Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/q9dcC_Za0tOY6A-U94XRHnDcH5A.roa
File: q9dcC_Za0tOY6A-U94XRHnDcH5A.roa (raw, json)
Hash identifier: 9IrZd/B6krHANjpLcYcsrPZSJV9TJQbgy2Z+BiJwYTc=
Subject key identifier: AB:D7:5C:0B:F6:5A:D2:D3:98:E8:0F:94:F7:85:D1:1E:70:DC:1F:90
Certificate issuer: /CN=04747b565844e3e2fc712fab5be85924aac58643
Certificate serial: 0A18B6E4
Authority key identifier: 04:74:7B:56:58:44:E3:E2:FC:71:2F:AB:5B:E8:59:24:AA:C5:86:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHR7VlhE4-L8cS-rW-hZJKrFhkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/q9dcC_Za0tOY6A-U94XRHnDcH5A.roa
Signing time: Sat 01 Jan 2022 12:03:37 +0000
ROA not before: Sat 01 Jan 2022 12:03:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50392
IP address blocks: 176.121.13.0/24 maxlen: 24
176.121.15.0/24 maxlen: 24
193.106.144.0/22 maxlen: 24
91.237.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169391844 (0xa18b6e4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04747b565844e3e2fc712fab5be85924aac58643
Validity
Not Before: Jan 1 12:03:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=abd75c0bf65ad2d398e80f94f785d11e70dc1f90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:1e:88:05:8d:dd:03:a2:99:38:90:03:8e:da:
72:16:eb:99:b7:82:ee:63:83:83:53:01:f3:79:47:
a0:3d:51:41:4b:53:b3:b0:cc:da:35:7f:02:3c:79:
48:c2:cc:44:e3:73:e8:a2:08:d5:4a:d0:d0:ae:a8:
aa:1f:38:7a:29:c8:9f:9a:72:8c:8f:e4:91:4e:cf:
ab:36:e5:ce:44:07:a9:c6:48:9d:5b:96:d0:ca:28:
ec:5f:d1:2f:15:52:5b:d7:fc:15:e2:85:c6:34:5b:
29:84:25:e8:2f:77:6f:6b:86:e7:68:1e:29:ca:db:
be:0f:7e:c8:a4:3f:3d:a5:f6:41:f5:32:b6:fc:d8:
89:73:6a:1a:b0:8a:83:0b:2c:25:aa:79:67:b0:12:
fe:84:7e:33:aa:c1:04:90:3f:13:7b:af:8f:a0:f0:
76:b6:62:30:47:9f:05:dc:82:3b:ba:a9:0e:39:1e:
a6:f0:df:0a:c5:58:ee:75:22:5a:a6:71:78:a3:a7:
19:de:56:c8:b7:e5:2b:ea:0f:2b:e9:b5:99:d0:c3:
9f:f7:18:e1:17:26:93:6a:83:c5:85:7d:49:a7:1b:
ea:e9:83:5b:1a:c2:f5:9f:91:87:fd:f5:97:7c:43:
e2:e1:60:02:5f:07:91:7c:5f:1f:5a:a7:b8:32:cf:
1a:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D7:5C:0B:F6:5A:D2:D3:98:E8:0F:94:F7:85:D1:1E:70:DC:1F:90
X509v3 Authority Key Identifier:
keyid:04:74:7B:56:58:44:E3:E2:FC:71:2F:AB:5B:E8:59:24:AA:C5:86:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHR7VlhE4-L8cS-rW-hZJKrFhkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/q9dcC_Za0tOY6A-U94XRHnDcH5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/64800b-54cc-40f2-a7ed-97b2157cbad1/1/BHR7VlhE4-L8cS-rW-hZJKrFhkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.244.0/22
176.121.13.0/24
176.121.15.0/24
