Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/49b48e-c84b-4f99-923f-4586238305f1/1/a17qaNmbyGcNVVAGyYOOpnbOSb0.roa
File: a17qaNmbyGcNVVAGyYOOpnbOSb0.roa (raw, json)
Hash identifier: A6Qy6IvHd5Ow0L0n9Qc+vvpzDC7ZLEZgRZtUW6QJkBY=
Subject key identifier: 6B:5E:EA:68:D9:9B:C8:67:0D:55:50:06:C9:83:8E:A6:76:CE:49:BD
Certificate issuer: /CN=b19e1b7e810d6492abdb807fc8dde8675bd6bf2c
Certificate serial: 01BE0F7E
Authority key identifier: B1:9E:1B:7E:81:0D:64:92:AB:DB:80:7F:C8:DD:E8:67:5B:D6:BF:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZ4bfoENZJKr24B_yN3oZ1vWvyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/49b48e-c84b-4f99-923f-4586238305f1/1/a17qaNmbyGcNVVAGyYOOpnbOSb0.roa
Signing time: Sat 01 Jan 2022 15:56:07 +0000
ROA not before: Sat 01 Jan 2022 15:56:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8339
IP address blocks: 176.120.160.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 29233022 (0x1be0f7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b19e1b7e810d6492abdb807fc8dde8675bd6bf2c
Validity
Not Before: Jan 1 15:56:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b5eea68d99bc8670d555006c9838ea676ce49bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5a:02:d3:87:3a:1e:fb:42:d6:f2:04:c0:48:
af:b0:16:0b:e8:9d:01:ff:49:96:da:7e:1e:a0:50:
8b:67:83:91:c0:de:2b:39:28:e7:d9:60:0d:2d:3d:
24:95:7b:d1:fd:82:73:90:f5:be:e2:f0:3d:b7:47:
cf:c6:a7:ab:b0:fa:aa:b4:3c:65:aa:8a:68:4d:fe:
41:f9:ae:d6:07:b7:83:b0:b4:9e:d3:2d:33:c1:4c:
a9:df:74:81:38:b7:62:aa:32:69:a2:5e:7b:42:37:
70:5d:7e:1f:6a:4e:c9:9d:c8:e1:ce:52:f6:fb:81:
a8:87:33:ca:8a:fa:b3:e9:6b:f9:a8:2e:2a:a3:4b:
c3:2e:7a:93:a6:7c:da:f0:fb:8c:22:7a:cf:67:00:
f3:90:02:01:00:67:69:f2:9b:bc:6c:92:98:74:4f:
e8:78:db:39:0f:33:a6:9d:13:9f:1d:fe:58:52:ea:
29:77:a6:86:d9:81:e6:6b:ec:aa:e0:93:2c:92:3b:
67:0c:fc:0b:8f:48:6d:60:7a:ec:50:bb:eb:64:48:
00:f4:13:fd:52:d2:cf:45:4c:7e:76:c0:8f:61:98:
90:1d:c0:b2:5d:d3:da:38:8a:a6:4b:6e:41:bb:28:
90:36:f9:70:fe:c1:be:39:d6:e3:f6:0b:8c:5d:ac:
c2:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:5E:EA:68:D9:9B:C8:67:0D:55:50:06:C9:83:8E:A6:76:CE:49:BD
X509v3 Authority Key Identifier:
keyid:B1:9E:1B:7E:81:0D:64:92:AB:DB:80:7F:C8:DD:E8:67:5B:D6:BF:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZ4bfoENZJKr24B_yN3oZ1vWvyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49b48e-c84b-4f99-923f-4586238305f1/1/a17qaNmbyGcNVVAGyYOOpnbOSb0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/49b48e-c84b-4f99-923f-4586238305f1/1/sZ4bfoENZJKr24B_yN3oZ1vWvyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.120.160.0/21
