Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/9a5d4d-162a-4c09-a47a-92b5e25d247b/1/7Cq9OyZHw6VQv-V7PvXTlyyciOU.roa
File: 7Cq9OyZHw6VQv-V7PvXTlyyciOU.roa (raw, json)
Hash identifier: 0sZK5rFdd3wLLcq/pbqLMfAaqOik5oumAvfm5S1rLKM=
Subject key identifier: EC:2A:BD:3B:26:47:C3:A5:50:BF:E5:7B:3E:F5:D3:97:2C:9C:88:E5
Certificate issuer: /CN=1dcac99e7ca15d0c990420ee316d9aab84cc847f
Certificate serial: 03DB02EB
Authority key identifier: 1D:CA:C9:9E:7C:A1:5D:0C:99:04:20:EE:31:6D:9A:AB:84:CC:84:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HcrJnnyhXQyZBCDuMW2aq4TMhH8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/9a5d4d-162a-4c09-a47a-92b5e25d247b/1/7Cq9OyZHw6VQv-V7PvXTlyyciOU.roa
Signing time: Sat 01 Jan 2022 14:08:04 +0000
ROA not before: Sat 01 Jan 2022 14:08:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 85.236.136.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64684779 (0x3db02eb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dcac99e7ca15d0c990420ee316d9aab84cc847f
Validity
Not Before: Jan 1 14:08:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ec2abd3b2647c3a550bfe57b3ef5d3972c9c88e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:48:a4:11:7c:cb:38:8a:c1:81:b1:d0:5f:86:
77:5c:19:f1:f4:49:23:f1:d8:4f:dd:83:18:cf:e3:
02:5e:43:b0:4f:fa:99:47:06:f7:8d:d1:b0:26:31:
50:c9:64:5e:bc:32:0e:7a:3d:8b:58:cb:f0:ba:11:
8b:fe:d2:aa:3c:72:63:8e:ae:75:2d:7b:25:26:41:
60:2f:6b:75:31:7c:23:41:90:ad:a3:58:2b:46:c9:
1e:3b:e2:76:cb:17:ce:ac:d6:ea:0b:55:ba:39:83:
bd:c9:47:ac:25:53:94:8b:a5:ba:d2:3a:1a:b4:af:
39:ef:a1:9c:11:11:17:93:42:4a:5c:dd:c0:29:08:
63:ed:48:a5:09:0b:62:eb:49:33:93:07:2f:9d:43:
ad:a6:03:4d:9e:86:38:4a:e6:3c:35:bd:1f:5b:2d:
16:77:d5:b8:c8:0d:39:dc:5d:50:47:0b:91:ba:fc:
7e:ce:19:ec:17:6c:a7:b7:8d:82:c6:33:0b:ec:95:
13:a7:85:0c:10:a7:a9:d9:51:3b:49:d0:42:2f:53:
19:06:43:bd:d7:86:a8:7b:13:21:91:fb:b5:22:13:
ce:8c:ab:36:df:9f:a1:5f:04:32:f6:7d:4d:19:33:
04:9a:7f:cd:07:a7:df:3b:8f:be:cf:7c:e3:69:61:
8a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:2A:BD:3B:26:47:C3:A5:50:BF:E5:7B:3E:F5:D3:97:2C:9C:88:E5
X509v3 Authority Key Identifier:
keyid:1D:CA:C9:9E:7C:A1:5D:0C:99:04:20:EE:31:6D:9A:AB:84:CC:84:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HcrJnnyhXQyZBCDuMW2aq4TMhH8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9a5d4d-162a-4c09-a47a-92b5e25d247b/1/7Cq9OyZHw6VQv-V7PvXTlyyciOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/9a5d4d-162a-4c09-a47a-92b5e25d247b/1/HcrJnnyhXQyZBCDuMW2aq4TMhH8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.236.136.0/21
