Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/_nqr4t2xaKE71kBrc4QkiJySsrQ.roa
File: _nqr4t2xaKE71kBrc4QkiJySsrQ.roa (raw, json)
Hash identifier: RTNcg0xyfQXuV6NxWaQAjM0dUcW4q55qbHVh7SqgBF8=
Subject key identifier: FE:7A:AB:E2:DD:B1:68:A1:3B:D6:40:6B:73:84:24:88:9C:92:B2:B4
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 03A53BD6
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/_nqr4t2xaKE71kBrc4QkiJySsrQ.roa
Signing time: Mon 09 May 2022 13:32:35 +0000
ROA not before: Mon 09 May 2022 13:32:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 2.58.66.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61160406 (0x3a53bd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: May 9 13:32:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe7aabe2ddb168a13bd6406b738424889c92b2b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5e:ac:c9:8e:56:29:de:1d:f1:55:e5:3d:89:
67:db:38:df:56:21:0f:2c:86:da:85:f8:6c:ae:a8:
de:5a:9e:4c:80:eb:a3:9c:b6:92:db:9b:0f:70:99:
69:e2:47:6b:ab:0c:2e:0d:ff:4d:61:97:ea:dd:9e:
a0:7b:13:a6:77:45:69:0d:4c:d1:d2:08:f6:a0:80:
80:b0:de:c6:2f:a3:4d:95:a4:10:a6:2f:e9:92:f8:
0c:26:77:1c:f1:0e:83:24:1d:93:e0:e0:56:4b:2e:
d5:f0:09:05:6a:1a:2d:3b:d6:0a:86:94:ad:34:42:
f4:a2:82:80:cb:d6:ce:8b:58:5b:6b:c7:76:c1:41:
8c:be:01:a6:cd:4c:d2:4b:12:9e:0d:1e:9d:cd:a2:
db:a3:d4:d9:cf:95:14:cb:6b:c5:b5:19:9f:9d:8f:
f9:00:87:87:cb:19:5f:34:47:a9:3f:28:8d:3c:8e:
0b:5b:03:ff:ff:80:ca:be:b8:8d:87:46:80:55:d7:
0a:85:50:0e:fe:b3:cd:9a:21:a8:5c:b4:f8:0e:5c:
9b:35:17:6f:42:13:02:f5:e4:5f:cb:46:2f:5c:46:
80:37:bd:8a:fc:af:9e:71:17:6a:91:ef:53:4f:fb:
5e:b3:a3:e2:03:6b:1c:5d:5a:c4:b0:a7:42:16:c3:
bb:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7A:AB:E2:DD:B1:68:A1:3B:D6:40:6B:73:84:24:88:9C:92:B2:B4
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/_nqr4t2xaKE71kBrc4QkiJySsrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.66.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:f9:42:17:6e:f7:e7:b3:e5:51:92:10:20:82:e7:77:16:ca:
a6:3d:7f:92:36:07:01:fd:a4:92:76:32:cd:3a:93:2e:66:71:
5f:98:2d:fb:e5:40:83:5d:68:79:e1:eb:31:72:0b:63:6d:af:
a7:17:ea:72:54:af:d9:e2:fe:28:90:ac:10:1c:a7:5c:e1:98:
c0:61:80:fa:61:45:4c:74:e6:a7:d2:90:83:3b:d6:ec:44:99:
46:79:5f:90:f4:42:d3:96:ee:ed:28:b1:b1:f4:05:a8:41:2b:
a1:f4:b5:9b:ba:60:5b:32:57:82:bb:ed:d5:89:b6:11:9a:fb:
3e:1a:de:16:75:bb:6d:b1:90:f7:f6:83:8b:9c:fd:05:d2:1b:
3b:e3:b2:bf:df:04:3f:c7:4a:9b:fc:bf:e4:7f:2d:8e:62:0e:
f3:2e:2e:0d:22:f4:da:c4:9f:e9:79:c1:ef:68:dc:ed:1b:65:
a3:5d:0d:49:51:45:69:2c:82:a8:77:75:33:a5:5e:32:0b:b3:
41:85:a6:47:73:e1:78:ad:39:ac:98:43:60:98:e8:af:48:06:
f0:9f:e9:0e:77:9f:b4:ae:75:ca:ce:f3:20:10:5b:44:64:5c:
bc:f6:76:32:17:7d:99:0e:44:d4:26:ef:46:ca:85:ab:01:e5:
2a:84:7c:a6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA6U71jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NDc0Y2YzZTJmYTg5MmI1ZmRkM2YzMGRjODI3NWVlMTA2MmUxZDA2MB4XDTIyMDUw
OTEzMzIzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmU3YWFiZTJkZGIx
NjhhMTNiZDY0MDZiNzM4NDI0ODg5YzkyYjJiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK1erMmOVineHfFV5T2JZ9s431YhDyyG2oX4bK6o3lqeTIDr
o5y2ktubD3CZaeJHa6sMLg3/TWGX6t2eoHsTpndFaQ1M0dII9qCAgLDexi+jTZWk
EKYv6ZL4DCZ3HPEOgyQdk+DgVksu1fAJBWoaLTvWCoaUrTRC9KKCgMvWzotYW2vH
dsFBjL4Bps1M0ksSng0enc2i26PU2c+VFMtrxbUZn52P+QCHh8sZXzRHqT8ojTyO
C1sD//+Ayr64jYdGgFXXCoVQDv6zzZohqFy0+A5cmzUXb0ITAvXkX8tGL1xGgDe9
ivyvnnEXapHvU0/7XrOj4gNrHF1axLCnQhbDuxcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT+eqvi3bFooTvWQGtzhCSInJKytDAfBgNVHSMEGDAWgBREdM8+L6iStf3T
8w3IJ17hBi4dBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JIVFBQaS1va3JYOTBfTU55Q2RlNFFZdUhRWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvZTIwYmExLTZhZTgtNGI0My1hNzA5LTc1NDVjMDRlMTU3OC8x
L19ucXI0dDJ4YUtFNzFrQnJjNFFraUp5U3NyUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
ZTIwYmExLTZhZTgtNGI0My1hNzA5LTc1NDVjMDRlMTU3OC8xL1JIVFBQaS1va3JY
OTBfTU55Q2RlNFFZdUhRWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQI6QjANBgkqhkiG9w0BAQsFAAOC
AQEAXvlCF27357PlUZIQIILndxbKpj1/kjYHAf2kknYyzTqTLmZxX5gt++VAg11o
eeHrMXILY22vpxfqclSv2eL+KJCsEBynXOGYwGGA+mFFTHTmp9KQgzvW7ESZRnlf
kPRC05bu7SixsfQFqEErofS1m7pgWzJXgrvt1Ym2EZr7PhreFnW7bbGQ9/aDi5z9
BdIbO+Oyv98EP8dKm/y/5H8tjmIO8y4uDSL02sSf6XnB72jc7Rtlo10NSVFFaSyC
qHd1M6VeMguzQYWmR3PheK05rJhDYJjor0gG8J/pDneftK51ys7zIBBbRGRcvPZ2
Mhd9mQ5E1CbvRsqFqwHlKoR8pg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:29 2023 by rpki-client on console-fra.rpki-client.org