Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/geHc3yMY8nZqyD9EybXAXekHb28.roa
File: geHc3yMY8nZqyD9EybXAXekHb28.roa (raw, json)
Hash identifier: Ze5bLm7kR4H9AvXo2FGPduF/N4atOqLlzRVdnfleudk=
Subject key identifier: 81:E1:DC:DF:23:18:F2:76:6A:C8:3F:44:C9:B5:C0:5D:E9:07:6F:6F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 426E6B8A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/geHc3yMY8nZqyD9EybXAXekHb28.roa
Signing time: Sat 01 Jan 2022 14:03:14 +0000
ROA not before: Sat 01 Jan 2022 14:03:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48579
IP address blocks: 192.121.20.0/24 maxlen: 24
192.121.165.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1114532746 (0x426e6b8a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81e1dcdf2318f2766ac83f44c9b5c05de9076f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ca:49:63:36:cf:f7:e5:94:89:04:07:ba:c0:
28:6b:09:1d:f8:6f:33:ab:5d:09:6d:ff:aa:c2:98:
ff:90:b4:17:90:8d:41:3d:56:79:bf:dc:fb:79:a2:
0b:c6:fb:2f:74:62:c8:36:44:89:ba:48:3c:b6:a5:
7c:36:3d:c8:9a:21:a6:9b:ea:91:25:d7:b3:8d:4e:
dc:32:42:34:43:ca:25:48:5c:df:11:24:86:5e:c5:
b5:23:d9:16:ee:35:ac:be:e1:3d:84:e8:7f:73:b4:
5b:38:28:c7:d2:15:df:86:27:77:90:d4:7e:4d:94:
83:4e:b8:b8:ec:90:8f:4e:1b:11:31:5c:a7:00:16:
0f:8d:aa:87:43:5e:15:ad:c3:cd:9c:73:6e:18:48:
c5:3e:2f:d5:0a:99:07:d8:eb:7b:86:42:4d:50:0b:
fc:64:ef:79:90:9f:e5:ad:14:83:6d:d4:1c:85:a4:
6d:ce:2c:85:53:0a:e3:39:2b:53:60:2a:71:d6:fc:
69:e2:10:80:10:7f:68:16:55:50:91:4d:f9:90:ea:
56:9c:21:d2:8e:28:90:e0:35:ee:07:50:69:09:f2:
11:b2:90:fd:6e:90:20:b8:94:09:f5:45:cf:08:1f:
e8:3d:ee:b1:73:81:99:77:f2:ec:db:90:0b:26:2b:
d6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E1:DC:DF:23:18:F2:76:6A:C8:3F:44:C9:B5:C0:5D:E9:07:6F:6F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/geHc3yMY8nZqyD9EybXAXekHb28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.20.0/24
192.121.165.0/24
Signature Algorithm: sha256WithRSAEncryption
94:72:74:dc:cc:b4:e7:af:4a:97:01:34:9f:82:b5:07:78:08:
39:75:d8:5b:9c:65:f1:27:03:de:65:ed:91:e8:b1:09:d3:86:
d8:59:11:9c:74:df:c5:98:f5:45:de:5f:e9:38:83:38:60:f6:
9d:ae:95:6f:71:93:76:7f:f6:1a:e9:85:46:be:66:d7:23:ec:
c3:4d:fd:50:4f:a1:e2:6e:02:81:d1:00:5a:f5:7a:15:ae:0d:
50:04:e3:b3:0f:c0:60:c6:d6:63:b4:7f:65:a3:e9:4e:e7:17:
86:fb:d6:ab:67:9a:58:1a:12:b0:73:72:3d:51:2a:65:57:61:
2a:28:95:d0:ca:c2:9a:27:66:50:4b:ac:77:f9:2b:14:a3:7d:
c8:14:df:b6:fb:9d:48:3a:c0:69:11:b2:8c:c7:bd:5b:fd:b2:
49:d3:4b:66:a7:e9:bc:81:83:8a:8c:81:2d:55:57:26:24:f7:
1e:c4:73:8f:ed:b2:af:d6:51:28:95:87:ee:de:ed:c6:3c:af:
31:1e:14:4f:32:c6:36:e6:da:32:b4:a8:ba:dd:f1:b8:1e:4e:
12:ab:fc:2e:40:8b:87:8e:54:93:48:74:76:1c:1b:9a:c3:75:
5b:6d:40:d9:65:64:95:e6:bc:0a:6e:4d:e3:77:e7:72:d2:5d:
80:a8:5e:dc
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEQm5rijANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODFlMWRjZGYyMzE4
ZjI3NjZhYzgzZjQ0YzliNWMwNWRlOTA3NmY2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODKSWM2z/fllIkEB7rAKGsJHfhvM6tdCW3/qsKY/5C0F5CN
QT1Web/c+3miC8b7L3RiyDZEibpIPLalfDY9yJohppvqkSXXs41O3DJCNEPKJUhc
3xEkhl7FtSPZFu41rL7hPYTof3O0Wzgox9IV34Ynd5DUfk2Ug064uOyQj04bETFc
pwAWD42qh0NeFa3DzZxzbhhIxT4v1QqZB9jre4ZCTVAL/GTveZCf5a0Ug23UHIWk
bc4shVMK4zkrU2Aqcdb8aeIQgBB/aBZVUJFN+ZDqVpwh0o4okOA17gdQaQnyEbKQ
/W6QILiUCfVFzwgf6D3usXOBmXfy7NuQCyYr1j0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSB4dzfIxjydmrIP0TJtcBd6QdvbzAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L2dlSGMzeU1ZOG5acXlEOUV5YlhBWGVrSGIyOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMB5FAMEAMB5pTANBgkqhkiG9w0B
AQsFAAOCAQEAlHJ03My0569KlwE0n4K1B3gIOXXYW5xl8ScD3mXtkeixCdOG2FkR
nHTfxZj1Rd5f6TiDOGD2na6Vb3GTdn/2GumFRr5m1yPsw039UE+h4m4CgdEAWvV6
Fa4NUATjsw/AYMbWY7R/ZaPpTucXhvvWq2eaWBoSsHNyPVEqZVdhKiiV0MrCmidm
UEusd/krFKN9yBTftvudSDrAaRGyjMe9W/2ySdNLZqfpvIGDioyBLVVXJiT3HsRz
j+2yr9ZRKJWH7t7txjyvMR4UTzLGNubaMrSout3xuB5OEqv8LkCLh45Uk0h0dhwb
msN1W21A2WVklea8Cm5N43fnctJdgKhe3A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org