Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/MvFtRl578GYC5WwXih40qeiFdR8.roa
File: MvFtRl578GYC5WwXih40qeiFdR8.roa (raw, json)
Hash identifier: whDJwA3GXTV3O0ppVLHeG1YxJN0Bt5nVpoCUrzskPcQ=
Subject key identifier: 32:F1:6D:46:5E:7B:F0:66:02:E5:6C:17:8A:1E:34:A9:E8:85:75:1F
Certificate issuer: /CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Certificate serial: 0183AAC4473D1B4E0A53ECE22B83B6940FA7
Authority key identifier: 60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/MvFtRl578GYC5WwXih40qeiFdR8.roa
Signing time: Thu 06 Oct 2022 00:48:53 +0000
ROA not before: Thu 06 Oct 2022 00:48:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400687
IP address blocks: 194.76.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:aa:c4:47:3d:1b:4e:0a:53:ec:e2:2b:83:b6:94:0f:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60c9aa8b71e548bd7565ba663fa32f7d1aec41ab
Validity
Not Before: Oct 6 00:48:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=32f16d465e7bf06602e56c178a1e34a9e885751f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:a2:5e:2e:f6:e3:8b:c1:58:f2:9e:56:36:f6:
b8:f5:e7:1c:83:a6:94:38:53:52:0f:d9:d8:d7:53:
bf:c2:30:14:97:ba:80:d2:59:3e:c2:d1:16:1b:df:
98:9f:94:4f:80:2a:24:ac:3f:fc:82:84:2d:e6:13:
0f:e9:32:b2:7a:79:d3:0a:4e:a8:ef:c7:92:99:4d:
70:ee:a0:5c:e6:10:04:0e:ce:68:17:9a:75:e0:4f:
0f:40:f9:c2:eb:5b:53:43:8f:4f:07:ba:67:62:7a:
19:54:79:66:4c:78:fe:39:5d:ba:ab:f6:20:0d:b0:
a1:d0:1f:55:58:1c:da:06:33:e1:92:7a:8f:c9:c5:
b2:5b:a2:67:9a:70:8b:17:c4:59:4e:6d:65:1e:da:
9e:c8:2f:15:cb:e1:57:35:8e:bf:61:23:7b:e9:5c:
2b:7a:00:76:e0:5a:38:50:43:2b:b4:84:19:59:e2:
8a:e0:6d:a4:42:34:2c:74:8f:e3:e0:8a:de:b2:1b:
50:dd:37:dd:a4:69:dd:c8:4d:fc:d0:cb:04:9f:b1:
98:67:da:7a:c7:15:8b:be:41:5b:b4:90:d1:0c:31:
74:bf:22:bc:1b:5e:fc:e2:6d:51:89:68:23:b5:dc:
cb:20:c3:62:63:0d:5e:88:dd:af:f6:81:b9:c4:4c:
e8:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:F1:6D:46:5E:7B:F0:66:02:E5:6C:17:8A:1E:34:A9:E8:85:75:1F
X509v3 Authority Key Identifier:
keyid:60:C9:AA:8B:71:E5:48:BD:75:65:BA:66:3F:A3:2F:7D:1A:EC:41:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YMmqi3HlSL11ZbpmP6MvfRrsQas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/MvFtRl578GYC5WwXih40qeiFdR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/38b542-4677-4a7e-b212-c8acce156f0d/1/YMmqi3HlSL11ZbpmP6MvfRrsQas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.1.0/24