193.106.144.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:38:c6:ba:9b:f8:93:7b:af:28:48:ef:06:61:c7:65:e9:5c:
4c:73:08:a8:28:7a:24:8b:16:ce:12:f9:79:c8:d9:0c:96:62:
11:6f:11:10:5a:b6:9b:a3:fa:21:34:63:7e:bf:5e:58:09:a9:
98:9e:78:95:e9:f1:ce:16:59:2c:61:9e:42:5d:9e:47:16:9b:
ed:97:8d:c3:3b:46:35:c1:3f:23:cf:58:53:9b:7d:f3:4e:66:
9f:00:82:c2:a0:45:67:b9:40:20:27:94:ff:b5:b7:05:c0:6c:
29:1e:be:34:99:c0:b9:21:61:6b:9a:1a:8b:39:5e:e5:1f:f9:
59:ac:c2:70:9b:d8:4c:95:7e:c2:0f:49:0d:e9:3c:a2:3e:25:
bd:7f:ca:2f:c1:9c:b7:0c:26:e4:05:6f:fe:af:5d:ac:01:93:
59:30:fc:cc:bf:0a:10:76:95:32:9b:80:40:a1:0c:73:a1:38:
fa:86:d4:23:b7:28:0b:a9:de:20:d0:98:e8:b3:fe:57:b8:a0:
01:b2:8c:d7:9b:06:6f:00:d2:a2:8b:8f:9e:97:ef:00:c8:85:
c0:fa:35:2d:68:64:ab:8e:42:d6:6d:c8:c3:3a:fb:50:99:67:
80:01:44:20:b3:51:3a:67:ff:c5:d5:47:ec:49:59:7e:f5:19:
18:8d:c2:89
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEChi25DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDc0N2I1NjU4NDRlM2UyZmM3MTJmYWI1YmU4NTkyNGFhYzU4NjQzMB4XDTIyMDEw
MTEyMDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWJkNzVjMGJmNjVh
ZDJkMzk4ZTgwZjk0Zjc4NWQxMWU3MGRjMWY5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOAeiAWN3QOimTiQA47achbrmbeC7mODg1MB83lHoD1RQUtT
s7DM2jV/Ajx5SMLMRONz6KII1UrQ0K6oqh84einIn5pyjI/kkU7PqzblzkQHqcZI
nVuW0Moo7F/RLxVSW9f8FeKFxjRbKYQl6C93b2uG52geKcrbvg9+yKQ/PaX2QfUy
tvzYiXNqGrCKgwssJap5Z7AS/oR+M6rBBJA/E3uvj6DwdrZiMEefBdyCO7qpDjke
pvDfCsVY7nUiWqZxeKOnGd5WyLflK+oPK+m1mdDDn/cY4Rcmk2qDxYV9Sacb6umD
WxrC9Z+Rh/31l3xD4uFgAl8HkXxfH1qnuDLPGgsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSr11wL9lrS05joD5T3hdEecNwfkDAfBgNVHSMEGDAWgBQEdHtWWETj4vxx
L6tb6FkkqsWGQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JIUjdWbGhFNC1MOGNTLXJXLWhaSktyRmhrTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvNjQ4MDBiLTU0Y2MtNDBmMi1hN2VkLTk3YjIxNTdjYmFkMS8x
L3E5ZGNDX1phMHRPWTZBLVU5NFhSSG5EY0g1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
NjQ4MDBiLTU0Y2MtNDBmMi1hN2VkLTk3YjIxNTdjYmFkMS8xL0JIUjdWbGhFNC1M
OGNTLXJXLWhaSktyRmhrTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlvt9AMEALB5DQMEALB5DwMEAsFq
kDANBgkqhkiG9w0BAQsFAAOCAQEAfTjGupv4k3uvKEjvBmHHZelcTHMIqCh6JIsW
zhL5ecjZDJZiEW8REFq2m6P6ITRjfr9eWAmpmJ54lenxzhZZLGGeQl2eRxab7ZeN
wztGNcE/I89YU5t9805mnwCCwqBFZ7lAICeU/7W3BcBsKR6+NJnAuSFha5oaizle
5R/5WazCcJvYTJV+wg9JDek8oj4lvX/KL8Gctwwm5AVv/q9drAGTWTD8zL8KEHaV
MpuAQKEMc6E4+obUI7coC6neINCY6LP+V7igAbKM15sGbwDSoouPnpfvAMiFwPo1
LWhkq45C1m3Iwzr7UJlngAFEILNROmf/xdVH7ElZfvUZGI3CiQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:39 2023 by rpki-client on console-ams.rpki-client.org