Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/_KpfUBIUtyT9_asg8-z4IRY_GUc.roa
File: _KpfUBIUtyT9_asg8-z4IRY_GUc.roa (raw, json)
Hash identifier: Q1N7vMhqBHGKmi1rszaCOTRPApSfxqTbRwxTc1rL7pQ=
Subject key identifier: FC:AA:5F:50:12:14:B7:24:FD:FD:AB:20:F3:EC:F8:21:16:3F:19:47
Certificate issuer: /CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Certificate serial: 03FEB4
Authority key identifier: DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/_KpfUBIUtyT9_asg8-z4IRY_GUc.roa
Signing time: Mon 07 Mar 2022 16:39:10 +0000
ROA not before: Mon 07 Mar 2022 16:39:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206766
IP address blocks: 138.124.185.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 261812 (0x3feb4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de92a1ac8910cf5c865de5b0231b09d04e1132f3
Validity
Not Before: Mar 7 16:39:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fcaa5f501214b724fdfdab20f3ecf821163f1947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:03:1b:f2:31:30:46:a7:6e:12:c7:7b:63:59:
ae:87:27:9e:3a:89:fe:28:33:57:a7:41:ac:4c:d5:
73:6c:fe:ab:ad:69:e4:0c:97:65:00:0e:18:e0:f5:
14:25:cc:5d:2c:74:58:8a:a3:1f:43:85:98:8d:e7:
52:68:59:d1:7d:c2:0b:db:d6:ec:41:f8:0b:bb:bb:
8b:03:db:7e:bd:88:42:01:cd:f5:46:4f:f3:e9:25:
98:98:60:ab:e7:0f:41:fb:56:e5:ed:68:bc:f3:a4:
b4:e5:63:ed:9d:fa:5c:5f:9b:e1:21:53:07:a7:16:
52:ca:7f:cd:12:aa:95:3c:a9:b9:e5:38:82:4f:46:
77:98:18:65:72:5c:00:67:cc:e3:13:c5:ab:9d:a4:
4f:e6:6a:bf:93:f2:6a:c5:be:5d:26:1c:3c:34:de:
36:80:4c:85:63:27:5a:0c:d9:0f:a4:90:ca:37:b5:
e9:37:ab:39:e5:cf:25:09:51:c3:7d:5d:24:62:2e:
6d:83:20:23:7d:b1:cb:78:a6:35:7a:c7:a0:f7:f0:
eb:d8:ed:11:a7:04:b9:69:f6:6b:86:56:da:f9:23:
94:9d:97:67:02:76:4f:88:19:72:1a:fd:3b:80:ca:
11:9a:eb:11:7d:af:91:dd:c6:5e:d7:ac:e5:9d:22:
29:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:AA:5F:50:12:14:B7:24:FD:FD:AB:20:F3:EC:F8:21:16:3F:19:47
X509v3 Authority Key Identifier:
keyid:DE:92:A1:AC:89:10:CF:5C:86:5D:E5:B0:23:1B:09:D0:4E:11:32:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/_KpfUBIUtyT9_asg8-z4IRY_GUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4377d6-515c-420a-9134-69e337884cc9/1/3pKhrIkQz1yGXeWwIxsJ0E4RMvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.185.0/24
Signature Algorithm: sha256WithRSAEncryption
87:d4:df:4c:1b:af:ce:9b:2b:5c:0a:a2:60:32:79:b5:1b:63:
31:7c:4e:96:7e:49:ec:01:f0:23:e9:b7:a7:a6:73:b0:3a:44:
3c:93:ce:ef:2b:25:f0:69:ce:91:6c:78:db:d0:d6:0e:14:c1:
d8:8e:1f:5c:5c:4b:d8:a4:b7:29:40:5b:19:9e:b9:07:57:d1:
53:07:9d:02:a1:c6:8d:bd:34:b9:10:82:ed:57:46:1d:db:0e:
92:d6:72:70:b1:dd:29:d6:08:c5:24:3c:f3:e7:82:31:80:2a:
5d:1d:1f:e6:1e:4b:50:1c:50:28:15:4f:fd:bd:63:1c:b7:03:
74:b6:d0:7d:b6:5f:0f:3d:ee:db:0f:3f:ab:eb:bd:78:5b:16:
6f:81:17:fc:5d:a9:20:d2:6d:ab:53:ca:01:bb:b6:f9:34:48:
bf:76:1b:90:5b:9c:3d:ec:d9:aa:87:8e:7d:0e:8f:d3:00:9d:
e7:5a:db:96:c2:9b:51:c9:f4:c8:ff:fc:4a:c0:22:f4:63:c0:
88:09:0e:6e:2e:31:6a:bd:3b:68:52:61:96:73:48:4c:f7:0b:
2d:63:da:8b:6b:a6:7c:46:51:4d:d4:cd:c4:4b:4c:d1:a1:59:
d4:bd:9d:7f:7d:90:cd:43:cc:f1:e7:aa:f0:10:f6:47:ea:37:
02:1e:86:0c
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDA/60MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRl
OTJhMWFjODkxMGNmNWM4NjVkZTViMDIzMWIwOWQwNGUxMTMyZjMwHhcNMjIwMzA3
MTYzOTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhmY2FhNWY1MDEyMTRi
NzI0ZmRmZGFiMjBmM2VjZjgyMTE2M2YxOTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwQMb8jEwRqduEsd7Y1muhyeeOon+KDNXp0GsTNVzbP6rrWnk
DJdlAA4Y4PUUJcxdLHRYiqMfQ4WYjedSaFnRfcIL29bsQfgLu7uLA9t+vYhCAc31
Rk/z6SWYmGCr5w9B+1bl7Wi886S05WPtnfpcX5vhIVMHpxZSyn/NEqqVPKm55TiC
T0Z3mBhlclwAZ8zjE8WrnaRP5mq/k/Jqxb5dJhw8NN42gEyFYydaDNkPpJDKN7Xp
N6s55c8lCVHDfV0kYi5tgyAjfbHLeKY1eseg9/Dr2O0RpwS5afZrhlba+SOUnZdn
AnZPiBlyGv07gMoRmusRfa+R3cZe16zlnSIphQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFPyqX1ASFLck/f2rIPPs+CEWPxlHMB8GA1UdIwQYMBaAFN6SoayJEM9chl3l
sCMbCdBOETLzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M3BLaHJJa1F6MXlHWGVXd0l4c0owRTRSTXZNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mNS80Mzc3ZDYtNTE1Yy00MjBhLTkxMzQtNjllMzM3ODg0Y2M5LzEv
X0twZlVCSVV0eVQ5X2FzZzgtejRJUllfR1VjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80
Mzc3ZDYtNTE1Yy00MjBhLTkxMzQtNjllMzM3ODg0Y2M5LzEvM3BLaHJJa1F6MXlH
WGVXd0l4c0owRTRSTXZNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAiny5MA0GCSqGSIb3DQEBCwUAA4IB
AQCH1N9MG6/OmytcCqJgMnm1G2MxfE6WfknsAfAj6benpnOwOkQ8k87vKyXwac6R
bHjb0NYOFMHYjh9cXEvYpLcpQFsZnrkHV9FTB50CocaNvTS5EILtV0Yd2w6S1nJw
sd0p1gjFJDzz54IxgCpdHR/mHktQHFAoFU/9vWMctwN0ttB9tl8PPe7bDz+r6714
WxZvgRf8Xakg0m2rU8oBu7b5NEi/dhuQW5w97Nmqh459Do/TAJ3nWtuWwptRyfTI
//xKwCL0Y8CICQ5uLjFqvTtoUmGWc0hM9wstY9qLa6Z8RlFN1M3ES0zRoVnUvZ1/
fZDNQ8zx56rwEPZH6jcCHoYM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:22 2023 by rpki-client on console-ams.rpki-client.org