Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/0gPdejnZIY7yaZOTjefl2qxz-Sw.roa
File: 0gPdejnZIY7yaZOTjefl2qxz-Sw.roa (raw, json)
Hash identifier: kTDpSviMgVn3MeDjyJjYo8/WEsQhNttHTM9yPH4Pr44=
Subject key identifier: D2:03:DD:7A:39:D9:21:8E:F2:69:93:93:8D:E7:E5:DA:AC:73:F9:2C
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 05A5597B
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/0gPdejnZIY7yaZOTjefl2qxz-Sw.roa
Signing time: Thu 23 Jun 2022 05:07:33 +0000
ROA not before: Thu 23 Jun 2022 05:07:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 11426
IP address blocks: 84.252.84.0/23 maxlen: 23
84.252.86.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94722427 (0x5a5597b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Jun 23 05:07:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d203dd7a39d9218ef26993938de7e5daac73f92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ce:5c:31:8f:2d:97:a1:96:93:96:30:bf:71:
e7:04:56:28:4e:62:b4:aa:7c:f7:a4:cc:23:99:1c:
51:da:f0:0f:b1:ff:7d:fb:47:07:f5:e3:ff:79:72:
8c:7b:9f:7f:f9:d4:7c:a5:f9:2a:73:7f:de:e9:69:
a1:15:e8:86:7a:af:f7:62:33:0d:ed:9a:dc:57:32:
8a:fe:73:28:56:37:f7:9b:06:49:e2:87:6a:72:1a:
ac:09:63:9d:be:91:0c:b0:57:8a:ef:51:2d:71:f4:
d9:72:ed:22:32:93:50:e2:70:3f:e8:d1:07:8c:ae:
fd:42:a4:63:c9:ed:8c:0e:40:4c:f2:05:e1:8c:88:
78:4b:04:09:7d:db:53:4c:ed:86:5c:af:4f:79:b7:
37:d7:d9:aa:6e:f2:39:9a:4e:4c:ce:a1:70:c4:51:
21:c6:fb:14:22:5b:c2:5f:d5:5b:b6:cc:11:e7:e3:
72:05:11:f5:0a:78:61:fe:cf:3d:cf:9d:13:e4:3e:
86:28:30:22:07:4c:59:a3:2f:82:bb:7f:f3:2a:23:
67:bb:e9:61:44:68:6f:73:63:ac:55:25:64:28:bd:
91:d1:11:d7:73:a1:71:76:04:59:15:f2:01:52:4e:
a6:01:06:56:0d:4d:50:9a:90:a8:7f:1c:aa:40:c2:
07:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:03:DD:7A:39:D9:21:8E:F2:69:93:93:8D:E7:E5:DA:AC:73:F9:2C
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/0gPdejnZIY7yaZOTjefl2qxz-Sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.84.0/22
Signature Algorithm: sha256WithRSAEncryption
93:23:f9:39:86:30:ed:1e:c9:74:83:d5:03:e8:d2:11:cc:ac:
81:90:21:3c:9f:12:d2:12:2a:fa:a7:73:e2:79:30:75:f7:6f:
54:a0:38:76:8b:66:58:c4:9d:7e:2f:cd:bb:ae:f2:16:4b:cd:
1a:db:7d:9c:e6:1d:90:d2:72:60:26:7a:d1:9c:ea:1f:68:95:
ed:08:52:bf:8c:a2:73:c9:01:2d:40:6f:fb:02:f0:79:aa:f7:
4e:eb:de:d6:d5:fe:3f:df:80:94:6b:b4:b6:de:e3:dc:d5:4d:
bb:75:88:92:71:49:b1:32:ad:88:a8:6c:cc:a1:5d:e2:c5:fb:
50:9c:1a:f5:4a:3f:dd:00:23:b4:be:60:d0:a3:4d:e6:e2:00:
d3:a1:28:f2:88:17:ef:39:11:7f:37:dd:9b:95:7f:2c:93:47:
c4:70:1d:32:a4:f0:1d:54:7c:0d:57:d1:41:59:18:d8:41:9b:
42:23:e5:97:76:35:27:d5:dd:d9:6f:e6:78:1b:65:d0:f1:65:
8c:d7:be:9e:fa:f4:80:97:25:2d:0e:fe:0c:21:f2:3c:13:82:
57:8d:55:b4:48:26:97:1c:67:1a:5b:4c:0d:85:11:0f:e9:73:
99:4e:4b:ca:9f:58:7e:12:ec:73:79:70:ba:f5:c9:5f:75:60:
41:dc:4b:bb
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBaVZezANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzQ0NmRhN2E3MGJjZTc3M2VjMmJjMTY1NWFhZTMwYzNjMTg0MTJjMB4XDTIyMDYy
MzA1MDczM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDIwM2RkN2EzOWQ5
MjE4ZWYyNjk5MzkzOGRlN2U1ZGFhYzczZjkyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3OXDGPLZehlpOWML9x5wRWKE5itKp896TMI5kcUdrwD7H/
fftHB/Xj/3lyjHuff/nUfKX5KnN/3ulpoRXohnqv92IzDe2a3Fcyiv5zKFY395sG
SeKHanIarAljnb6RDLBXiu9RLXH02XLtIjKTUOJwP+jRB4yu/UKkY8ntjA5ATPIF
4YyIeEsECX3bU0zthlyvT3m3N9fZqm7yOZpOTM6hcMRRIcb7FCJbwl/VW7bMEefj
cgUR9Qp4Yf7PPc+dE+Q+higwIgdMWaMvgrt/8yojZ7vpYURob3NjrFUlZCi9kdER
13OhcXYEWRXyAVJOpgEGVg1NUJqQqH8cqkDCB9kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTSA916OdkhjvJpk5ON5+XarHP5LDAfBgNVHSMEGDAWgBQjRG2npwvOdz7C
vBZVquMMPBhBLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kwUnRwNmNMem5jLXdyd1dWYXJqRER3WVFTdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWMvZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8x
LzBnUGRlam5aSVk3eWFaT1RqZWZsMnF4ei1Tdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWMv
ZjM1NDlmLTE4ZjctNDhiMC05MDFkLTI1Y2M5ZDZjZmJiOS8xL0kwUnRwNmNMem5j
LXdyd1dWYXJqRER3WVFTdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlT8VDANBgkqhkiG9w0BAQsFAAOC
AQEAkyP5OYYw7R7JdIPVA+jSEcysgZAhPJ8S0hIq+qdz4nkwdfdvVKA4dotmWMSd
fi/Nu67yFkvNGtt9nOYdkNJyYCZ60ZzqH2iV7QhSv4yic8kBLUBv+wLwear3Tuve
1tX+P9+AlGu0tt7j3NVNu3WIknFJsTKtiKhszKFd4sX7UJwa9Uo/3QAjtL5g0KNN
5uIA06Eo8ogX7zkRfzfdm5V/LJNHxHAdMqTwHVR8DVfRQVkY2EGbQiPll3Y1J9Xd
2W/meBtl0PFljNe+nvr0gJclLQ7+DCHyPBOCV41VtEgmlxxnGltMDYURD+lzmU5L
yp9YfhLsc3lwuvXJX3VgQdxLuw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:03 2023 by rpki-client on console-ams.rpki-client.org