Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/FUztIKngfq_DmL2ZL30g9XnLZe8.roa
File: FUztIKngfq_DmL2ZL30g9XnLZe8.roa (raw, json)
Hash identifier: MT/sFCD7SZOXmsRwcL+JItrhtFkEMdW3KmfIcjcfTHQ=
Subject key identifier: 15:4C:ED:20:A9:E0:7E:AF:C3:98:BD:99:2F:7D:20:F5:79:CB:65:EF
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3A033556
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/FUztIKngfq_DmL2ZL30g9XnLZe8.roa
Signing time: Sat 01 Jan 2022 14:00:38 +0000
ROA not before: Sat 01 Jan 2022 14:00:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199410
IP address blocks: 217.153.154.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 973288790 (0x3a033556)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 14:00:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=154ced20a9e07eafc398bd992f7d20f579cb65ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:83:19:98:3b:ae:27:53:4c:38:ad:13:eb:b9:
87:78:e7:03:c4:78:95:cb:ab:e9:95:de:b5:a6:3d:
d0:3d:cd:e6:e4:86:da:17:b8:d8:c7:87:61:c8:d5:
fe:cd:ab:a9:f9:d2:93:04:b5:1e:83:3f:47:fa:5a:
1a:dc:37:ad:bc:c6:20:3f:12:e0:5b:80:1d:78:b9:
84:bd:44:d4:f9:eb:2e:b7:7f:05:2b:7c:57:4a:4b:
49:05:9b:22:5a:77:cf:83:6f:79:80:cc:92:9b:56:
3b:0c:53:ac:61:d2:d6:e2:a2:bc:2c:44:9f:6f:63:
13:63:26:82:d2:d9:1a:88:50:22:46:0d:77:5a:74:
a2:ed:1e:7e:62:51:c4:d1:54:bd:77:8e:c7:3d:81:
2a:b6:f7:3a:8d:2a:09:85:2f:4e:77:9c:10:b0:d2:
a1:fe:9e:40:d2:e9:52:5f:94:7b:a3:31:73:6a:a3:
a1:1f:65:46:b2:30:ff:46:80:2b:07:8d:80:bc:4b:
1c:55:bd:50:43:df:78:32:1d:e9:e8:b9:61:8d:ef:
1a:83:7d:fb:71:5f:d2:04:d7:db:d1:68:aa:9e:2a:
4c:fd:1d:ba:ff:66:85:e0:aa:e5:f5:c9:2d:4f:24:
bb:74:85:02:2c:ce:03:9e:b3:fc:57:41:d5:41:b9:
5a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:4C:ED:20:A9:E0:7E:AF:C3:98:BD:99:2F:7D:20:F5:79:CB:65:EF
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/FUztIKngfq_DmL2ZL30g9XnLZe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.153.154.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:e7:98:a3:c3:0f:c2:f6:5b:da:31:c7:16:65:24:07:76:18:
fb:b7:43:d2:86:fe:e8:4b:37:91:a0:90:2d:14:7e:70:1a:d4:
9b:d6:e0:0d:98:fb:3c:15:4f:3f:e1:72:5a:7a:37:78:ca:4b:
88:97:a5:8a:d7:97:b5:ca:d1:1c:0e:43:5c:69:a0:9a:1e:4a:
bf:00:fe:de:25:3e:71:05:9b:8f:f8:f6:fa:4f:11:2c:8f:be:
e1:42:5d:a0:f5:ea:ea:e7:a5:6f:44:62:7a:5a:21:ee:b4:0f:
de:93:fc:f7:dd:86:54:b1:6c:17:64:04:60:44:01:e2:ae:10:
08:3d:57:cc:93:17:99:f1:62:ec:d7:9a:3d:5c:a8:04:a8:fd:
11:25:64:ad:7c:10:2a:d8:7d:3b:1c:2c:e5:2c:23:24:2c:16:
05:84:b8:1d:a2:cc:69:0c:0d:8c:53:d6:21:b7:71:26:8e:53:
1b:31:2b:84:92:f8:80:e3:6d:39:d5:fd:76:a2:e6:91:e6:9b:
17:ca:2e:fc:d2:e5:5a:e5:fa:a6:e6:cb:3c:61:92:ee:f5:1d:
54:8e:18:e1:04:6f:9b:51:43:27:62:e3:22:fc:09:2f:1e:15:
f3:d5:55:5e:ee:51:1e:58:40:14:10:27:af:b2:88:5d:42:c5:
27:7a:49:7b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOgM1VjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDEw
MTE0MDAzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMTU0Y2VkMjBhOWUw
N2VhZmMzOThiZDk5MmY3ZDIwZjU3OWNiNjVlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaDGZg7ridTTDitE+u5h3jnA8R4lcur6ZXetaY90D3N5uSG
2he42MeHYcjV/s2rqfnSkwS1HoM/R/paGtw3rbzGID8S4FuAHXi5hL1E1PnrLrd/
BSt8V0pLSQWbIlp3z4NveYDMkptWOwxTrGHS1uKivCxEn29jE2MmgtLZGohQIkYN
d1p0ou0efmJRxNFUvXeOxz2BKrb3Oo0qCYUvTnecELDSof6eQNLpUl+Ue6Mxc2qj
oR9lRrIw/0aAKweNgLxLHFW9UEPfeDId6ei5YY3vGoN9+3Ff0gTX29Foqp4qTP0d
uv9mheCq5fXJLU8ku3SFAizOA56z/FdB1UG5WsECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQVTO0gqeB+r8OYvZkvfSD1ectl7zAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L0ZVenRJS25nZnFfRG1MMlpMMzBnOVhuTFplOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdmZmjANBgkqhkiG9w0BAQsFAAOC
AQEAaueYo8MPwvZb2jHHFmUkB3YY+7dD0ob+6Es3kaCQLRR+cBrUm9bgDZj7PBVP
P+FyWno3eMpLiJeliteXtcrRHA5DXGmgmh5KvwD+3iU+cQWbj/j2+k8RLI++4UJd
oPXq6uelb0Rieloh7rQP3pP8992GVLFsF2QEYEQB4q4QCD1XzJMXmfFi7NeaPVyo
BKj9ESVkrXwQKth9Oxws5SwjJCwWBYS4HaLMaQwNjFPWIbdxJo5TGzErhJL4gONt
OdX9dqLmkeabF8ou/NLlWuX6pubLPGGS7vUdVI4Y4QRvm1FDJ2LjIvwJLx4V89VV
Xu5RHlhAFBAnr7KIXULFJ3pJew==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:02 2023 by rpki-client on console-ams.rpki-client.org