Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/43c451-e4e9-4859-b985-2d9df4ef5f50/1/mo2I3lhQerpFc7eRwSpYFeGLUcA.roa
File: mo2I3lhQerpFc7eRwSpYFeGLUcA.roa (raw, json)
Hash identifier: 4WU6fCC+ca1zcZ2TwsJUMKcu8hUwxOG1muWlW+5Jiog=
Subject key identifier: 9A:8D:88:DE:58:50:7A:BA:45:73:B7:91:C1:2A:58:15:E1:8B:51:C0
Certificate issuer: /CN=d538d7726a5f1f33da15d87e5c8b0e48f50281bf
Certificate serial: 028BC7
Authority key identifier: D5:38:D7:72:6A:5F:1F:33:DA:15:D8:7E:5C:8B:0E:48:F5:02:81:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TjXcmpfHzPaFdh-XIsOSPUCgb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/43c451-e4e9-4859-b985-2d9df4ef5f50/1/mo2I3lhQerpFc7eRwSpYFeGLUcA.roa
Signing time: Mon 31 Jan 2022 13:20:07 +0000
ROA not before: Mon 31 Jan 2022 13:20:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 195.88.246.0/24 maxlen: 24
195.88.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 166855 (0x28bc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d538d7726a5f1f33da15d87e5c8b0e48f50281bf
Validity
Not Before: Jan 31 13:20:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a8d88de58507aba4573b791c12a5815e18b51c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:fc:1c:be:9b:33:fc:5e:6a:08:29:dd:be:54:
57:a8:81:e1:0c:26:2e:ce:d1:98:3c:89:62:ad:b0:
9b:9a:de:de:d1:e3:19:f1:ec:09:c7:43:f9:20:9b:
ff:e3:1d:68:99:0f:03:ec:2f:2b:6b:5f:4f:25:86:
ad:d2:d2:be:a5:81:29:de:83:92:7c:a3:f3:84:2b:
ea:54:70:bf:80:39:e4:14:11:b3:3c:4d:a0:c9:38:
46:c5:b0:53:ff:8b:f5:61:7b:c9:5c:ad:33:b0:37:
3b:99:5e:0b:41:b0:23:69:ee:00:5f:ce:30:3a:00:
55:f0:34:b7:0e:6a:8b:6e:5d:7c:01:c4:16:c9:8a:
e0:64:0d:1c:d6:9d:17:68:e3:d9:7f:32:14:ad:86:
a8:0c:da:13:eb:63:7a:98:7d:20:54:79:ad:8c:84:
ee:83:2a:24:01:be:7c:12:ac:ac:b3:ea:05:f6:e5:
b4:69:78:72:62:80:59:6f:b8:f5:86:90:68:fa:2b:
e0:15:a7:3f:b2:f8:11:a4:e7:8f:4a:66:f9:24:ed:
90:cf:61:29:f9:02:9c:86:27:bb:b8:9f:d8:f8:1b:
e3:f1:1d:c0:4b:54:be:b8:11:ae:e5:4b:2f:b0:c7:
99:a7:32:b9:18:5c:8d:f0:29:20:55:3e:d4:c7:37:
bf:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:8D:88:DE:58:50:7A:BA:45:73:B7:91:C1:2A:58:15:E1:8B:51:C0
X509v3 Authority Key Identifier:
keyid:D5:38:D7:72:6A:5F:1F:33:DA:15:D8:7E:5C:8B:0E:48:F5:02:81:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TjXcmpfHzPaFdh-XIsOSPUCgb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/43c451-e4e9-4859-b985-2d9df4ef5f50/1/mo2I3lhQerpFc7eRwSpYFeGLUcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/43c451-e4e9-4859-b985-2d9df4ef5f50/1/1TjXcmpfHzPaFdh-XIsOSPUCgb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.246.0/23
