Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/0lxjRMAEX4pwik7WC8D1LdiNI-c.roa
File: 0lxjRMAEX4pwik7WC8D1LdiNI-c.roa (raw, json)
Hash identifier: GUQQfPo9Jg8AzxxSgmpAM/o4Qsppy5nDWWREC7qXjgI=
Subject key identifier: D2:5C:63:44:C0:04:5F:8A:70:8A:4E:D6:0B:C0:F5:2D:D8:8D:23:E7
Certificate issuer: /CN=9bdba95290a985a697763d30ab42f9c3784078b2
Certificate serial: 027112
Authority key identifier: 9B:DB:A9:52:90:A9:85:A6:97:76:3D:30:AB:42:F9:C3:78:40:78:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9upUpCphaaXdj0wq0L5w3hAeLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/0lxjRMAEX4pwik7WC8D1LdiNI-c.roa
Signing time: Fri 03 Jun 2022 12:34:20 +0000
ROA not before: Fri 03 Jun 2022 12:34:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209368
IP address blocks: 85.208.76.0/22 maxlen: 24
2a09:83c0::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160018 (0x27112)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bdba95290a985a697763d30ab42f9c3784078b2
Validity
Not Before: Jun 3 12:34:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d25c6344c0045f8a708a4ed60bc0f52dd88d23e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:9d:91:b1:b3:5b:9f:c5:74:11:02:e1:8d:7d:
8b:c8:f9:3c:3c:e1:39:46:5b:b1:4e:13:7e:f1:36:
1c:94:9d:4c:e9:52:a0:98:30:ad:d4:ab:72:5c:19:
fe:3b:bc:9a:4f:dd:50:f6:55:c8:64:81:d4:f6:a0:
02:69:90:7f:a0:03:c8:41:ce:66:d8:9d:d8:fa:0c:
d9:4e:9d:5f:5d:12:35:c7:5b:25:dd:99:35:dc:b8:
a9:db:80:27:89:d8:9e:7c:8f:b3:22:a6:e0:1a:9e:
0e:f9:eb:23:af:70:f6:2c:8e:3a:57:fb:6c:cd:64:
47:d8:45:1e:0c:9e:a5:c0:4e:4b:b2:22:0b:23:88:
0c:4c:f8:b0:31:c5:31:df:b8:90:b5:cf:fd:f5:32:
f7:d0:af:17:43:85:63:12:b2:a2:06:ba:0b:fb:9a:
64:f5:d7:54:7e:71:b1:8e:4e:7b:b2:67:ec:be:96:
32:a4:d7:76:d7:da:7d:0a:11:48:e7:e3:77:cf:c1:
1f:70:4e:b9:96:a2:f5:6f:f8:20:6b:85:f4:d5:da:
2b:7d:60:db:18:e4:00:e9:f1:8f:42:07:76:e3:b5:
7e:79:b1:f7:c8:3d:0e:2b:57:d4:9c:82:05:2c:f0:
1b:6c:19:a4:97:03:3d:63:0f:86:77:d4:c2:ee:da:
c2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:5C:63:44:C0:04:5F:8A:70:8A:4E:D6:0B:C0:F5:2D:D8:8D:23:E7
X509v3 Authority Key Identifier:
keyid:9B:DB:A9:52:90:A9:85:A6:97:76:3D:30:AB:42:F9:C3:78:40:78:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9upUpCphaaXdj0wq0L5w3hAeLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/0lxjRMAEX4pwik7WC8D1LdiNI-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/4ae1bd-5864-43f0-b4fd-80a66c0fc884/1/m9upUpCphaaXdj0wq0L5w3hAeLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.76.0/22
IPv6:
2a09:83c0::/29
Signature Algorithm: sha256WithRSAEncryption
