Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/CM6ykLUmupFVykzbD97e5mw6EMk.roa
File: CM6ykLUmupFVykzbD97e5mw6EMk.roa (raw, json)
Hash identifier: /wen6hIIoM0uAZsuw4kc0tyfi2A01J99/vbkJB73uJc=
Subject key identifier: 08:CE:B2:90:B5:26:BA:91:55:CA:4C:DB:0F:DE:DE:E6:6C:3A:10:C9
Certificate issuer: /CN=d1bbf3680cdae6c267a98d03d08f6b23d0ed1d46
Certificate serial: 09E2AF9C
Authority key identifier: D1:BB:F3:68:0C:DA:E6:C2:67:A9:8D:03:D0:8F:6B:23:D0:ED:1D:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0bvzaAza5sJnqY0D0I9rI9DtHUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/CM6ykLUmupFVykzbD97e5mw6EMk.roa
Signing time: Sat 01 Jan 2022 14:02:37 +0000
ROA not before: Sat 01 Jan 2022 14:02:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209714
IP address blocks: 193.168.154.0/24 maxlen: 24
193.168.155.0/24 maxlen: 24
193.168.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 165851036 (0x9e2af9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1bbf3680cdae6c267a98d03d08f6b23d0ed1d46
Validity
Not Before: Jan 1 14:02:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08ceb290b526ba9155ca4cdb0fdedee66c3a10c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ed:b0:0d:68:cb:78:99:b9:a8:da:c9:1d:09:
b4:f2:f6:e2:56:7f:ae:5c:df:a6:87:d9:77:17:f0:
c7:8d:da:9e:06:ec:c4:52:50:67:8a:b0:9b:ed:a9:
10:b7:e2:90:55:61:ad:75:d1:41:e9:fc:3c:86:2d:
23:08:55:f1:65:90:c3:5b:b1:4e:02:c6:7d:09:64:
71:db:00:d4:a7:ba:fd:e2:fd:56:b4:56:6b:0c:2e:
6b:f7:85:c1:4f:12:f9:ca:8c:b3:93:7b:36:e1:aa:
d2:d9:ac:af:6f:51:65:36:a1:97:d0:b1:8c:01:a7:
18:e3:86:40:c7:75:81:92:82:23:2d:0f:5e:28:65:
b0:3f:39:fc:ad:e5:de:be:7d:3e:da:b9:b3:82:41:
06:22:e6:d3:36:86:19:50:8b:51:ab:62:55:a9:ba:
3b:a8:68:9b:b0:12:9d:c5:53:6b:7b:bb:35:67:8e:
76:bb:3c:91:42:10:08:fb:10:c6:6c:2c:52:76:32:
88:21:c6:d8:b0:9b:98:01:14:75:70:40:72:e4:47:
df:c4:f2:d4:12:fb:00:23:b6:81:e6:4d:f3:69:66:
2d:99:4f:96:6b:38:85:de:70:2a:ea:38:a0:06:ad:
a2:f5:fc:44:e4:71:eb:58:90:22:1f:66:c4:4a:b8:
80:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:CE:B2:90:B5:26:BA:91:55:CA:4C:DB:0F:DE:DE:E6:6C:3A:10:C9
X509v3 Authority Key Identifier:
keyid:D1:BB:F3:68:0C:DA:E6:C2:67:A9:8D:03:D0:8F:6B:23:D0:ED:1D:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0bvzaAza5sJnqY0D0I9rI9DtHUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/CM6ykLUmupFVykzbD97e5mw6EMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d52e84-eb84-45c2-b6c5-51c1faa4718f/1/0bvzaAza5sJnqY0D0I9rI9DtHUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.153.0-193.168.155.255
