Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/kZ7vTmOXshmofHylbeaNW_ZQx2o.roa
File: kZ7vTmOXshmofHylbeaNW_ZQx2o.roa (raw, json)
Hash identifier: iifg7hug2RiyIb4Ff3Eei7e9XQjY3NOGExTUXZYLqGM=
Subject key identifier: 91:9E:EF:4E:63:97:B2:19:A8:7C:7C:A5:6D:E6:8D:5B:F6:50:C7:6A
Certificate issuer: /CN=1858caa6832aa2a3e7cc6d144515f8f431b66762
Certificate serial: 0181F13D86261356C8DF341B2953A168344F
Authority key identifier: 18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/kZ7vTmOXshmofHylbeaNW_ZQx2o.roa
Signing time: Tue 12 Jul 2022 07:09:09 +0000
ROA not before: Tue 12 Jul 2022 07:09:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196932
IP address blocks: 178.255.136.0/21 maxlen: 21
185.192.200.0/22 maxlen: 22
2a03:40e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f1:3d:86:26:13:56:c8:df:34:1b:29:53:a1:68:34:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1858caa6832aa2a3e7cc6d144515f8f431b66762
Validity
Not Before: Jul 12 07:09:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=919eef4e6397b219a87c7ca56de68d5bf650c76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:dd:29:59:f9:53:3b:e5:9c:fe:7d:b2:b4:de:
3c:b8:e5:56:cc:9c:b9:8c:15:4b:4a:bd:84:a5:79:
33:7b:94:35:32:c1:c0:3a:61:8d:14:2a:d0:ec:9d:
73:3a:f8:46:fe:c3:df:56:38:95:80:7e:55:76:6c:
a6:c9:5b:2f:df:08:e6:4e:65:8f:a0:bb:19:12:d4:
09:a2:b4:c4:86:59:63:86:96:ba:aa:ef:11:1f:c1:
0d:6b:8a:18:30:18:60:d1:2d:b9:15:e4:0a:3e:9a:
5c:dc:23:1d:cb:ce:b0:a9:75:9e:e9:10:15:22:c1:
fa:ab:04:78:a9:04:ab:01:a5:56:0a:f7:d6:9e:c4:
92:11:78:9a:3a:a9:ac:38:34:36:72:82:ce:84:9c:
41:e1:e0:57:a7:bb:ca:2d:27:81:15:b5:ce:18:01:
b3:6e:d4:9f:e8:c5:30:de:42:f7:bd:24:28:f5:77:
01:20:33:4a:94:ef:ff:71:20:97:4e:f4:e2:bf:5e:
19:c3:1b:31:a8:d0:e3:3b:c1:40:b1:f5:1d:f3:46:
0e:03:6c:d3:0f:e4:32:8a:88:58:c3:04:3f:2a:d1:
08:3f:a1:a6:a0:83:b0:2b:97:57:5e:08:4c:51:32:
e9:dc:55:ea:3e:f5:a4:07:7d:36:34:ba:11:57:29:
30:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9E:EF:4E:63:97:B2:19:A8:7C:7C:A5:6D:E6:8D:5B:F6:50:C7:6A
X509v3 Authority Key Identifier:
keyid:18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/kZ7vTmOXshmofHylbeaNW_ZQx2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/GFjKpoMqoqPnzG0URRX49DG2Z2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.136.0/21
185.192.200.0/22
IPv6:
2a03:40e0::/32
Signature Algorithm: sha256WithRSAEncryption
