Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/7d2f34-affd-4d1c-b416-aac2ebcbf5d4/1/1-mTstI1deqNjdaKxjvgKMl5P6Cs.roa
File: 1-mTstI1deqNjdaKxjvgKMl5P6Cs.roa (raw, json)
Hash identifier: ZjBcqTV6Vl5UXVjX4HaiwKmH/nSlGGve7Nm/eAdprCo=
Subject key identifier: FA:64:EC:B4:8D:5D:7A:A3:63:75:A2:B1:8E:F8:0A:32:5E:4F:E8:2B
Certificate issuer: /CN=3616ab18e6bcede0850bcaaebd959993e84086eb
Certificate serial: 01856E140A4ED85827B281ED0C9FAD6DB19B
Authority key identifier: 36:16:AB:18:E6:BC:ED:E0:85:0B:CA:AE:BD:95:99:93:E8:40:86:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NharGOa87eCFC8quvZWZk-hAhus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/7d2f34-affd-4d1c-b416-aac2ebcbf5d4/1/1-mTstI1deqNjdaKxjvgKMl5P6Cs.roa
Signing time: Sun 01 Jan 2023 16:04:45 +0000
ROA not before: Sun 01 Jan 2023 16:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2852
IP address blocks: 158.196.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:14:0a:4e:d8:58:27:b2:81:ed:0c:9f:ad:6d:b1:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3616ab18e6bcede0850bcaaebd959993e84086eb
Validity
Not Before: Jan 1 16:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa64ecb48d5d7aa36375a2b18ef80a325e4fe82b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:7f:9a:02:75:d5:2f:43:0c:ee:7e:cf:7c:95:
59:b1:22:41:15:cc:16:17:32:ba:2e:db:d2:c6:ee:
c7:70:c0:ec:be:dd:93:b0:f5:9e:60:92:97:f3:06:
e2:f4:e1:cc:8d:8c:e7:a6:ac:96:9c:aa:76:d0:26:
d2:1a:45:d1:a7:3d:36:55:3e:13:69:ea:38:d1:72:
1c:b2:04:a7:fc:9c:9b:e5:cf:2d:b8:88:c2:26:50:
b8:4d:87:c1:64:dd:1a:89:19:cb:ce:46:8b:d5:e5:
ef:b8:c0:9d:4b:41:d5:44:59:7e:b7:f8:a9:4f:a9:
68:b1:0b:e2:44:af:48:af:04:31:5a:6b:a3:67:a0:
4f:ce:4e:68:9b:30:d0:85:c1:43:03:8a:41:89:2e:
1b:94:5a:f2:0d:ee:c9:ec:3f:cb:e1:18:32:ea:60:
f2:44:31:78:a4:f0:7f:dc:9e:40:41:bf:2a:eb:35:
a8:40:dd:90:70:c3:ba:7a:3a:ba:a7:c7:b9:33:e3:
1b:91:4a:61:35:7e:e4:ee:e3:bf:4d:57:10:9e:ec:
77:30:7e:22:c5:75:cd:02:25:66:f2:fd:21:c4:b8:
fd:dc:04:c0:de:59:00:98:03:c6:a5:5d:5b:f4:3e:
27:4a:ed:ec:3a:38:7c:3d:89:2c:26:cf:f5:26:ff:
60:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:64:EC:B4:8D:5D:7A:A3:63:75:A2:B1:8E:F8:0A:32:5E:4F:E8:2B
X509v3 Authority Key Identifier:
keyid:36:16:AB:18:E6:BC:ED:E0:85:0B:CA:AE:BD:95:99:93:E8:40:86:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NharGOa87eCFC8quvZWZk-hAhus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7d2f34-affd-4d1c-b416-aac2ebcbf5d4/1/1-mTstI1deqNjdaKxjvgKMl5P6Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/7d2f34-affd-4d1c-b416-aac2ebcbf5d4/1/NharGOa87eCFC8quvZWZk-hAhus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.196.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7a:ed:5a:d7:d2:b1:00:ff:26:eb:a5:c0:44:00:22:84:68:f4:
52:e3:da:84:a8:6e:0d:52:81:b0:a6:5e:a8:b5:a3:96:68:30:
fe:79:47:70:fa:e0:3e:35:bf:04:ea:9f:e0:b6:4c:61:89:fe:
57:4a:eb:f6:e9:45:b8:05:dd:75:9a:c2:e3:5b:fb:04:35:06:
72:a9:7e:f9:f5:a3:0c:75:ea:a4:a4:f3:35:0b:93:47:78:7d:
8e:e4:40:91:c8:d4:dd:77:95:3f:48:a8:58:ec:96:9e:32:d0:
d4:75:14:c8:22:7a:e7:90:b4:1b:6a:69:5a:93:6d:15:49:0b:
7b:e8:d4:4c:1b:db:d8:21:5f:a3:da:26:53:94:1e:71:1e:04:
8c:e8:82:e2:25:bd:93:be:e1:2e:9c:e7:1d:e0:78:38:7a:4a:
2e:57:79:06:60:63:a7:dd:65:3c:14:3f:df:e2:52:19:e9:c3:
d9:b9:0e:b9:cf:dc:6b:7c:79:23:af:5f:66:c6:02:2f:0d:2c:
f0:b7:c9:47:41:40:61:f0:18:64:92:6f:f8:78:ab:0f:e0:b3:
43:d8:57:12:a5:78:7e:f3:67:ee:c7:ab:72:90:4d:d7:b8:69:
94:1a:f6:64:a3:6c:a7:25:8a:bd:f5:b3:02:41:c1:3e:37:40:
eb:e1:ba:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuFApO2FgnsoHtDJ+tbbGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MTZhYjE4ZTZiY2VkZTA4NTBiY2FhZWJkOTU5OTkzZTg0
MDg2ZWIwHhcNMjMwMTAxMTYwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTY0ZWNiNDhkNWQ3YWEzNjM3NWEyYjE4ZWY4MGEzMjVlNGZlODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3+aAnXVL0MM7n7PfJVZsSJBFcwW
FzK6LtvSxu7HcMDsvt2TsPWeYJKX8wbi9OHMjYznpqyWnKp20CbSGkXRpz02VT4T
aeo40XIcsgSn/Jyb5c8tuIjCJlC4TYfBZN0aiRnLzkaL1eXvuMCdS0HVRFl+t/ip
T6losQviRK9IrwQxWmujZ6BPzk5omzDQhcFDA4pBiS4blFryDe7J7D/L4Rgy6mDy
RDF4pPB/3J5AQb8q6zWoQN2QcMO6ejq6p8e5M+MbkUphNX7k7uO/TVcQnux3MH4i
xXXNAiVm8v0hxLj93ATA3lkAmAPGpV1b9D4nSu3sOjh8PYksJs/1Jv9gdwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPpk7LSNXXqjY3WisY74CjJeT+grMB8GA1UdIwQY
MBaAFDYWqxjmvO3ghQvKrr2VmZPoQIbrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmhhckdPYTg3ZUNGQzhxdXZaV1prLWhBaHVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy83ZDJmMzQtYWZmZC00ZDFjLWI0MTYt
YWFjMmViY2JmNWQ0LzEvMS1tVHN0STFkZXFOamRhS3hqdmdLTWw1UDZDcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZGMvN2QyZjM0LWFmZmQtNGQxYy1iNDE2LWFhYzJlYmNiZjVk
NC8xL05oYXJHT2E4N2VDRkM4cXV2Wldaay1oQWh1cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ7EMA0G
CSqGSIb3DQEBCwUAA4IBAQB67VrX0rEA/ybrpcBEACKEaPRS49qEqG4NUoGwpl6o
taOWaDD+eUdw+uA+Nb8E6p/gtkxhif5XSuv26UW4Bd11msLjW/sENQZyqX759aMM
deqkpPM1C5NHeH2O5ECRyNTdd5U/SKhY7JaeMtDUdRTIInrnkLQbamlak20VSQt7
6NRMG9vYIV+j2iZTlB5xHgSM6ILiJb2TvuEunOcd4Hg4ekouV3kGYGOn3WU8FD/f
4lIZ6cPZuQ65z9xrfHkjr19mxgIvDSzwt8lHQUBh8Bhkkm/4eKsP4LND2FcSpXh+
82fux6tykE3XuGmUGvZko2ynJYq99bMCQcE+N0Dr4bo/
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:07 2025 by rpki-client