Signature Algorithm: sha256WithRSAEncryption
42:f6:a0:36:69:51:56:b2:ba:1f:d8:91:e4:dd:47:0c:54:10:
d5:4c:77:87:e2:de:8b:f3:68:28:40:49:73:0c:8c:77:4f:09:
8e:64:f8:42:d6:ad:2c:3e:dd:93:72:9f:e3:67:97:61:a9:4d:
33:8c:10:59:a4:06:4d:2c:4f:a1:37:7c:0f:b5:e2:c5:f7:e7:
23:c7:fe:8f:d0:11:3f:f4:4d:f0:ad:09:7c:be:0e:7d:0c:e1:
57:88:70:ca:f1:e7:42:d8:ba:d1:e2:09:7a:b9:4e:11:e2:6d:
07:f4:f4:f1:22:3c:6e:80:90:cb:05:25:0e:80:24:54:21:35:
7f:fa:64:b7:2a:fd:0c:a5:d3:d9:83:6a:d5:86:1a:63:a3:21:
10:33:2a:aa:44:2a:33:29:35:01:dd:60:02:a0:fc:f3:ad:d8:
83:33:a5:ca:f4:ce:f0:eb:61:a5:96:29:67:b9:39:ad:76:0b:
f9:4c:6f:cd:ee:d8:03:cb:29:2c:7e:fa:6a:04:85:1a:f0:1a:
19:47:46:ef:2a:7a:c2:e3:44:b3:8a:8b:56:39:1c:d1:4a:ef:
c4:a0:f9:eb:9f:1a:11:1d:09:d9:d6:ee:3a:fb:ef:1d:b2:1c:
24:9e:43:2f:c1:aa:e1:66:b9:9d:c4:9a:fe:df:f8:e1:4f:00:
11:e1:97:fc
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAovHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ1
MzhkNzcyNmE1ZjFmMzNkYTE1ZDg3ZTVjOGIwZTQ4ZjUwMjgxYmYwHhcNMjIwMTMx
MTMyMDA3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5YThkODhkZTU4NTA3
YWJhNDU3M2I3OTFjMTJhNTgxNWUxOGI1MWMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAy/wcvpsz/F5qCCndvlRXqIHhDCYuztGYPIlirbCbmt7e0eMZ
8ewJx0P5IJv/4x1omQ8D7C8ra19PJYat0tK+pYEp3oOSfKPzhCvqVHC/gDnkFBGz
PE2gyThGxbBT/4v1YXvJXK0zsDc7mV4LQbAjae4AX84wOgBV8DS3DmqLbl18AcQW
yYrgZA0c1p0XaOPZfzIUrYaoDNoT62N6mH0gVHmtjITugyokAb58Eqyss+oF9uW0
aXhyYoBZb7j1hpBo+ivgFac/svgRpOePSmb5JO2Qz2Ep+QKchie7uJ/Y+Bvj8R3A
S1S+uBGu5UsvsMeZpzK5GFyN8CkgVT7Uxze/fQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFJqNiN5YUHq6RXO3kcEqWBXhi1HAMB8GA1UdIwQYMBaAFNU413JqXx8z2hXY
flyLDkj1AoG/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MVRqWGNtcGZIelBhRmRoLVhJc09TUFVDZ2I4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZC80M2M0NTEtZTRlOS00ODU5LWI5ODUtMmQ5ZGY0ZWY1ZjUwLzEv
bW8ySTNsaFFlcnBGYzdlUndTcFlGZUdMVWNBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC80
M2M0NTEtZTRlOS00ODU5LWI5ODUtMmQ5ZGY0ZWY1ZjUwLzEvMVRqWGNtcGZIelBh
RmRoLVhJc09TUFVDZ2I4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw1j2MA0GCSqGSIb3DQEBCwUAA4IB
AQBC9qA2aVFWsrof2JHk3UcMVBDVTHeH4t6L82goQElzDIx3TwmOZPhC1q0sPt2T
cp/jZ5dhqU0zjBBZpAZNLE+hN3wPteLF9+cjx/6P0BE/9E3wrQl8vg59DOFXiHDK
8edC2LrR4gl6uU4R4m0H9PTxIjxugJDLBSUOgCRUITV/+mS3Kv0MpdPZg2rVhhpj
oyEQMyqqRCozKTUB3WACoPzzrdiDM6XK9M7w62GllilnuTmtdgv5TG/N7tgDyyks
fvpqBIUa8BoZR0bvKnrC40SziotWORzRSu/EoPnrnxoRHQnZ1u46++8dshwknkMv
warhZrmdxJr+3/jhTwAR4Zf8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:47 2023 by rpki-client on console-ams.rpki-client.org