Signature Algorithm: sha256WithRSAEncryption
28:28:d5:d3:55:2b:f0:d8:ac:54:61:85:44:8b:4a:fa:2e:f4:
5e:9b:af:11:64:81:8a:bd:8b:24:85:14:8f:6c:aa:09:97:b4:
25:fe:dc:5a:1a:94:4e:47:95:33:1d:b9:e9:7c:a7:11:07:1a:
53:c3:fa:fe:e8:eb:a6:58:b5:19:a9:ff:74:2c:53:bc:0b:0d:
a7:5b:39:3c:9d:0c:fc:b3:54:fe:fe:0d:ee:4c:7e:13:78:d2:
da:c5:9d:6b:8e:68:82:b3:93:02:18:6c:2b:3a:8a:7e:46:62:
75:44:a9:68:0c:2e:ff:0f:5d:12:53:9f:91:54:ec:f9:81:e9:
de:2f:12:e6:64:49:62:0b:4c:ff:01:bf:06:86:d2:04:dd:83:
c8:6e:9d:52:90:87:f7:ca:b3:79:7c:2a:ef:58:ec:27:fa:d8:
25:58:b4:8d:45:11:95:31:a2:2a:0a:2f:aa:ba:73:2d:9d:dc:
0b:19:71:a7:46:09:8c:ab:5e:33:23:47:77:03:76:62:d3:23:
df:b2:1a:64:e0:ac:f8:c3:57:24:93:3c:28:4f:d5:df:4d:c6:
7e:51:22:7d:ff:d1:fa:97:90:34:bc:54:5e:43:0b:35:4c:c4:
af:de:71:14:65:68:fe:66:b1:52:86:c1:d3:65:42:b9:71:53:
8f:0e:51:c6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAb4PfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTllMWI3ZTgxMGQ2NDkyYWJkYjgwN2ZjOGRkZTg2NzViZDZiZjJjMB4XDTIyMDEw
MTE1NTYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI1ZWVhNjhkOTli
Yzg2NzBkNTU1MDA2Yzk4MzhlYTY3NmNlNDliZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9aAtOHOh77QtbyBMBIr7AWC+idAf9Jltp+HqBQi2eDkcDe
Kzko59lgDS09JJV70f2Cc5D1vuLwPbdHz8anq7D6qrQ8ZaqKaE3+Qfmu1ge3g7C0
ntMtM8FMqd90gTi3YqoyaaJee0I3cF1+H2pOyZ3I4c5S9vuBqIczyor6s+lr+agu
KqNLwy56k6Z82vD7jCJ6z2cA85ACAQBnafKbvGySmHRP6HjbOQ8zpp0Tnx3+WFLq
KXemhtmB5mvsquCTLJI7Zwz8C49IbWB67FC762RIAPQT/VLSz0VMfnbAj2GYkB3A
sl3T2jiKpktuQbsokDb5cP7BvjnW4/YLjF2swtUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRrXupo2ZvIZw1VUAbJg46mds5JvTAfBgNVHSMEGDAWgBSxnht+gQ1kkqvb
gH/I3ehnW9a/LDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NaNGJmb0VOWkpLcjI0Ql95TjNvWjF2V3Z5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvNDliNDhlLWM4NGItNGY5OS05MjNmLTQ1ODYyMzgzMDVmMS8x
L2ExN3FhTm1ieUdjTlZWQUd5WU9PcG5iT1NiMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
NDliNDhlLWM4NGItNGY5OS05MjNmLTQ1ODYyMzgzMDVmMS8xL3NaNGJmb0VOWkpL
cjI0Ql95TjNvWjF2V3Z5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA7B4oDANBgkqhkiG9w0BAQsFAAOC
AQEAKCjV01Ur8NisVGGFRItK+i70XpuvEWSBir2LJIUUj2yqCZe0Jf7cWhqUTkeV
Mx256XynEQcaU8P6/ujrpli1Gan/dCxTvAsNp1s5PJ0M/LNU/v4N7kx+E3jS2sWd
a45ogrOTAhhsKzqKfkZidUSpaAwu/w9dElOfkVTs+YHp3i8S5mRJYgtM/wG/BobS
BN2DyG6dUpCH98qzeXwq71jsJ/rYJVi0jUURlTGiKgovqrpzLZ3cCxlxp0YJjKte
MyNHdwN2YtMj37IaZOCs+MNXJJM8KE/V303GflEiff/R+peQNLxUXkMLNUzEr95x
FGVo/maxUobB02VCuXFTjw5Rxg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:54 2024 by rpki-client on console-fra.rpki-client.org