Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/AYZIFMqygFok2FRdGlEa3oTHAG0.roa
File: AYZIFMqygFok2FRdGlEa3oTHAG0.roa (raw, json)
Hash identifier: zj+IR1Dp6fjwFWTO+n3lhsiw7Wdgo1TUcdsHFpgpClE=
Subject key identifier: 01:86:48:14:CA:B2:80:5A:24:D8:54:5D:1A:51:1A:DE:84:C7:00:6D
Certificate issuer: /CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Certificate serial: 01831DDF17AFA13E0DF1FA4D59668DB55CD9
Authority key identifier: 81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/AYZIFMqygFok2FRdGlEa3oTHAG0.roa
Signing time: Thu 08 Sep 2022 16:11:43 +0000
ROA not before: Thu 08 Sep 2022 16:11:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47232
IP address blocks: 147.161.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1d:df:17:af:a1:3e:0d:f1:fa:4d:59:66:8d:b5:5c:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81812385b82dda0fd4826abb7aefeb0df3eb8ffd
Validity
Not Before: Sep 8 16:11:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=01864814cab2805a24d8545d1a511ade84c7006d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a7:6e:b1:57:ff:eb:f9:6b:e4:50:99:e4:6c:
d1:9b:27:dc:a3:50:65:bf:d9:65:a8:31:8a:b2:d3:
72:43:49:81:4a:06:7b:fa:a2:a4:79:2c:f8:30:ed:
0a:a8:d6:0a:e6:38:d1:85:45:12:1f:a8:c5:ac:e8:
d3:88:0a:ab:65:ae:d5:47:5e:d1:42:e4:a1:e4:89:
ce:eb:8c:9e:d7:5d:a0:93:46:d5:1f:d6:8c:49:e4:
86:3b:80:27:93:6d:a5:f3:d9:51:6f:78:95:30:58:
6c:fe:c9:07:c9:cd:f1:e7:bd:dc:1c:fa:bf:cc:f7:
d3:83:1a:7e:14:98:f1:d8:83:7b:ba:b5:0c:ea:d5:
40:85:61:9f:45:8c:5c:8e:e3:0a:f3:68:2f:b0:d1:
f7:dd:ec:aa:9a:a7:b1:11:6a:6f:66:08:bb:db:bb:
70:38:47:03:b7:1d:39:9a:c1:d0:54:69:8a:bf:60:
82:bd:8c:ac:49:c9:96:3f:a9:16:c7:3a:95:7b:54:
72:58:73:74:9d:85:47:e2:88:b3:e6:90:38:d6:42:
28:98:4e:6e:1f:37:f0:de:22:81:14:70:ce:99:db:
ae:05:9a:4d:49:33:53:f1:92:18:ae:60:19:cf:6e:
8f:e9:20:53:2b:48:4c:58:60:40:bf:9b:f6:7e:0f:
7e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:86:48:14:CA:B2:80:5A:24:D8:54:5D:1A:51:1A:DE:84:C7:00:6D
X509v3 Authority Key Identifier:
keyid:81:81:23:85:B8:2D:DA:0F:D4:82:6A:BB:7A:EF:EB:0D:F3:EB:8F:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/AYZIFMqygFok2FRdGlEa3oTHAG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/009074-66f6-4d4d-974a-da2ec8cfb888/1/gYEjhbgt2g_Ugmq7eu_rDfPrj_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.28.0/22
Signature Algorithm: sha256WithRSAEncryption
