Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/qxP9EgOIdXGAae7hxM6to8WFoHU.roa
File: qxP9EgOIdXGAae7hxM6to8WFoHU.roa (raw, json)
Hash identifier: +lGSKQmI53zREZ4jIqWfU/aaCC0ntJWyPMOtbfvw2Uc=
Subject key identifier: AB:13:FD:12:03:88:75:71:80:69:EE:E1:C4:CE:AD:A3:C5:85:A0:75
Certificate issuer: /CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Certificate serial: 01837B1F8C5843A4E8D15624468807F226D0
Authority key identifier: 44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/qxP9EgOIdXGAae7hxM6to8WFoHU.roa
Signing time: Mon 26 Sep 2022 18:46:48 +0000
ROA not before: Mon 26 Sep 2022 18:46:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203355
IP address blocks: 2.58.66.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7b:1f:8c:58:43:a4:e8:d1:56:24:46:88:07:f2:26:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4474cf3e2fa892b5fdd3f30dc8275ee1062e1d06
Validity
Not Before: Sep 26 18:46:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ab13fd12038875718069eee1c4ceada3c585a075
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f3:f2:9d:d2:c5:72:29:f2:c4:8b:aa:21:02:
9a:d6:2b:30:fa:91:65:ea:d5:93:97:da:e2:a5:33:
53:d7:87:62:1e:a7:f7:32:2f:30:ae:b5:64:7f:ef:
b5:7f:6f:9c:15:5a:8e:2b:56:a6:5f:67:04:a9:20:
3f:1e:11:b9:d9:7d:38:32:fe:20:50:1e:6b:9d:a5:
13:5b:dd:bf:61:dd:be:b9:ad:97:81:bc:aa:a7:80:
b8:99:b9:76:c1:77:83:be:f9:18:7d:ad:f0:95:44:
6a:7b:78:9e:ea:30:3e:7c:01:18:85:73:46:06:bc:
7c:9f:4a:a5:3d:85:69:88:11:8c:43:13:59:94:16:
70:01:62:6d:2d:66:dd:b3:9c:cc:07:d0:8e:96:93:
50:0d:c9:79:b8:4f:a9:a3:b9:6b:55:78:5a:03:cf:
d5:7f:26:70:b0:c3:0e:26:bb:8b:29:7d:83:6b:2b:
1f:6f:43:73:2e:a7:9f:28:c9:f1:7f:c4:08:3c:47:
3f:9a:9f:b3:b9:66:3f:72:be:90:ad:0d:a7:25:59:
a9:40:de:43:9a:13:99:c7:d4:54:f9:80:83:f0:e6:
bb:94:db:81:51:69:bc:7d:71:44:ab:e0:69:d8:b8:
16:24:a9:d8:b8:1b:49:a3:77:ed:71:8e:72:42:18:
ee:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:13:FD:12:03:88:75:71:80:69:EE:E1:C4:CE:AD:A3:C5:85:A0:75
X509v3 Authority Key Identifier:
keyid:44:74:CF:3E:2F:A8:92:B5:FD:D3:F3:0D:C8:27:5E:E1:06:2E:1D:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHTPPi-okrX90_MNyCde4QYuHQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/qxP9EgOIdXGAae7hxM6to8WFoHU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e20ba1-6ae8-4b43-a709-7545c04e1578/1/RHTPPi-okrX90_MNyCde4QYuHQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.66.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:fb:89:8a:d9:6e:a7:77:e2:59:bb:91:11:14:6d:10:88:e0:
f6:fd:74:e0:57:6b:e2:5e:10:c8:8a:a4:06:e8:95:92:5f:23:
2a:d2:42:b5:8b:a3:ad:9f:1a:44:88:da:03:62:66:1b:80:6b:
ee:90:50:2f:51:2a:16:e7:67:1b:51:24:59:f1:67:e2:f9:e8:
df:ee:3b:b7:f7:6a:01:e2:62:0a:92:fd:8b:a5:e5:9b:cd:75:
d3:d3:b6:73:7b:df:2d:7a:21:41:c9:79:7a:be:47:c9:bd:43:
87:32:67:12:07:8b:62:b3:a5:c8:1f:36:d0:f1:a8:35:23:aa:
78:72:64:18:79:a3:2a:67:2a:9a:88:38:46:14:3a:4b:03:21:
2f:e4:3c:bc:e5:64:68:9d:59:65:fa:3f:6e:27:cb:ac:af:2c:
7f:91:ab:a1:36:f8:60:3e:b6:a9:cc:eb:18:6d:3f:a0:97:fd:
e9:8a:90:8b:2c:30:40:5d:5c:0f:91:2f:eb:c8:61:7b:d8:1c:
f6:db:62:1b:0f:47:b8:89:6e:42:b9:60:21:dd:3e:23:08:50:
0a:e1:fe:2e:98:be:b9:57:a4:d4:9f:9d:8d:41:97:3d:aa:e3:
99:d8:32:54:f1:37:c2:fa:e3:f2:0b:f1:db:97:c7:d4:32:50:
88:2a:4f:b1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYN7H4xYQ6To0VYkRogH8ibQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NzRjZjNlMmZhODkyYjVmZGQzZjMwZGM4Mjc1ZWUxMDYy
ZTFkMDYwHhcNMjIwOTI2MTg0NjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjEzZmQxMjAzODg3NTcxODA2OWVlZTFjNGNlYWRhM2M1ODVhMDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPPyndLFcinyxIuqIQKa1isw+pFl
6tWTl9ripTNT14diHqf3Mi8wrrVkf++1f2+cFVqOK1amX2cEqSA/HhG52X04Mv4g
UB5rnaUTW92/Yd2+ua2Xgbyqp4C4mbl2wXeDvvkYfa3wlURqe3ie6jA+fAEYhXNG
Brx8n0qlPYVpiBGMQxNZlBZwAWJtLWbds5zMB9COlpNQDcl5uE+po7lrVXhaA8/V
fyZwsMMOJruLKX2Daysfb0NzLqefKMnxf8QIPEc/mp+zuWY/cr6QrQ2nJVmpQN5D
mhOZx9RU+YCD8Oa7lNuBUWm8fXFEq+Bp2LgWJKnYuBtJo3ftcY5yQhju+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKsT/RIDiHVxgGnu4cTOraPFhaB1MB8GA1UdIwQY
MBaAFER0zz4vqJK1/dPzDcgnXuEGLh0GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDkt
NzU0NWMwNGUxNTc4LzEvcXhQOUVnT0lkWEdBYWU3aHhNNnRvOFdGb0hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjBiYTEtNmFlOC00YjQzLWE3MDktNzU0NWMwNGUxNTc4
LzEvUkhUUFBpLW9rclg5MF9NTnlDZGU0UVl1SFFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBAjpCMA0G
CSqGSIb3DQEBCwUAA4IBAQAK+4mK2W6nd+JZu5ERFG0QiOD2/XTgV2viXhDIiqQG
6JWSXyMq0kK1i6OtnxpEiNoDYmYbgGvukFAvUSoW52cbUSRZ8Wfi+ejf7ju392oB
4mIKkv2LpeWbzXXT07Zze98teiFByXl6vkfJvUOHMmcSB4tis6XIHzbQ8ag1I6p4
cmQYeaMqZyqaiDhGFDpLAyEv5Dy85WRonVll+j9uJ8usryx/kauhNvhgPrapzOsY
bT+gl/3pipCLLDBAXVwPkS/ryGF72Bz222IbD0e4iW5CuWAh3T4jCFAK4f4umL65
V6TUn52NQZc9quOZ2DJU8TfC+uPyC/Hbl8fUMlCIKk+x
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:23 2023 by rpki-client on console-ams.rpki-client.org