Signature Algorithm: sha256WithRSAEncryption
04:ee:0e:20:80:fa:02:c8:69:06:14:09:11:b9:9e:4e:f3:4d:
e7:f6:04:11:0f:f6:71:e1:72:3b:4f:49:eb:ff:83:df:63:bf:
17:cd:1e:36:67:75:f6:64:f2:27:f4:59:6d:fe:a5:8b:f5:06:
b3:43:f5:9c:b0:6a:f4:86:2b:7f:48:60:13:de:2b:86:a0:d2:
99:0d:23:cb:7b:1e:1d:b2:a5:27:d4:b4:2a:1a:30:62:86:7f:
e3:93:fa:c1:09:83:0d:21:0b:b9:39:b6:70:d2:87:0a:2f:a0:
d2:25:a9:d0:dd:22:7c:2d:26:b3:c5:7f:e2:f0:55:87:4f:37:
7a:57:67:28:93:b4:17:d6:c2:b9:24:53:cc:1a:f4:85:d6:b5:
0f:c1:2f:d0:0b:6d:7d:91:61:05:a9:ad:2c:9c:e6:78:05:2e:
f7:75:d4:51:bf:31:07:f4:43:a4:3b:4a:31:90:03:9f:ec:c3:
3a:09:fe:5e:d2:f3:8e:8a:a5:b8:ce:16:60:36:de:a6:6c:a9:
4b:76:36:37:a6:69:1b:95:04:91:52:ff:f3:ce:1e:f8:41:94:
ac:dc:ec:ad:53:70:48:dc:5c:51:ba:c2:11:92:8e:e1:7a:f2:
93:43:e9:f5:c5:d1:6a:39:51:54:2d:8c:d9:1a:5d:a5:29:fc:
00:39:56:37
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA9sC6zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZGNhYzk5ZTdjYTE1ZDBjOTkwNDIwZWUzMTZkOWFhYjg0Y2M4NDdmMB4XDTIyMDEw
MTE0MDgwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWMyYWJkM2IyNjQ3
YzNhNTUwYmZlNTdiM2VmNWQzOTcyYzljODhlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKZIpBF8yziKwYGx0F+Gd1wZ8fRJI/HYT92DGM/jAl5DsE/6
mUcG943RsCYxUMlkXrwyDno9i1jL8LoRi/7SqjxyY46udS17JSZBYC9rdTF8I0GQ
raNYK0bJHjvidssXzqzW6gtVujmDvclHrCVTlIulutI6GrSvOe+hnBERF5NCSlzd
wCkIY+1IpQkLYutJM5MHL51DraYDTZ6GOErmPDW9H1stFnfVuMgNOdxdUEcLkbr8
fs4Z7Bdsp7eNgsYzC+yVE6eFDBCnqdlRO0nQQi9TGQZDvdeGqHsTIZH7tSITzoyr
Nt+foV8EMvZ9TRkzBJp/zQen3zuPvs9842lhio0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTsKr07JkfDpVC/5Xs+9dOXLJyI5TAfBgNVHSMEGDAWgBQdysmefKFdDJkE
IO4xbZqrhMyEfzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hjckpubnloWFF5WkJDRHVNVzJhcTRUTWhIOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvOWE1ZDRkLTE2MmEtNGMwOS1hNDdhLTkyYjVlMjVkMjQ3Yi8x
LzdDcTlPeVpIdzZWUXYtVjdQdlhUbHl5Y2lPVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
OWE1ZDRkLTE2MmEtNGMwOS1hNDdhLTkyYjVlMjVkMjQ3Yi8xL0hjckpubnloWFF5
WkJDRHVNVzJhcTRUTWhIOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1XsiDANBgkqhkiG9w0BAQsFAAOC
AQEABO4OIID6AshpBhQJEbmeTvNN5/YEEQ/2ceFyO09J6/+D32O/F80eNmd19mTy
J/RZbf6li/UGs0P1nLBq9IYrf0hgE94rhqDSmQ0jy3seHbKlJ9S0KhowYoZ/45P6
wQmDDSELuTm2cNKHCi+g0iWp0N0ifC0ms8V/4vBVh083eldnKJO0F9bCuSRTzBr0
hda1D8Ev0AttfZFhBamtLJzmeAUu93XUUb8xB/RDpDtKMZADn+zDOgn+XtLzjoql
uM4WYDbepmypS3Y2N6ZpG5UEkVL/884e+EGUrNzsrVNwSNxcUbrCEZKO4Xryk0Pp
9cXRajlRVC2M2RpdpSn8ADlWNw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:04 2023 by rpki-client on console-fra.rpki-client.org