Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/m66DGJFASNFxkFkYgt9GAX1isR4.roa
File: m66DGJFASNFxkFkYgt9GAX1isR4.roa (raw, json)
Hash identifier: a4wDvEd/LFEX7eMCu6z4t39dANRsdirf0jltZu/mT5o=
Subject key identifier: 9B:AE:83:18:91:40:48:D1:71:90:59:18:82:DF:46:01:7D:62:B1:1E
Certificate issuer: /CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Certificate serial: 018455BA1C1D4A544202A75CD82488466A7D
Authority key identifier: EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/m66DGJFASNFxkFkYgt9GAX1isR4.roa
Signing time: Tue 08 Nov 2022 05:32:51 +0000
ROA not before: Tue 08 Nov 2022 05:32:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39142
IP address blocks: 195.191.240.0/23 maxlen: 23
195.191.240.0/24 maxlen: 24
195.191.241.0/24 maxlen: 24
2a0a:dc07::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:55:ba:1c:1d:4a:54:42:02:a7:5c:d8:24:88:46:6a:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efe691427c6e41806f6ceb1e218a7dc6320fdeed
Validity
Not Before: Nov 8 05:32:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9bae8318914048d17190591882df46017d62b11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:bd:47:e5:8a:c0:79:cd:63:a5:b6:78:b2:05:
4b:53:55:e3:f9:95:ce:ef:1c:c0:75:7a:32:a3:6b:
8a:14:a8:c9:43:c2:81:a2:a2:4a:20:c8:41:1b:a5:
ee:b1:9b:b8:e0:0a:4d:0c:27:f8:44:5b:28:c2:d8:
1c:27:59:1d:a4:0f:b0:87:d2:9a:9a:6d:12:28:8d:
f0:62:ec:22:95:87:7d:14:b1:3b:c0:fd:9e:34:f4:
d6:58:75:fb:03:c4:87:ce:91:f3:ff:63:7d:56:b2:
a6:61:71:98:06:85:c8:f1:26:63:7d:b6:43:01:95:
1a:44:8b:01:5e:b0:41:63:8b:81:e0:e4:ac:cd:75:
68:da:fc:2a:ca:e9:3c:90:51:87:18:21:1d:a7:76:
8a:da:b3:f8:fc:bc:9f:37:46:4c:5e:ed:b0:83:f0:
7f:c9:9a:e6:91:14:2f:0f:7b:8e:f2:73:3b:09:6a:
ff:03:7a:b1:3f:bd:04:61:7d:0b:36:0c:8a:b4:cc:
33:61:f1:ef:fb:6c:e9:88:ad:a5:11:66:ed:7c:30:
b9:ad:ba:d9:f0:b1:df:ee:4a:1f:a4:49:3b:68:eb:
93:55:8c:04:93:32:8f:f8:d7:e3:ae:a9:17:88:63:
28:d7:d6:4a:05:01:16:bd:a3:e8:55:c9:3c:f8:8d:
24:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AE:83:18:91:40:48:D1:71:90:59:18:82:DF:46:01:7D:62:B1:1E
X509v3 Authority Key Identifier:
keyid:EF:E6:91:42:7C:6E:41:80:6F:6C:EB:1E:21:8A:7D:C6:32:0F:DE:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-aRQnxuQYBvbOseIYp9xjIP3u0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/m66DGJFASNFxkFkYgt9GAX1isR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/059975-ef90-421b-8af3-3814c57fe9bb/1/7-aRQnxuQYBvbOseIYp9xjIP3u0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.240.0/23