Signature Algorithm: sha256WithRSAEncryption
b3:21:fa:f9:ff:16:f2:95:36:8b:b4:9d:ed:09:ea:83:a4:bf:
88:cd:41:f0:e8:13:e0:ff:a6:9f:4a:db:a6:e7:ce:b7:a1:5d:
e1:8c:86:80:99:6a:f9:f1:8f:93:f2:50:4a:4d:10:5d:16:41:
38:65:46:41:ef:aa:5a:2c:ba:f1:8d:f8:22:15:2c:d1:ef:6f:
93:7e:0e:ce:34:4b:17:79:b4:f9:18:cd:73:c7:86:4b:c0:b5:
ad:91:5e:de:59:ef:48:5c:1c:71:28:83:cb:42:a1:2d:87:da:
b4:af:6f:c4:32:15:a6:05:ab:7e:08:92:d2:ff:4d:da:d7:4a:
33:35:09:91:9c:9b:85:b4:33:eb:37:c2:5e:a4:ab:6c:69:06:
18:13:9f:5a:88:1e:0b:95:db:23:25:a4:04:a6:bb:69:5e:84:
c1:54:a8:cb:2d:05:a2:f0:e9:15:59:7c:b4:94:af:43:09:ec:
ba:03:fc:d2:6a:f6:d4:67:0d:32:d5:c8:17:b1:f2:02:fe:76:
8e:59:84:88:c0:f5:06:bf:5d:a0:f5:6e:fa:7f:40:42:69:ec:
bb:07:19:2c:9f:a1:30:8a:80:a4:eb:6a:ff:17:db:f8:96:98:
87:af:da:3a:46:b8:7d:f6:cd:3e:28:3f:e6:65:4f:df:1b:bf:
85:0c:e4:b3
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIECeKvnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MWJiZjM2ODBjZGFlNmMyNjdhOThkMDNkMDhmNmIyM2QwZWQxZDQ2MB4XDTIyMDEw
MTE0MDIzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDhjZWIyOTBiNTI2
YmE5MTU1Y2E0Y2RiMGZkZWRlZTY2YzNhMTBjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDtsA1oy3iZuajayR0JtPL24lZ/rlzfpofZdxfwx43angbs
xFJQZ4qwm+2pELfikFVhrXXRQen8PIYtIwhV8WWQw1uxTgLGfQlkcdsA1Ke6/eL9
VrRWawwua/eFwU8S+cqMs5N7NuGq0tmsr29RZTahl9CxjAGnGOOGQMd1gZKCIy0P
XihlsD85/K3l3r59Ptq5s4JBBiLm0zaGGVCLUatiVam6O6hom7ASncVTa3u7NWeO
drs8kUIQCPsQxmwsUnYyiCHG2LCbmAEUdXBAcuRH38Ty1BL7ACO2geZN82lmLZlP
lms4hd5wKuo4oAatovX8RORx61iQIh9mxEq4gGECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQIzrKQtSa6kVXKTNsP3t7mbDoQyTAfBgNVHSMEGDAWgBTRu/NoDNrmwmep
jQPQj2sj0O0dRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBidnphQXphNXNKbnFZMEQwSTlySTlEdEhVWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmIvZDUyZTg0LWViODQtNDVjMi1iNmM1LTUxYzFmYWE0NzE4Zi8x
L0NNNnlrTFVtdXBGVnlremJEOTdlNW13NkVNay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmIv
ZDUyZTg0LWViODQtNDVjMi1iNmM1LTUxYzFmYWE0NzE4Zi8xLzBidnphQXphNXNK
bnFZMEQwSTlySTlEdEhVWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAwaiZAwQCwaiYMA0GCSqGSIb3
DQEBCwUAA4IBAQCzIfr5/xbylTaLtJ3tCeqDpL+IzUHw6BPg/6afStum5863oV3h
jIaAmWr58Y+T8lBKTRBdFkE4ZUZB76paLLrxjfgiFSzR72+Tfg7ONEsXebT5GM1z
x4ZLwLWtkV7eWe9IXBxxKIPLQqEth9q0r2/EMhWmBat+CJLS/03a10ozNQmRnJuF
tDPrN8JepKtsaQYYE59aiB4LldsjJaQEprtpXoTBVKjLLQWi8OkVWXy0lK9DCey6
A/zSavbUZw0y1cgXsfIC/naOWYSIwPUGv12g9W76f0BCaey7Bxksn6EwioCk62r/
F9v4lpiHr9o6Rrh99s0+KD/mZU/fG7+FDOSz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:55 2023 by rpki-client on console-fra.rpki-client.org