a6:ae:cc:99:54:b5:3b:58:c7:28:0a:56:99:97:71:10:97:c0:
f8:62:a1:12:d2:37:df:a5:00:e3:ac:df:78:a2:72:da:48:9a:
3e:ef:7d:61:09:a5:44:9a:42:03:06:86:ed:ea:ed:5b:3a:94:
7a:fc:e7:d5:9b:93:5f:25:81:81:e6:e4:8a:47:f0:c7:7b:77:
36:a8:46:4a:64:f0:9f:65:d4:2d:05:98:9c:e1:fb:02:24:00:
e3:89:52:75:af:e0:b0:5d:f5:41:90:bb:6f:52:af:57:c1:03:
19:2d:69:0d:8c:6d:0c:d5:39:ed:13:81:30:6b:4a:84:7a:d2:
e7:f9:b0:40:ed:0a:32:0f:11:4e:fe:96:67:41:aa:d6:f2:35:
69:11:04:67:a9:61:5a:01:ab:da:0f:79:5a:1d:b7:98:20:42:
6c:a8:56:7a:dc:45:01:e3:dd:e0:d8:07:e0:8d:61:84:9a:2f:
1e:6c:11:f7:2e:70:39:bd:ac:a0:6a:00:16:cb:96:8e:2a:c6:
98:2d:cb:83:ea:bb:fe:75:be:d1:9e:c1:13:67:d5:3a:54:e8:
b6:e9:d6:b8:da:e6:a9:38:d7:db:0c:10:0f:18:bf:7d:35:cd:
63:b9:f9:74:13:98:f4:76:30:43:b2:f8:59:2e:82:9a:48:f3:
92:7f:55:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAnESMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDli
ZGJhOTUyOTBhOTg1YTY5Nzc2M2QzMGFiNDJmOWMzNzg0MDc4YjIwHhcNMjIwNjAz
MTIzNDIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhkMjVjNjM0NGMwMDQ1
ZjhhNzA4YTRlZDYwYmMwZjUyZGQ4OGQyM2U3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA2J2RsbNbn8V0EQLhjX2LyPk8POE5RluxThN+8TYclJ1M6VKg
mDCt1KtyXBn+O7yaT91Q9lXIZIHU9qACaZB/oAPIQc5m2J3Y+gzZTp1fXRI1x1sl
3Zk13Lip24AnidiefI+zIqbgGp4O+esjr3D2LI46V/tszWRH2EUeDJ6lwE5LsiIL
I4gMTPiwMcUx37iQtc/99TL30K8XQ4VjErKiBroL+5pk9ddUfnGxjk57smfsvpYy
pNd219p9ChFI5+N3z8EfcE65lqL1b/gga4X01dorfWDbGOQA6fGPQgd247V+ebH3
yD0OK1fUnIIFLPAbbBmklwM9Yw+Gd9TC7trC7QIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFNJcY0TABF+KcIpO1gvA9S3YjSPnMB8GA1UdIwQYMBaAFJvbqVKQqYWml3Y9
MKtC+cN4QHiyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bTl1cFVwQ3BoYWFYZGowd3EwTDV3M2hBZUxJLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xNy80YWUxYmQtNTg2NC00M2YwLWI0ZmQtODBhNjZjMGZjODg0LzEv
MGx4alJNQUVYNHB3aWs3V0M4RDFMZGlOSS1jLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy80
YWUxYmQtNTg2NC00M2YwLWI0ZmQtODBhNjZjMGZjODg0LzEvbTl1cFVwQ3BoYWFY
ZGowd3EwTDV3M2hBZUxJLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVdBMMA0EAgACMAcDBQMqCYPAMA0G
CSqGSIb3DQEBCwUAA4IBAQCmrsyZVLU7WMcoClaZl3EQl8D4YqES0jffpQDjrN94
onLaSJo+731hCaVEmkIDBobt6u1bOpR6/OfVm5NfJYGB5uSKR/DHe3c2qEZKZPCf
ZdQtBZic4fsCJADjiVJ1r+CwXfVBkLtvUq9XwQMZLWkNjG0M1TntE4Ewa0qEetLn
+bBA7QoyDxFO/pZnQarW8jVpEQRnqWFaAavaD3laHbeYIEJsqFZ63EUB493g2Afg
jWGEmi8ebBH3LnA5vaygagAWy5aOKsaYLcuD6rv+db7RnsETZ9U6VOi26da42uap
ONfbDBAPGL99Nc1jufl0E5j0djBDsvhZLoKaSPOSf1Wz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:40 2024 by rpki-client on console-fra.rpki-client.org