Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/f01432-6718-4cb8-acb4-60abc45277c5/1/s65l9IgE_U6bbMZz_tjUDWHZBb8.roa
File: s65l9IgE_U6bbMZz_tjUDWHZBb8.roa (raw, json)
Hash identifier: J3zPcbwmDws+BzM9q2zO8ch3PbRTGwkb21ZN/k3hjWQ=
Subject key identifier: B3:AE:65:F4:88:04:FD:4E:9B:6C:C6:73:FE:D8:D4:0D:61:D9:05:BF
Certificate issuer: /CN=05655ac2275e6b8a0286022037c7f8594af58b84
Certificate serial: A3447A
Authority key identifier: 05:65:5A:C2:27:5E:6B:8A:02:86:02:20:37:C7:F8:59:4A:F5:8B:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWVawidea4oChgIgN8f4WUr1i4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/f01432-6718-4cb8-acb4-60abc45277c5/1/s65l9IgE_U6bbMZz_tjUDWHZBb8.roa
Signing time: Sat 01 Jan 2022 00:55:14 +0000
ROA not before: Sat 01 Jan 2022 00:55:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 176.97.200.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10699898 (0xa3447a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05655ac2275e6b8a0286022037c7f8594af58b84
Validity
Not Before: Jan 1 00:55:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b3ae65f48804fd4e9b6cc673fed8d40d61d905bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:71:46:8b:f1:ac:be:77:80:ca:fd:4f:ae:0a:
14:bf:2b:fd:c6:f4:ff:6d:a7:f6:d4:a8:6e:4a:b2:
5c:2f:3c:02:88:04:db:d3:dd:ef:59:d6:5d:83:dd:
c5:c5:cb:90:49:a5:f4:a8:34:e2:6e:c5:52:df:8e:
eb:7e:34:c4:0c:ba:02:e2:73:aa:63:c3:13:7d:84:
fe:74:32:52:28:62:8a:14:69:c4:f6:3c:f6:fc:65:
29:72:00:46:6e:8e:a2:39:93:3e:77:37:ff:ca:67:
fd:ff:af:16:1e:5f:29:52:b6:c2:55:78:04:1a:7a:
83:a5:02:99:67:f5:d1:ae:9c:9e:35:d9:24:e3:bc:
29:d9:e0:9c:ff:fb:7a:78:d5:21:95:0c:36:18:38:
ab:34:5b:dd:b4:5c:5e:87:25:69:e6:6a:f4:41:ae:
b6:92:d5:a0:0d:e1:cd:e7:86:2e:c5:9c:d0:69:6e:
17:2e:57:01:54:fb:ef:84:c1:c7:e2:89:fc:f1:ce:
35:a9:4b:df:4e:d9:ca:0d:7f:86:6d:ad:45:47:84:
b0:88:eb:5d:f1:23:30:0f:3b:d0:42:9a:0e:82:2c:
96:8d:8c:e7:ab:b2:e6:8c:07:12:f5:c0:1c:e8:76:
dd:53:b8:99:10:31:1f:3f:55:51:96:3c:df:6e:bf:
da:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:AE:65:F4:88:04:FD:4E:9B:6C:C6:73:FE:D8:D4:0D:61:D9:05:BF
X509v3 Authority Key Identifier:
keyid:05:65:5A:C2:27:5E:6B:8A:02:86:02:20:37:C7:F8:59:4A:F5:8B:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWVawidea4oChgIgN8f4WUr1i4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f01432-6718-4cb8-acb4-60abc45277c5/1/s65l9IgE_U6bbMZz_tjUDWHZBb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f01432-6718-4cb8-acb4-60abc45277c5/1/BWVawidea4oChgIgN8f4WUr1i4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.200.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f8:fd:85:af:27:24:59:93:68:fb:4a:31:1b:d1:e7:57:6d:
df:4a:a1:ec:b6:df:31:69:95:97:4b:94:7e:21:94:15:c6:74:
cf:89:23:c0:b6:db:43:11:d0:93:0a:b9:9c:d3:7f:f6:68:9a:
07:52:2f:e9:3e:af:e6:88:ba:8a:bf:30:9e:7b:5f:dd:5a:54:
0a:69:25:1f:d9:4a:cf:f1:f9:07:d7:bd:94:df:20:6d:61:2a:
f0:d2:33:16:16:d3:0a:f5:3b:82:89:b5:dd:93:ae:45:72:41:
32:d0:92:0b:1d:be:c8:af:de:12:cc:f2:ed:bd:32:c2:c9:59:
7d:f6:2a:83:31:66:e8:ac:24:0b:68:2d:a8:3a:52:d3:79:62:
2e:ba:03:42:b7:ea:b1:98:c7:c5:3c:f0:d6:e4:d4:97:1d:48:
66:64:d9:0d:71:89:62:f7:0a:ec:7a:a4:fe:ce:7f:93:3d:ef:
13:74:21:2e:d9:fc:ef:b7:9b:f5:38:e4:67:9f:af:21:6b:c5:
63:e1:f3:7c:db:06:7a:90:e2:7f:1e:61:3a:51:5e:a0:13:53:
af:05:48:ff:3e:c8:da:d7:68:9c:9b:99:3b:73:ff:4a:e9:fd:
38:75:3e:b4:94:be:a4:94:a5:36:a6:54:c0:61:0a:2e:d4:46:
e0:36:de:06
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAKNEejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTY1NWFjMjI3NWU2YjhhMDI4NjAyMjAzN2M3Zjg1OTRhZjU4Yjg0MB4XDTIyMDEw
MTAwNTUxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjNhZTY1ZjQ4ODA0
ZmQ0ZTliNmNjNjczZmVkOGQ0MGQ2MWQ5MDViZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJxRovxrL53gMr9T64KFL8r/cb0/22n9tSobkqyXC88AogE
29Pd71nWXYPdxcXLkEml9Kg04m7FUt+O6340xAy6AuJzqmPDE32E/nQyUihiihRp
xPY89vxlKXIARm6OojmTPnc3/8pn/f+vFh5fKVK2wlV4BBp6g6UCmWf10a6cnjXZ
JOO8KdngnP/7enjVIZUMNhg4qzRb3bRcXoclaeZq9EGutpLVoA3hzeeGLsWc0Glu
Fy5XAVT774TBx+KJ/PHONalL307Zyg1/hm2tRUeEsIjrXfEjMA870EKaDoIslo2M
56uy5owHEvXAHOh23VO4mRAxHz9VUZY8326/2u8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSzrmX0iAT9TptsxnP+2NQNYdkFvzAfBgNVHSMEGDAWgBQFZVrCJ15rigKG
AiA3x/hZSvWLhDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JXVmF3aWRlYTRvQ2hnSWdOOGY0V1VyMWk0US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvZjAxNDMyLTY3MTgtNGNiOC1hY2I0LTYwYWJjNDUyNzdjNS8x
L3M2NWw5SWdFX1U2YmJNWnpfdGpVRFdIWkJiOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
ZjAxNDMyLTY3MTgtNGNiOC1hY2I0LTYwYWJjNDUyNzdjNS8xL0JXVmF3aWRlYTRv
Q2hnSWdOOGY0V1VyMWk0US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALBhyDANBgkqhkiG9w0BAQsFAAOC
AQEAbPj9ha8nJFmTaPtKMRvR51dt30qh7LbfMWmVl0uUfiGUFcZ0z4kjwLbbQxHQ
kwq5nNN/9miaB1Iv6T6v5oi6ir8wnntf3VpUCmklH9lKz/H5B9e9lN8gbWEq8NIz
FhbTCvU7gom13ZOuRXJBMtCSCx2+yK/eEszy7b0ywslZffYqgzFm6KwkC2gtqDpS
03liLroDQrfqsZjHxTzw1uTUlx1IZmTZDXGJYvcK7Hqk/s5/kz3vE3QhLtn877eb
9TjkZ5+vIWvFY+HzfNsGepDifx5hOlFeoBNTrwVI/z7I2tdonJuZO3P/Sun9OHU+
tJS+pJSlNqZUwGEKLtRG4DbeBg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:49 2023 by rpki-client on console-fra.rpki-client.org