Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/Z9dqCdzfwJkfp6lOeTH6AD6baig.roa
File: Z9dqCdzfwJkfp6lOeTH6AD6baig.roa (raw, json)
Hash identifier: NCYB+UY7mo0KQ57YUzqVnSqKVz81JbT0lJsSjlhkTEM=
Subject key identifier: 67:D7:6A:09:DC:DF:C0:99:1F:A7:A9:4E:79:31:FA:00:3E:9B:6A:28
Certificate issuer: /CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Certificate serial: 01FECE9D
Authority key identifier: F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/Z9dqCdzfwJkfp6lOeTH6AD6baig.roa
Signing time: Fri 20 May 2022 07:15:28 +0000
ROA not before: Fri 20 May 2022 07:15:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207326
IP address blocks: 178.255.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33476253 (0x1fece9d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b2805d8776eedeb7aa4cbe5af568cdb2629fc2
Validity
Not Before: May 20 07:15:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67d76a09dcdfc0991fa7a94e7931fa003e9b6a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:54:1a:27:2a:13:9b:fc:d3:2a:3e:45:59:
95:91:97:c7:cb:50:09:67:54:71:4e:c6:c7:09:fd:
bb:4b:14:14:73:f8:54:48:d3:f7:9e:20:0b:23:7c:
7a:82:98:e9:c8:16:e5:c1:15:63:9c:b9:5e:a1:83:
9f:06:f3:bd:e5:68:83:ac:bd:f1:5f:2b:af:8e:9a:
9f:92:59:44:fa:59:73:48:48:96:7d:6f:45:44:3e:
45:5e:c8:f4:98:6e:0f:70:ba:e1:b7:b9:22:37:c1:
c1:86:89:e7:9a:57:1e:e3:e2:6d:bd:c0:7d:2b:cd:
85:e4:1b:ee:c7:17:59:8a:46:a5:9a:79:99:a8:fd:
18:6b:81:53:2a:be:19:af:4b:eb:63:2d:04:d6:67:
b7:d7:4d:96:05:1e:da:23:60:7b:2a:0e:91:09:13:
99:b6:fb:4e:d3:eb:e8:04:c0:c0:5c:13:a8:78:14:
cd:f9:a1:cc:44:8a:21:37:3b:f1:b1:18:fd:83:e9:
3a:5b:7b:4e:64:55:fb:a6:49:11:e3:6e:f5:48:3f:
ea:c0:12:ec:b2:8f:a8:0b:e6:e0:95:b8:4d:01:df:
b2:8b:96:1e:ff:80:f2:22:49:d0:d6:eb:89:20:bd:
73:8a:d2:d6:2a:76:ce:e5:d3:36:fb:21:a5:e7:96:
2b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D7:6A:09:DC:DF:C0:99:1F:A7:A9:4E:79:31:FA:00:3E:9B:6A:28
X509v3 Authority Key Identifier:
keyid:F3:B2:80:5D:87:76:EE:DE:B7:AA:4C:BE:5A:F5:68:CD:B2:62:9F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87KAXYd27t63qky-WvVozbJin8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/Z9dqCdzfwJkfp6lOeTH6AD6baig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/b862d3-6844-46f7-bd98-83bc797278e2/1/87KAXYd27t63qky-WvVozbJin8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.219.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:25:e7:80:f8:ae:70:f8:42:0b:ab:54:c6:f0:af:ef:67:20:
37:10:9b:1a:d1:28:69:1e:e5:1a:73:f0:7b:2a:57:14:52:d9:
64:fb:96:c0:a0:6c:13:de:67:91:fe:4f:9d:0e:b8:19:fb:3b:
de:23:ea:6e:fd:46:47:3b:6f:d6:08:64:08:16:21:87:b7:b8:
6b:ff:ed:57:ec:4f:01:85:cf:98:28:6e:29:89:3f:de:99:6f:
0c:44:7d:4c:e0:2a:ef:b2:6e:20:2f:9c:28:3d:d5:bd:67:cb:
42:48:68:90:ea:d9:a6:1b:63:aa:ab:e6:a4:8c:8b:d3:d3:62:
07:8a:c0:0d:72:91:88:15:80:f8:4e:bc:fb:4e:36:a3:1e:72:
97:1f:61:07:1e:7a:50:9b:7b:b3:b1:b1:0e:9d:c4:4f:ea:d2:
43:d6:14:6f:0f:88:44:0a:4e:d1:3f:f7:c3:5b:80:6c:f8:bf:
0c:69:02:93:5c:19:37:2b:1c:81:75:5c:f1:9d:5d:af:08:48:
01:e0:5b:2a:36:61:cb:b3:38:5b:19:d7:dc:fa:50:cf:20:9b:
88:fa:c1:6f:f7:c6:ed:e7:f2:60:63:9e:3b:cc:4b:1a:37:eb:
08:ea:03:21:b0:e0:ac:14:71:0e:0d:94:57:bb:7e:fe:1f:c2:
39:fe:9c:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAf7OnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
M2IyODA1ZDg3NzZlZWRlYjdhYTRjYmU1YWY1NjhjZGIyNjI5ZmMyMB4XDTIyMDUy
MDA3MTUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjdkNzZhMDlkY2Rm
YzA5OTFmYTdhOTRlNzkzMWZhMDAzZTliNmEyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL/AVBonKhOb/NMqPkVZlZGXx8tQCWdUcU7Gxwn9u0sUFHP4
VEjT954gCyN8eoKY6cgW5cEVY5y5XqGDnwbzveVog6y98V8rr46an5JZRPpZc0hI
ln1vRUQ+RV7I9JhuD3C64be5IjfBwYaJ55pXHuPibb3AfSvNheQb7scXWYpGpZp5
maj9GGuBUyq+Ga9L62MtBNZnt9dNlgUe2iNgeyoOkQkTmbb7TtPr6ATAwFwTqHgU
zfmhzESKITc78bEY/YPpOlt7TmRV+6ZJEeNu9Ug/6sAS7LKPqAvm4JW4TQHfsouW
Hv+A8iJJ0NbriSC9c4rS1ip2zuXTNvshpeeWK78CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRn12oJ3N/AmR+nqU55MfoAPptqKDAfBgNVHSMEGDAWgBTzsoBdh3bu3req
TL5a9WjNsmKfwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzg3S0FYWWQyN3Q2M3FreS1XdlZvemJKaW44SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvYjg2MmQzLTY4NDQtNDZmNy1iZDk4LTgzYmM3OTcyNzhlMi8x
L1o5ZHFDZHpmd0prZnA2bE9lVEg2QUQ2YmFpZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
Yjg2MmQzLTY4NDQtNDZmNy1iZDk4LTgzYmM3OTcyNzhlMi8xLzg3S0FYWWQyN3Q2
M3FreS1XdlZvemJKaW44SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALL/2zANBgkqhkiG9w0BAQsFAAOC
AQEAXyXngPiucPhCC6tUxvCv72cgNxCbGtEoaR7lGnPweypXFFLZZPuWwKBsE95n
kf5PnQ64Gfs73iPqbv1GRztv1ghkCBYhh7e4a//tV+xPAYXPmChuKYk/3plvDER9
TOAq77JuIC+cKD3VvWfLQkhokOrZphtjqqvmpIyL09NiB4rADXKRiBWA+E68+042
ox5ylx9hBx56UJt7s7GxDp3ET+rSQ9YUbw+IRApO0T/3w1uAbPi/DGkCk1wZNysc
gXVc8Z1drwhIAeBbKjZhy7M4WxnX3PpQzyCbiPrBb/fG7efyYGOeO8xLGjfrCOoD
IbDgrBRxDg2UV7t+/h/COf6czw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:28 2023 by rpki-client on console-ams.rpki-client.org