Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/oxeXZqRY2NGSjwNrREVNv6ACh34.roa
File: oxeXZqRY2NGSjwNrREVNv6ACh34.roa (raw, json)
Hash identifier: opzmG1F8XO38+WfWQ8BjEcCnCmvjGDecxa9xLv1hEHU=
Subject key identifier: A3:17:97:66:A4:58:D8:D1:92:8F:03:6B:44:45:4D:BF:A0:02:87:7E
Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Certificate serial: 37A0A0EC
Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/oxeXZqRY2NGSjwNrREVNv6ACh34.roa
Signing time: Sat 01 Jan 2022 12:55:25 +0000
ROA not before: Sat 01 Jan 2022 12:55:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42105
IP address blocks: 217.9.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 933273836 (0x37a0a0ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Validity
Not Before: Jan 1 12:55:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a3179766a458d8d1928f036b44454dbfa002877e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:31:32:5e:5f:90:e1:fa:70:fe:91:ca:e8:0c:
03:a2:94:cb:eb:0d:8e:0b:d2:cd:f3:ab:70:ab:61:
26:33:6f:01:00:e6:7b:88:2f:92:7d:95:a9:0f:c8:
53:67:4a:46:0d:37:ae:b3:58:6a:29:22:ad:38:47:
8c:d0:4f:2b:e2:af:3f:8f:90:7c:0f:33:7c:c3:dd:
1d:64:1c:b5:2e:99:8a:d0:4b:1e:b0:08:a8:ba:93:
a1:9a:c4:39:41:4d:1f:f2:31:14:a4:b6:5e:b7:13:
44:76:22:dc:e6:c8:27:8f:49:4e:df:54:8c:69:09:
3a:6c:45:f5:6e:e0:88:6e:20:53:43:95:aa:6e:c6:
55:a7:c6:39:41:f9:76:1f:b8:9a:45:d4:88:63:de:
df:83:69:71:de:7a:51:cd:60:9b:03:3a:9a:fe:93:
6b:18:18:90:ff:13:f1:3e:dc:63:17:8e:bd:9f:57:
94:d9:ad:c6:9c:18:78:7f:55:10:8f:67:77:28:33:
21:11:ab:8c:0a:3e:e5:03:a6:02:53:c7:ca:4e:9e:
aa:dd:9d:4d:6e:6c:1d:22:9e:de:db:d5:e7:23:1b:
51:5d:fd:23:83:b1:83:b5:63:59:a3:21:0c:d4:28:
7c:c1:e9:21:b7:11:a1:72:d2:01:ed:f1:85:88:6f:
8a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:17:97:66:A4:58:D8:D1:92:8F:03:6B:44:45:4D:BF:A0:02:87:7E
X509v3 Authority Key Identifier:
keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/oxeXZqRY2NGSjwNrREVNv6ACh34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.8.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:2e:76:60:83:b6:65:ae:7d:b8:4e:ab:80:c2:8b:27:21:3e:
0b:d1:a9:80:e3:19:85:95:99:c2:f5:6b:d8:cf:48:64:28:42:
55:3c:ac:22:11:41:1d:72:fe:5a:2c:70:ce:46:21:94:68:c5:
13:dc:13:85:15:74:7b:81:61:7a:10:f5:9f:dd:bf:db:28:d6:
fc:03:46:23:b0:ad:5d:dd:e4:13:98:c0:be:1e:5c:55:c1:be:
8c:6d:d0:e2:c9:a7:47:07:f5:e1:4d:59:1d:09:0f:9f:3b:a4:
ed:22:01:be:af:d4:c7:45:3b:bd:7b:c2:02:be:93:f4:9e:fb:
48:07:1d:1d:01:30:2c:89:bc:d0:fa:28:c1:9f:e8:db:0a:b0:
d9:23:68:9e:70:7a:b9:ce:c5:10:c8:b4:e1:2f:13:d3:4b:74:
94:22:93:08:ee:7b:61:e0:ae:f9:f1:b3:2f:12:2e:c9:1f:ed:
df:61:b2:cd:11:15:82:44:b2:a5:cc:43:8a:45:64:d4:68:59:
e7:90:c3:c3:a5:4a:5d:14:21:d8:a2:2b:56:4d:42:2b:56:67:
64:d2:46:39:4f:69:b9:2f:58:2a:33:ff:7b:97:ff:6b:fa:24:
58:71:fc:4f:b4:e6:9a:ab:a5:cd:ff:ae:46:fd:e9:d4:b1:ac:
95:77:b1:b6
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN6Cg7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
N2VlMTgyZDljNDNhNWNlNzA2OGRmZDliYTdhYThlZDkwZTVlMGJhMB4XDTIyMDEw
MTEyNTUyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTMxNzk3NjZhNDU4
ZDhkMTkyOGYwMzZiNDQ0NTRkYmZhMDAyODc3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQxMl5fkOH6cP6RyugMA6KUy+sNjgvSzfOrcKthJjNvAQDm
e4gvkn2VqQ/IU2dKRg03rrNYaikirThHjNBPK+KvP4+QfA8zfMPdHWQctS6ZitBL
HrAIqLqToZrEOUFNH/IxFKS2XrcTRHYi3ObIJ49JTt9UjGkJOmxF9W7giG4gU0OV
qm7GVafGOUH5dh+4mkXUiGPe34Npcd56Uc1gmwM6mv6TaxgYkP8T8T7cYxeOvZ9X
lNmtxpwYeH9VEI9ndygzIRGrjAo+5QOmAlPHyk6eqt2dTW5sHSKe3tvV5yMbUV39
I4Oxg7VjWaMhDNQofMHpIbcRoXLSAe3xhYhvikkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSjF5dmpFjY0ZKPA2tERU2/oAKHfjAfBgNVHSMEGDAWgBSn7hgtnEOlznBo
39m6eqjtkOXgujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3AtNFlMWnhEcGM1d2FOX1p1bnFvN1pEbDRMby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvZGFiNDIwLTBkZTMtNDMyMS05YzA5LTZiNWY2ODUyMmE3ZC8x
L294ZVhacVJZMk5HU2p3TnJSRVZOdjZBQ2gzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
ZGFiNDIwLTBkZTMtNDMyMS05YzA5LTZiNWY2ODUyMmE3ZC8xL3AtNFlMWnhEcGM1
d2FOX1p1bnFvN1pEbDRMby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANkJCDANBgkqhkiG9w0BAQsFAAOC
AQEAti52YIO2Za59uE6rgMKLJyE+C9GpgOMZhZWZwvVr2M9IZChCVTysIhFBHXL+
WixwzkYhlGjFE9wThRV0e4FhehD1n92/2yjW/ANGI7CtXd3kE5jAvh5cVcG+jG3Q
4smnRwf14U1ZHQkPnzuk7SIBvq/Ux0U7vXvCAr6T9J77SAcdHQEwLIm80PoowZ/o
2wqw2SNonnB6uc7FEMi04S8T00t0lCKTCO57YeCu+fGzLxIuyR/t32GyzREVgkSy
pcxDikVk1GhZ55DDw6VKXRQh2KIrVk1CK1ZnZNJGOU9puS9YKjP/e5f/a/okWHH8
T7Tmmqulzf+uRv3p1LGslXextg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:21 2024 by rpki-client on console-fra.rpki-client.org