Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/0U-SG6id4H9sY5BO4rfzDG2QSL4.roa
File: 0U-SG6id4H9sY5BO4rfzDG2QSL4.roa (raw, json)
Hash identifier: K9L/adjNa8tgoG5WuprC6Q57ZTDrd7PE6KVigRwYgIo=
Subject key identifier: D1:4F:92:1B:A8:9D:E0:7F:6C:63:90:4E:E2:B7:F3:0C:6D:90:48:BE
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 018468D8B448A27EED8385EBE8C2EC35E77F
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/0U-SG6id4H9sY5BO4rfzDG2QSL4.roa
Signing time: Fri 11 Nov 2022 22:39:03 +0000
ROA not before: Fri 11 Nov 2022 22:39:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 149440
IP address blocks: 198.105.127.0/24 maxlen: 24
198.105.126.0/24 maxlen: 24
155.254.60.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:68:d8:b4:48:a2:7e:ed:83:85:eb:e8:c2:ec:35:e7:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Nov 11 22:39:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d14f921ba89de07f6c63904ee2b7f30c6d9048be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d5:84:1d:d0:67:25:64:a9:76:b5:37:7b:80:
9a:a1:96:27:f8:fd:d0:55:d6:56:aa:69:75:ca:ac:
5a:aa:d1:5a:25:aa:f3:bd:51:56:8e:61:b9:09:0a:
c1:7a:55:ca:56:86:21:f1:a3:ec:f8:e6:07:a0:09:
dc:b6:73:46:1b:9f:8e:39:34:2d:c4:6d:44:8e:5e:
85:1c:2a:09:54:41:fa:6b:f4:85:96:ae:50:78:2d:
8f:77:66:d9:59:b1:95:68:2b:82:84:0e:c1:b3:eb:
36:f7:be:e4:48:dc:69:18:df:6e:ad:82:f2:0d:2c:
9c:bb:2b:74:01:13:00:86:3a:20:9d:60:b4:d2:73:
b5:b2:ae:b0:95:20:41:98:6f:6e:20:7f:61:2b:ac:
6d:70:97:65:ee:f6:0c:85:c8:dd:23:3f:04:19:fa:
f8:7d:2f:96:4f:48:ec:9c:5a:0a:54:79:a6:af:92:
75:2a:07:dc:8a:df:f2:1f:55:94:05:94:24:3f:17:
e9:2f:e2:f4:ba:22:20:c0:7a:34:19:b0:e6:17:7c:
ef:0d:3e:09:7e:9f:67:50:00:fd:a3:4e:de:d2:bf:
ed:2f:fd:51:01:e7:0b:1c:9b:52:ab:83:08:f5:2e:
be:6d:50:34:4a:30:00:cb:a3:1e:5c:f9:07:cc:14:
76:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4F:92:1B:A8:9D:E0:7F:6C:63:90:4E:E2:B7:F3:0C:6D:90:48:BE
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/0U-SG6id4H9sY5BO4rfzDG2QSL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.254.60.0/24
198.105.126.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:86:f5:bf:f9:e9:43:bc:b1:6f:2c:45:1b:ab:a0:26:51:3c:
24:26:98:39:e3:2e:b1:f5:14:34:6e:33:42:2d:27:fa:ea:f0:
9c:a5:35:fc:5f:dd:d5:84:f2:36:76:19:b2:9a:a9:b7:eb:03:
6f:29:d3:6f:c6:53:5d:74:72:36:7c:42:15:5a:04:b7:37:7c:
35:e9:d0:af:8e:05:8e:2c:8b:b5:18:0d:66:f2:ee:af:2b:9e:
ed:c8:97:ff:73:a9:04:ae:9b:11:b9:ac:11:7a:7d:24:38:d2:
99:5f:27:39:87:e2:bd:2c:c9:13:03:57:f5:0c:8c:46:89:48:
ec:57:04:cd:45:71:1c:62:8d:6e:ec:df:7e:41:5d:49:c8:59:
a2:1c:f5:72:3d:fe:74:df:45:42:fe:4e:e1:32:fd:60:cb:23:
33:fb:2d:a1:9f:04:b5:38:a9:01:9f:67:f2:5f:26:6d:1e:cc:
38:5d:7a:99:67:80:d7:bc:c5:76:a7:35:b5:07:40:c7:e2:b5:
a2:46:15:1e:64:82:ec:d6:a1:d8:2d:25:75:03:c7:e6:01:57:
e6:14:77:2a:c0:93:d5:be:80:81:aa:67:f7:a3:28:96:86:ca:
a7:73:2a:9c:49:09:34:de:a4:e9:af:9c:ec:3f:1b:e4:e9:41:
40:ba:61:92
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRo2LRIon7tg4Xr6MLsNed/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjIxMTExMjIzOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRmOTIxYmE4OWRlMDdmNmM2MzkwNGVlMmI3ZjMwYzZkOTA0OGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdWEHdBnJWSpdrU3e4CaoZYn+P3Q
VdZWqml1yqxaqtFaJarzvVFWjmG5CQrBelXKVoYh8aPs+OYHoAnctnNGG5+OOTQt
xG1Ejl6FHCoJVEH6a/SFlq5QeC2Pd2bZWbGVaCuChA7Bs+s2977kSNxpGN9urYLy
DSycuyt0ARMAhjognWC00nO1sq6wlSBBmG9uIH9hK6xtcJdl7vYMhcjdIz8EGfr4
fS+WT0jsnFoKVHmmr5J1Kgfcit/yH1WUBZQkPxfpL+L0uiIgwHo0GbDmF3zvDT4J
fp9nUAD9o07e0r/tL/1RAecLHJtSq4MI9S6+bVA0SjAAy6MeXPkHzBR2OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNFPkhuoneB/bGOQTuK38wxtkEi+MB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvMFUtU0c2aWQ0SDlzWTVCTzRyZnpERzJRU0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAm/48AwQB
xml+MA0GCSqGSIb3DQEBCwUAA4IBAQBfhvW/+elDvLFvLEUbq6AmUTwkJpg54y6x
9RQ0bjNCLSf66vCcpTX8X93VhPI2dhmymqm36wNvKdNvxlNddHI2fEIVWgS3N3w1
6dCvjgWOLIu1GA1m8u6vK57tyJf/c6kErpsRuawRen0kONKZXyc5h+K9LMkTA1f1
DIxGiUjsVwTNRXEcYo1u7N9+QV1JyFmiHPVyPf5030VC/k7hMv1gyyMz+y2hnwS1
OKkBn2fyXyZtHsw4XXqZZ4DXvMV2pzW1B0DH4rWiRhUeZILs1qHYLSV1A8fmAVfm
FHcqwJPVvoCBqmf3oyiWhsqncyqcSQk03qTpr5zsPxvk6UFAumGS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:04 2024 by rpki-client on console-fra.rpki-client.org