Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/sUZoTiQKFMiQ60psiROPKs4NaDI.roa
File: sUZoTiQKFMiQ60psiROPKs4NaDI.roa (raw, json)
Hash identifier: CQHs0ImZ02g1XXW4jOlhsSxAOrF7ETpRTMWgB78GHpo=
Subject key identifier: B1:46:68:4E:24:0A:14:C8:90:EB:4A:6C:89:13:8F:2A:CE:0D:68:32
Certificate issuer: /CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Certificate serial: 05EAF4D9
Authority key identifier: BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/sUZoTiQKFMiQ60psiROPKs4NaDI.roa
Signing time: Thu 30 Jun 2022 22:30:02 +0000
ROA not before: Thu 30 Jun 2022 22:30:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15802
IP address blocks: 157.23.250.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 99284185 (0x5eaf4d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bba35cf8ab6f3eaa2aebadd9e2373dec0893625e
Validity
Not Before: Jun 30 22:30:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b146684e240a14c890eb4a6c89138f2ace0d6832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:99:66:5c:63:3b:c9:32:7c:92:8b:52:23:56:
a3:31:45:f6:6e:76:a1:47:d1:e8:bc:54:66:e4:31:
81:1d:59:77:2a:f7:01:54:52:99:b3:4f:28:c9:da:
80:7d:4a:db:33:7b:1e:21:b7:c6:e2:60:3e:94:1d:
ed:91:a2:c1:21:f1:34:d2:d6:42:70:25:32:97:00:
b6:4c:9b:1e:57:c6:a9:cb:4b:ce:16:2b:33:37:41:
aa:7d:a6:6c:c3:ec:e7:c5:d6:c2:93:06:10:37:a0:
02:0b:a6:5d:29:65:b7:73:6b:78:85:17:ab:82:5b:
08:be:c1:23:f0:6e:97:99:5e:be:8c:8c:11:68:40:
b8:d9:e8:20:45:73:dd:49:97:dc:d0:72:55:51:aa:
27:bc:56:ee:dc:ab:7c:5f:d4:19:a5:92:83:85:dc:
bf:b2:6e:37:54:46:3f:28:f8:44:6e:fc:ba:9c:4d:
3c:06:5f:ce:da:a1:91:ef:3c:12:73:ce:d9:82:4a:
9d:da:a1:c6:03:d8:0e:7d:8c:09:e5:10:30:36:d2:
dc:b6:65:d3:a4:d8:f8:33:8c:29:03:f1:4c:9e:51:
67:7b:79:e8:a0:6d:2f:6a:73:e4:ab:e6:91:7f:a9:
12:d8:5a:ec:b8:28:bd:8e:00:36:0e:b7:e7:55:61:
3a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:46:68:4E:24:0A:14:C8:90:EB:4A:6C:89:13:8F:2A:CE:0D:68:32
X509v3 Authority Key Identifier:
keyid:BB:A3:5C:F8:AB:6F:3E:AA:2A:EB:AD:D9:E2:37:3D:EC:08:93:62:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u6Nc-KtvPqoq663Z4jc97AiTYl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/sUZoTiQKFMiQ60psiROPKs4NaDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/a0e01a-9bbc-44ee-98a3-597b6e2492ab/1/u6Nc-KtvPqoq663Z4jc97AiTYl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.23.250.0/24
Signature Algorithm: sha256WithRSAEncryption
24:7c:50:0d:98:c0:73:d2:28:bd:7b:af:88:ee:38:62:a3:6e:
