Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/mALVoP0r3ydjE-d99MinvK3gCpc.roa
File: mALVoP0r3ydjE-d99MinvK3gCpc.roa (raw, json)
Hash identifier: +fW4zx/WOjo2HuQqIfAKGofmxYPmHQy4C4ujCkLMEbI=
Subject key identifier: 98:02:D5:A0:FD:2B:DF:27:63:13:E7:7D:F4:C8:A7:BC:AD:E0:0A:97
Certificate issuer: /CN=048dc3b923c7738f9a58ee80b49bcd0c5e7dcffa
Certificate serial: 08DBA32E
Authority key identifier: 04:8D:C3:B9:23:C7:73:8F:9A:58:EE:80:B4:9B:CD:0C:5E:7D:CF:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BI3DuSPHc4-aWO6AtJvNDF59z_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/mALVoP0r3ydjE-d99MinvK3gCpc.roa
Signing time: Sat 01 Jan 2022 15:02:48 +0000
ROA not before: Sat 01 Jan 2022 15:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209169
IP address blocks: 2.59.44.0/22 maxlen: 24
2a09:f0c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148611886 (0x8dba32e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=048dc3b923c7738f9a58ee80b49bcd0c5e7dcffa
Validity
Not Before: Jan 1 15:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9802d5a0fd2bdf276313e77df4c8a7bcade00a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c5:d2:57:b4:53:8f:73:7b:ae:8c:5e:f1:1f:
48:7c:8a:9e:b7:23:ba:4b:3d:64:c3:22:01:c5:55:
e3:90:a9:3e:24:84:1e:1e:3f:50:52:cb:a3:e0:04:
64:48:43:ff:33:e7:34:d6:5f:ce:f7:35:4a:5c:e6:
46:b1:fb:25:1c:71:91:ea:cc:7e:c6:f3:be:89:9b:
43:79:9e:e8:21:82:4a:e4:3b:bf:d0:8a:1a:b0:e1:
f9:40:c4:7c:b1:34:3d:75:16:2f:d2:55:d2:63:17:
be:3d:51:20:4d:13:af:28:08:e2:93:56:9c:b8:a2:
2b:a5:8c:41:a0:f1:bb:e6:3c:8c:b5:01:51:6d:68:
df:f3:61:d0:db:09:f2:ef:5a:a3:ee:95:46:d6:93:
4d:19:fd:17:e1:15:2a:3b:d6:e4:f6:6f:34:4d:8d:
9d:19:51:c9:a3:29:52:68:ef:6f:11:a4:d8:db:c3:
3b:b6:80:a0:53:67:21:7a:51:7d:1d:9c:14:13:e5:
8b:00:a7:5c:40:d8:30:bf:e1:54:a5:5d:4e:15:e9:
7b:c6:d5:78:b9:ed:2f:48:6c:4e:f2:83:e0:2a:ac:
f8:70:cd:7b:1f:3a:dd:44:c3:bc:83:62:03:ff:5c:
76:79:bb:e2:e2:3f:f3:34:32:93:d3:6d:4b:72:e6:
3c:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:02:D5:A0:FD:2B:DF:27:63:13:E7:7D:F4:C8:A7:BC:AD:E0:0A:97
X509v3 Authority Key Identifier:
keyid:04:8D:C3:B9:23:C7:73:8F:9A:58:EE:80:B4:9B:CD:0C:5E:7D:CF:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BI3DuSPHc4-aWO6AtJvNDF59z_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/mALVoP0r3ydjE-d99MinvK3gCpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f8c018-b90f-4f89-a3f4-2ec871465599/1/BI3DuSPHc4-aWO6AtJvNDF59z_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.44.0/22
IPv6:
2a09:f0c0::/29
Signature Algorithm: sha256WithRSAEncryption
