Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/duVSzlG1ztvOLbo6kcF5146KvD0.roa
File: duVSzlG1ztvOLbo6kcF5146KvD0.roa (raw, json)
Hash identifier: SDBhJO5BpA6DcsbkX4kdqm8SsdulUObq4UWMTNa+n3w=
Subject key identifier: 76:E5:52:CE:51:B5:CE:DB:CE:2D:BA:3A:91:C1:79:D7:8E:8A:BC:3D
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 37960100
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/duVSzlG1ztvOLbo6kcF5146KvD0.roa
Signing time: Sat 01 Jan 2022 09:06:04 +0000
ROA not before: Sat 01 Jan 2022 09:06:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21277
IP address blocks: 5.11.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 932577536 (0x37960100)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jan 1 09:06:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=76e552ce51b5cedbce2dba3a91c179d78e8abc3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b4:87:90:28:a2:fa:03:ca:f9:b0:46:55:85:
22:cd:24:90:f1:48:42:c0:99:de:49:a5:46:30:32:
03:bb:e4:93:77:ff:48:28:0e:76:d2:76:72:c7:6d:
24:33:8e:2d:9f:e2:d6:bd:20:6f:02:55:5e:ca:d9:
a1:18:ca:2d:d9:61:33:87:79:c6:66:db:c4:3d:a8:
80:8f:f0:62:c0:e7:34:62:46:04:09:32:9d:b0:14:
d7:31:50:bf:e2:fc:75:fc:9a:35:18:06:b2:1b:ee:
c9:53:20:8a:08:37:3a:b2:7e:48:8f:e1:83:e0:c3:
d9:9c:18:f5:db:69:8e:cc:57:b4:bc:aa:fb:e2:94:
ec:bb:79:65:83:7c:95:69:03:47:d1:fa:60:6a:83:
20:ac:a9:f2:d0:55:ea:a0:eb:bd:c5:3b:93:13:1a:
42:17:7f:5a:74:8a:a1:6d:35:ed:cd:37:86:f1:65:
8e:b2:9b:7c:71:90:89:c0:af:57:e6:b9:3e:f2:c6:
87:d7:ef:d7:a9:d8:0c:6f:08:77:6b:0f:55:ed:0e:
a0:f7:77:a2:b6:d8:e2:61:77:56:42:73:32:38:3c:
ca:0f:73:9b:12:8f:9d:c3:56:63:a9:c9:bd:67:02:
98:76:b0:a7:f9:a1:5d:73:56:3a:ba:25:94:29:2b:
eb:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:E5:52:CE:51:B5:CE:DB:CE:2D:BA:3A:91:C1:79:D7:8E:8A:BC:3D
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/duVSzlG1ztvOLbo6kcF5146KvD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.19.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:fe:87:07:c6:19:1d:6e:18:8b:99:b2:9c:75:d3:23:72:70:
bc:3a:1e:25:bd:4f:96:67:14:9b:8a:3e:4e:7f:0f:6c:ae:8f:
a5:4f:62:3a:50:06:19:c6:1f:36:85:02:20:c9:83:ae:d7:63:
f0:25:a3:5c:e6:29:60:84:2d:70:e0:f2:ff:95:18:ea:c2:b4:
bc:e7:44:a4:79:f6:c0:8e:18:07:d7:f0:62:3e:87:97:ee:73:
3d:90:aa:43:55:73:79:0e:f4:61:0c:c0:7b:3f:dc:8c:6a:29:
f8:55:fa:99:5f:91:e5:4e:b2:80:92:ee:3f:c6:03:c9:84:da:
5a:4d:7c:c4:9a:dc:df:e2:b9:bf:dd:60:59:96:6c:59:09:e3:
64:51:3a:4a:e3:50:15:1c:b4:dc:59:10:26:e7:4a:6b:b4:61:
b2:82:e1:8d:25:a9:cc:c1:8f:2c:24:7a:46:94:8c:c7:cc:52:
b5:96:e9:c3:7b:96:b6:e9:ea:53:d2:c8:24:15:ae:b6:e8:cd:
8c:6c:ab:54:2e:6b:21:82:78:55:b8:64:06:96:cf:85:14:4f:
e6:6d:f4:02:e7:75:d9:4f:9d:e5:ea:1a:b3:ea:25:ef:81:c3:
74:dc:9d:e2:2d:fb:91:3f:f6:51:a3:b3:a5:11:0b:db:c8:9a:
65:88:74:b4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN5YBADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YjUyOWE0ZDIyZmFlZjIzMTM1ZDZlZmY4OTEyMjY2NjIzYzQ5MjU1MB4XDTIyMDEw
MTA5MDYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZlNTUyY2U1MWI1
Y2VkYmNlMmRiYTNhOTFjMTc5ZDc4ZThhYmMzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALG0h5AoovoDyvmwRlWFIs0kkPFIQsCZ3kmlRjAyA7vkk3f/
SCgOdtJ2csdtJDOOLZ/i1r0gbwJVXsrZoRjKLdlhM4d5xmbbxD2ogI/wYsDnNGJG
BAkynbAU1zFQv+L8dfyaNRgGshvuyVMgigg3OrJ+SI/hg+DD2ZwY9dtpjsxXtLyq
++KU7Lt5ZYN8lWkDR9H6YGqDIKyp8tBV6qDrvcU7kxMaQhd/WnSKoW017c03hvFl
jrKbfHGQicCvV+a5PvLGh9fv16nYDG8Id2sPVe0OoPd3orbY4mF3VkJzMjg8yg9z
mxKPncNWY6nJvWcCmHawp/mhXXNWOrollCkr6z8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBR25VLOUbXO284tujqRwXnXjoq8PTAfBgNVHSMEGDAWgBRLUppNIvrvIxNd
bv+JEiZmI8SSVTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1MxS2FUU0w2N3lNVFhXN19pUkltWmlQRWtsVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvMWQ5YjA1LWVjNjEtNGMzMy1hMDk3LTM2YWU3NmVlOTgzZS8x
L2R1VlN6bEcxenR2T0xibzZrY0Y1MTQ2S3ZEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
MWQ5YjA1LWVjNjEtNGMzMy1hMDk3LTM2YWU3NmVlOTgzZS8xL1MxS2FUU0w2N3lN
VFhXN19pUkltWmlQRWtsVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAULEzANBgkqhkiG9w0BAQsFAAOC
AQEAof6HB8YZHW4Yi5mynHXTI3JwvDoeJb1PlmcUm4o+Tn8PbK6PpU9iOlAGGcYf
NoUCIMmDrtdj8CWjXOYpYIQtcODy/5UY6sK0vOdEpHn2wI4YB9fwYj6Hl+5zPZCq
Q1VzeQ70YQzAez/cjGop+FX6mV+R5U6ygJLuP8YDyYTaWk18xJrc3+K5v91gWZZs
WQnjZFE6SuNQFRy03FkQJudKa7RhsoLhjSWpzMGPLCR6RpSMx8xStZbpw3uWtunq
U9LIJBWutujNjGyrVC5rIYJ4VbhkBpbPhRRP5m30Aud12U+d5eoas+ol74HDdNyd
4i37kT/2UaOzpREL28iaZYh0tA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org