Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/xp9jFHHRP4H6uDI2uzgnVGNHOzA.roa
File: xp9jFHHRP4H6uDI2uzgnVGNHOzA.roa (raw, json)
Hash identifier: 9Rl3CRNnzM2xyt23YVBuz4VNz0YkPdUes8mkD5mjuxU=
Subject key identifier: C6:9F:63:14:71:D1:3F:81:FA:B8:32:36:BB:38:27:54:63:47:3B:30
Certificate issuer: /CN=83d829263b3c5f63968037f9e863fd0fd01e7869
Certificate serial: 0184ECAD06A18D6BD2DC8F60C8C279B93B81
Authority key identifier: 83:D8:29:26:3B:3C:5F:63:96:80:37:F9:E8:63:FD:0F:D0:1E:78:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/xp9jFHHRP4H6uDI2uzgnVGNHOzA.roa
Signing time: Wed 07 Dec 2022 13:01:13 +0000
ROA not before: Wed 07 Dec 2022 13:01:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13274
IP address blocks: 195.42.249.0/24 maxlen: 24
185.210.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:ad:06:a1:8d:6b:d2:dc:8f:60:c8:c2:79:b9:3b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83d829263b3c5f63968037f9e863fd0fd01e7869
Validity
Not Before: Dec 7 13:01:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c69f631471d13f81fab83236bb38275463473b30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a6:b5:86:18:0b:6f:17:c8:97:59:2e:c2:75:
cf:31:e3:87:f0:e9:8b:1e:7b:e1:d4:2f:dd:9e:71:
c9:61:63:97:1e:b5:86:e0:b7:23:2a:b3:27:24:b2:
8f:ba:84:46:d0:7d:11:97:6b:07:f7:67:a2:4c:37:
33:c7:8d:df:0a:49:21:8a:89:23:20:9e:97:97:a5:
18:bf:c2:c2:66:51:6f:37:92:3a:0d:bf:77:24:6e:
59:00:9b:d1:d7:da:47:fa:5a:02:06:92:51:7a:6c:
65:a9:e9:ea:6e:73:38:be:92:0b:31:5a:f2:25:cb:
a2:48:cb:e0:08:45:d1:74:ee:ff:a1:6c:78:15:7f:
2a:26:f9:50:97:ce:d2:bb:b4:96:3e:7d:b1:6e:5f:
38:50:6f:c2:3a:fa:00:c3:a7:5d:e5:ac:4a:4e:23:
45:2f:e3:bd:39:7e:3a:1c:67:a2:d6:80:a9:93:38:
01:dc:31:36:be:b3:ae:60:a4:78:7e:01:33:35:c8:
53:c5:8d:10:4e:b4:0e:52:39:f3:de:1b:48:ea:fd:
12:fb:55:90:f1:24:d8:aa:2f:a3:de:17:7f:45:cd:
5b:30:2e:2a:9f:90:80:f4:d9:38:0d:35:83:7e:d7:
2a:bc:7f:29:7f:ae:eb:0b:02:5a:2d:8b:4c:7b:78:
62:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9F:63:14:71:D1:3F:81:FA:B8:32:36:BB:38:27:54:63:47:3B:30
X509v3 Authority Key Identifier:
keyid:83:D8:29:26:3B:3C:5F:63:96:80:37:F9:E8:63:FD:0F:D0:1E:78:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g9gpJjs8X2OWgDf56GP9D9AeeGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/xp9jFHHRP4H6uDI2uzgnVGNHOzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a36a22-4955-4090-97d6-3c34a8c28ca1/1/g9gpJjs8X2OWgDf56GP9D9AeeGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.158.0/24
