Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/hrnoQMM7gdoecz4mBrF8DW572Yw.roa
File: hrnoQMM7gdoecz4mBrF8DW572Yw.roa (raw, json)
Hash identifier: T1layarIpzVhCsXkheHszPKTs6alHYLAuFSeh6v/EyY=
Subject key identifier: 86:B9:E8:40:C3:3B:81:DA:1E:73:3E:26:06:B1:7C:0D:6E:7B:D9:8C
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 0A050A88
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/hrnoQMM7gdoecz4mBrF8DW572Yw.roa
Signing time: Sat 01 Jan 2022 13:55:08 +0000
ROA not before: Sat 01 Jan 2022 13:55:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28781
IP address blocks: 213.161.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168102536 (0xa050a88)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Jan 1 13:55:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86b9e840c33b81da1e733e2606b17c0d6e7bd98c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9c:0e:ed:dd:0d:e7:a2:e1:ed:0b:62:2b:e4:
d5:a7:48:d6:34:d6:d9:b5:08:47:ad:ad:27:38:6f:
a7:81:7b:59:0d:3f:2b:76:76:b5:ab:cc:2d:53:c2:
da:6c:1b:e0:9c:46:55:1b:f4:99:7c:7b:d1:9a:dd:
6d:9b:14:70:41:0e:50:a8:1c:f2:93:ef:0e:ee:d7:
74:84:f1:1f:d5:b8:f3:6a:a0:d1:81:85:45:46:57:
60:6e:e6:2a:d6:e4:fe:d1:1e:8f:61:a2:72:72:ae:
34:5b:ba:95:ad:1a:1e:70:36:d3:41:9f:0c:ac:b7:
81:6c:24:12:4e:f1:c7:79:e2:40:ed:93:7e:22:20:
dd:62:71:fd:49:ce:59:ad:58:c1:c3:98:e3:d6:15:
46:87:2f:6a:c7:df:2e:63:3a:c6:1e:12:6e:5d:8f:
86:a1:a6:c1:30:bb:f7:ad:92:f3:65:62:d7:6c:e2:
7d:fe:8c:c0:a0:d1:a6:e3:a1:2b:a9:a1:42:3a:d7:
9c:0e:5a:a5:f8:d7:d4:2d:9e:a4:75:07:34:7e:65:
82:a5:f0:9c:52:40:0c:3c:22:bd:c3:a2:3d:04:e9:
f4:c9:99:d3:25:9f:38:0b:11:18:bc:39:3d:68:6f:
72:07:13:d1:6e:ad:e3:ca:b8:b1:e2:5f:0a:91:26:
cb:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:B9:E8:40:C3:3B:81:DA:1E:73:3E:26:06:B1:7C:0D:6E:7B:D9:8C
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/hrnoQMM7gdoecz4mBrF8DW572Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.161.131.0/24
Signature Algorithm: sha256WithRSAEncryption
17:ae:03:dc:9c:86:ee:80:68:11:d4:57:ed:65:42:78:c9:2b:
cd:c2:62:ab:8a:e9:f0:ad:a0:c1:f3:e1:67:dc:a8:a6:68:5a:
a4:3f:4c:18:f0:87:23:12:15:cf:6f:68:9a:9c:2a:96:d3:16:
3e:94:bf:a1:1b:63:e8:6f:c8:7e:66:ad:05:dd:c8:c8:cc:1c:
82:0b:2a:9b:c0:b7:83:88:1c:87:98:93:55:9d:ff:fb:d4:69:
8e:f4:84:f0:b3:64:29:06:c3:7a:4b:6e:33:e7:d7:a0:8c:fb:
9f:cd:d8:22:99:fe:16:7a:8b:29:40:9c:21:33:06:68:96:c4:
55:b9:9a:9d:bf:ef:94:2d:4e:ea:5a:8c:97:5e:28:b3:06:cb:
68:76:6f:60:55:2e:7a:1b:03:c5:88:e9:c6:a2:53:90:05:7b:
e0:bd:76:f4:50:c3:6c:03:c1:11:59:c5:22:96:f9:3b:22:3b:
5d:28:89:19:ce:3b:c7:d1:9f:c7:63:b4:97:c0:59:ec:28:27:
d1:33:4d:30:5e:a7:4e:15:73:57:13:67:0f:fc:fd:ca:2f:e3:
a0:fb:42:79:50:7e:d6:84:dd:33:23:4e:a0:80:89:95:c9:b7:
4b:4d:2c:a6:df:d4:3a:6a:28:71:5a:f9:e3:0f:d6:78:22:39:
10:e3:3a:c7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECgUKiDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTE5ZjJhZDkxNTg0YmFmZjA0Njc0NDdiYWM4ZmI5NzhkMWY5ZGQzMB4XDTIyMDEw
MTEzNTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZiOWU4NDBjMzNi
ODFkYTFlNzMzZTI2MDZiMTdjMGQ2ZTdiZDk4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2cDu3dDeei4e0LYivk1adI1jTW2bUIR62tJzhvp4F7WQ0/
K3Z2tavMLVPC2mwb4JxGVRv0mXx70ZrdbZsUcEEOUKgc8pPvDu7XdITxH9W482qg
0YGFRUZXYG7mKtbk/tEej2GicnKuNFu6la0aHnA200GfDKy3gWwkEk7xx3niQO2T
fiIg3WJx/UnOWa1YwcOY49YVRocvasffLmM6xh4Sbl2PhqGmwTC7962S82Vi12zi
ff6MwKDRpuOhK6mhQjrXnA5apfjX1C2epHUHNH5lgqXwnFJADDwivcOiPQTp9MmZ
0yWfOAsRGLw5PWhvcgcT0W6t48q4seJfCpEmyy8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSGuehAwzuB2h5zPiYGsXwNbnvZjDAfBgNVHSMEGDAWgBQ5GfKtkVhLr/BG
dEe6yPuXjR+d0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09SbnlyWkZZUzZfd1JuUkh1c2o3bDQwZm5kTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvOTExOGUyLWFlNzQtNGMyNC1hNzc1LTMyYWE2NzMxYzI5MS8x
L2hybm9RTU03Z2RvZWN6NG1CckY4RFc1NzJZdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
OTExOGUyLWFlNzQtNGMyNC1hNzc1LTMyYWE2NzMxYzI5MS8xL09SbnlyWkZZUzZf
d1JuUkh1c2o3bDQwZm5kTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANWhgzANBgkqhkiG9w0BAQsFAAOC
AQEAF64D3JyG7oBoEdRX7WVCeMkrzcJiq4rp8K2gwfPhZ9yopmhapD9MGPCHIxIV
z29ompwqltMWPpS/oRtj6G/IfmatBd3IyMwcggsqm8C3g4gch5iTVZ3/+9RpjvSE
8LNkKQbDektuM+fXoIz7n83YIpn+FnqLKUCcITMGaJbEVbmanb/vlC1O6lqMl14o
swbLaHZvYFUuehsDxYjpxqJTkAV74L129FDDbAPBEVnFIpb5OyI7XSiJGc47x9Gf
x2O0l8BZ7Cgn0TNNMF6nThVzVxNnD/z9yi/joPtCeVB+1oTdMyNOoICJlcm3S00s
pt/UOmoocVr54w/WeCI5EOM6xw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:16 2024 by rpki-client on console-ams.rpki-client.org