Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/MCYilimkJ4qNus3b3CATYlXiikQ.roa
File: MCYilimkJ4qNus3b3CATYlXiikQ.roa (raw, json)
Hash identifier: UXYuM4zsIUaXp3VzblkxmwcuCXgsZzK8lXn5rrSkMLI=
Subject key identifier: 30:26:22:96:29:A4:27:8A:8D:BA:CD:DB:DC:20:13:62:55:E2:8A:44
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 17A0341F
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/MCYilimkJ4qNus3b3CATYlXiikQ.roa
Signing time: Sat 01 Jan 2022 13:03:28 +0000
ROA not before: Sat 01 Jan 2022 13:03:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207732
IP address blocks: 2.58.55.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 396375071 (0x17a0341f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 13:03:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3026229629a4278a8dbacddbdc20136255e28a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6c:cd:9e:a0:3f:e1:64:9a:8c:d3:c3:96:d9:
25:33:b5:5f:26:90:a8:c2:35:f2:e5:37:f1:2c:6f:
8c:26:37:50:f7:4c:4a:af:6c:ad:6b:d4:5f:bb:f6:
9f:02:c5:95:5b:21:2b:6b:4d:71:81:ef:69:b1:94:
72:97:a6:64:60:4c:71:81:29:9b:7f:f8:ed:e7:ae:
32:6e:30:00:88:58:8d:40:59:e2:91:e5:3d:72:fc:
46:c3:49:dc:82:a2:57:d4:b6:65:32:93:a2:c2:82:
9a:06:c9:65:b9:5a:87:3d:82:ef:5a:57:53:42:69:
fe:f3:10:22:b8:45:58:db:c9:8b:2c:db:a9:d9:d8:
34:fc:4f:0d:74:69:1d:46:14:63:3f:c3:c3:fc:a6:
11:02:ae:7b:6c:3f:9e:f8:5e:28:bb:98:17:3b:0d:
77:08:fa:e0:a1:5b:76:16:9d:79:4e:0a:fd:28:0c:
ee:cc:be:a6:6c:5b:d7:38:6f:8c:dd:49:e1:eb:cd:
55:76:51:94:91:f6:98:d7:0b:83:5f:0f:56:9c:69:
d4:75:0a:d1:8d:99:09:b3:42:af:b6:74:58:51:1f:
f4:72:8b:11:9c:8e:58:eb:bb:76:99:c2:21:29:79:
d7:d1:ea:da:a2:97:58:11:d8:07:4b:05:b2:74:e4:
72:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:26:22:96:29:A4:27:8A:8D:BA:CD:DB:DC:20:13:62:55:E2:8A:44
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/MCYilimkJ4qNus3b3CATYlXiikQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.55.0/24
Signature Algorithm: sha256WithRSAEncryption
00:43:47:75:82:33:fa:eb:7f:97:d8:9c:6e:9e:bc:ef:56:3c:
d9:fd:68:db:36:57:eb:e1:59:55:6e:a4:b0:56:c9:04:75:75:
12:f0:5c:c0:2e:27:cd:39:47:09:84:41:60:5d:9f:f5:65:e0:
8e:ad:54:5b:c5:45:2c:2b:b8:ae:e9:05:ea:27:fc:4e:23:2b:
85:5d:d4:63:64:76:46:ca:a0:ad:4e:b2:89:1c:67:1b:4b:0a:
ca:7d:b3:ab:89:b8:4f:74:e7:48:0e:08:19:af:61:2e:3e:ba:
8a:c0:b2:f8:ff:21:e1:72:4b:1f:da:f5:05:99:80:97:e7:7f:
0d:d5:6d:f6:df:9e:ff:6d:90:52:36:f5:3f:28:53:b3:2b:99:
db:64:95:17:57:94:92:da:74:86:a0:5f:ac:22:50:f7:e4:f4:
4a:3c:bc:88:7f:5b:76:b2:81:32:86:6f:a6:c8:79:9e:43:db:
07:85:52:8b:59:ef:db:1d:35:83:f1:1a:fb:31:65:37:22:61:
00:ed:a4:e1:ba:0a:09:82:15:88:08:ce:97:ac:ac:95:9d:d1:
00:ae:7e:16:ad:f2:1b:b0:36:ff:25:59:d9:ac:8d:a6:0c:06:
1d:2a:cd:25:68:74:e6:16:80:87:55:bb:db:f8:03:79:09:12:
b5:01:ed:5d
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF6A0HzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NDI1M2M0ZjIzM2NlOTg0NzY5OWFlNjhlY2JmNWQ3NTE0YjBmYWRiMB4XDTIyMDEw
MTEzMDMyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzAyNjIyOTYyOWE0
Mjc4YThkYmFjZGRiZGMyMDEzNjI1NWUyOGE0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNszZ6gP+FkmozTw5bZJTO1XyaQqMI18uU38SxvjCY3UPdM
Sq9srWvUX7v2nwLFlVshK2tNcYHvabGUcpemZGBMcYEpm3/47eeuMm4wAIhYjUBZ
4pHlPXL8RsNJ3IKiV9S2ZTKTosKCmgbJZblahz2C71pXU0Jp/vMQIrhFWNvJiyzb
qdnYNPxPDXRpHUYUYz/Dw/ymEQKue2w/nvheKLuYFzsNdwj64KFbdhadeU4K/SgM
7sy+pmxb1zhvjN1J4evNVXZRlJH2mNcLg18PVpxp1HUK0Y2ZCbNCr7Z0WFEf9HKL
EZyOWOu7dpnCISl519Hq2qKXWBHYB0sFsnTkcgECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQwJiKWKaQnio26zdvcIBNiVeKKRDAfBgNVHSMEGDAWgBS0JTxPIzzphHaZ
rmjsv111FLD62zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RDVThUeU04NllSMm1hNW83TDlkZFJTdy10cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8x
L01DWWlsaW1rSjRxTnVzM2IzQ0FUWWxYaWlrUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDFkNmUxLTVjYWQtNDBkYi05NzczLTU4YjM4ZjVhYzgwYi8xL3RDVThUeU04NllS
Mm1hNW83TDlkZFJTdy10cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAI6NzANBgkqhkiG9w0BAQsFAAOC
AQEAAENHdYIz+ut/l9icbp6871Y82f1o2zZX6+FZVW6ksFbJBHV1EvBcwC4nzTlH
CYRBYF2f9WXgjq1UW8VFLCu4rukF6if8TiMrhV3UY2R2RsqgrU6yiRxnG0sKyn2z
q4m4T3TnSA4IGa9hLj66isCy+P8h4XJLH9r1BZmAl+d/DdVt9t+e/22QUjb1PyhT
syuZ22SVF1eUktp0hqBfrCJQ9+T0Sjy8iH9bdrKBMoZvpsh5nkPbB4VSi1nv2x01
g/Ea+zFlNyJhAO2k4boKCYIViAjOl6yslZ3RAK5+Fq3yG7A2/yVZ2ayNpgwGHSrN
JWh05haAh1W72/gDeQkStQHtXQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org