Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/4XIsF9kj6zo1QbILT0PT_2AsxIM.roa
File: 4XIsF9kj6zo1QbILT0PT_2AsxIM.roa (raw, json)
Hash identifier: oD1uJ2GI5aFFm7ISneYF4aV/nyhDB1095CXbUp9H5tw=
Subject key identifier: E1:72:2C:17:D9:23:EB:3A:35:41:B2:0B:4F:43:D3:FF:60:2C:C4:83
Certificate issuer: /CN=a9a815be7547eb870eb5f641d30fe6963741c8e0
Certificate serial: 36DC7522
Authority key identifier: A9:A8:15:BE:75:47:EB:87:0E:B5:F6:41:D3:0F:E6:96:37:41:C8:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qagVvnVH64cOtfZB0w_mljdByOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/4XIsF9kj6zo1QbILT0PT_2AsxIM.roa
Signing time: Sat 01 Jan 2022 05:52:45 +0000
ROA not before: Sat 01 Jan 2022 05:52:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44156
IP address blocks: 79.99.96.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 920417570 (0x36dc7522)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9a815be7547eb870eb5f641d30fe6963741c8e0
Validity
Not Before: Jan 1 05:52:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1722c17d923eb3a3541b20b4f43d3ff602cc483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:4c:e2:f2:05:46:9c:2e:1f:b2:89:c3:7a:6b:
f4:a6:db:c1:f4:6a:80:c3:78:cf:7b:ed:0c:e0:84:
29:2d:cb:4f:44:e1:7b:e1:86:50:cd:53:e2:7b:e8:
1f:89:b6:d0:a6:0e:3e:79:93:14:ee:4e:f0:34:fa:
93:e8:71:b2:71:1c:c0:cc:a1:81:2e:95:89:ee:88:
d3:af:76:a4:16:b0:26:ab:1a:4d:9d:60:58:98:a8:
a2:3b:d6:7c:c2:70:d2:4e:15:5d:66:d8:49:1c:ca:
84:9f:a7:1a:f5:38:c4:69:12:91:c9:79:2f:ac:c7:
c4:de:a1:eb:a2:01:57:d5:91:3a:ce:ea:e9:02:a5:
81:de:f9:6f:29:3e:32:59:1e:67:ad:bd:17:1d:b0:
90:f7:d6:b8:47:ac:ce:35:38:07:b1:df:5f:97:1a:
c5:00:39:13:0a:02:7c:f4:6e:ed:91:9f:3b:40:fb:
e3:c3:e6:b8:9f:51:62:ad:a3:46:16:d0:a7:2e:af:
7b:da:fa:9e:a9:30:89:88:89:51:2e:fe:da:7b:b7:
6c:5c:87:20:64:2f:be:55:e7:2a:2d:68:84:19:f1:
3b:b8:c4:f7:b8:eb:f9:dc:3e:2d:da:5a:9d:94:0f:
1f:6e:a2:1d:1f:4f:89:8c:a0:2e:5a:87:69:cd:94:
2f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:72:2C:17:D9:23:EB:3A:35:41:B2:0B:4F:43:D3:FF:60:2C:C4:83
X509v3 Authority Key Identifier:
keyid:A9:A8:15:BE:75:47:EB:87:0E:B5:F6:41:D3:0F:E6:96:37:41:C8:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qagVvnVH64cOtfZB0w_mljdByOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/4XIsF9kj6zo1QbILT0PT_2AsxIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fe3f3e-e187-4a12-aa9a-243c5f4e2e40/1/qagVvnVH64cOtfZB0w_mljdByOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.96.0/21
Signature Algorithm: sha256WithRSAEncryption
