Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/99kqPQ5ozou6AHUzklXm6bkOCX4.roa
File: 99kqPQ5ozou6AHUzklXm6bkOCX4.roa (raw, json)
Hash identifier: nhX10r8+Xb0AYxirBRUSC3L/D7+galjIivbddj0BBHk=
Subject key identifier: F7:D9:2A:3D:0E:68:CE:8B:BA:00:75:33:92:55:E6:E9:B9:0E:09:7E
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 011DC00C
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/99kqPQ5ozou6AHUzklXm6bkOCX4.roa
Signing time: Thu 17 Mar 2022 10:19:58 +0000
ROA not before: Thu 17 Mar 2022 10:19:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3215
IP address blocks: 143.196.112.0/21 maxlen: 21
143.196.120.0/22 maxlen: 22
143.196.64.0/19 maxlen: 19
143.196.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18726924 (0x11dc00c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Mar 17 10:19:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7d92a3d0e68ce8bba0075339255e6e9b90e097e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:33:55:d7:23:d4:90:e6:ea:10:b3:e2:fe:ec:
c3:02:ce:9e:0f:80:2c:73:44:2b:34:cc:00:80:19:
6f:de:d1:89:bb:5f:9e:af:ff:23:88:3a:64:fb:a5:
bc:33:c8:3b:96:ef:bc:63:0d:0f:90:29:42:b8:7e:
46:e6:80:58:e4:6c:81:a7:8e:69:5d:fa:41:ca:1e:
50:87:af:0b:7f:6e:cb:af:d6:46:ad:6a:61:3a:52:
bb:c6:6a:d2:ce:4c:bb:42:08:93:1b:e9:18:75:24:
05:89:88:6e:3f:df:08:2d:0c:0d:e1:6f:50:37:06:
18:be:85:47:85:8f:0f:d7:ad:9a:cb:a3:53:8a:ea:
88:b5:07:35:28:2f:d9:b2:17:a5:ce:ed:a5:5c:d4:
5e:06:59:a7:6e:8e:03:41:25:5f:8d:9a:f5:7c:26:
1b:35:c4:85:b0:21:87:3a:e7:bb:42:20:25:9f:5b:
7d:09:84:9b:2b:f4:ff:38:6a:67:2c:6c:25:44:a7:
59:7b:bb:52:a7:cc:6f:d8:7f:5d:38:67:50:b3:e6:
e2:81:3b:a7:90:ba:26:09:10:49:2a:b5:19:8c:f9:
87:39:60:60:4d:c9:5c:e3:eb:fc:ea:0a:27:fa:07:
34:82:e1:b1:bc:53:97:7a:7b:3f:a1:6e:ff:18:3f:
ed:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:D9:2A:3D:0E:68:CE:8B:BA:00:75:33:92:55:E6:E9:B9:0E:09:7E
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/99kqPQ5ozou6AHUzklXm6bkOCX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.64.0-143.196.123.255
Signature Algorithm: sha256WithRSAEncryption
4a:a8:a3:40:27:d0:d6:4a:4d:87:b4:0f:7c:e0:f0:1b:fe:1a:
c7:c2:15:ef:c3:83:02:fa:5d:20:66:a8:4b:75:b5:ed:f9:5c:
42:a6:33:b8:0e:7c:47:99:ef:a9:82:11:6b:ec:e6:ed:9e:f4:
e6:c2:7b:b4:fa:79:a1:73:6e:9c:c4:ff:6e:b7:db:42:7e:76:
31:b9:b5:2f:ec:26:f8:9d:f0:a8:34:c6:bc:8f:47:0d:79:3c:
b0:85:bc:c6:ba:6e:67:96:62:46:e6:f9:c3:16:ba:09:0b:63:
78:27:75:2c:09:dc:c0:ac:8d:b3:63:8b:67:3e:ad:ae:d3:ce:
b7:87:3d:40:28:37:94:65:ee:7e:64:f0:53:50:e8:7e:8d:f1:
63:ef:84:e0:00:f9:d5:db:4f:fa:7b:b1:43:d2:83:6c:18:99:
9c:5c:ad:16:5a:04:8b:c6:1c:53:56:4f:b3:13:98:25:d2:c5:
b2:04:b5:e2:65:f2:05:09:74:20:9f:d7:94:5e:a9:28:97:92:
94:62:fa:37:b7:d2:a2:06:75:bf:29:9e:3b:54:2b:4f:ab:20:
09:9e:94:96:84:aa:fa:a3:93:b8:c7:43:1e:d4:48:96:6a:6b:
22:51:52:a5:16:5d:29:be:65:7b:71:95:d7:a1:27:e1:d6:84:
e1:1c:2e:23
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAR3ADDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODFiZDE0MDI5MjRlYzJhNjQ0ZThmNTRlNjk5NGNiNGFjOGUyNGE2MB4XDTIyMDMx
NzEwMTk1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjdkOTJhM2QwZTY4
Y2U4YmJhMDA3NTMzOTI1NWU2ZTliOTBlMDk3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANozVdcj1JDm6hCz4v7swwLOng+ALHNEKzTMAIAZb97Ribtf
nq//I4g6ZPulvDPIO5bvvGMND5ApQrh+RuaAWORsgaeOaV36QcoeUIevC39uy6/W
Rq1qYTpSu8Zq0s5Mu0IIkxvpGHUkBYmIbj/fCC0MDeFvUDcGGL6FR4WPD9etmsuj
U4rqiLUHNSgv2bIXpc7tpVzUXgZZp26OA0ElX42a9XwmGzXEhbAhhzrnu0IgJZ9b
fQmEmyv0/zhqZyxsJUSnWXu7UqfMb9h/XThnULPm4oE7p5C6JgkQSSq1GYz5hzlg
YE3JXOPr/OoKJ/oHNILhsbxTl3p7P6Fu/xg/7ZkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBT32So9DmjOi7oAdTOSVebpuQ4JfjAfBgNVHSMEGDAWgBSIG9FAKSTsKmRO
j1TmmUy0rI4kpjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lCdlJRQ2trN0Nwa1RvOVU1cGxNdEt5T0pLWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvZGNkM2I3LTdjYzAtNGM0OS1iYWIzLTdhMGIxNDVjZjYyYi8x
Lzk5a3FQUTVvem91NkFIVXprbFhtNmJrT0NYNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
ZGNkM2I3LTdjYzAtNGM0OS1iYWIzLTdhMGIxNDVjZjYyYi8xL2lCdlJRQ2trN0Nw
a1RvOVU1cGxNdEt5T0pLWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQGj8RAAwQCj8R4MA0GCSqGSIb3
DQEBCwUAA4IBAQBKqKNAJ9DWSk2HtA984PAb/hrHwhXvw4MC+l0gZqhLdbXt+VxC
pjO4DnxHme+pghFr7ObtnvTmwnu0+nmhc26cxP9ut9tCfnYxubUv7Cb4nfCoNMa8
j0cNeTywhbzGum5nlmJG5vnDFroJC2N4J3UsCdzArI2zY4tnPq2u0863hz1AKDeU
Ze5+ZPBTUOh+jfFj74TgAPnV20/6e7FD0oNsGJmcXK0WWgSLxhxTVk+zE5gl0sWy
BLXiZfIFCXQgn9eUXqkol5KUYvo3t9KiBnW/KZ47VCtPqyAJnpSWhKr6o5O4x0Me
1EiWamsiUVKlFl0pvmV7cZXXoSfh1oThHC4j
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:52 2023 by rpki-client on console-ams.rpki-client.org