59:95:1c:71:c8:2d:a2:e3:28:94:d7:e5:4c:2a:5a:57:80:7e:
5b:18:e9:6f:cb:4b:b4:0e:2d:cd:15:d9:1d:e7:ee:cc:e8:9a:
32:c8:88:f1:59:9f:26:ee:cb:32:37:37:7d:e5:9e:b6:cd:01:
9d:89:6c:9d:3a:3e:7a:85:af:39:b9:06:b6:6c:09:ae:91:49:
56:fc:2a:10:80:6b:22:62:67:17:eb:eb:07:06:a5:64:39:10:
5c:5f:85:bc:3d:fe:e1:b3:69:bb:df:ec:9a:8c:58:50:57:7e:
03:12:57:a2:0e:2a:92:a8:d1:17:f6:c5:52:7e:f3:ba:be:7b:
ef:60:41:0d:92:37:82:bf:42:ee:54:43:a9:98:7d:c9:3a:6f:
31:d0:66:e8:43:e6:a8:89:f2:f6:99:56:c6:1b:4e:44:5e:86:
87:93:f2:ee:20:e4:d2:c5:26:37:b4:ae:ce:86:54:56:34:0f:
3b:e9:5f:ed:88:f1:d2:e5:ea:f0:35:93:1d:8c:66:84:2f:5d:
3e:99:21:e5:ce:1e:22:06:c1:a4:82:c3:92:ac:27:3a:fe:41:
ea:b5:50:be:36:7b:f5:38:8c:c5:05:82:b9:fe:b4:56:32:ad:
49:e5:db:81
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBer02TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YmEzNWNmOGFiNmYzZWFhMmFlYmFkZDllMjM3M2RlYzA4OTM2MjVlMB4XDTIyMDYz
MDIyMzAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjE0NjY4NGUyNDBh
MTRjODkwZWI0YTZjODkxMzhmMmFjZTBkNjgzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeZZlxjO8kyfJKLUiNWozFF9m52oUfR6LxUZuQxgR1Zdyr3
AVRSmbNPKMnagH1K2zN7HiG3xuJgPpQd7ZGiwSHxNNLWQnAlMpcAtkybHlfGqctL
zhYrMzdBqn2mbMPs58XWwpMGEDegAgumXSllt3NreIUXq4JbCL7BI/Bul5levoyM
EWhAuNnoIEVz3UmX3NByVVGqJ7xW7tyrfF/UGaWSg4Xcv7JuN1RGPyj4RG78upxN
PAZfztqhke88EnPO2YJKndqhxgPYDn2MCeUQMDbS3LZl06TY+DOMKQPxTJ5RZ3t5
6KBtL2pz5KvmkX+pEtha7LgovY4ANg6351VhOk8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSxRmhOJAoUyJDrSmyJE48qzg1oMjAfBgNVHSMEGDAWgBS7o1z4q28+qirr
rdniNz3sCJNiXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U2TmMtS3R2UHFvcTY2M1o0amM5N0FpVFlsNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmEvYTBlMDFhLTliYmMtNDRlZS05OGEzLTU5N2I2ZTI0OTJhYi8x
L3NVWm9UaVFLRk1pUTYwcHNpUk9QS3M0TmFESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmEv
YTBlMDFhLTliYmMtNDRlZS05OGEzLTU5N2I2ZTI0OTJhYi8xL3U2TmMtS3R2UHFv
cTY2M1o0amM5N0FpVFlsNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJ0X+jANBgkqhkiG9w0BAQsFAAOC
AQEAJHxQDZjAc9IovXuviO44YqNuWZUcccgtouMolNflTCpaV4B+Wxjpb8tLtA4t
zRXZHefuzOiaMsiI8VmfJu7LMjc3feWets0BnYlsnTo+eoWvObkGtmwJrpFJVvwq
EIBrImJnF+vrBwalZDkQXF+FvD3+4bNpu9/smoxYUFd+AxJXog4qkqjRF/bFUn7z
ur5772BBDZI3gr9C7lRDqZh9yTpvMdBm6EPmqIny9plWxhtORF6Gh5Py7iDk0sUm
N7SuzoZUVjQPO+lf7Yjx0uXq8DWTHYxmhC9dPpkh5c4eIgbBpILDkqwnOv5B6rVQ
vjZ79TiMxQWCuf60VjKtSeXbgQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:38 2023 by rpki-client on console-ams.rpki-client.org