+
JhcReqFyz+ZD55e/MnZdy4ExYBjhkkuGm2ATTsVFXUW3wuAguQdT/jm7lCEbzf9P
X3HXANVdSxi8RT4qdWSKhFLrQQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:23 2023 by rpki-client on console-ams.rpki-client.org