Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ac410a-49a0-4e38-ae3b-5ca5bf67e69d/1/o78d9YnQJvAxsbRIYYKhRQoHLuk.roa
File: o78d9YnQJvAxsbRIYYKhRQoHLuk.roa (raw, json)
Hash identifier: JpGCrTq8oaKaxFpg4Xa+ai6yx4z3o5Yo4PJQqpTYyBY=
Subject key identifier: A3:BF:1D:F5:89:D0:26:F0:31:B1:B4:48:61:82:A1:45:0A:07:2E:E9
Certificate issuer: /CN=d3367dba3a220060e67d4ec680b0f99f247a872c
Certificate serial: 873DEA
Authority key identifier: D3:36:7D:BA:3A:22:00:60:E6:7D:4E:C6:80:B0:F9:9F:24:7A:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0zZ9ujoiAGDmfU7GgLD5nyR6hyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ac410a-49a0-4e38-ae3b-5ca5bf67e69d/1/o78d9YnQJvAxsbRIYYKhRQoHLuk.roa
Signing time: Sat 01 Jan 2022 03:52:17 +0000
ROA not before: Sat 01 Jan 2022 03:52:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 176.116.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 8863210 (0x873dea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3367dba3a220060e67d4ec680b0f99f247a872c
Validity
Not Before: Jan 1 03:52:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3bf1df589d026f031b1b4486182a1450a072ee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c7:dd:7a:a0:6f:cd:e6:db:6f:83:44:1e:22:
45:b3:c9:69:49:3a:05:31:bd:90:4e:84:94:49:15:
d5:bc:f8:d9:79:1b:94:3b:50:85:a8:ce:8c:68:1b:
cd:a9:b0:c6:e7:42:c5:c5:54:c0:a5:c1:11:d0:e1:
8b:7f:94:77:c4:88:e8:1b:1d:a2:39:bf:2b:ea:53:
03:61:6f:7a:65:2a:96:94:bc:98:fb:4a:e5:24:31:
b5:b2:37:ad:c9:6e:6b:40:24:c8:c6:33:54:1f:c3:
05:a7:06:ef:04:d7:ca:d8:d4:e6:27:2f:29:8c:3f:
d4:3e:d8:a3:c9:cc:0b:c1:52:2c:0d:21:a4:33:9e:
7b:06:c4:c8:aa:b0:c7:2f:e5:68:2d:fe:39:54:b9:
22:cf:7a:1b:8c:a0:2b:b7:6e:b1:30:24:78:ad:5c:
67:48:45:71:db:f8:38:41:52:e1:a9:53:5a:21:68:
be:9f:f4:f2:c6:1e:8c:27:3a:32:10:f3:f1:15:7b:
ec:19:3d:f0:50:af:bf:5d:8a:9b:2d:ea:c3:7b:d2:
c7:62:f9:7d:80:62:1b:85:e0:a9:3b:d5:e3:85:1c:
b4:27:4b:20:fd:fe:08:b5:cc:0e:7c:92:55:a0:2e:
fc:66:42:9c:61:12:1d:db:74:6e:1d:ff:5c:24:d4:
0a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:BF:1D:F5:89:D0:26:F0:31:B1:B4:48:61:82:A1:45:0A:07:2E:E9
X509v3 Authority Key Identifier:
keyid:D3:36:7D:BA:3A:22:00:60:E6:7D:4E:C6:80:B0:F9:9F:24:7A:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0zZ9ujoiAGDmfU7GgLD5nyR6hyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ac410a-49a0-4e38-ae3b-5ca5bf67e69d/1/o78d9YnQJvAxsbRIYYKhRQoHLuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ac410a-49a0-4e38-ae3b-5ca5bf67e69d/1/0zZ9ujoiAGDmfU7GgLD5nyR6hyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.21.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:49:84:6a:5b:0e:b4:9a:47:8a:3b:98:40:d6:4f:32:83:52:
