Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/a59b6d-0239-4211-9bbb-1a21219e9100/1/dLcQENkTgPoxgAj61y0Jm2ja2lE.roa
File: dLcQENkTgPoxgAj61y0Jm2ja2lE.roa (raw, json)
Hash identifier: jqKrwIgx032DAtl+49FWZXg/L3HHqnr5yofhw0Ir/iE=
Subject key identifier: 74:B7:10:10:D9:13:80:FA:31:80:08:FA:D7:2D:09:9B:68:DA:DA:51
Certificate issuer: /CN=152fedb025a6cbd24868419a0cb5629d48635917
Certificate serial: 0182069BCCA09E4CEA2C2A1C1481E7820A53
Authority key identifier: 15:2F:ED:B0:25:A6:CB:D2:48:68:41:9A:0C:B5:62:9D:48:63:59:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FS_tsCWmy9JIaEGaDLVinUhjWRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/a59b6d-0239-4211-9bbb-1a21219e9100/1/dLcQENkTgPoxgAj61y0Jm2ja2lE.roa
Signing time: Sat 16 Jul 2022 10:44:09 +0000
ROA not before: Sat 16 Jul 2022 10:44:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57958
IP address blocks: 164.138.233.0/24 maxlen: 24
164.138.232.0/24 maxlen: 24
164.138.232.0/21 maxlen: 21
164.138.237.0/24 maxlen: 24
164.138.234.0/24 maxlen: 24
164.138.239.0/24 maxlen: 24
164.138.236.0/24 maxlen: 24
164.138.238.0/24 maxlen: 24
164.138.235.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:06:9b:cc:a0:9e:4c:ea:2c:2a:1c:14:81:e7:82:0a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=152fedb025a6cbd24868419a0cb5629d48635917
Validity
Not Before: Jul 16 10:44:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74b71010d91380fa318008fad72d099b68dada51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4a:ed:6e:cb:97:f9:93:1f:0b:5d:4d:1c:29:
eb:5a:fe:df:ba:35:21:f5:7b:fe:71:be:25:26:66:
fa:6c:88:ae:66:a3:d5:7c:b5:f6:d2:79:3e:2f:77:
9f:11:21:93:2e:07:8b:70:26:6e:e1:d2:bc:99:7c:
00:74:83:d7:cc:5f:f7:7e:e4:48:ec:7c:c1:25:3c:
9f:e9:42:a0:69:2f:77:f4:c4:52:a4:f8:ec:05:96:
22:fb:27:b7:8a:c0:02:e1:72:c8:c6:de:fa:62:94:
43:05:1f:0f:c5:15:77:1b:30:ad:5d:6a:b8:0a:a1:
56:52:0b:d4:65:e8:63:6f:f5:6b:37:2f:52:ef:88:
fa:87:81:d6:1b:01:77:e6:3d:51:4d:2b:21:29:5b:
e5:23:92:ac:70:04:5d:45:58:a8:ce:c9:4a:3f:85:
a1:fd:06:e8:aa:7e:c7:b2:bc:d0:d1:51:3d:a6:4c:
02:1e:d2:b2:83:f4:2b:49:d9:5d:80:3b:3d:0a:2f:
f5:a4:dc:a2:3a:fb:59:b6:bf:67:7f:fc:30:b0:af:
80:06:64:e8:3d:bf:59:5b:fe:ab:28:3c:d6:4e:ab:
35:20:29:9c:b4:08:8a:ea:85:db:0c:1e:c6:7c:2e:
77:61:3d:8c:4f:22:9b:b4:82:d0:b4:d6:82:39:ed:
c5:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:B7:10:10:D9:13:80:FA:31:80:08:FA:D7:2D:09:9B:68:DA:DA:51
X509v3 Authority Key Identifier:
keyid:15:2F:ED:B0:25:A6:CB:D2:48:68:41:9A:0C:B5:62:9D:48:63:59:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FS_tsCWmy9JIaEGaDLVinUhjWRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a59b6d-0239-4211-9bbb-1a21219e9100/1/dLcQENkTgPoxgAj61y0Jm2ja2lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a59b6d-0239-4211-9bbb-1a21219e9100/1/FS_tsCWmy9JIaEGaDLVinUhjWRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.232.0/21
