Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/9264a0-ed7b-4712-a910-c7f698dedd68/1/nSr0lgbHzUayjiHnMLXCVGQHO-M.roa
File: nSr0lgbHzUayjiHnMLXCVGQHO-M.roa (raw, json)
Hash identifier: XHjG5LWeIALgtizQSyo5gqdohSS4arCYtvIGbsTcUH8=
Subject key identifier: 9D:2A:F4:96:06:C7:CD:46:B2:8E:21:E7:30:B5:C2:54:64:07:3B:E3
Certificate issuer: /CN=4c297f5828aa4e1c8e041e9dbea7abd39b5584d7
Certificate serial: 018234A01DF019DE47EA506F4C546E38D15B
Authority key identifier: 4C:29:7F:58:28:AA:4E:1C:8E:04:1E:9D:BE:A7:AB:D3:9B:55:84:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCl_WCiqThyOBB6dvqer05tVhNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/9264a0-ed7b-4712-a910-c7f698dedd68/1/nSr0lgbHzUayjiHnMLXCVGQHO-M.roa
Signing time: Mon 25 Jul 2022 09:11:24 +0000
ROA not before: Mon 25 Jul 2022 09:11:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 84.246.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:34:a0:1d:f0:19:de:47:ea:50:6f:4c:54:6e:38:d1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c297f5828aa4e1c8e041e9dbea7abd39b5584d7
Validity
Not Before: Jul 25 09:11:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d2af49606c7cd46b28e21e730b5c25464073be3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3e:c8:48:98:b9:2f:76:fc:06:61:df:ae:74:
4f:6a:5e:18:bb:25:4c:be:6c:13:52:9c:85:c0:5e:
69:66:3e:00:3d:70:72:e4:7a:5f:a4:59:68:f8:46:
39:c1:db:79:79:fa:4e:bc:e6:8f:90:51:d1:a9:3d:
01:77:9c:d0:3d:26:85:71:22:5b:70:f6:3b:5c:5f:
15:d7:56:28:fe:b4:a6:65:3c:4b:9c:d8:6b:ab:72:
79:cf:c7:30:07:48:53:88:08:60:0f:e8:85:9e:1c:
e9:1d:c6:66:cc:a5:37:9e:74:0a:71:af:dd:8d:63:
9c:d8:2f:bc:8b:de:6c:0e:74:03:0e:79:a7:23:f3:
07:3c:12:92:36:ed:93:dc:c9:3a:a9:92:60:f6:6a:
d8:24:cc:39:4a:26:1b:d6:a9:5b:a0:b0:ad:13:ce:
78:59:50:92:29:f7:4f:39:15:18:d4:5c:54:60:30:
2d:a2:34:0e:72:8c:15:97:0f:c1:a3:a7:79:20:2c:
88:ef:be:52:d4:c2:11:f8:23:1a:f4:75:23:f4:07:
72:98:96:cb:6c:dc:93:82:84:21:33:dc:5d:35:5c:
c1:45:ed:48:32:3e:f8:92:e4:c5:b6:f3:e4:ff:1f:
be:f0:80:04:db:74:56:11:2e:4c:eb:4a:d0:e1:95:
42:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:2A:F4:96:06:C7:CD:46:B2:8E:21:E7:30:B5:C2:54:64:07:3B:E3
X509v3 Authority Key Identifier:
keyid:4C:29:7F:58:28:AA:4E:1C:8E:04:1E:9D:BE:A7:AB:D3:9B:55:84:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCl_WCiqThyOBB6dvqer05tVhNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/9264a0-ed7b-4712-a910-c7f698dedd68/1/nSr0lgbHzUayjiHnMLXCVGQHO-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/9264a0-ed7b-4712-a910-c7f698dedd68/1/TCl_WCiqThyOBB6dvqer05tVhNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.111.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:ef:8b:73:fc:8e:6f:18:9e:77:4b:fa:fa:88:b2:2e:08:47:
1e:e5:31:b1:00:e5:78:2d:ec:23:2d:03:6a:dc:82:6b:26:83:
f3:70:fc:60:a1:39:3b:72:b5:56:01:c9:5b:29:f0:8b:b0:cb:
13:5a:d9:d4:81:0c:bf:7c:38:d4:8a:f8:96:71:f5:94:71:7f:
2c:89:69:4a:55:b0:45:fa:82:a8:98:ed:9f:e5:bd:b1:60:2a:
1c:37:dd:31:a6:ab:ff:e9:97:31:85:f2:df:47:14:d3:c6:5f:
2f:94:56:71:33:3d:9a:5f:41:fe:16:12:0e:48:af:9c:01:ba:
30:16:8b:7b:f3:85:a3:7a:b9:13:e3:68:fb:e5:38:05:3d:78:
1a:ab:42:69:cb:52:53:45:fb:e1:95:15:26:31:4f:e3:b1:09:
df:28:98:15:66:1d:2b:76:1c:17:f2:8b:10:31:39:b1:f9:36:
af:34:ce:aa:aa:05:b9:da:45:e5:1f:8f:4f:5a:ae:c7:04:af:
3b:00:0c:34:e9:8b:a7:38:c3:30:f6:0d:28:a3:e0:f9:92:87:
ec:91:f3:9f:fa:34:a3:8c:44:6c:42:c0:42:38:b8:1e:fc:cd:
a0:9e:fa:19:dc:b5:18:e7:b9:21:3c:b8:04:8d:ab:b9:bb:ea:
cc:6e:f7:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYI0oB3wGd5H6lBvTFRuONFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMjk3ZjU4MjhhYTRlMWM4ZTA0MWU5ZGJlYTdhYmQzOWI1
NTg0ZDcwHhcNMjIwNzI1MDkxMTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDJhZjQ5NjA2YzdjZDQ2YjI4ZTIxZTczMGI1YzI1NDY0MDczYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz7ISJi5L3b8BmHfrnRPal4YuyVM
vmwTUpyFwF5pZj4APXBy5HpfpFlo+EY5wdt5efpOvOaPkFHRqT0Bd5zQPSaFcSJb
cPY7XF8V11Yo/rSmZTxLnNhrq3J5z8cwB0hTiAhgD+iFnhzpHcZmzKU3nnQKca/d
jWOc2C+8i95sDnQDDnmnI/MHPBKSNu2T3Mk6qZJg9mrYJMw5SiYb1qlboLCtE854
WVCSKfdPORUY1FxUYDAtojQOcowVlw/Bo6d5ICyI775S1MIR+CMa9HUj9AdymJbL
bNyTgoQhM9xdNVzBRe1IMj74kuTFtvPk/x++8IAE23RWES5M60rQ4ZVC1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ0q9JYGx81Gso4h5zC1wlRkBzvjMB8GA1UdIwQY
MBaAFEwpf1goqk4cjgQenb6nq9ObVYTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVENsX1dDaXFUaHlPQkI2ZHZxZXIwNXRWaE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy85MjY0YTAtZWQ3Yi00NzEyLWE5MTAt
YzdmNjk4ZGVkZDY4LzEvblNyMGxnYkh6VWF5amlIbk1MWENWR1FITy1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy85MjY0YTAtZWQ3Yi00NzEyLWE5MTAtYzdmNjk4ZGVkZDY4
LzEvVENsX1dDaXFUaHlPQkI2ZHZxZXIwNXRWaE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVPZvMA0G
CSqGSIb3DQEBCwUAA4IBAQAP74tz/I5vGJ53S/r6iLIuCEce5TGxAOV4LewjLQNq
3IJrJoPzcPxgoTk7crVWAclbKfCLsMsTWtnUgQy/fDjUiviWcfWUcX8siWlKVbBF
+oKomO2f5b2xYCocN90xpqv/6ZcxhfLfRxTTxl8vlFZxMz2aX0H+FhIOSK+cAbow
Fot784WjerkT42j75TgFPXgaq0Jpy1JTRfvhlRUmMU/jsQnfKJgVZh0rdhwX8osQ
MTmx+TavNM6qqgW52kXlH49PWq7HBK87AAw06YunOMMw9g0oo+D5kofskfOf+jSj
jERsQsBCOLge/M2gnvoZ3LUY57khPLgEjau5u+rMbvfk
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:33 2023 by rpki-client on console-ams.rpki-client.org