Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/hFMw3q196y4-tgrp3ifKewz5YFY.roa
File: hFMw3q196y4-tgrp3ifKewz5YFY.roa (raw, json)
Hash identifier: GUiwit38ywV65huhhMXcnaeoRpLWAQaXf2PKJh/qxjw=
Subject key identifier: 84:53:30:DE:AD:7D:EB:2E:3E:B6:0A:E9:DE:27:CA:7B:0C:F9:60:56
Certificate issuer: /CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Certificate serial: 0183D03CEF470D11287DA5F98547AEA4C062
Authority key identifier: 0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/hFMw3q196y4-tgrp3ifKewz5YFY.roa
Signing time: Thu 13 Oct 2022 07:26:37 +0000
ROA not before: Thu 13 Oct 2022 07:26:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204968
IP address blocks: 37.143.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:3c:ef:47:0d:11:28:7d:a5:f9:85:47:ae:a4:c0:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f6363d428b7915c108825f09706004b8ea3d4b5
Validity
Not Before: Oct 13 07:26:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=845330dead7deb2e3eb60ae9de27ca7b0cf96056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c8:21:0d:77:4e:ae:49:28:c0:05:c9:5d:dc:
18:39:9a:41:b2:f6:6c:51:63:74:e2:d7:f7:48:91:
6f:c2:c7:3b:cf:e2:c2:e5:f8:a8:df:e0:a9:41:a0:
f6:4b:bc:85:ec:41:dd:fc:24:bc:54:6a:a1:e6:31:
d5:2d:d2:64:93:3e:b5:c7:33:00:b9:23:93:b4:2d:
32:af:19:b4:c2:8b:16:78:c3:54:d9:92:34:ef:b4:
cf:09:f9:85:2e:96:c7:19:c1:f2:83:e6:d9:64:9b:
7f:fd:63:8e:29:a8:0a:27:01:0f:f7:21:10:25:eb:
46:01:23:57:f6:a2:da:9e:06:9f:df:ee:a4:01:8d:
0e:40:04:c4:bb:22:7f:76:38:21:c4:8e:bc:99:a1:
02:b5:ad:76:bb:09:85:80:c4:b6:f0:0c:06:5f:bf:
c3:3c:9b:8f:38:26:87:91:f0:3a:f3:e3:de:c4:71:
a8:d9:df:90:a2:8d:f4:35:e7:f1:3f:ac:b3:9c:f3:
db:93:36:f8:6f:d8:59:07:c0:d1:53:4f:89:a2:26:
db:f1:59:b2:83:1e:bc:6d:3b:ec:68:63:ee:3c:45:
54:51:ea:1b:e1:e4:f7:47:8d:82:7b:57:7a:4e:7a:
0d:ec:34:5e:3a:d2:71:39:1c:ef:f4:dc:da:ef:8d:
f6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:53:30:DE:AD:7D:EB:2E:3E:B6:0A:E9:DE:27:CA:7B:0C:F9:60:56
X509v3 Authority Key Identifier:
keyid:0F:63:63:D4:28:B7:91:5C:10:88:25:F0:97:06:00:4B:8E:A3:D4:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/hFMw3q196y4-tgrp3ifKewz5YFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/6becb0-18fd-4add-bb41-2e1c0af4faa4/1/D2Nj1Ci3kVwQiCXwlwYAS46j1LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.0.0/22
Signature Algorithm: sha256WithRSAEncryption