IPv6:
2a0a:dc07::/32
Signature Algorithm: sha256WithRSAEncryption
49:b9:9d:a0:ab:22:50:24:79:97:f7:86:eb:a6:77:9e:9b:d4:
c0:c5:9b:f5:04:b3:53:d0:52:b1:5c:b3:ad:3c:4e:4b:cc:7f:
f3:cf:8e:77:74:10:cc:6a:99:c7:52:c3:1d:47:6e:57:7a:73:
b5:d5:13:e9:1a:f6:ee:54:a3:b7:f9:1f:64:55:d8:81:e5:80:
67:99:7d:83:f8:c7:cb:34:5e:e8:34:a9:3c:90:3e:d3:45:03:
6b:b3:1c:6a:b8:97:53:45:df:44:64:66:88:4b:1e:7f:a9:b2:
06:95:f8:1d:d0:41:d5:ba:c7:73:60:b9:0a:56:15:9a:d8:72:
d1:da:74:42:ca:80:76:79:ee:56:88:9a:45:d6:7f:7b:13:db:
2e:3d:a1:cf:2e:21:54:dc:ce:73:d3:f1:a8:d0:68:82:60:b7:
c2:f1:75:ce:7e:c0:8d:5f:30:b9:a0:49:c3:15:dd:89:82:3f:
40:67:09:45:b2:56:44:18:39:3b:b5:49:26:aa:6e:1f:c3:92:
28:15:89:af:06:c2:d3:66:eb:49:8a:24:49:51:17:b0:67:05:
b2:e6:92:90:23:0b:d2:c8:67:66:15:1d:04:87:3f:a7:ed:fd:
96:ed:80:10:38:b0:d9:b4:8f:e4:f9:85:20:c2:ec:a2:f3:9d:
1b:ba:61:c2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRVuhwdSlRCAqdc2CSIRmp9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZTY5MTQyN2M2ZTQxODA2ZjZjZWIxZTIxOGE3ZGM2MzIw
ZmRlZWQwHhcNMjIxMTA4MDUzMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmFlODMxODkxNDA0OGQxNzE5MDU5MTg4MmRmNDYwMTdkNjJiMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL1H5YrAec1jpbZ4sgVLU1Xj+ZXO
7xzAdXoyo2uKFKjJQ8KBoqJKIMhBG6XusZu44ApNDCf4RFsowtgcJ1kdpA+wh9Ka
mm0SKI3wYuwilYd9FLE7wP2eNPTWWHX7A8SHzpHz/2N9VrKmYXGYBoXI8SZjfbZD
AZUaRIsBXrBBY4uB4OSszXVo2vwqyuk8kFGHGCEdp3aK2rP4/LyfN0ZMXu2wg/B/
yZrmkRQvD3uO8nM7CWr/A3qxP70EYX0LNgyKtMwzYfHv+2zpiK2lEWbtfDC5rbrZ
8LHf7kofpEk7aOuTVYwEkzKP+NfjrqkXiGMo19ZKBQEWvaPoVck8+I0kxQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJuugxiRQEjRcZBZGILfRgF9YrEeMB8GA1UdIwQY
MBaAFO/mkUJ8bkGAb2zrHiGKfcYyD97tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMt
MzgxNGM1N2ZlOWJiLzEvbTY2REdKRkFTTkZ4a0ZrWWd0OUdBWDFpc1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8wNTk5NzUtZWY5MC00MjFiLThhZjMtMzgxNGM1N2ZlOWJi
LzEvNy1hUlFueHVRWUJ2Yk9zZUlZcDl4aklQM3UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBw7/wMA0E
AgACMAcDBQAqCtwHMA0GCSqGSIb3DQEBCwUAA4IBAQBJuZ2gqyJQJHmX94brpnee
m9TAxZv1BLNT0FKxXLOtPE5LzH/zz453dBDMapnHUsMdR25XenO11RPpGvbuVKO3
+R9kVdiB5YBnmX2D+MfLNF7oNKk8kD7TRQNrsxxquJdTRd9EZGaISx5/qbIGlfgd
0EHVusdzYLkKVhWa2HLR2nRCyoB2ee5WiJpF1n97E9suPaHPLiFU3M5z0/Go0GiC
YLfC8XXOfsCNXzC5oEnDFd2Jgj9AZwlFslZEGDk7tUkmqm4fw5IoFYmvBsLTZutJ
iiRJURewZwWy5pKQIwvSyGdmFR0Ehz+n7f2W7YAQOLDZtI/k+YUgwuyi850bumHC
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:52 2023 by rpki-client on console-ams.rpki-client.org