195.42.249.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:07:64:10:44:e9:80:94:2b:8c:4a:f3:44:ed:88:36:34:00:
4b:7f:14:ba:81:ac:f3:2e:12:eb:d7:5f:96:ce:7e:6c:b2:fb:
d1:ba:aa:d4:9c:9e:67:35:47:c8:88:54:72:9c:7e:f5:d2:81:
c8:1e:25:48:78:b3:f5:7c:c7:32:f6:b9:1f:6e:e4:6b:f0:15:
c2:d6:79:21:93:11:64:ac:e5:b5:fb:ba:e6:ba:e9:94:55:6a:
eb:78:0e:de:a0:d5:4d:63:d6:86:11:7a:32:cb:81:a9:b1:b9:
e5:de:56:35:d3:cc:80:07:61:8c:3c:ff:89:03:46:ba:be:f3:
c2:ee:12:be:37:8d:ad:6a:18:28:7b:76:bd:ec:a3:a1:63:f0:
c5:f8:0c:4c:2e:58:42:6c:df:fe:02:18:34:50:88:18:b6:71:
7b:eb:f5:2c:2c:76:6d:49:0c:eb:02:01:d8:7c:21:fa:8b:e1:
96:1c:2f:c7:43:b5:8d:a2:3c:ed:4b:77:8e:e6:cb:18:8d:99:
68:56:4e:f7:b4:1a:e4:e4:5b:f8:8b:dc:17:c3:19:2c:05:60:
dd:c8:cb:6d:34:c8:be:5f:7d:54:0f:10:3e:b3:63:7c:95:a2:
86:82:f1:83:a3:8c:02:7d:1e:56:97:d4:c4:a8:32:37:93:bd:
39:94:42:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTsrQahjWvS3I9gyMJ5uTuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZDgyOTI2M2IzYzVmNjM5NjgwMzdmOWU4NjNmZDBmZDAx
ZTc4NjkwHhcNMjIxMjA3MTMwMTEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjlmNjMxNDcxZDEzZjgxZmFiODMyMzZiYjM4Mjc1NDYzNDczYjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6a1hhgLbxfIl1kuwnXPMeOH8OmL
Hnvh1C/dnnHJYWOXHrWG4LcjKrMnJLKPuoRG0H0Rl2sH92eiTDczx43fCkkhiokj
IJ6Xl6UYv8LCZlFvN5I6Db93JG5ZAJvR19pH+loCBpJRemxlqenqbnM4vpILMVry
JcuiSMvgCEXRdO7/oWx4FX8qJvlQl87Su7SWPn2xbl84UG/COvoAw6dd5axKTiNF
L+O9OX46HGei1oCpkzgB3DE2vrOuYKR4fgEzNchTxY0QTrQOUjnz3htI6v0S+1WQ
8STYqi+j3hd/Rc1bMC4qn5CA9Nk4DTWDftcqvH8pf67rCwJaLYtMe3hiVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMafYxRx0T+B+rgyNrs4J1RjRzswMB8GA1UdIwQY
MBaAFIPYKSY7PF9jloA3+ehj/Q/QHnhpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzlncEpqczhYMk9XZ0RmNTZHUDlEOUFlZUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hMzZhMjItNDk1NS00MDkwLTk3ZDYt
M2MzNGE4YzI4Y2ExLzEveHA5akZISFJQNEg2dURJMnV6Z25WR05IT3pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hMzZhMjItNDk1NS00MDkwLTk3ZDYtM2MzNGE4YzI4Y2Ex
LzEvZzlncEpqczhYMk9XZ0RmNTZHUDlEOUFlZUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAudKeAwQA
wyr5MA0GCSqGSIb3DQEBCwUAA4IBAQAsB2QQROmAlCuMSvNE7Yg2NABLfxS6gazz
LhLr11+Wzn5ssvvRuqrUnJ5nNUfIiFRynH710oHIHiVIeLP1fMcy9rkfbuRr8BXC
1nkhkxFkrOW1+7rmuumUVWrreA7eoNVNY9aGEXoyy4Gpsbnl3lY108yAB2GMPP+J
A0a6vvPC7hK+N42tahgoe3a97KOhY/DF+AxMLlhCbN/+Ahg0UIgYtnF76/UsLHZt
SQzrAgHYfCH6i+GWHC/HQ7WNojztS3eO5ssYjZloVk73tBrk5Fv4i9wXwxksBWDd
yMttNMi+X31UDxA+s2N8laKGgvGDo4wCfR5Wl9TEqDI3k705lEJ1
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:25:34 2024 by rpki-client on console-ams.rpki-client.org