Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/dTHYIbVx38zPubbkKde11GTnPtc.roa
File: dTHYIbVx38zPubbkKde11GTnPtc.roa (raw, json)
Hash identifier: s/apTyVQaIB6vJ2DJMpeyStTTbhvU1ZNvm/Sl0HyLGw=
Subject key identifier: 75:31:D8:21:B5:71:DF:CC:CF:B9:B6:E4:29:D7:B5:D4:64:E7:3E:D7
Certificate issuer: /CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
Certificate serial: 0181F3E38D2E29F927444D0482DA5A30E7B5
Authority key identifier: 9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/dTHYIbVx38zPubbkKde11GTnPtc.roa
Signing time: Tue 12 Jul 2022 19:29:45 +0000
ROA not before: Tue 12 Jul 2022 19:29:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23470
IP address blocks: 176.118.160.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f3:e3:8d:2e:29:f9:27:44:4d:04:82:da:5a:30:e7:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9daa9f14f97d4dad8c004c253a5e1ce7c7dd7c4b
Validity
Not Before: Jul 12 19:29:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7531d821b571dfcccfb9b6e429d7b5d464e73ed7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:78:7c:fa:8a:25:73:13:94:12:f6:e4:4e:e1:
66:96:2b:c9:51:64:f5:e6:4a:79:3f:9a:ef:c0:8f:
2a:eb:61:38:48:40:bd:3c:2f:49:49:4b:6b:73:2b:
ff:f0:57:10:02:27:9d:9c:8e:cf:f8:c5:0c:eb:04:
0c:45:67:d2:4b:27:ed:fa:74:cf:cc:87:93:dd:9b:
64:8c:9a:da:05:1e:32:31:5c:27:dc:e1:90:c1:5b:
a4:b4:98:60:b8:f9:34:7c:bc:cf:54:01:8f:0f:34:
eb:d6:a2:af:fb:d0:cc:51:34:c6:66:ab:0f:f8:75:
9e:aa:f6:2d:f9:6f:d9:dc:c8:eb:7d:9c:f7:1c:5b:
7e:f3:6f:72:15:d6:3e:d7:00:aa:41:0a:a1:f9:2d:
95:3e:20:f3:96:3a:e2:cf:bd:4d:ca:12:82:54:13:
5f:c8:66:42:5e:99:4a:a6:48:94:d7:d7:d0:d9:ce:
02:b5:7e:fd:db:69:35:c4:01:8d:c1:48:f3:2f:60:
9b:aa:42:f1:2f:54:56:e6:d6:51:7b:78:9f:88:88:
08:85:c8:dd:b8:e1:55:d0:f8:e5:7d:79:be:5c:2e:
c8:77:de:4f:ff:29:02:6f:2b:9a:08:e4:e5:2b:d4:
29:43:66:49:b6:dd:c8:b1:bc:c7:88:f0:c9:8d:c5:
a4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:31:D8:21:B5:71:DF:CC:CF:B9:B6:E4:29:D7:B5:D4:64:E7:3E:D7
X509v3 Authority Key Identifier:
keyid:9D:AA:9F:14:F9:7D:4D:AD:8C:00:4C:25:3A:5E:1C:E7:C7:DD:7C:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/naqfFPl9Ta2MAEwlOl4c58fdfEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/dTHYIbVx38zPubbkKde11GTnPtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dfd605-10da-46a2-9677-41401008a70c/1/naqfFPl9Ta2MAEwlOl4c58fdfEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.160.0/24
Signature Algorithm: sha256WithRSAEncryption
89:b0:4e:65:ef:eb:d6:8c:67:d4:b8:da:cf:ec:88:a7:fa:34:
65:67:eb:ac:04:2c:9e:3b:40:c8:7d:b2:ca:f8:42:61:95:a7:
01:9c:5c:ac:50:6e:d2:01:83:a7:68:67:60:7e:72:c6:4e:08:
a4:84:a0:ae:7a:a7:d3:47:04:f5:d7:09:92:eb:4a:c6:99:24:
99:fb:86:d7:d6:b7:5c:2d:e7:52:7f:cf:1d:13:de:65:68:8a:
4e:44:e2:33:8b:18:45:0a:ed:8b:be:ec:4a:34:96:e0:00:77:
13:6a:61:64:2b:44:ac:79:15:03:a8:f6:90:41:81:fd:0d:99:
9f:cb:29:32:6f:c4:d1:21:22:42:ff:6f:10:59:bf:dc:f7:3e:
f3:89:0a:c9:6e:99:60:2a:92:be:ad:f7:95:94:03:87:59:3c:
9d:ec:3a:84:db:1d:46:f8:30:5f:5b:ac:4d:bc:d9:50:4a:77:
ea:42:88:bf:95:6c:3a:c1:15:83:c9:c6:91:dd:97:78:49:e3:
ca:0e:2a:5d:22:02:17:4a:ba:f7:7c:9f:74:d6:ff:3d:c1:46:
72:44:1b:7b:fa:58:61:4c:b1:1f:36:8b:83:92:5a:aa:be:27:
dc:d4:4e:7e:3b:1e:7f:0f:05:d1:0a:39:b7:df:68:a4:da:7d:
3f:5f:5e:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHz440uKfknRE0EgtpaMOe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkYWE5ZjE0Zjk3ZDRkYWQ4YzAwNGMyNTNhNWUxY2U3Yzdk
ZDdjNGIwHhcNMjIwNzEyMTkyOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTMxZDgyMWI1NzFkZmNjY2ZiOWI2ZTQyOWQ3YjVkNDY0ZTczZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3h8+oolcxOUEvbkTuFmlivJUWT1
5kp5P5rvwI8q62E4SEC9PC9JSUtrcyv/8FcQAiednI7P+MUM6wQMRWfSSyft+nTP
zIeT3ZtkjJraBR4yMVwn3OGQwVuktJhguPk0fLzPVAGPDzTr1qKv+9DMUTTGZqsP
+HWeqvYt+W/Z3MjrfZz3HFt+829yFdY+1wCqQQqh+S2VPiDzljriz71NyhKCVBNf
yGZCXplKpkiU19fQ2c4CtX7922k1xAGNwUjzL2CbqkLxL1RW5tZRe3ifiIgIhcjd
uOFV0PjlfXm+XC7Id95P/ykCbyuaCOTlK9QpQ2ZJtt3IsbzHiPDJjcWkJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHUx2CG1cd/Mz7m25CnXtdRk5z7XMB8GA1UdIwQY
MBaAFJ2qnxT5fU2tjABMJTpeHOfH3XxLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmFxZkZQbDlUYTJNQUV3bE9sNGM1OGZkZkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kZmQ2MDUtMTBkYS00NmEyLTk2Nzct
NDE0MDEwMDhhNzBjLzEvZFRIWUliVngzOHpQdWJia0tkZTExR1RuUHRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9kZmQ2MDUtMTBkYS00NmEyLTk2NzctNDE0MDEwMDhhNzBj
LzEvbmFxZkZQbDlUYTJNQUV3bE9sNGM1OGZkZkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHagMA0G
CSqGSIb3DQEBCwUAA4IBAQCJsE5l7+vWjGfUuNrP7Iin+jRlZ+usBCyeO0DIfbLK
+EJhlacBnFysUG7SAYOnaGdgfnLGTgikhKCueqfTRwT11wmS60rGmSSZ+4bX1rdc
LedSf88dE95laIpOROIzixhFCu2LvuxKNJbgAHcTamFkK0SseRUDqPaQQYH9DZmf
yykyb8TRISJC/28QWb/c9z7ziQrJbplgKpK+rfeVlAOHWTyd7DqE2x1G+DBfW6xN
vNlQSnfqQoi/lWw6wRWDycaR3Zd4SePKDipdIgIXSrr3fJ901v89wUZyRBt7+lhh
TLEfNouDklqqvifc1E5+Ox5/DwXRCjm332ik2n0/X14r
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:54 2023 by rpki-client on console-fra.rpki-client.org