Signature Algorithm: sha256WithRSAEncryption
06:52:1f:ed:68:a7:ed:3c:a6:37:3f:28:3a:74:f7:8a:3d:01:
48:6a:dd:68:e6:4c:1b:29:f6:12:95:34:95:31:ae:38:ae:b4:
6d:52:95:1c:09:18:0c:74:a3:a2:63:c4:27:e8:bd:98:eb:d3:
bb:f1:9d:b8:62:2b:7c:13:8d:8f:50:0b:7a:a1:ec:5d:cc:ea:
9d:76:55:50:cd:23:62:5c:9d:c5:3a:df:28:e7:6d:9e:78:b8:
f0:b8:31:2c:68:63:44:51:20:d8:8c:05:12:02:3c:98:a4:3d:
20:3c:b7:ba:15:12:c8:61:be:12:d4:b2:64:fd:49:c4:2c:45:
1e:c6:8a:ba:3b:03:7d:e6:17:8a:e7:cc:2a:ee:fd:ff:ce:60:
ea:34:9f:f8:cf:c4:05:32:7b:77:aa:8e:d2:8f:66:78:b3:b9:
ae:66:4f:ed:aa:bc:21:a9:6b:69:05:98:2a:d1:55:46:c6:df:
c4:91:ac:b7:0d:54:af:44:e7:28:69:5e:4c:59:cc:f0:ee:4e:
a3:66:d4:2b:5b:e2:15:b3:ff:cc:0d:c7:1a:a5:12:3f:cb:bb:
9b:bd:a8:d1:ca:f2:13:71:2f:56:2a:ff:77:5a:a7:87:65:61:
f9:2d:4e:96:87:80:50:de:e8:66:10:fe:e1:7e:2b:e2:64:79:
c4:34:20:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYIGm8ygnkzqLCocFIHnggpTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MmZlZGIwMjVhNmNiZDI0ODY4NDE5YTBjYjU2MjlkNDg2
MzU5MTcwHhcNMjIwNzE2MTA0NDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGI3MTAxMGQ5MTM4MGZhMzE4MDA4ZmFkNzJkMDk5YjY4ZGFkYTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykrtbsuX+ZMfC11NHCnrWv7fujUh
9Xv+cb4lJmb6bIiuZqPVfLX20nk+L3efESGTLgeLcCZu4dK8mXwAdIPXzF/3fuRI
7HzBJTyf6UKgaS939MRSpPjsBZYi+ye3isAC4XLIxt76YpRDBR8PxRV3GzCtXWq4
CqFWUgvUZehjb/VrNy9S74j6h4HWGwF35j1RTSshKVvlI5KscARdRViozslKP4Wh
/Qboqn7HsrzQ0VE9pkwCHtKyg/QrSdldgDs9Ci/1pNyiOvtZtr9nf/wwsK+ABmTo
Pb9ZW/6rKDzWTqs1ICmctAiK6oXbDB7GfC53YT2MTyKbtILQtNaCOe3FTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHS3EBDZE4D6MYAI+tctCZto2tpRMB8GA1UdIwQY
MBaAFBUv7bAlpsvSSGhBmgy1Yp1IY1kXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlNfdHNDV215OUpJYUVHYURMVmluVWhqV1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9hNTliNmQtMDIzOS00MjExLTliYmIt
MWEyMTIxOWU5MTAwLzEvZExjUUVOa1RnUG94Z0FqNjF5MEptMmphMmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9hNTliNmQtMDIzOS00MjExLTliYmItMWEyMTIxOWU5MTAw
LzEvRlNfdHNDV215OUpJYUVHYURMVmluVWhqV1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDpIroMA0G
CSqGSIb3DQEBCwUAA4IBAQAGUh/taKftPKY3Pyg6dPeKPQFIat1o5kwbKfYSlTSV
Ma44rrRtUpUcCRgMdKOiY8Qn6L2Y69O78Z24Yit8E42PUAt6oexdzOqddlVQzSNi
XJ3FOt8o522eeLjwuDEsaGNEUSDYjAUSAjyYpD0gPLe6FRLIYb4S1LJk/UnELEUe
xoq6OwN95heK58wq7v3/zmDqNJ/4z8QFMnt3qo7Sj2Z4s7muZk/tqrwhqWtpBZgq
0VVGxt/Ekay3DVSvROcoaV5MWczw7k6jZtQrW+IVs//MDccapRI/y7ubvajRyvIT
cS9WKv93WqeHZWH5LU6Wh4BQ3uhmEP7hfiviZHnENCDx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:24 2024 by rpki-client on console-ams.rpki-client.org