Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/C7Tj4tqnHgqtGJkyTXmBCDEcIx0.roa
File: C7Tj4tqnHgqtGJkyTXmBCDEcIx0.roa (raw, json)
Hash identifier: e1tNoE6vVbuetYiTCAxhr/UDHETuEruDs7g/DaoxTIc=
Subject key identifier: 0B:B4:E3:E2:DA:A7:1E:0A:AD:18:99:32:4D:79:81:08:31:1C:23:1D
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018441FE3998A6E1FFB3E9D7473457F660E2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/C7Tj4tqnHgqtGJkyTXmBCDEcIx0.roa
Signing time: Fri 04 Nov 2022 09:34:50 +0000
ROA not before: Fri 04 Nov 2022 09:34:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 85.209.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:41:fe:39:98:a6:e1:ff:b3:e9:d7:47:34:57:f6:60:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 4 09:34:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0bb4e3e2daa71e0aad1899324d798108311c231d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7c:8e:78:9f:ac:a3:be:a8:24:16:b8:d2:15:
85:ae:4e:85:a3:e8:14:e4:e5:c4:c2:ec:5d:78:2c:
72:32:87:83:8c:c1:be:2d:e2:49:8e:22:e0:59:77:
5d:70:42:c3:93:06:2e:d5:aa:92:56:bb:86:01:eb:
c0:38:c0:25:42:34:85:12:fc:ae:4e:f7:15:4b:8b:
c3:ef:00:a8:be:30:29:0d:ef:d4:e8:45:4e:ef:1a:
6c:6c:75:e7:91:54:99:90:08:4d:ff:40:87:47:57:
3d:39:8d:38:d8:57:c0:38:30:c0:ce:e5:51:1e:83:
65:7a:2f:9d:42:ad:ba:fd:bd:05:2b:3f:c2:87:4b:
c2:52:e6:8c:66:c2:eb:44:01:7f:2f:09:e2:50:e1:
bf:ab:06:bc:72:77:28:d5:fa:91:df:4f:06:24:22:
56:a3:f0:e2:a8:95:4c:79:68:1e:c0:dc:5c:31:c3:
ba:09:35:2f:19:cc:ba:33:d5:19:26:77:a2:aa:78:
46:e0:6d:bf:8e:5a:bf:f6:69:7c:0f:4d:81:62:42:
e7:52:0a:f2:05:bb:5b:67:f1:ab:06:59:8b:d0:6e:
62:17:fe:1a:1d:51:3a:e3:0e:f9:a6:83:23:5d:6f:
09:12:35:00:03:4e:8d:7a:b5:e2:21:38:ca:e9:38:
9e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B4:E3:E2:DA:A7:1E:0A:AD:18:99:32:4D:79:81:08:31:1C:23:1D
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/C7Tj4tqnHgqtGJkyTXmBCDEcIx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.121.0/24
Signature Algorithm: sha256WithRSAEncryption
bb:3f:5b:ed:0f:75:75:54:0f:6b:b1:be:81:0f:d9:09:cd:56:
ab:6f:d5:a1:92:50:d3:fa:27:a1:fb:55:91:6f:16:c5:af:79:
d4:14:24:24:38:81:ae:22:92:f4:00:b9:29:60:99:61:78:5d:
78:fe:42:27:42:a9:11:13:8b:c7:ef:ab:ed:7c:8f:c1:72:fc:
7f:34:41:9a:f5:02:31:a5:db:af:b9:ef:b8:97:50:c3:b4:27:
81:f8:3e:6f:82:d3:da:07:4e:77:d8:93:49:1f:68:09:2d:26:
3d:ff:e0:8f:f0:b8:36:5c:e6:1b:e6:0d:4f:d9:01:dd:33:29:
fb:b0:1e:f4:fb:e2:15:0c:43:b1:a7:c3:18:46:90:01:8a:ed:
8a:70:a8:e5:43:89:f9:36:c4:7e:34:f4:23:2b:f7:45:cf:ea:
49:f5:27:f3:74:33:6d:75:56:eb:19:8c:69:b1:88:46:0a:d5:
fa:47:fa:80:e1:ed:7f:4b:cc:84:94:0f:4d:4e:2e:96:fd:41:
69:93:8b:29:97:05:b4:78:8f:72:78:8f:16:72:f0:ba:38:56:
54:41:c0:39:52:cc:89:ac:8c:66:54:cf:5c:a9:f8:b0:34:7a:
67:6c:d1:09:06:2e:d4:db:11:48:d2:dc:b0:fc:ea:f8:09:4d:
48:41:7c:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRB/jmYpuH/s+nXRzRX9mDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTA0MDkzNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmI0ZTNlMmRhYTcxZTBhYWQxODk5MzI0ZDc5ODEwODMxMWMyMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3yOeJ+so76oJBa40hWFrk6Fo+gU
5OXEwuxdeCxyMoeDjMG+LeJJjiLgWXddcELDkwYu1aqSVruGAevAOMAlQjSFEvyu
TvcVS4vD7wCovjApDe/U6EVO7xpsbHXnkVSZkAhN/0CHR1c9OY042FfAODDAzuVR
HoNlei+dQq26/b0FKz/Ch0vCUuaMZsLrRAF/LwniUOG/qwa8cnco1fqR308GJCJW
o/DiqJVMeWgewNxcMcO6CTUvGcy6M9UZJneiqnhG4G2/jlq/9ml8D02BYkLnUgry
BbtbZ/GrBlmL0G5iF/4aHVE64w75poMjXW8JEjUAA06NerXiITjK6TiefwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAu04+Lapx4KrRiZMk15gQgxHCMdMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvQzdUajR0cW5IZ3F0R0preVRYbUJDREVjSXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdF5MA0G
CSqGSIb3DQEBCwUAA4IBAQC7P1vtD3V1VA9rsb6BD9kJzVarb9WhklDT+ieh+1WR
bxbFr3nUFCQkOIGuIpL0ALkpYJlheF14/kInQqkRE4vH76vtfI/Bcvx/NEGa9QIx
pduvue+4l1DDtCeB+D5vgtPaB0532JNJH2gJLSY9/+CP8Lg2XOYb5g1P2QHdMyn7
sB70++IVDEOxp8MYRpABiu2KcKjlQ4n5NsR+NPQjK/dFz+pJ9SfzdDNtdVbrGYxp
sYhGCtX6R/qA4e1/S8yElA9NTi6W/UFpk4splwW0eI9yeI8WcvC6OFZUQcA5UsyJ
rIxmVM9cqfiwNHpnbNEJBi7U2xFI0tyw/Or4CU1IQXyY
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org