c1:d2:31:e3:ac:2d:2e:e5:0d:45:db:24:07:41:da:ff:cc:d5:
7e:a7:d3:a6:7e:4b:7c:63:74:81:96:48:12:31:03:4a:da:bb:
da:22:8b:7b:0e:f7:77:db:be:05:ad:ab:32:f0:0a:c1:d6:75:
cf:05:a6:6f:f7:35:e4:e9:6f:6b:d5:6e:80:73:51:0a:80:2c:
76:ad:a9:98:c3:c4:54:de:29:ff:fe:59:33:35:d7:51:05:3d:
f0:1c:1e:97:84:14:b2:50:d9:48:a7:e1:37:bc:d8:cf:b5:5f:
f2:67:5d:e6:e9:17:be:5a:cb:4c:13:94:51:50:a6:02:a4:21:
00:61:a7:9f:13:5b:f6:19:a7:0f:0e:0d:a6:4d:de:a5:4e:1a:
26:e3:6f:f5:3a:06:ce:be:b8:f7:d4:ac:3b:86:e5:f9:2f:5e:
15:80:51:78:36:60:31:73:b5:cc:8f:94:e9:a5:36:3d:51:db:
2c:58:2f:4c:d2:5b:7b:78:6f:9b:60:32:8b:12:f2:78:34:79:
5f:44:f2:80:18:e1:e1:f2:ca:46:04:b2:9d:a0:50:78:57:0a:
92:a5:9f:b7:17:df:a9:93:b4:01:aa:cc:71:8f:b0:03:70:ac:
dd:4f:fe:e0:5b:76:44:cd:85:4b:22:35:33:aa:83:5d:d9:a5:
02:60:9c:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPQPO9HDREofaX5hUeupMBiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmNjM2M2Q0MjhiNzkxNWMxMDg4MjVmMDk3MDYwMDRiOGVh
M2Q0YjUwHhcNMjIxMDEzMDcyNjM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDUzMzBkZWFkN2RlYjJlM2ViNjBhZTlkZTI3Y2E3YjBjZjk2MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAisghDXdOrkkowAXJXdwYOZpBsvZs
UWN04tf3SJFvwsc7z+LC5fio3+CpQaD2S7yF7EHd/CS8VGqh5jHVLdJkkz61xzMA
uSOTtC0yrxm0wosWeMNU2ZI077TPCfmFLpbHGcHyg+bZZJt//WOOKagKJwEP9yEQ
JetGASNX9qLangaf3+6kAY0OQATEuyJ/djghxI68maECta12uwmFgMS28AwGX7/D
PJuPOCaHkfA68+PexHGo2d+Qoo30NefxP6yznPPbkzb4b9hZB8DRU0+Joibb8Vmy
gx68bTvsaGPuPEVUUeob4eT3R42Ce1d6TnoN7DReOtJxORzv9Nza7432QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRTMN6tfesuPrYK6d4nynsM+WBWMB8GA1UdIwQY
MBaAFA9jY9Qot5FcEIgl8JcGAEuOo9S1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEt
MmUxYzBhZjRmYWE0LzEvaEZNdzNxMTk2eTQtdGdycDNpZktld3o1WUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy82YmVjYjAtMThmZC00YWRkLWJiNDEtMmUxYzBhZjRmYWE0
LzEvRDJOajFDaTNrVndRaUNYd2x3WUFTNDZqMUxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCJY8AMA0G
CSqGSIb3DQEBCwUAA4IBAQDB0jHjrC0u5Q1F2yQHQdr/zNV+p9Omfkt8Y3SBlkgS
MQNK2rvaIot7Dvd3274Frasy8ArB1nXPBaZv9zXk6W9r1W6Ac1EKgCx2ramYw8RU
3in//lkzNddRBT3wHB6XhBSyUNlIp+E3vNjPtV/yZ13m6Re+WstME5RRUKYCpCEA
YaefE1v2GacPDg2mTd6lThom42/1OgbOvrj31Kw7huX5L14VgFF4NmAxc7XMj5Tp
pTY9UdssWC9M0lt7eG+bYDKLEvJ4NHlfRPKAGOHh8spGBLKdoFB4VwqSpZ+3F9+p
k7QBqsxxj7ADcKzdT/7gW3ZEzYVLIjUzqoNd2aUCYJyh
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:41 2023 by rpki-client on console-fra.rpki-client.org