Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/TWIy9s46sUhw8o9JiEOFu0W-xZs.roa
File: TWIy9s46sUhw8o9JiEOFu0W-xZs.roa (raw, json)
Hash identifier: NfP3uV3k6DjDdESKbWToLRv9Gtza/XkXG5lysQmjQTg=
Subject key identifier: 4D:62:32:F6:CE:3A:B1:48:70:F2:8F:49:88:43:85:BB:45:BE:C5:9B
Certificate issuer: /CN=f278acbcc46f133efd393f51160fdbb7607e1e16
Certificate serial: 01322FF0
Authority key identifier: F2:78:AC:BC:C4:6F:13:3E:FD:39:3F:51:16:0F:DB:B7:60:7E:1E:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nisvMRvEz79OT9RFg_bt2B-HhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/TWIy9s46sUhw8o9JiEOFu0W-xZs.roa
Signing time: Sat 01 Jan 2022 11:04:19 +0000
ROA not before: Sat 01 Jan 2022 11:04:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208596
IP address blocks: 185.191.248.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20066288 (0x1322ff0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f278acbcc46f133efd393f51160fdbb7607e1e16
Validity
Not Before: Jan 1 11:04:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4d6232f6ce3ab14870f28f49884385bb45bec59b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:94:21:8d:d8:95:02:5a:2f:a7:07:3a:09:b4:
b0:23:fb:b1:a2:ed:87:8e:60:fc:9c:36:2c:1e:30:
d8:82:40:a9:0b:c7:01:1c:33:e6:be:2b:43:df:79:
e7:3b:7a:ad:ee:7b:8d:b0:da:70:dc:a0:f2:c6:55:
3e:9b:09:be:bf:ec:2a:5a:0a:b6:27:48:11:50:4e:
bc:89:3a:d6:db:3b:20:fc:8c:4f:f9:a7:1f:8a:0c:
51:c6:9b:29:76:5a:14:2f:a1:b2:77:a1:1d:4d:f8:
52:77:9e:74:df:0c:8b:37:5b:d0:af:72:38:82:ce:
24:25:48:36:f7:24:e8:11:b7:8e:88:97:79:ce:bb:
d4:cd:6b:75:20:ba:0a:d1:1c:b9:00:70:9c:c8:3b:
eb:cc:2c:1b:cd:89:d7:ca:03:30:bd:4b:f3:00:00:
2b:e4:e2:63:15:4c:e7:a7:4b:c8:33:96:2b:17:41:
43:c2:c5:f5:e6:16:be:c8:7f:3b:a9:62:d4:33:50:
f2:50:eb:9f:4b:c8:86:af:54:77:58:64:71:f9:b8:
40:38:ba:19:43:7f:13:ce:09:1a:eb:7d:48:4c:c2:
fc:cb:11:ce:dc:0a:ae:89:53:df:4d:b2:94:3d:82:
2e:56:e1:b9:c1:b2:5b:13:18:39:18:11:28:32:bb:
6a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:62:32:F6:CE:3A:B1:48:70:F2:8F:49:88:43:85:BB:45:BE:C5:9B
X509v3 Authority Key Identifier:
keyid:F2:78:AC:BC:C4:6F:13:3E:FD:39:3F:51:16:0F:DB:B7:60:7E:1E:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nisvMRvEz79OT9RFg_bt2B-HhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/TWIy9s46sUhw8o9JiEOFu0W-xZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/537267-b243-4657-99ff-94b514433c11/1/8nisvMRvEz79OT9RFg_bt2B-HhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.248.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:43:12:bb:bb:7e:d8:4e:f4:15:89:4f:30:06:d2:17:5b:59:
3e:89:b4:ab:73:15:9c:4b:a2:4f:62:3f:ff:2e:7c:ef:98:5d:
15:40:0f:48:cf:7d:e9:70:e7:0f:25:6e:37:14:07:c1:77:24:
2c:f1:3a:86:d7:cb:5a:1e:1d:85:9f:da:2a:bd:07:4d:59:d1:
54:ec:9f:04:30:b1:e1:50:aa:be:5f:f1:af:f9:4d:a1:18:a4:
41:e4:67:b0:5d:d4:a2:6a:2e:97:dd:82:ed:75:e4:6e:9a:4f:
43:3e:35:ca:da:ac:a1:03:cc:72:fe:67:87:97:f2:06:38:ec:
c4:3a:51:42:79:7e:c6:c8:72:bb:85:58:a1:7f:54:1f:d1:3d:
f8:73:6c:17:21:54:4e:1e:73:7c:58:17:12:a2:91:62:c5:71:
3a:50:07:c4:92:29:ce:d2:f7:4a:19:91:de:6c:b1:0a:0e:b6:
9f:4c:8e:60:c1:0a:9c:82:e6:58:de:c0:e8:70:e8:2b:72:ab:
9b:45:98:c2:b9:fd:ff:c5:de:63:ac:14:1b:53:54:74:ed:de:
26:63:87:cf:a9:27:ca:bb:41:a8:6f:30:9f:84:50:74:ab:84:
61:ab:ac:60:3e:f6:42:9a:64:04:9f:bd:aa:96:f3:56:cc:e1:
2e:72:51:a2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEATIv8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Mjc4YWNiY2M0NmYxMzNlZmQzOTNmNTExNjBmZGJiNzYwN2UxZTE2MB4XDTIyMDEw
MTExMDQxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGQ2MjMyZjZjZTNh
YjE0ODcwZjI4ZjQ5ODg0Mzg1YmI0NWJlYzU5YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMmUIY3YlQJaL6cHOgm0sCP7saLth45g/Jw2LB4w2IJAqQvH
ARwz5r4rQ9955zt6re57jbDacNyg8sZVPpsJvr/sKloKtidIEVBOvIk61ts7IPyM
T/mnH4oMUcabKXZaFC+hsnehHU34UneedN8Mizdb0K9yOILOJCVINvck6BG3joiX
ec671M1rdSC6CtEcuQBwnMg768wsG82J18oDML1L8wAAK+TiYxVM56dLyDOWKxdB
Q8LF9eYWvsh/O6li1DNQ8lDrn0vIhq9Ud1hkcfm4QDi6GUN/E84JGut9SEzC/MsR
ztwKrolT302ylD2CLlbhucGyWxMYORgRKDK7agcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRNYjL2zjqxSHDyj0mIQ4W7Rb7FmzAfBgNVHSMEGDAWgBTyeKy8xG8TPv05
P1EWD9u3YH4eFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhuaXN2TVJ2RXo3OU9UOVJGZ19idDJCLUhoWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvNTM3MjY3LWIyNDMtNDY1Ny05OWZmLTk0YjUxNDQzM2MxMS8x
L1RXSXk5czQ2c1VodzhvOUppRU9GdTBXLXhacy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
NTM3MjY3LWIyNDMtNDY1Ny05OWZmLTk0YjUxNDQzM2MxMS8xLzhuaXN2TVJ2RXo3
OU9UOVJGZ19idDJCLUhoWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAbm/+DANBgkqhkiG9w0BAQsFAAOC
AQEAXEMSu7t+2E70FYlPMAbSF1tZPom0q3MVnEuiT2I//y5875hdFUAPSM996XDn
DyVuNxQHwXckLPE6htfLWh4dhZ/aKr0HTVnRVOyfBDCx4VCqvl/xr/lNoRikQeRn
sF3Uomoul92C7XXkbppPQz41ytqsoQPMcv5nh5fyBjjsxDpRQnl+xshyu4VYoX9U
H9E9+HNsFyFUTh5zfFgXEqKRYsVxOlAHxJIpztL3ShmR3myxCg62n0yOYMEKnILm
WN7A6HDoK3Krm0WYwrn9/8XeY6wUG1NUdO3eJmOHz6knyrtBqG8wn4RQdKuEYaus
YD72QppkBJ+9qpbzVszhLnJRog==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:53 2023 by rpki-client on console-ams.rpki-client.org