Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/XBjk8iwvePNtoJwZzKFnE49X35U.roa
File: XBjk8iwvePNtoJwZzKFnE49X35U.roa (raw, json)
Hash identifier: J58pThLG/v24lzt++NOcFL9s5CJGL31zpUTl9BgQQ08=
Subject key identifier: 5C:18:E4:F2:2C:2F:78:F3:6D:A0:9C:19:CC:A1:67:13:8F:57:DF:95
Certificate issuer: /CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Certificate serial: 0183EF14A8AD93E8B5171D26A830E4821C37
Authority key identifier: 8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/XBjk8iwvePNtoJwZzKFnE49X35U.roa
Signing time: Wed 19 Oct 2022 07:10:51 +0000
ROA not before: Wed 19 Oct 2022 07:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 192.33.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ef:14:a8:ad:93:e8:b5:17:1d:26:a8:30:e4:82:1c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da824bc631ccee1ae99d7103afd2dc74f1e29c4
Validity
Not Before: Oct 19 07:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c18e4f22c2f78f36da09c19cca167138f57df95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6e:ed:2e:50:4d:24:2e:55:a4:ff:ba:2c:ed:
d4:ec:93:1e:f5:ac:1a:94:ad:cf:47:29:f4:06:4c:
d1:d2:17:5a:ec:89:56:97:5d:c4:10:05:97:12:8e:
6e:b3:f4:29:f2:5c:63:d2:f5:f9:52:04:b1:56:57:
5d:49:d7:18:55:8c:3b:c0:25:45:75:7a:f2:6e:22:
2f:a5:50:11:80:ed:0b:a6:0d:4e:0f:b7:48:5e:90:
6f:d8:cf:ce:e3:98:b1:0d:e4:b6:97:d1:25:28:e0:
b9:46:3a:f5:69:1a:fd:7a:9c:aa:76:54:dd:e6:70:
76:c0:18:ab:e6:4f:4e:b0:71:15:08:49:2b:dd:54:
a0:92:bb:d4:57:d6:f7:f0:5a:3f:7b:25:d6:ae:92:
7a:00:a3:ca:1c:bd:52:d5:86:36:de:86:91:91:ad:
f0:69:ff:e4:05:3d:d6:78:9a:83:97:5f:46:08:71:
41:99:c9:4c:d2:93:30:2e:c6:48:f0:fc:9a:d1:66:
b6:8a:0d:b8:26:c4:98:2e:81:1b:38:bd:18:d9:e3:
82:ab:f0:e7:1c:72:74:2e:59:dc:e5:80:72:31:f3:
d7:6a:5a:cd:14:bd:d1:8c:f1:ba:06:40:45:b5:ed:
c6:9a:61:bc:7f:3a:43:42:c3:2d:0c:08:3b:34:dc:
23:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:18:E4:F2:2C:2F:78:F3:6D:A0:9C:19:CC:A1:67:13:8F:57:DF:95
X509v3 Authority Key Identifier:
keyid:8D:A8:24:BC:63:1C:CE:E1:AE:99:D7:10:3A:FD:2D:C7:4F:1E:29:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jagkvGMczuGumdcQOv0tx08eKcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/XBjk8iwvePNtoJwZzKFnE49X35U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/1caa79-b8c4-4d08-9bbe-386c1f8b0640/1/jagkvGMczuGumdcQOv0tx08eKcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.33.88.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:e5:5a:af:55:bc:75:28:b8:93:b6:d9:63:f9:05:35:f5:a6:
23:8b:75:8d:29:e7:4d:a6:09:c0:c3:97:38:bb:4f:0b:3d:63:
c2:7b:f4:a2:b9:f5:2c:91:13:18:e7:78:7e:b8:e7:ff:98:93:
f1:a4:70:a9:66:e0:95:83:65:43:f7:36:f4:2c:f5:24:a9:9a:
0c:c8:5d:a3:6c:a2:0e:ac:76:92:4e:dd:82:02:20:76:4f:51:
a1:30:69:4f:f8:ee:96:3b:8f:39:63:df:93:2d:d3:a6:26:4d:
fb:60:9b:2e:25:d5:42:82:06:b3:54:4d:ab:d0:69:a9:5b:fc:
c8:a6:4e:6b:09:cd:ae:c0:ed:af:7b:5b:3a:7b:19:81:05:15:
cd:27:0b:0e:3f:8e:ff:56:20:b1:b4:45:1e:52:c7:e4:35:58:
39:58:b7:48:89:ec:2f:dd:e0:e5:b5:f7:f6:7b:ba:e6:8c:b6:
ac:75:c4:54:ed:7f:1a:c4:2a:bd:38:11:fe:f6:82:40:2f:20:
57:c4:c8:39:cd:c8:33:d4:67:15:77:8a:17:a6:15:56:51:bb:
59:93:d6:70:93:dc:42:24:eb:da:40:0a:97:72:f0:49:07:7e:
30:d2:56:aa:b0:94:39:13:0d:78:ba:35:fd:13:e8:18:42:d3:
f5:7b:dd:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPvFKitk+i1Fx0mqDDkghw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTgyNGJjNjMxY2NlZTFhZTk5ZDcxMDNhZmQyZGM3NGYx
ZTI5YzQwHhcNMjIxMDE5MDcxMDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzE4ZTRmMjJjMmY3OGYzNmRhMDljMTljY2ExNjcxMzhmNTdkZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6G7tLlBNJC5VpP+6LO3U7JMe9awa
lK3PRyn0BkzR0hda7IlWl13EEAWXEo5us/Qp8lxj0vX5UgSxVlddSdcYVYw7wCVF
dXrybiIvpVARgO0Lpg1OD7dIXpBv2M/O45ixDeS2l9ElKOC5Rjr1aRr9epyqdlTd
5nB2wBir5k9OsHEVCEkr3VSgkrvUV9b38Fo/eyXWrpJ6AKPKHL1S1YY23oaRka3w
af/kBT3WeJqDl19GCHFBmclM0pMwLsZI8Pya0Wa2ig24JsSYLoEbOL0Y2eOCq/Dn
HHJ0Llnc5YByMfPXalrNFL3RjPG6BkBFte3GmmG8fzpDQsMtDAg7NNwjHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwY5PIsL3jzbaCcGcyhZxOPV9+VMB8GA1UdIwQY
MBaAFI2oJLxjHM7hrpnXEDr9LcdPHinEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUt
Mzg2YzFmOGIwNjQwLzEvWEJqazhpd3ZlUE50b0p3WnpLRm5FNDlYMzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy8xY2FhNzktYjhjNC00ZDA4LTliYmUtMzg2YzFmOGIwNjQw
LzEvamFna3ZHTWN6dUd1bWRjUU92MHR4MDhlS2NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCFYMA0G
CSqGSIb3DQEBCwUAA4IBAQAa5VqvVbx1KLiTttlj+QU19aYji3WNKedNpgnAw5c4
u08LPWPCe/SiufUskRMY53h+uOf/mJPxpHCpZuCVg2VD9zb0LPUkqZoMyF2jbKIO
rHaSTt2CAiB2T1GhMGlP+O6WO485Y9+TLdOmJk37YJsuJdVCggazVE2r0GmpW/zI
pk5rCc2uwO2ve1s6exmBBRXNJwsOP47/ViCxtEUeUsfkNVg5WLdIiewv3eDltff2
e7rmjLasdcRU7X8axCq9OBH+9oJALyBXxMg5zcgz1GcVd4oXphVWUbtZk9Zwk9xC
JOvaQAqXcvBJB34w0laqsJQ5Ew14ujX9E+gYQtP1e91f
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:58 2023 by rpki-client on console-ams.rpki-client.org