Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/9aU9uTKYpEoCysaeZLf5FSMqdCM.roa
File: 9aU9uTKYpEoCysaeZLf5FSMqdCM.roa (raw, json)
Hash identifier: oGPN3uQSTiYWG3SSQUvOY6v8ppm5IWA2BuDeuQnPACw=
Subject key identifier: F5:A5:3D:B9:32:98:A4:4A:02:CA:C6:9E:64:B7:F9:15:23:2A:74:23
Certificate issuer: /CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Certificate serial: 11403E1F
Authority key identifier: AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/9aU9uTKYpEoCysaeZLf5FSMqdCM.roa
Signing time: Sat 01 Jan 2022 02:51:53 +0000
ROA not before: Sat 01 Jan 2022 02:51:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21859
IP address blocks: 84.33.16.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 289422879 (0x11403e1f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aaebc9bfef2b4d23f19513bfd4d60bb798f5a59d
Validity
Not Before: Jan 1 02:51:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5a53db93298a44a02cac69e64b7f915232a7423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:41:1c:5b:a9:64:aa:7f:61:4d:90:5c:e2:24:
a8:26:62:fd:fd:5a:83:79:1a:b8:e0:98:0b:f9:93:
b7:e7:13:4c:f7:cf:33:e4:dd:50:cb:84:87:da:45:
6c:c8:36:fa:32:9c:e8:e4:d4:64:0f:1f:bf:cb:fb:
bb:f7:61:30:6c:29:79:7c:a3:1a:f9:df:e0:f8:b1:
68:32:33:80:4c:d5:d7:e5:47:b6:6b:59:da:e8:d6:
28:58:84:8f:b2:11:5d:d2:80:71:e8:d1:be:6b:ed:
95:2f:57:0c:fe:9a:56:52:95:3f:e9:69:b8:78:dd:
12:ff:54:dc:60:7c:83:81:df:a3:fd:2d:3b:b4:70:
f7:6b:75:6e:55:fd:b7:48:e9:3f:fc:80:e7:16:9c:
e8:15:d2:b4:d4:3a:47:21:f2:ec:5d:25:84:56:b7:
0d:41:77:20:0b:3d:f7:af:00:73:ba:eb:17:2f:92:
14:5e:86:4f:24:aa:82:5b:e1:a6:07:41:05:45:a3:
ac:af:77:c8:e4:c4:70:82:0f:0c:0a:8d:06:1c:de:
ec:eb:03:f2:e6:ca:89:9e:43:e8:9c:ea:e3:21:b7:
48:6c:f8:15:ea:bf:cf:f2:85:1a:df:9f:33:9d:e1:
18:b5:e1:41:03:c6:45:c0:51:59:ba:ca:c8:74:c8:
dc:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:A5:3D:B9:32:98:A4:4A:02:CA:C6:9E:64:B7:F9:15:23:2A:74:23
X509v3 Authority Key Identifier:
keyid:AA:EB:C9:BF:EF:2B:4D:23:F1:95:13:BF:D4:D6:0B:B7:98:F5:A5:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/quvJv-8rTSPxlRO_1NYLt5j1pZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/9aU9uTKYpEoCysaeZLf5FSMqdCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fb1289-4d14-40f0-9679-11afb4992eef/1/quvJv-8rTSPxlRO_1NYLt5j1pZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.33.16.0/23
Signature Algorithm: sha256WithRSAEncryption
71:f6:3f:73:e3:b4:0b:68:3e:4e:2a:e0:0c:ff:65:1f:ce:b2:
98:ce:dc:d6:a8:ed:8d:ee:ad:ff:b5:66:fb:27:0c:b3:d7:ee:
3d:e4:a0:d4:6f:96:60:42:b5:0f:52:5a:57:7a:2e:9b:02:b0:
52:46:2b:0c:08:a9:ae:de:d6:1b:73:16:53:08:9c:80:f3:50:
c6:9b:d0:60:a4:dc:7c:65:2b:72:49:46:59:dd:4c:83:63:46:
9a:46:61:a4:ad:0e:fa:d2:da:95:e6:20:48:15:21:58:3f:3d:
ff:19:dd:a3:83:5d:e2:ea:09:9f:1d:d4:14:2c:8d:9c:2c:30:
5a:90:db:21:9b:ef:d5:65:02:47:ed:41:e4:2c:3c:23:1e:6f:
e1:41:8d:23:82:83:13:fd:7d:bd:cc:f0:68:2b:92:3b:20:02:
a0:f4:06:90:99:f2:0f:71:e8:1c:1b:7f:a4:ff:4c:8e:12:63:
9f:fd:09:a3:64:3f:cf:bd:af:da:7e:83:80:9c:31:0a:cf:ca:
89:9b:bd:82:55:c6:9d:a6:5f:4b:08:ea:c0:b7:57:42:3b:cc:
79:eb:84:47:ac:3d:b3:54:5b:c4:13:21:44:ca:0e:b1:a1:d1:
7a:f9:ea:f7:b9:b9:25:50:b2:92:85:a0:c3:08:5a:5d:a8:dc:
f0:eb:2f:c4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEUA+HzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YWViYzliZmVmMmI0ZDIzZjE5NTEzYmZkNGQ2MGJiNzk4ZjVhNTlkMB4XDTIyMDEw
MTAyNTE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjVhNTNkYjkzMjk4
YTQ0YTAyY2FjNjllNjRiN2Y5MTUyMzJhNzQyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpBHFupZKp/YU2QXOIkqCZi/f1ag3kauOCYC/mTt+cTTPfP
M+TdUMuEh9pFbMg2+jKc6OTUZA8fv8v7u/dhMGwpeXyjGvnf4PixaDIzgEzV1+VH
tmtZ2ujWKFiEj7IRXdKAcejRvmvtlS9XDP6aVlKVP+lpuHjdEv9U3GB8g4Hfo/0t
O7Rw92t1blX9t0jpP/yA5xac6BXStNQ6RyHy7F0lhFa3DUF3IAs9968Ac7rrFy+S
FF6GTySqglvhpgdBBUWjrK93yOTEcIIPDAqNBhze7OsD8ubKiZ5D6Jzq4yG3SGz4
Feq/z/KFGt+fM53hGLXhQQPGRcBRWbrKyHTI3PECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT1pT25MpikSgLKxp5kt/kVIyp0IzAfBgNVHSMEGDAWgBSq68m/7ytNI/GV
E7/U1gu3mPWlnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F1dkp2LThyVFNQeGxST18xTllMdDVqMXBaMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvZmIxMjg5LTRkMTQtNDBmMC05Njc5LTExYWZiNDk5MmVlZi8x
LzlhVTl1VEtZcEVvQ3lzYWVaTGY1RlNNcWRDTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
ZmIxMjg5LTRkMTQtNDBmMC05Njc5LTExYWZiNDk5MmVlZi8xL3F1dkp2LThyVFNQ
eGxST18xTllMdDVqMXBaMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVQhEDANBgkqhkiG9w0BAQsFAAOC
AQEAcfY/c+O0C2g+TirgDP9lH86ymM7c1qjtje6t/7Vm+ycMs9fuPeSg1G+WYEK1
D1JaV3oumwKwUkYrDAiprt7WG3MWUwicgPNQxpvQYKTcfGUrcklGWd1Mg2NGmkZh
pK0O+tLaleYgSBUhWD89/xndo4Nd4uoJnx3UFCyNnCwwWpDbIZvv1WUCR+1B5Cw8
Ix5v4UGNI4KDE/19vczwaCuSOyACoPQGkJnyD3HoHBt/pP9MjhJjn/0Jo2Q/z72v
2n6DgJwxCs/KiZu9glXGnaZfSwjqwLdXQjvMeeuER6w9s1RbxBMhRMoOsaHRevnq
97m5JVCykoWgwwhaXajc8OsvxA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:47 2023 by rpki-client on console-ams.rpki-client.org