Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/bf656b-ff93-454b-a39e-3b1131e504b8/1/i9xq-8g5S80HvvQ0jRSgCLBNStA.roa
File: i9xq-8g5S80HvvQ0jRSgCLBNStA.roa (raw, json)
Hash identifier: 5R779TnZYM9R1aTAf4nkxj20dnHBNMwNQ4a5ZtH9iDY=
Subject key identifier: 8B:DC:6A:FB:C8:39:4B:CD:07:BE:F4:34:8D:14:A0:08:B0:4D:4A:D0
Certificate issuer: /CN=601331eccd96d02c1035734cd00a390e8311d942
Certificate serial: 04A58073
Authority key identifier: 60:13:31:EC:CD:96:D0:2C:10:35:73:4C:D0:0A:39:0E:83:11:D9:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YBMx7M2W0CwQNXNM0Ao5DoMR2UI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/bf656b-ff93-454b-a39e-3b1131e504b8/1/i9xq-8g5S80HvvQ0jRSgCLBNStA.roa
Signing time: Sat 01 Jan 2022 00:52:14 +0000
ROA not before: Sat 01 Jan 2022 00:52:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200076
IP address blocks: 194.59.24.0/22 maxlen: 22
2a0c:fac0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 77955187 (0x4a58073)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=601331eccd96d02c1035734cd00a390e8311d942
Validity
Not Before: Jan 1 00:52:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8bdc6afbc8394bcd07bef4348d14a008b04d4ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:5b:7a:40:62:1f:f5:43:6d:69:db:97:38:a7:
de:ca:6b:ef:92:c8:f6:4c:23:69:37:e2:bf:b4:b7:
b7:f6:b8:d9:78:76:3f:a8:27:b8:9a:a5:e0:d4:3c:
51:90:96:1d:61:11:3d:37:2d:cc:66:4b:ed:08:09:
8a:b3:4f:22:cc:1a:3a:7e:02:84:97:22:af:7c:da:
62:da:c9:d8:fd:af:7c:b7:3c:7d:e6:8c:79:a9:1e:
02:68:fb:3c:65:26:25:56:d5:80:d7:17:39:33:ab:
6a:02:e2:a2:68:29:a1:27:54:ba:18:35:fa:36:b8:
ce:14:e2:05:5f:ca:7e:1e:5c:0a:22:a6:e2:35:b3:
83:df:e2:67:14:f8:ae:11:c2:ea:93:45:dc:9a:06:
05:f7:0b:e0:6f:b4:5b:b4:db:00:8f:59:76:9a:78:
a0:39:97:3b:af:4b:87:b6:97:f9:d5:2b:cf:39:bd:
8b:ca:27:d7:82:7d:ab:52:b7:88:4f:22:a9:db:19:
58:44:b9:b3:38:d4:e6:66:64:d2:46:40:6f:09:64:
65:66:75:1e:47:4f:ed:4b:a0:6c:b8:6d:01:00:ab:
50:eb:91:bd:1f:b2:0a:74:3b:af:11:46:d3:2e:07:
02:52:22:ee:ba:b1:05:e7:69:d2:f2:47:8e:de:ee:
fb:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:DC:6A:FB:C8:39:4B:CD:07:BE:F4:34:8D:14:A0:08:B0:4D:4A:D0
X509v3 Authority Key Identifier:
keyid:60:13:31:EC:CD:96:D0:2C:10:35:73:4C:D0:0A:39:0E:83:11:D9:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YBMx7M2W0CwQNXNM0Ao5DoMR2UI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bf656b-ff93-454b-a39e-3b1131e504b8/1/i9xq-8g5S80HvvQ0jRSgCLBNStA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/bf656b-ff93-454b-a39e-3b1131e504b8/1/YBMx7M2W0CwQNXNM0Ao5DoMR2UI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.24.0/22
IPv6:
2a0c:fac0::/48
Signature Algorithm: sha256WithRSAEncryption
2b:b5:a7:d1:ff:42:f5:6b:9b:93:e8:54:02:60:a0:20:5d:46:
0a:b1:cc:d1:44:f2:27:54:a5:b7:36:11:93:68:84:ff:ef:f5:
72:e4:36:d4:cb:f8:f9:e1:ab:6f:d2:d7:7c:07:57:99:eb:f6:
4b:0c:27:8f:84:a6:b2:b2:dc:7e:f9:a7:f0:92:f4:03:a0:ab:
a9:f1:c4:db:bb:32:9e:c0:51:2a:f0:f7:05:26:e8:ce:ac:32:
0f:0e:ca:09:9d:b7:13:ce:8d:e9:d0:65:b4:81:c1:f3:44:57:
87:98:bf:48:ff:15:23:9c:fd:4a:35:97:f3:e2:4c:3d:7f:8d:
ff:7b:6e:5c:4f:a3:d7:27:99:77:78:6d:04:3d:a2:7f:e9:c2:
2f:94:52:ba:ac:d5:1b:a7:c8:4e:bc:d1:27:c7:78:2a:67:94:
b7:77:1b:6a:1a:2a:0e:82:58:ef:94:6f:9d:ed:bc:4b:b2:89:
1e:0e:95:d7:bf:16:2f:9f:42:0a:00:f3:77:ac:a4:05:61:4f:
aa:e1:dd:49:51:68:51:7b:c8:b5:c1:94:fc:19:57:1c:98:67:
87:6c:7b:df:96:0f:a4:f6:e1:b5:bc:c9:5d:25:2c:df:ff:86:
ab:dd:c7:1a:bd:5f:e7:39:da:f9:ca:c1:9e:db:d9:df:48:cc:
93:28:3c:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBKWAczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDEzMzFlY2NkOTZkMDJjMTAzNTczNGNkMDBhMzkwZTgzMTFkOTQyMB4XDTIyMDEw
MTAwNTIxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGJkYzZhZmJjODM5
NGJjZDA3YmVmNDM0OGQxNGEwMDhiMDRkNGFkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtbekBiH/VDbWnblzin3spr75LI9kwjaTfiv7S3t/a42Xh2
P6gnuJql4NQ8UZCWHWERPTctzGZL7QgJirNPIswaOn4ChJcir3zaYtrJ2P2vfLc8
feaMeakeAmj7PGUmJVbVgNcXOTOragLiomgpoSdUuhg1+ja4zhTiBV/Kfh5cCiKm
4jWzg9/iZxT4rhHC6pNF3JoGBfcL4G+0W7TbAI9Zdpp4oDmXO69Lh7aX+dUrzzm9
i8on14J9q1K3iE8iqdsZWES5szjU5mZk0kZAbwlkZWZ1HkdP7UugbLhtAQCrUOuR
vR+yCnQ7rxFG0y4HAlIi7rqxBedp0vJHjt7u+x8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSL3Gr7yDlLzQe+9DSNFKAIsE1K0DAfBgNVHSMEGDAWgBRgEzHszZbQLBA1
c0zQCjkOgxHZQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lCTXg3TTJXMEN3UU5YTk0wQW81RG9NUjJVSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvYmY2NTZiLWZmOTMtNDU0Yi1hMzllLTNiMTEzMWU1MDRiOC8x
L2k5eHEtOGc1UzgwSHZ2UTBqUlNnQ0xCTlN0QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
YmY2NTZiLWZmOTMtNDU0Yi1hMzllLTNiMTEzMWU1MDRiOC8xL1lCTXg3TTJXMEN3
UU5YTk0wQW81RG9NUjJVSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAsI7GDAPBAIAAjAJAwcAKgz6wAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQArtafR/0L1a5uT6FQCYKAgXUYKsczRRPInVKW3
NhGTaIT/7/Vy5DbUy/j54atv0td8B1eZ6/ZLDCePhKaystx++afwkvQDoKup8cTb
uzKewFEq8PcFJujOrDIPDsoJnbcTzo3p0GW0gcHzRFeHmL9I/xUjnP1KNZfz4kw9
f43/e25cT6PXJ5l3eG0EPaJ/6cIvlFK6rNUbp8hOvNEnx3gqZ5S3dxtqGioOgljv
lG+d7bxLsokeDpXXvxYvn0IKAPN3rKQFYU+q4d1JUWhRe8i1wZT8GVccmGeHbHvf
lg+k9uG1vMldJSzf/4ar3ccavV/nOdr5ysGe29nfSMyTKDzK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:36 2024 by rpki-client on console-fra.rpki-client.org