07:0a:23:24:29:93:b8:d2:1c:51:b5:55:c6:82:80:c6:ec:db:
e9:6e:15:7c:8a:45:80:7f:bb:2f:c7:63:06:32:23:07:2d:61:
f7:66:be:b9:5a:de:09:50:81:18:b8:51:a9:8b:33:53:b9:df:
d3:98:e9:78:89:6e:7b:73:c3:47:d9:b3:90:0a:73:b6:aa:0c:
a3:06:9f:24:5f:fa:5e:cd:40:39:a9:b3:ce:8f:11:d2:0e:b4:
6a:11:7d:09:f2:08:bf:b0:d5:8e:d4:17:3a:61:81:32:57:84:
b4:9a:da:5b:71:0e:1b:a2:2c:15:5b:d9:92:e5:f5:3d:b3:44:
51:63:a1:5c:65:d3:65:93:fe:fc:18:0a:48:b0:54:e3:2b:61:
00:96:aa:87:ad:83:9d:4f:6e:f4:53:4a:a6:81:87:b2:46:6c:
8d:d6:df:0a:35:9b:7a:7c:35:94:cd:b4:4f:a4:82:0e:18:71:
73:45:14:d2:e0:7a:ee:45:94:77:e4:74:75:ea:30:61:c0:3f:
a8:3e:8c:99:16:12:63:c4:f3:59:6d:59:47:f9:21:4c:e4:78:
91:e9:88:89:57:0c:7d:c2:4d:43:55:f2:ca:5c:4b:b5:f2:0b:
7b:98:46:96:72:8e:83:04:ed:70:60:da:52:59:bc:4b:e6:3c:
34:7c:0d:c2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECNujLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDhkYzNiOTIzYzc3MzhmOWE1OGVlODBiNDliY2QwYzVlN2RjZmZhMB4XDTIyMDEw
MTE1MDI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTgwMmQ1YTBmZDJi
ZGYyNzYzMTNlNzdkZjRjOGE3YmNhZGUwMGE5NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTF0le0U49ze66MXvEfSHyKnrcjuks9ZMMiAcVV45CpPiSE
Hh4/UFLLo+AEZEhD/zPnNNZfzvc1SlzmRrH7JRxxkerMfsbzvombQ3me6CGCSuQ7
v9CKGrDh+UDEfLE0PXUWL9JV0mMXvj1RIE0TrygI4pNWnLiiK6WMQaDxu+Y8jLUB
UW1o3/Nh0NsJ8u9ao+6VRtaTTRn9F+EVKjvW5PZvNE2NnRlRyaMpUmjvbxGk2NvD
O7aAoFNnIXpRfR2cFBPliwCnXEDYML/hVKVdThXpe8bVeLntL0hsTvKD4Cqs+HDN
ex863UTDvINiA/9cdnm74uI/8zQyk9NtS3LmPGkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSYAtWg/SvfJ2MT5330yKe8reAKlzAfBgNVHSMEGDAWgBQEjcO5I8dzj5pY
7oC0m80MXn3P+jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JJM0R1U1BIYzQtYVdPNkF0SnZOREY1OXpfby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjQvZjhjMDE4LWI5MGYtNGY4OS1hM2Y0LTJlYzg3MTQ2NTU5OS8x
L21BTFZvUDByM3lkakUtZDk5TWludkszZ0NwYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjQv
ZjhjMDE4LWI5MGYtNGY4OS1hM2Y0LTJlYzg3MTQ2NTU5OS8xL0JJM0R1U1BIYzQt
YVdPNkF0SnZOREY1OXpfby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAgI7LDANBAIAAjAHAwUDKgnwwDAN
BgkqhkiG9w0BAQsFAAOCAQEABwojJCmTuNIcUbVVxoKAxuzb6W4VfIpFgH+7L8dj
BjIjBy1h92a+uVreCVCBGLhRqYszU7nf05jpeIlue3PDR9mzkApztqoMowafJF/6
Xs1AOamzzo8R0g60ahF9CfIIv7DVjtQXOmGBMleEtJraW3EOG6IsFVvZkuX1PbNE
UWOhXGXTZZP+/BgKSLBU4ythAJaqh62DnU9u9FNKpoGHskZsjdbfCjWbenw1lM20
T6SCDhhxc0UU0uB67kWUd+R0deowYcA/qD6MmRYSY8TzWW1ZR/khTOR4kemIiVcM
fcJNQ1XyylxLtfILe5hGlnKOgwTtcGDaUlm8S+Y8NHwNwg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:35 2023 by rpki-client on console-fra.rpki-client.org