Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/Pxz4rB320gc-Fy_09BjOjZ6wJHE.roa
File: Pxz4rB320gc-Fy_09BjOjZ6wJHE.roa (raw, json)
Hash identifier: M/+he+88GhT0Z2nb+OE1RaXq1cofhIiIOBlyDVQwYrE=
Subject key identifier: 3F:1C:F8:AC:1D:F6:D2:07:3E:17:2F:F4:F4:18:CE:8D:9E:B0:24:71
Certificate issuer: /CN=cab8b8da9ccd4d261b72ada034a0875665a64487
Certificate serial: 05711293
Authority key identifier: CA:B8:B8:DA:9C:CD:4D:26:1B:72:AD:A0:34:A0:87:56:65:A6:44:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yri42pzNTSYbcq2gNKCHVmWmRIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/Pxz4rB320gc-Fy_09BjOjZ6wJHE.roa
Signing time: Sat 01 Jan 2022 15:01:00 +0000
ROA not before: Sat 01 Jan 2022 15:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209492
IP address blocks: 171.22.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91296403 (0x5711293)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cab8b8da9ccd4d261b72ada034a0875665a64487
Validity
Not Before: Jan 1 15:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3f1cf8ac1df6d2073e172ff4f418ce8d9eb02471
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:05:98:25:06:68:61:45:72:2f:01:82:f5:10:
45:7c:a8:ce:d8:7a:c1:e4:a0:a4:07:6a:58:5c:0c:
53:62:e1:57:bb:f8:58:21:74:ef:62:10:ea:b6:67:
ff:32:e2:36:52:1b:74:ef:8d:2f:45:82:31:50:42:
00:6e:d4:77:87:6b:52:30:37:e5:02:97:52:38:50:
d4:ce:50:97:35:0a:e2:12:6d:bb:2d:4a:41:41:54:
67:c5:99:f5:31:cf:93:61:02:4c:3f:8c:b0:60:f1:
b1:a6:d3:e6:4d:7f:9a:8a:73:46:71:b9:d4:c1:64:
dc:aa:9a:00:a6:ba:8f:dd:da:69:82:40:4e:5c:e8:
8a:00:ab:7d:ee:88:f9:18:88:d3:a0:d3:14:d6:0d:
7f:62:8d:fa:48:3f:2d:2a:e8:f0:7b:7a:ac:e8:e7:
f0:79:41:f1:f4:fb:9d:c3:2a:ba:b9:9c:e5:e3:6c:
c1:42:3c:e6:71:b7:21:fc:e9:6b:4e:5a:e8:a0:ae:
eb:5c:e7:29:9c:fb:45:fa:aa:28:78:e0:a9:e3:fc:
f4:c0:4c:a6:f7:0c:50:17:8e:c7:17:11:21:8e:c2:
71:68:6a:ab:75:ea:03:f6:ab:22:ea:e3:3e:51:b5:
9e:8e:4b:74:24:33:34:3e:0d:5f:cf:53:e9:37:f2:
40:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:1C:F8:AC:1D:F6:D2:07:3E:17:2F:F4:F4:18:CE:8D:9E:B0:24:71
X509v3 Authority Key Identifier:
keyid:CA:B8:B8:DA:9C:CD:4D:26:1B:72:AD:A0:34:A0:87:56:65:A6:44:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yri42pzNTSYbcq2gNKCHVmWmRIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/Pxz4rB320gc-Fy_09BjOjZ6wJHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/db41c9-e8a0-4f90-a0d5-887509c4602a/1/yri42pzNTSYbcq2gNKCHVmWmRIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.84.0/22
Signature Algorithm: sha256WithRSAEncryption