33:da:69:1e:17:25:94:ea:f6:a8:20:24:3b:72:61:3f:14:9e:
fb:b8:ae:9e:a5:64:55:e8:bf:e8:08:6e:34:f0:0c:d1:bd:e0:
0b:db:85:54:84:de:3b:82:16:51:12:cc:f3:01:6d:1a:93:2e:
09:e2:e4:1d:c7:e5:11:1f:b8:ac:f6:7c:49:36:6d:14:b4:8d:
b0:d0:b1:59:d5:5e:09:20:fc:77:11:a0:01:da:cf:f7:e3:62:
50:58:d0:33:88:2f:3b:b3:3f:c9:0e:0a:76:a0:82:9b:17:54:
b1:bd:b4:df:1e:81:41:90:6e:a0:73:85:1e:30:a6:3f:02:e7:
26:6a:4e:f9:a0:82:c0:d9:87:cb:b4:0b:82:fe:e2:56:73:21:
e2:93:ea:5d:5c:e3:0c:b8:e4:08:79:6f:26:61:f4:17:11:0c:
e9:71:ec:a3:10:ef:fb:ed:2c:3d:bb:7d:04:40:2e:62:84:2c:
b0:73:e2:08:eb:5c:45:4c:04:eb:ca:88:51:67:ee:1a:6c:08:
3a:ee:c4:b8:fb:90:a6:3a:15:a9:e2:9e:d8:78:64:84:23:5b:
cf:94:1b:06:85:9c:59:43:a3:38:e2:58:29:b5:9e:e7:68:fe:
4f:6b:51:cb:90:d8:7c:c3:d4:56:92:d8:a1:ae:58:33:f3:02:
ca:92:78:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMd3xevoT4N8fpNWWaNtVzZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxODEyMzg1YjgyZGRhMGZkNDgyNmFiYjdhZWZlYjBkZjNl
YjhmZmQwHhcNMjIwOTA4MTYxMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTg2NDgxNGNhYjI4MDVhMjRkODU0NWQxYTUxMWFkZTg0YzcwMDZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqdusVf/6/lr5FCZ5GzRmyfco1Bl
v9llqDGKstNyQ0mBSgZ7+qKkeSz4MO0KqNYK5jjRhUUSH6jFrOjTiAqrZa7VR17R
QuSh5InO64ye112gk0bVH9aMSeSGO4Ank22l89lRb3iVMFhs/skHyc3x573cHPq/
zPfTgxp+FJjx2IN7urUM6tVAhWGfRYxcjuMK82gvsNH33eyqmqexEWpvZgi727tw
OEcDtx05msHQVGmKv2CCvYysScmWP6kWxzqVe1RyWHN0nYVH4oiz5pA41kIomE5u
Hzfw3iKBFHDOmduuBZpNSTNT8ZIYrmAZz26P6SBTK0hMWGBAv5v2fg9+mwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAGGSBTKsoBaJNhUXRpRGt6ExwBtMB8GA1UdIwQY
MBaAFIGBI4W4LdoP1IJqu3rv6w3z64/9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEt
ZGEyZWM4Y2ZiODg4LzEvQVlaSUZNcXlnRm9rMkZSZEdsRWEzb1RIQUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8wMDkwNzQtNjZmNi00ZDRkLTk3NGEtZGEyZWM4Y2ZiODg4
LzEvZ1lFamhiZ3QyZ19VZ21xN2V1X3JEZlByal8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCk6EcMA0G
CSqGSIb3DQEBCwUAA4IBAQAz2mkeFyWU6vaoICQ7cmE/FJ77uK6epWRV6L/oCG40
8AzRveAL24VUhN47ghZREszzAW0aky4J4uQdx+URH7is9nxJNm0UtI2w0LFZ1V4J
IPx3EaAB2s/342JQWNAziC87sz/JDgp2oIKbF1SxvbTfHoFBkG6gc4UeMKY/Aucm
ak75oILA2YfLtAuC/uJWcyHik+pdXOMMuOQIeW8mYfQXEQzpceyjEO/77Sw9u30E
QC5ihCywc+II61xFTATryohRZ+4abAg67sS4+5CmOhWp4p7YeGSEI1vPlBsGhZxZ
Q6M44lgptZ7naP5Pa1HLkNh8w9RWktihrlgz8wLKknjR
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:30 2024 by rpki-client on console-ams.rpki-client.org