ec:b3:9b:be:3d:4b:5e:c7:3e:38:72:9a:13:c6:47:3a:f4:2d:
b9:cd:f2:4b:69:e0:e1:52:05:60:be:cc:cb:be:1f:4a:34:49:
59:f5:4e:53:94:45:b9:4c:2d:8e:df:75:e9:1e:a7:bc:62:89:
61:17:3e:2c:9d:17:29:d7:6a:36:91:49:22:14:eb:bc:18:d1:
64:12:64:01:88:2b:df:73:1a:9a:00:36:25:3e:ea:1b:94:8e:
5d:18:cd:cf:09:a1:38:8d:30:2c:13:6c:07:4f:db:b5:56:44:
67:fb:dc:38:b9:18:c4:8e:ad:a7:29:c5:f3:ac:7e:b4:42:e6:
ed:e6:46:43:4b:8a:34:29:bd:0e:d3:7d:86:b9:0b:01:37:eb:
00:9f:ac:27:bc:78:81:21:53:a2:af:a8:e2:1c:64:5a:e1:10:
44:9c:77:fe:63:45:9a:f1:33:04:22:5a:5e:e8:43:12:22:ba:
c4:e7:26:f5:65:d7:2d:4f:96:bd:c9:6b:5f:4d:b8:22:62:08:
27:1f:8b:10:a7:03:d3:01:45:26:ee:18:9c:a9:b6:f3:f0:d1:
3b:62:19:8c:ff:d0:c5:fc:bd:ef:e3:04:c3:89:1b:7e:69:26:
b0:ed:40:74
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAIc96jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MzM2N2RiYTNhMjIwMDYwZTY3ZDRlYzY4MGIwZjk5ZjI0N2E4NzJjMB4XDTIyMDEw
MTAzNTIxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTNiZjFkZjU4OWQw
MjZmMDMxYjFiNDQ4NjE4MmExNDUwYTA3MmVlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDH3Xqgb83m22+DRB4iRbPJaUk6BTG9kE6ElEkV1bz42Xkb
lDtQhajOjGgbzamwxudCxcVUwKXBEdDhi3+Ud8SI6Bsdojm/K+pTA2FvemUqlpS8
mPtK5SQxtbI3rclua0AkyMYzVB/DBacG7wTXytjU5icvKYw/1D7Yo8nMC8FSLA0h
pDOeewbEyKqwxy/laC3+OVS5Is96G4ygK7dusTAkeK1cZ0hFcdv4OEFS4alTWiFo
vp/08sYejCc6MhDz8RV77Bk98FCvv12Kmy3qw3vSx2L5fYBiG4XgqTvV44UctCdL
IP3+CLXMDnySVaAu/GZCnGESHdt0bh3/XCTUCqMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjvx31idAm8DGxtEhhgqFFCgcu6TAfBgNVHSMEGDAWgBTTNn26OiIAYOZ9
TsaAsPmfJHqHLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzB6Wjl1am9pQUdEbWZVN0dnTEQ1bnlSNmh5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvYWM0MTBhLTQ5YTAtNGUzOC1hZTNiLTVjYTViZjY3ZTY5ZC8x
L283OGQ5WW5RSnZBeHNiUklZWUtoUlFvSEx1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
YWM0MTBhLTQ5YTAtNGUzOC1hZTNiLTVjYTViZjY3ZTY5ZC8xLzB6Wjl1am9pQUdE
bWZVN0dnTEQ1bnlSNmh5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB0FTANBgkqhkiG9w0BAQsFAAOC
AQEAu0mEalsOtJpHijuYQNZPMoNS7LObvj1LXsc+OHKaE8ZHOvQtuc3yS2ng4VIF
YL7My74fSjRJWfVOU5RFuUwtjt916R6nvGKJYRc+LJ0XKddqNpFJIhTrvBjRZBJk
AYgr33MamgA2JT7qG5SOXRjNzwmhOI0wLBNsB0/btVZEZ/vcOLkYxI6tpynF86x+
tELm7eZGQ0uKNCm9DtN9hrkLATfrAJ+sJ7x4gSFToq+o4hxkWuEQRJx3/mNFmvEz
BCJaXuhDEiK6xOcm9WXXLU+WvclrX024ImIIJx+LEKcD0wFFJu4YnKm28/DRO2IZ
jP/Qxfy97+MEw4kbfmkmsO1AdA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:23 2023 by rpki-client on console-fra.rpki-client.org