Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cnFZoqYKLHPSR7S9MIh4yr7r4fI.roa
File: cnFZoqYKLHPSR7S9MIh4yr7r4fI.roa (raw, json)
Hash identifier: oXXsiyEUTgeuCHcoRyeTqpSxXhxOhsTnZLJuzb0xS+E=
Subject key identifier: 72:71:59:A2:A6:0A:2C:73:D2:47:B4:BD:30:88:78:CA:BE:EB:E1:F2
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01840DD201AAD5E8A6A96D99D141DE6F8161
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cnFZoqYKLHPSR7S9MIh4yr7r4fI.roa
Signing time: Tue 25 Oct 2022 06:26:17 +0000
ROA not before: Tue 25 Oct 2022 06:26:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206065
IP address blocks: 213.176.112.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0d:d2:01:aa:d5:e8:a6:a9:6d:99:d1:41:de:6f:81:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Oct 25 06:26:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=727159a2a60a2c73d247b4bd308878cabeebe1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c0:46:67:1a:7c:bd:ae:33:39:3a:73:73:7f:
27:07:53:d4:70:ec:7d:0a:20:40:71:5a:f4:05:ba:
8d:cb:b2:26:a4:63:17:23:75:09:f7:56:f2:13:c8:
d5:4a:7d:8a:9d:5d:bd:21:32:d5:87:ec:f8:a7:b8:
06:fa:7b:1a:5e:17:fc:88:ad:ef:9a:94:46:20:24:
d2:59:cd:6d:e9:2c:f0:b9:2b:d4:6b:7d:cc:93:5b:
78:ed:2e:01:4f:29:aa:cd:34:b9:9b:3c:3f:b4:da:
b6:e6:2a:d9:86:1f:89:31:4f:68:2e:a7:c8:ed:a1:
98:fa:b5:0b:0a:ef:5f:d2:b5:ac:b2:3e:ff:bf:e9:
4a:05:5d:59:91:76:51:bd:19:0f:ea:98:83:bb:3c:
97:e6:3f:0a:3d:77:4c:74:e7:8d:02:4e:7c:48:86:
ac:86:9e:56:cc:65:c0:41:aa:1b:f1:a0:f2:50:c7:
49:02:d9:9b:c4:3a:37:fd:cd:5e:22:c5:bc:d4:5f:
cc:e6:a4:9e:b4:9b:5e:b0:a5:98:c7:fd:35:d2:8f:
14:10:05:0b:40:54:01:96:c5:d6:5c:64:d8:92:e0:
9b:61:3d:b7:e2:c1:95:e9:3a:4d:55:30:a8:9e:7e:
d0:b8:e7:bc:fb:91:21:32:75:22:44:ef:87:7f:d2:
d3:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:71:59:A2:A6:0A:2C:73:D2:47:B4:BD:30:88:78:CA:BE:EB:E1:F2
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/cnFZoqYKLHPSR7S9MIh4yr7r4fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
90:08:04:c0:19:19:d2:fa:a0:a8:b8:96:c0:59:aa:d2:10:fa:
8c:5e:14:e2:af:99:09:41:2e:b7:22:3c:5b:0d:e0:a8:c4:0f:
d1:0c:56:65:a0:68:c1:84:2b:69:32:2d:bf:ae:f2:07:e1:88:
a1:c9:5b:dd:4e:1c:f0:c0:20:09:a2:ae:4f:09:ff:f5:7d:a0:
fc:3a:2c:b0:92:71:3d:b0:ac:32:30:93:18:15:35:d0:91:c0:
1c:5f:a9:68:af:c2:5c:cd:8d:b5:ed:d3:0f:28:6f:2f:fb:0b:
d2:92:69:c1:7c:84:26:c1:f7:77:a1:a3:76:56:a5:06:0d:1b:
46:ce:b7:d8:25:ec:23:0f:60:94:7f:64:89:f7:c1:72:e6:83:
99:dd:d8:e0:40:de:27:79:5d:dd:fd:45:32:05:a3:d1:35:7b:
aa:47:5e:3a:b3:04:59:0a:b5:1a:6e:49:d3:7f:77:d0:d5:11:
82:13:1a:41:9e:6f:f0:0a:44:94:60:e3:1c:dc:c3:e9:80:c4:
5b:14:10:29:e1:8b:88:77:fa:14:56:da:2a:ba:19:ce:53:5f:
ad:6b:2e:ad:db:4e:b4:6b:66:68:87:52:f9:7a:0b:a3:bc:bc:
88:ca:7a:ab:2f:70:49:0b:c7:b5:cc:fe:c2:5a:db:be:cb:84:
44:02:24:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQN0gGq1eimqW2Z0UHeb4FhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIxMDI1MDYyNjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjcxNTlhMmE2MGEyYzczZDI0N2I0YmQzMDg4NzhjYWJlZWJlMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8BGZxp8va4zOTpzc38nB1PUcOx9
CiBAcVr0BbqNy7ImpGMXI3UJ91byE8jVSn2KnV29ITLVh+z4p7gG+nsaXhf8iK3v
mpRGICTSWc1t6SzwuSvUa33Mk1t47S4BTymqzTS5mzw/tNq25irZhh+JMU9oLqfI
7aGY+rULCu9f0rWssj7/v+lKBV1ZkXZRvRkP6piDuzyX5j8KPXdMdOeNAk58SIas
hp5WzGXAQaob8aDyUMdJAtmbxDo3/c1eIsW81F/M5qSetJtesKWYx/010o8UEAUL
QFQBlsXWXGTYkuCbYT234sGV6TpNVTConn7QuOe8+5EhMnUiRO+Hf9LT1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHJxWaKmCixz0ke0vTCIeMq+6+HyMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvY25GWm9xWUtMSFBTUjdTOU1JaDR5cjdyNGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1bBwMA0G
CSqGSIb3DQEBCwUAA4IBAQCQCATAGRnS+qCouJbAWarSEPqMXhTir5kJQS63Ijxb
DeCoxA/RDFZloGjBhCtpMi2/rvIH4YihyVvdThzwwCAJoq5PCf/1faD8OiywknE9
sKwyMJMYFTXQkcAcX6lor8JczY217dMPKG8v+wvSkmnBfIQmwfd3oaN2VqUGDRtG
zrfYJewjD2CUf2SJ98Fy5oOZ3djgQN4neV3d/UUyBaPRNXuqR146swRZCrUabknT
f3fQ1RGCExpBnm/wCkSUYOMc3MPpgMRbFBAp4YuId/oUVtoquhnOU1+tay6t2060
a2Zoh1L5egujvLyIynqrL3BJC8e1zP7CWtu+y4REAiSY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org