3d:53:83:83:26:94:67:a4:2c:43:d1:ff:ee:66:50:ce:1a:62:
1c:0c:5d:ae:6a:ac:1f:57:2b:4c:f1:ef:4c:03:5f:35:2d:d5:
55:75:17:1f:ce:68:43:44:be:4b:8b:75:dd:f4:05:e2:aa:5c:
76:34:34:cd:f2:54:a0:b9:d0:0f:74:9d:13:99:f2:8b:4b:31:
30:5d:34:7e:10:23:ec:26:f3:ce:39:f7:d4:4c:18:82:ca:68:
9c:dc:af:7f:d8:95:f4:bd:d9:4c:b2:01:95:28:af:33:f6:aa:
56:6e:ca:6d:ef:6c:94:2b:55:2b:58:65:45:df:59:9d:b8:5a:
35:dc:72:2c:2c:ab:c1:bd:aa:6c:13:3c:19:8f:dd:79:42:de:
81:7a:21:ca:24:63:57:fa:19:90:5f:9b:f9:ae:fa:94:3f:a9:
af:51:0b:5a:f8:0e:2f:ff:38:36:ba:fe:8d:c3:4b:88:af:b8:
f8:d9:1a:33:f3:78:da:a8:5e:5f:1c:e8:e9:20:65:f3:0b:b9:
4b:98:0a:d4:6e:ee:38:5d:62:2e:08:d1:e9:27:fe:c0:9c:4e:
0b:64:c3:e8:ad:22:18:c0:6f:d6:1c:89:0c:37:07:3e:2b:07:
df:d5:67:75:5d:a1:54:5e:4e:5b:66:06:5e:1b:3c:39:a5:30:
36:af:27:f9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYHxPYYmE1bI3zQbKVOhaDRPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NThjYWE2ODMyYWEyYTNlN2NjNmQxNDQ1MTVmOGY0MzFi
NjY3NjIwHhcNMjIwNzEyMDcwOTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTllZWY0ZTYzOTdiMjE5YTg3YzdjYTU2ZGU2OGQ1YmY2NTBjNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj90pWflTO+Wc/n2ytN48uOVWzJy5
jBVLSr2EpXkze5Q1MsHAOmGNFCrQ7J1zOvhG/sPfVjiVgH5VdmymyVsv3wjmTmWP
oLsZEtQJorTEhlljhpa6qu8RH8ENa4oYMBhg0S25FeQKPppc3CMdy86wqXWe6RAV
IsH6qwR4qQSrAaVWCvfWnsSSEXiaOqmsODQ2coLOhJxB4eBXp7vKLSeBFbXOGAGz
btSf6MUw3kL3vSQo9XcBIDNKlO//cSCXTvTiv14ZwxsxqNDjO8FAsfUd80YOA2zT
D+QyiohYwwQ/KtEIP6GmoIOwK5dXXghMUTLp3FXqPvWkB302NLoRVykwoQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJGe705jl7IZqHx8pW3mjVv2UMdqMB8GA1UdIwQY
MBaAFBhYyqaDKqKj58xtFEUV+PQxtmdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2Ut
YWFiN2ZjM2Y4YWM1LzEva1o3dlRtT1hzaG1vZkh5bGJlYU5XX1pReDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2UtYWFiN2ZjM2Y4YWM1
LzEvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv+IAwQC
ucDIMA0EAgACMAcDBQAqA0DgMA0GCSqGSIb3DQEBCwUAA4IBAQA9U4ODJpRnpCxD
0f/uZlDOGmIcDF2uaqwfVytM8e9MA181LdVVdRcfzmhDRL5Li3Xd9AXiqlx2NDTN
8lSgudAPdJ0TmfKLSzEwXTR+ECPsJvPOOffUTBiCymic3K9/2JX0vdlMsgGVKK8z
9qpWbspt72yUK1UrWGVF31mduFo13HIsLKvBvapsEzwZj915Qt6BeiHKJGNX+hmQ
X5v5rvqUP6mvUQta+A4v/zg2uv6Nw0uIr7j42Roz83jaqF5fHOjpIGXzC7lLmArU
bu44XWIuCNHpJ/7AnE4LZMPorSIYwG/WHIkMNwc+Kwff1Wd1XaFUXk5bZgZeGzw5
pTA2ryf5
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:15 2023 by rpki-client on console-ams.rpki-client.org