Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/br2pczbMZnFK8ekbNAuKSdn7bfc.roa
File: br2pczbMZnFK8ekbNAuKSdn7bfc.roa (raw, json)
Hash identifier: G3ZVG3xCVOuaOq8Fw41nBgsbhAImY8U9akGAeMunX4M=
Subject key identifier: 6E:BD:A9:73:36:CC:66:71:4A:F1:E9:1B:34:0B:8A:49:D9:FB:6D:F7
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 0183A85DF4290B60508D5427009AA12C2DC4
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/br2pczbMZnFK8ekbNAuKSdn7bfc.roa
Signing time: Wed 05 Oct 2022 13:37:53 +0000
ROA not before: Wed 05 Oct 2022 13:37:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202306
IP address blocks: 109.237.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a8:5d:f4:29:0b:60:50:8d:54:27:00:9a:a1:2c:2d:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Oct 5 13:37:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6ebda97336cc66714af1e91b340b8a49d9fb6df7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:35:48:91:a9:d4:2c:ec:6a:e0:61:d3:a7:17:
89:19:e0:b3:6d:a7:3c:25:1e:0e:60:11:cc:a7:7b:
03:eb:a7:24:79:03:aa:cf:67:d4:d1:08:2b:f3:96:
c3:86:47:a1:95:0f:37:c8:66:39:62:ae:1d:32:74:
88:15:b5:a9:41:42:14:d0:a4:92:31:9e:2b:ea:79:
36:7d:15:c9:75:dc:11:83:aa:ca:09:be:a1:d4:aa:
51:64:70:0f:fb:9b:4c:6f:0d:34:f4:5a:d6:16:a6:
d2:32:7f:7e:af:16:57:89:d6:a0:b0:5f:28:a0:fd:
ce:ce:87:37:2e:a3:5b:a1:91:5b:89:af:27:52:65:
cd:cd:26:bb:2f:05:19:4d:b6:39:77:27:0f:76:e8:
57:9e:5e:99:5b:76:a4:0a:ab:94:8e:ce:3c:9a:60:
60:44:cd:d4:9e:3e:3b:06:1c:95:2b:be:75:66:98:
dc:bc:56:9c:34:4f:7e:0d:47:db:68:b8:8a:57:89:
62:f3:1d:3b:6f:46:3d:fa:2d:b2:c3:30:d8:40:f8:
75:a7:1f:03:19:82:f0:b5:a0:e5:75:ba:02:b9:2c:
33:b1:0c:7d:60:65:4e:9e:ca:86:31:95:30:51:54:
82:30:c6:60:a9:c2:a2:2e:0c:d2:65:a6:69:98:94:
86:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BD:A9:73:36:CC:66:71:4A:F1:E9:1B:34:0B:8A:49:D9:FB:6D:F7
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/br2pczbMZnFK8ekbNAuKSdn7bfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.96.0/22
Signature Algorithm: sha256WithRSAEncryption
69:ee:28:8c:c6:3b:ef:6d:08:10:c0:5e:53:0b:ed:2a:58:09:
00:a8:4a:df:7a:9d:b2:d0:3a:36:a8:7d:38:59:67:df:6c:2b:
28:b7:98:84:60:69:b2:a4:86:ce:9e:82:90:64:60:49:74:39:
ea:a4:39:b0:49:aa:7b:f9:e7:2e:44:42:c7:cb:bb:e5:45:dc:
3d:f3:ec:5f:16:8b:59:96:a0:11:95:3f:ee:b8:d1:21:b1:58:
59:53:d8:cd:e9:53:fd:5d:46:66:59:a0:57:05:ea:2e:b6:84:
97:84:c3:d7:fd:56:2b:d4:65:be:9c:0f:2d:bc:5e:6c:43:35:
91:22:80:08:05:0a:a9:ac:6c:6b:e0:36:11:cf:52:96:62:08:
17:7e:61:74:6e:8c:dc:3a:0f:f4:c1:2f:db:0e:7c:4a:90:47:
c7:f8:69:ba:7f:83:e4:6b:24:ee:92:b6:e9:37:2c:29:9b:3d:
f4:40:4b:66:be:e7:65:38:39:c1:f5:71:89:17:24:5e:db:27:
f5:6b:0e:bf:e1:30:2b:b8:37:bc:0c:ff:7d:37:fb:03:78:f8:
3c:0d:8d:42:b6:62:f5:7c:f2:cd:b3:07:18:63:3d:25:29:0a:
2f:5c:43:69:20:78:57:07:ef:31:84:45:a6:6b:e1:89:c5:5d:
b2:02:5f:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOoXfQpC2BQjVQnAJqhLC3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjIxMDA1MTMzNzUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWJkYTk3MzM2Y2M2NjcxNGFmMWU5MWIzNDBiOGE0OWQ5ZmI2ZGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjVIkanULOxq4GHTpxeJGeCzbac8
JR4OYBHMp3sD66ckeQOqz2fU0Qgr85bDhkehlQ83yGY5Yq4dMnSIFbWpQUIU0KSS
MZ4r6nk2fRXJddwRg6rKCb6h1KpRZHAP+5tMbw009FrWFqbSMn9+rxZXidagsF8o
oP3Ozoc3LqNboZFbia8nUmXNzSa7LwUZTbY5dycPduhXnl6ZW3akCquUjs48mmBg
RM3Unj47BhyVK751ZpjcvFacNE9+DUfbaLiKV4li8x07b0Y9+i2ywzDYQPh1px8D
GYLwtaDldboCuSwzsQx9YGVOnsqGMZUwUVSCMMZgqcKiLgzSZaZpmJSGTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG69qXM2zGZxSvHpGzQLiknZ+233MB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvYnIycGN6Yk1abkZLOGVrYk5BdUtTZG43YmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbe1gMA0G
CSqGSIb3DQEBCwUAA4IBAQBp7iiMxjvvbQgQwF5TC+0qWAkAqErfep2y0Do2qH04
WWffbCsot5iEYGmypIbOnoKQZGBJdDnqpDmwSap7+ecuRELHy7vlRdw98+xfFotZ
lqARlT/uuNEhsVhZU9jN6VP9XUZmWaBXBeoutoSXhMPX/VYr1GW+nA8tvF5sQzWR
IoAIBQqprGxr4DYRz1KWYggXfmF0bozcOg/0wS/bDnxKkEfH+Gm6f4PkayTukrbp
Nywpmz30QEtmvudlODnB9XGJFyRe2yf1aw6/4TAruDe8DP99N/sDePg8DY1CtmL1
fPLNswcYYz0lKQovXENpIHhXB+8xhEWma+GJxV2yAl/Y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:11 2024 by rpki-client on console-fra.rpki-client.org