59:9e:6b:f4:6e:ca:30:fe:99:12:0b:60:b3:cb:9a:40:e3:f7:
14:0d:81:56:88:44:b7:38:6a:7e:21:60:bc:ad:37:30:43:f4:
cc:45:e6:49:11:97:b7:68:93:7e:50:64:0e:35:f0:38:b2:5a:
2b:e8:44:fb:04:7f:82:93:ae:3f:0a:8c:fc:22:79:0c:79:6b:
b3:55:04:41:3f:cf:0b:74:53:44:bd:4d:12:fc:f5:6a:99:f4:
6a:e8:be:b1:34:55:99:11:c2:9f:1c:12:35:52:f3:0e:32:cb:
de:47:30:5c:20:ae:69:54:e1:de:58:86:c2:f0:15:c3:8f:b6:
e5:d1:e5:fc:be:7c:68:af:73:09:fe:1e:e4:28:4f:9e:50:85:
72:c7:17:fc:7d:96:3d:7e:41:38:ff:b3:d7:fc:77:65:e9:34:
c5:d3:7f:d8:d3:08:06:e0:7b:56:20:c0:18:2b:23:53:d9:44:
db:1d:b2:bf:00:ec:c7:52:88:51:5a:a5:a0:50:db:df:45:e9:
4c:5f:9b:16:f6:df:92:c7:b5:39:72:ca:8c:e2:c7:df:73:8b:
5c:85:f2:59:d1:d2:f3:b4:e9:86:75:23:82:1b:16:9b:3a:22:
66:2b:ad:42:a1:37:68:00:ef:3e:a2:b5:03:d9:f8:35:76:0d:
d5:a0:8c:1e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBXESkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YWI4YjhkYTljY2Q0ZDI2MWI3MmFkYTAzNGEwODc1NjY1YTY0NDg3MB4XDTIyMDEw
MTE1MDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2YxY2Y4YWMxZGY2
ZDIwNzNlMTcyZmY0ZjQxOGNlOGQ5ZWIwMjQ3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcFmCUGaGFFci8BgvUQRXyozth6weSgpAdqWFwMU2LhV7v4
WCF072IQ6rZn/zLiNlIbdO+NL0WCMVBCAG7Ud4drUjA35QKXUjhQ1M5QlzUK4hJt
uy1KQUFUZ8WZ9THPk2ECTD+MsGDxsabT5k1/mopzRnG51MFk3KqaAKa6j93aaYJA
TlzoigCrfe6I+RiI06DTFNYNf2KN+kg/LSro8Ht6rOjn8HlB8fT7ncMqurmc5eNs
wUI85nG3Ifzpa05a6KCu61znKZz7RfqqKHjgqeP89MBMpvcMUBeOxxcRIY7CcWhq
q3XqA/arIurjPlG1no5LdCQzND4NX89T6TfyQFsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQ/HPisHfbSBz4XL/T0GM6NnrAkcTAfBgNVHSMEGDAWgBTKuLjanM1NJhty
raA0oIdWZaZEhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lyaTQycHpOVFNZYmNxMmdOS0NIVm1XbVJJYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvZGI0MWM5LWU4YTAtNGY5MC1hMGQ1LTg4NzUwOWM0NjAyYS8x
L1B4ejRyQjMyMGdjLUZ5XzA5QmpPalo2d0pIRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
ZGI0MWM5LWU4YTAtNGY5MC1hMGQ1LTg4NzUwOWM0NjAyYS8xL3lyaTQycHpOVFNZ
YmNxMmdOS0NIVm1XbVJJYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqsWVDANBgkqhkiG9w0BAQsFAAOC
AQEAWZ5r9G7KMP6ZEgtgs8uaQOP3FA2BVohEtzhqfiFgvK03MEP0zEXmSRGXt2iT
flBkDjXwOLJaK+hE+wR/gpOuPwqM/CJ5DHlrs1UEQT/PC3RTRL1NEvz1apn0aui+
sTRVmRHCnxwSNVLzDjLL3kcwXCCuaVTh3liGwvAVw4+25dHl/L58aK9zCf4e5ChP
nlCFcscX/H2WPX5BOP+z1/x3Zek0xdN/2NMIBuB7ViDAGCsjU9lE2x2yvwDsx1KI
UVqloFDb30XpTF+bFvbfkse1OXLKjOLH33OLXIXyWdHS87TphnUjghsWmzoiZiut
QqE3aADvPqK1A9n4NXYN1aCMHg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:51 2025 by rpki-client