Signature Algorithm: sha256WithRSAEncryption
af:7c:4b:65:9f:18:16:df:67:ab:89:b6:42:ae:f5:3c:da:c8:
92:a1:da:ff:99:b5:0c:cd:1c:35:b9:81:19:08:4b:57:a3:f7:
26:c3:dd:ed:c5:a1:bf:50:ff:a6:6a:54:66:f9:85:78:7d:9e:
cb:22:0e:42:ae:b7:74:4e:ab:64:4f:77:11:c1:6c:0e:5b:5c:
ac:f1:e6:23:39:65:52:59:70:13:4b:8c:e8:e5:9c:91:cf:e6:
82:26:a8:80:22:f0:dd:fb:1b:09:22:05:3a:7c:50:18:cc:e1:
d1:e5:e2:12:0a:36:03:43:f1:99:7c:a8:d9:40:89:93:59:63:
75:d0:85:17:50:69:07:bc:e5:98:33:09:af:37:1e:a9:94:c4:
34:66:f4:b5:3d:a1:c2:a4:1f:4f:70:0c:e5:8e:82:18:f2:b4:
2f:21:b0:d7:ba:ed:29:8a:2a:ad:5b:96:c5:dc:e8:57:25:74:
78:bf:a4:9c:97:c2:8b:3f:e3:aa:1a:1e:d2:6a:f0:1a:b7:c4:
63:62:af:01:08:ff:01:30:61:5b:8f:e9:f6:f1:c1:ab:7b:a9:
1a:dc:9f:f3:cd:04:b9:2e:b8:53:c2:20:2a:60:97:1e:e0:ce:
39:4a:20:21:0a:b7:52:89:7f:c8:f8:0b:cc:6f:8b:6d:34:3c:
55:6a:a8:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOqxEc9G04KU+ziK4O2lA+nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwYzlhYThiNzFlNTQ4YmQ3NTY1YmE2NjNmYTMyZjdkMWFl
YzQxYWIwHhcNMjIxMDA2MDA0ODUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMmYxNmQ0NjVlN2JmMDY2MDJlNTZjMTc4YTFlMzRhOWU4ODU3NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhqJeLvbji8FY8p5WNva49eccg6aU
OFNSD9nY11O/wjAUl7qA0lk+wtEWG9+Yn5RPgCokrD/8goQt5hMP6TKyennTCk6o
78eSmU1w7qBc5hAEDs5oF5p14E8PQPnC61tTQ49PB7pnYnoZVHlmTHj+OV26q/Yg
DbCh0B9VWBzaBjPhknqPycWyW6JnmnCLF8RZTm1lHtqeyC8Vy+FXNY6/YSN76Vwr
egB24Fo4UEMrtIQZWeKK4G2kQjQsdI/j4IreshtQ3TfdpGndyE380MsEn7GYZ9p6
xxWLvkFbtJDRDDF0vyK8G1784m1RiWgjtdzLIMNiYw1eiN2v9oG5xEzoYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDLxbUZee/BmAuVsF4oeNKnohXUfMB8GA1UdIwQY
MBaAFGDJqotx5Ui9dWW6Zj+jL30a7EGrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTIt
YzhhY2NlMTU2ZjBkLzEvTXZGdFJsNTc4R1lDNVd3WGloNDBxZWlGZFI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS8zOGI1NDItNDY3Ny00YTdlLWIyMTItYzhhY2NlMTU2ZjBk
LzEvWU1tcWkzSGxTTDExWmJwbVA2TXZmUnJzUWFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwBMA0G
CSqGSIb3DQEBCwUAA4IBAQCvfEtlnxgW32eribZCrvU82siSodr/mbUMzRw1uYEZ
CEtXo/cmw93txaG/UP+malRm+YV4fZ7LIg5Crrd0TqtkT3cRwWwOW1ys8eYjOWVS
WXATS4zo5ZyRz+aCJqiAIvDd+xsJIgU6fFAYzOHR5eISCjYDQ/GZfKjZQImTWWN1
0IUXUGkHvOWYMwmvNx6plMQ0ZvS1PaHCpB9PcAzljoIY8rQvIbDXuu0piiqtW5bF
3OhXJXR4v6Scl8KLP+OqGh7SavAat8RjYq8BCP8BMGFbj+n28cGre6ka3J/zzQS5
LrhTwiAqYJce4M45SiAhCrdSiX/I+AvMb4ttNDxVaqj9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:53 2023 by rpki-client on console-ams.rpki-client.org