Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/8T9WNKl8Fg1aRZm9VwmD2xHFD44.roa
File: 8T9WNKl8Fg1aRZm9VwmD2xHFD44.roa (raw, json)
Hash identifier: SYNvvz/lQokfk7SvFL/xyhNm2UCOo7N6K2Mr+j8o4mk=
Subject key identifier: F1:3F:56:34:A9:7C:16:0D:5A:45:99:BD:57:09:83:DB:11:C5:0F:8E
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 0183C74DF292DB4575B9DABCD6FA0210EBC1
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/8T9WNKl8Fg1aRZm9VwmD2xHFD44.roa
Signing time: Tue 11 Oct 2022 13:48:37 +0000
ROA not before: Tue 11 Oct 2022 13:48:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207152
IP address blocks: 37.143.0.0/22 maxlen: 24
37.143.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c7:4d:f2:92:db:45:75:b9:da:bc:d6:fa:02:10:eb:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Oct 11 13:48:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f13f5634a97c160d5a4599bd570983db11c50f8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ac:0d:a5:42:16:5d:ac:e9:13:f4:19:d9:ce:
75:cd:bd:03:c3:87:ac:57:0f:d2:17:7a:39:5a:71:
37:45:41:79:3f:93:e3:92:7e:82:08:a9:9f:89:6e:
18:61:ea:6c:0c:9a:fd:d7:e0:09:49:1c:6c:b3:e7:
b9:36:b7:bd:b9:f4:ed:74:bc:77:32:39:8a:20:bd:
ed:3f:7f:0c:b0:3a:0b:0d:9a:b0:dc:a1:f9:3b:fc:
6c:9d:04:fc:97:74:7f:b9:cf:0b:9d:d0:7f:50:e2:
06:7e:8a:a7:90:5b:0f:80:df:b6:c6:f1:aa:31:fc:
ef:d3:53:30:cf:dc:41:c7:3e:2f:ba:71:36:0b:50:
7b:ee:24:f2:4e:07:70:76:e4:2e:7e:94:65:4e:97:
51:7b:50:68:b2:8b:9e:af:09:7a:56:a1:f9:99:69:
50:f7:c7:6e:96:e4:b3:b2:47:e8:bf:12:64:a3:d6:
15:05:06:43:03:dd:e7:3a:eb:16:26:0d:fb:f1:d3:
ce:12:17:9e:4a:52:01:4b:9f:ac:2c:79:cb:58:9b:
f1:d6:e9:ab:3b:21:ae:40:2b:36:91:b8:0c:9a:22:
1b:ca:94:85:56:00:23:94:32:c0:98:ac:5a:74:64:
01:79:ab:2c:8f:4b:62:ab:da:c0:bf:d2:af:23:8c:
1e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:3F:56:34:A9:7C:16:0D:5A:45:99:BD:57:09:83:DB:11:C5:0F:8E
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/8T9WNKl8Fg1aRZm9VwmD2xHFD44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:6d:bc:e6:7e:4b:db:b7:41:85:ef:a9:5c:d2:eb:c8:a8:38:
d8:ac:b0:39:f0:ff:9a:30:5d:48:35:8d:71:18:16:7f:67:26:
eb:bc:e2:34:e9:b7:a1:e1:09:ca:a1:f3:11:40:de:38:89:5f:
07:00:8f:50:4f:a5:6d:19:ab:d5:9a:90:0e:0c:f0:40:3e:5e:
b1:2a:87:d3:9b:7c:e1:05:60:2e:98:29:1f:e4:05:92:55:87:
c1:b7:05:60:47:fb:4e:20:5d:1b:34:43:fe:58:75:a2:85:17:
d4:e5:73:67:be:35:77:b6:90:c7:6c:57:80:a2:68:9d:80:d9:
fb:2d:05:f2:d7:92:ea:46:9e:e3:01:b1:a4:78:1c:d4:a8:ba:
0b:e3:63:8b:3e:18:23:fa:6e:98:01:19:e1:ed:ae:e0:ac:88:
c1:ca:00:07:17:5c:d4:af:7e:9a:d3:22:f3:bd:6b:86:72:db:
cc:0a:07:91:21:c0:96:cb:31:19:4e:f7:15:8e:ea:e4:81:13:
5d:ed:5b:a0:cb:7f:75:99:e1:47:70:29:49:af:d6:c8:40:f7:
d2:8b:cf:cb:af:0d:80:8f:3b:1e:6d:ca:4e:39:07:48:80:68:
1a:91:01:a9:25:3b:0b:09:db:d6:8c:77:9e:b6:7f:f7:de:80:
06:58:07:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPHTfKS20V1udq81voCEOvBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjIxMDExMTM0ODM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTNmNTYzNGE5N2MxNjBkNWE0NTk5YmQ1NzA5ODNkYjExYzUwZjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqwNpUIWXazpE/QZ2c51zb0Dw4es
Vw/SF3o5WnE3RUF5P5Pjkn6CCKmfiW4YYepsDJr91+AJSRxss+e5Nre9ufTtdLx3
MjmKIL3tP38MsDoLDZqw3KH5O/xsnQT8l3R/uc8LndB/UOIGfoqnkFsPgN+2xvGq
Mfzv01Mwz9xBxz4vunE2C1B77iTyTgdwduQufpRlTpdRe1Bosouerwl6VqH5mWlQ
98duluSzskfovxJko9YVBQZDA93nOusWJg378dPOEheeSlIBS5+sLHnLWJvx1umr
OyGuQCs2kbgMmiIbypSFVgAjlDLAmKxadGQBeassj0tiq9rAv9KvI4wepQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPE/VjSpfBYNWkWZvVcJg9sRxQ+OMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvOFQ5V05LbDhGZzFhUlptOVZ3bUQyeEhGRDQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJY8AMA0G
CSqGSIb3DQEBCwUAA4IBAQBfbbzmfkvbt0GF76lc0uvIqDjYrLA58P+aMF1INY1x
GBZ/ZybrvOI06beh4QnKofMRQN44iV8HAI9QT6VtGavVmpAODPBAPl6xKofTm3zh
BWAumCkf5AWSVYfBtwVgR/tOIF0bNEP+WHWihRfU5XNnvjV3tpDHbFeAomidgNn7
LQXy15LqRp7jAbGkeBzUqLoL42OLPhgj+m6YARnh7a7grIjBygAHF1zUr36a0yLz
vWuGctvMCgeRIcCWyzEZTvcVjurkgRNd7Vugy391meFHcClJr9bIQPfSi8/Lrw2A
jzsebcpOOQdIgGgakQGpJTsLCdvWjHeetn/33oAGWAfF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:33 2023 by rpki-client on console-ams.rpki-client.org