Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/CoGUTUQCkK9YMXocHXfaFkA6AfU.roa
File: CoGUTUQCkK9YMXocHXfaFkA6AfU.roa (raw, json)
Hash identifier: 5no/srx4e+15v+31fVE3+YGsGVbJDr/lnpE1zlnFzL8=
Subject key identifier: 0A:81:94:4D:44:02:90:AF:58:31:7A:1C:1D:77:DA:16:40:3A:01:F5
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0184C383BB793B8FB5CAED8B8A95A4EB5E7E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/CoGUTUQCkK9YMXocHXfaFkA6AfU.roa
Signing time: Tue 29 Nov 2022 13:11:40 +0000
ROA not before: Tue 29 Nov 2022 13:11:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199902
IP address blocks: 192.121.120.0/24 maxlen: 24
192.121.3.0/24 maxlen: 24
192.71.191.0/24 maxlen: 24
192.36.97.0/24 maxlen: 24
192.71.190.0/24 maxlen: 24
192.71.188.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:83:bb:79:3b:8f:b5:ca:ed:8b:8a:95:a4:eb:5e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Nov 29 13:11:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a81944d440290af58317a1c1d77da16403a01f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:e9:71:66:a5:ba:ed:e4:ba:ba:2e:dc:df:b8:
75:ae:d5:8d:af:b0:60:77:bd:9a:59:5a:57:12:96:
d5:7a:a0:9d:95:9a:0f:82:b5:4f:94:2b:e8:7a:39:
de:be:cd:4d:87:a1:d0:d1:75:9a:74:a1:cd:18:c5:
ee:25:d2:19:45:40:23:e0:a1:9e:19:ff:6f:7f:a6:
6f:20:3a:8b:86:6f:07:f6:c5:60:8e:46:46:6c:81:
6b:33:7f:30:de:94:8e:9c:a5:37:a4:76:96:65:8b:
ae:9b:58:ba:79:06:c0:d8:ea:be:f2:be:90:b8:16:
89:d8:d6:83:bb:de:4f:08:fb:f6:6c:d8:f6:85:49:
c7:c1:e0:88:b0:9c:3d:c3:24:43:34:f0:65:76:79:
13:f8:75:84:95:47:68:6b:2a:12:91:ed:b8:2c:1c:
6f:15:15:29:af:f1:b8:a6:eb:5d:6a:df:de:c1:70:
67:de:60:5d:02:e9:f8:e9:8c:68:b4:40:1e:b4:c2:
a6:32:8b:02:9d:35:a8:5e:c1:1c:bc:3e:e7:40:cc:
ad:6e:db:e9:31:d5:b3:fa:20:e9:9a:d4:0d:af:4c:
97:7e:14:eb:45:07:b5:67:79:3f:27:f3:0b:34:f5:
93:d5:9c:27:86:63:e5:61:88:78:d4:d0:5c:16:d3:
41:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:81:94:4D:44:02:90:AF:58:31:7A:1C:1D:77:DA:16:40:3A:01:F5
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/CoGUTUQCkK9YMXocHXfaFkA6AfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.97.0/24
192.71.188.0/24
192.71.190.0/23
192.121.3.0/24
192.121.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:bc:6e:a8:4f:ed:90:0a:37:57:08:0f:02:8d:98:fc:ec:4b:
80:37:35:be:c9:17:c1:de:8f:47:44:ad:3e:ea:ed:99:2d:53:
ea:1c:2a:56:55:c7:e9:b9:45:32:1c:d2:b0:69:48:71:a6:e5:
08:00:61:d7:e0:84:62:47:37:e8:90:3a:d3:0a:b2:95:9e:f7:
67:88:60:63:b5:7a:43:cd:b4:9f:82:08:1d:ce:6d:2f:62:4e:
81:93:00:30:5c:c5:d4:f2:b4:22:66:4d:a8:e7:ee:62:82:51:
45:aa:12:c9:86:8e:ea:49:0c:c9:27:ba:b3:8e:59:8d:ab:19:
52:ee:85:a2:87:7c:29:e5:1a:65:42:0d:51:96:77:5d:44:a0:
8c:26:6a:0c:93:a1:8b:b9:59:26:c7:70:cc:52:c2:b0:54:7a:
e1:21:e3:23:17:b9:4c:ee:3d:37:80:60:c0:e7:94:77:49:7c:
6c:28:49:49:70:9a:a5:1c:bb:64:be:8e:eb:06:14:f5:51:96:
62:98:f3:ae:2e:c5:1a:0e:9f:65:05:ab:f1:8b:b8:3e:77:33:
4c:26:1c:a5:b4:af:aa:47:26:bf:b4:49:13:5e:c8:40:40:53:
07:19:5e:d3:c8:c9:ac:51:bf:f8:b3:eb:4b:43:36:c2:e2:62:
81:0c:f7:74
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYTDg7t5O4+1yu2LipWk615+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMTI5MTMxMTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTgxOTQ0ZDQ0MDI5MGFmNTgzMTdhMWMxZDc3ZGExNjQwM2EwMWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ulxZqW67eS6ui7c37h1rtWNr7Bg
d72aWVpXEpbVeqCdlZoPgrVPlCvoejnevs1Nh6HQ0XWadKHNGMXuJdIZRUAj4KGe
Gf9vf6ZvIDqLhm8H9sVgjkZGbIFrM38w3pSOnKU3pHaWZYuum1i6eQbA2Oq+8r6Q
uBaJ2NaDu95PCPv2bNj2hUnHweCIsJw9wyRDNPBldnkT+HWElUdoayoSke24LBxv
FRUpr/G4putdat/ewXBn3mBdAun46YxotEAetMKmMosCnTWoXsEcvD7nQMytbtvp
MdWz+iDpmtQNr0yXfhTrRQe1Z3k/J/MLNPWT1ZwnhmPlYYh41NBcFtNBiQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAqBlE1EApCvWDF6HB132hZAOgH1MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQ29HVVRVUUNrSzlZTVhvY0hYZmFGa0E2QWZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwCRhAwQA
wEe8AwQBwEe+AwQAwHkDAwQAwHl4MA0GCSqGSIb3DQEBCwUAA4IBAQAbvG6oT+2Q
CjdXCA8CjZj87EuANzW+yRfB3o9HRK0+6u2ZLVPqHCpWVcfpuUUyHNKwaUhxpuUI
AGHX4IRiRzfokDrTCrKVnvdniGBjtXpDzbSfgggdzm0vYk6BkwAwXMXU8rQiZk2o
5+5iglFFqhLJho7qSQzJJ7qzjlmNqxlS7oWih3wp5RplQg1RlnddRKCMJmoMk6GL
uVkmx3DMUsKwVHrhIeMjF7lM7j03gGDA55R3SXxsKElJcJqlHLtkvo7rBhT1UZZi
mPOuLsUaDp9lBavxi7g+dzNMJhyltK+qRya/tEkTXshAQFMHGV7TyMmsUb/4s+tL
QzbC4mKBDPd0
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org