86:2e:c8:75:23:03:fa:a3:73:39:e5:5a:6c:66:c3:3e:9d:ba:
08:a8:3b:3f:79:47:f2:cc:64:af:c6:de:fc:cc:00:ff:68:33:
b6:a8:af:e5:55:56:ca:fc:9e:fc:9e:88:db:d2:2d:b3:86:59:
e7:75:ac:63:3d:d6:19:4a:73:02:c0:8a:98:b8:4f:80:2e:e0:
c5:e0:54:09:bc:c4:bf:ac:ca:e1:fd:e5:94:88:b5:78:09:c5:
56:e4:25:e6:b1:bf:5f:d6:45:f5:8c:63:51:a9:46:14:af:2a:
1b:f9:8c:39:db:c6:f3:da:bb:dd:fa:b2:e6:77:8b:43:b0:2a:
97:f8:54:95:92:11:5d:5b:41:dc:cb:1b:af:56:5b:84:94:0f:
c9:18:c0:6a:2e:6c:95:53:2b:7a:05:ec:08:8e:50:85:b0:27:
ad:57:d1:ce:5d:37:9f:b4:4e:83:68:91:1c:b2:7f:20:54:db:
05:97:a1:18:f8:4f:e7:a2:65:83:f9:66:91:78:fb:64:f9:ac:
55:a8:15:e1:8a:3e:16:b0:14:90:90:ae:7c:2f:ea:e6:79:8d:
eb:63:68:fa:19:1c:97:0a:f7:56:11:cb:82:28:38:0c:6e:45:
15:87:87:c0:c3:2e:b2:f4:93:4e:12:f9:dd:f7:7f:53:2c:2f:
0b:fc:28:57
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENtx1IjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OWE4MTViZTc1NDdlYjg3MGViNWY2NDFkMzBmZTY5NjM3NDFjOGUwMB4XDTIyMDEw
MTA1NTI0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTE3MjJjMTdkOTIz
ZWIzYTM1NDFiMjBiNGY0M2QzZmY2MDJjYzQ4MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJFM4vIFRpwuH7KJw3pr9KbbwfRqgMN4z3vtDOCEKS3LT0Th
e+GGUM1T4nvoH4m20KYOPnmTFO5O8DT6k+hxsnEcwMyhgS6Vie6I0692pBawJqsa
TZ1gWJioojvWfMJw0k4VXWbYSRzKhJ+nGvU4xGkSkcl5L6zHxN6h66IBV9WROs7q
6QKlgd75byk+MlkeZ629Fx2wkPfWuEeszjU4B7HfX5caxQA5EwoCfPRu7ZGfO0D7
48PmuJ9RYq2jRhbQpy6ve9r6nqkwiYiJUS7+2nu3bFyHIGQvvlXnKi1ohBnxO7jE
97jr+dw+LdpanZQPH26iHR9PiYygLlqHac2UL8kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBThciwX2SPrOjVBsgtPQ9P/YCzEgzAfBgNVHSMEGDAWgBSpqBW+dUfrhw61
9kHTD+aWN0HI4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FhZ1Z2blZINjRjT3RmWkIwd19tbGpkQnlPQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvZmUzZjNlLWUxODctNGExMi1hYTlhLTI0M2M1ZjRlMmU0MC8x
LzRYSXNGOWtqNnpvMVFiSUxUMFBUXzJBc3hJTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
ZmUzZjNlLWUxODctNGExMi1hYTlhLTI0M2M1ZjRlMmU0MC8xL3FhZ1Z2blZINjRj
T3RmWkIwd19tbGpkQnlPQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA09jYDANBgkqhkiG9w0BAQsFAAOC
AQEAhi7IdSMD+qNzOeVabGbDPp26CKg7P3lH8sxkr8be/MwA/2gztqiv5VVWyvye
/J6I29Its4ZZ53WsYz3WGUpzAsCKmLhPgC7gxeBUCbzEv6zK4f3llIi1eAnFVuQl
5rG/X9ZF9YxjUalGFK8qG/mMOdvG89q73fqy5neLQ7Aql/hUlZIRXVtB3Msbr1Zb
hJQPyRjAai5slVMregXsCI5QhbAnrVfRzl03n7ROg2iRHLJ/IFTbBZehGPhP56Jl
g/lmkXj7ZPmsVagV4Yo+FrAUkJCufC/q5nmN62No+hkclwr3VhHLgig4DG5FFYeH
wMMusvSTThL53fd/UywvC/woVw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:45 2024 by rpki-client on console-ams.rpki-client.org