Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/D8n49_3HXQt5eCf2zSLShVvcefM.roa
File: D8n49_3HXQt5eCf2zSLShVvcefM.roa (raw, json)
Hash identifier: oDeDyIbQEVS1khmRW1hKZEVcObS2YROTMKSId4VaUNQ=
Subject key identifier: 0F:C9:F8:F7:FD:C7:5D:0B:79:78:27:F6:CD:22:D2:85:5B:DC:79:F3
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 11455CC1
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/D8n49_3HXQt5eCf2zSLShVvcefM.roa
Signing time: Sat 01 Jan 2022 05:58:17 +0000
ROA not before: Sat 01 Jan 2022 05:58:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 32787
IP address blocks: 62.255.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 289758401 (0x11455cc1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Jan 1 05:58:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fc9f8f7fdc75d0b797827f6cd22d2855bdc79f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b5:9a:62:8b:f4:6e:85:4c:63:4f:38:2d:07:
42:36:66:77:68:38:99:d5:5c:9e:d9:46:35:9b:ba:
ac:be:dd:af:3c:b8:24:12:0c:55:74:7e:87:21:88:
42:56:9d:49:cb:06:c2:7e:2a:0b:64:9c:2e:7e:d2:
73:2e:b5:45:29:ce:32:20:9f:46:32:04:00:7e:64:
9d:ea:33:0c:cf:d7:e5:eb:dc:e6:a9:40:ed:10:f0:
4c:d3:44:d9:6d:80:3b:77:7f:7c:49:49:15:71:1c:
38:8b:ba:28:03:4f:76:ed:cd:d0:b9:7d:ed:0e:aa:
3a:10:a4:9c:ea:7d:ab:4a:56:3a:07:cb:fc:d7:0b:
b0:27:0a:7c:b5:c0:3b:2e:79:cc:a6:f2:f0:e7:0e:
5d:f4:0a:ac:97:b2:6b:55:db:d5:94:08:29:42:6f:
2b:dd:1f:09:00:3d:6f:9e:83:a0:c5:b6:8f:7f:b4:
86:07:7e:0d:7c:5c:c6:b2:9f:d9:e7:37:e8:1f:b2:
12:c1:42:10:79:f3:91:8c:5d:f6:88:03:10:99:e3:
e6:df:85:86:a8:ac:85:58:16:27:83:8d:11:fc:76:
85:3c:b5:a1:4c:55:98:08:04:6f:95:d4:62:0c:0b:
99:23:77:05:ef:f3:72:f2:71:58:2e:6c:d4:29:77:
6f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:C9:F8:F7:FD:C7:5D:0B:79:78:27:F6:CD:22:D2:85:5B:DC:79:F3
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/D8n49_3HXQt5eCf2zSLShVvcefM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.255.142.0/24
Signature Algorithm: sha256WithRSAEncryption
77:2f:1e:db:2f:8e:8c:32:52:a2:80:30:9b:85:7b:5e:ec:c0:
3a:1a:49:5b:99:7a:3f:ab:83:a0:2a:6e:d1:f1:51:a8:47:ac:
fb:a9:b4:49:60:1d:81:83:ad:df:e9:db:ab:9c:42:67:d2:60:
ac:22:06:d5:68:3d:ea:35:bc:5c:ba:12:19:57:9b:e9:68:69:
df:cc:a7:cd:b9:51:bb:d2:28:cb:c8:a2:b5:aa:5f:76:7c:ff:
47:2e:45:03:8c:80:0f:96:4f:06:08:9b:4a:0d:1a:ae:3a:3f:
a8:01:88:71:df:cd:66:da:b0:b6:fe:f7:82:8f:db:4e:5a:a0:
60:c9:48:ca:6d:ac:ae:06:0c:13:ca:a2:3b:6e:68:b4:8d:60:
f0:11:da:17:32:4b:35:7c:71:fe:59:70:98:ae:89:55:c5:67:
1a:27:62:bf:6c:54:83:70:cd:c4:4c:87:6d:15:50:2e:45:a8:
10:ef:aa:67:f1:de:d6:7a:36:18:2f:92:31:e1:87:7a:52:77:
8e:6a:5e:0b:2f:d4:b5:02:06:62:2b:ea:bf:1e:0f:fb:fb:83:
dc:60:8a:7c:b2:1b:5a:e6:94:55:c5:a5:57:7c:8d:60:76:e8:
11:ae:f7:ce:29:ec:53:51:8b:bd:81:63:76:fa:16:76:07:c4:
ae:6e:e9:dd
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEUVcwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NjMwN2QyOWY1NTQzZjIxZWEzMDA5Yjk1MjNmZTcxYjhmMTM2OWNhMB4XDTIyMDEw
MTA1NTgxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGZjOWY4ZjdmZGM3
NWQwYjc5NzgyN2Y2Y2QyMmQyODU1YmRjNzlmMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANG1mmKL9G6FTGNPOC0HQjZmd2g4mdVcntlGNZu6rL7drzy4
JBIMVXR+hyGIQladScsGwn4qC2ScLn7Scy61RSnOMiCfRjIEAH5kneozDM/X5evc
5qlA7RDwTNNE2W2AO3d/fElJFXEcOIu6KANPdu3N0Ll97Q6qOhCknOp9q0pWOgfL
/NcLsCcKfLXAOy55zKby8OcOXfQKrJeya1Xb1ZQIKUJvK90fCQA9b56DoMW2j3+0
hgd+DXxcxrKf2ec36B+yEsFCEHnzkYxd9ogDEJnj5t+FhqishVgWJ4ONEfx2hTy1
oUxVmAgEb5XUYgwLmSN3Be/zcvJxWC5s1Cl3b3cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQPyfj3/cddC3l4J/bNItKFW9x58zAfBgNVHSMEGDAWgBQWMH0p9VQ/Ieow
CblSP+cbjxNpyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZqQjlLZlZVUHlIcU1BbTVVal9uRzQ4VGFjby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvYmY1ZTcwLTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8x
L0Q4bjQ5XzNIWFF0NWVDZjJ6U0xTaFZ2Y2VmTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
YmY1ZTcwLTY2NjUtNDlkZS1iOWNmLTRjZmU0MGYwN2E2Yi8xL0ZqQjlLZlZVUHlI
cU1BbTVVal9uRzQ4VGFjby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAD7/jjANBgkqhkiG9w0BAQsFAAOC
AQEAdy8e2y+OjDJSooAwm4V7XuzAOhpJW5l6P6uDoCpu0fFRqEes+6m0SWAdgYOt
3+nbq5xCZ9JgrCIG1Wg96jW8XLoSGVeb6Whp38ynzblRu9Ioy8iitapfdnz/Ry5F
A4yAD5ZPBgibSg0arjo/qAGIcd/NZtqwtv73go/bTlqgYMlIym2srgYME8qiO25o
tI1g8BHaFzJLNXxx/llwmK6JVcVnGidiv2xUg3DNxEyHbRVQLkWoEO+qZ/He1no2
GC+SMeGHelJ3jmpeCy/UtQIGYivqvx4P+/uD3GCKfLIbWuaUVcWlV3yNYHboEa73
zinsU1GLvYFjdvoWdgfErm7p3Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:35 2023 by rpki-client on console-fra.rpki-client.org