Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/rr0IPGxBHxIxZIkzfrBuPXhW8i0.roa
File: rr0IPGxBHxIxZIkzfrBuPXhW8i0.roa (raw, json)
Hash identifier: UwtQ/da9xH7RZX1i1kA3jM5WJeyB7n/913C8V6keQ5A=
Subject key identifier: AE:BD:08:3C:6C:41:1F:12:31:64:89:33:7E:B0:6E:3D:78:56:F2:2D
Certificate issuer: /CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Certificate serial: 379D35AB
Authority key identifier: A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/rr0IPGxBHxIxZIkzfrBuPXhW8i0.roa
Signing time: Sat 01 Jan 2022 12:55:24 +0000
ROA not before: Sat 01 Jan 2022 12:55:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28776
IP address blocks: 217.9.4.0/24 maxlen: 24
217.9.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 933049771 (0x379d35ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7ee182d9c43a5ce7068dfd9ba7aa8ed90e5e0ba
Validity
Not Before: Jan 1 12:55:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aebd083c6c411f12316489337eb06e3d7856f22d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8b:4d:9e:f0:47:b3:b6:4e:af:63:f8:68:dc:
6c:a8:83:fd:10:c4:29:bc:5f:83:bd:05:85:97:06:
45:3d:eb:42:24:ec:c6:40:7a:f4:ec:f7:2d:f4:db:
e8:32:1e:66:ab:28:b5:4a:ee:57:26:1e:3e:21:18:
ac:a4:4c:eb:fc:6b:cc:b2:b2:b9:1a:c4:15:20:e2:
00:72:e6:bb:95:ba:57:23:02:9c:19:a1:44:62:2d:
7b:e0:a9:73:a0:c5:66:61:4e:ce:36:7e:ca:7c:42:
1f:ef:4e:56:fb:1e:49:f1:fe:0b:42:df:4c:63:9e:
06:96:a5:d2:8b:d8:8f:77:26:1b:dd:03:e4:19:a1:
56:c8:b0:44:c8:0f:a0:ad:98:47:cd:d9:67:ef:7f:
cd:d3:09:64:34:a4:07:40:55:66:f8:5c:f6:a7:e8:
94:be:69:7b:97:05:ae:f8:a3:6e:38:17:35:7f:ba:
2d:0c:1e:3b:b0:e1:30:57:98:28:30:b8:d9:a4:9f:
51:cb:9b:5e:e9:b9:b3:41:ee:ee:22:91:69:43:cf:
0f:eb:8c:a2:d5:25:f2:a9:8f:72:28:4f:58:a8:46:
8c:2b:3d:cf:91:4a:ba:f8:3c:14:57:db:4a:20:8d:
f3:70:2d:7b:0e:b8:0d:41:73:71:25:b8:ef:79:4b:
75:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BD:08:3C:6C:41:1F:12:31:64:89:33:7E:B0:6E:3D:78:56:F2:2D
X509v3 Authority Key Identifier:
keyid:A7:EE:18:2D:9C:43:A5:CE:70:68:DF:D9:BA:7A:A8:ED:90:E5:E0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/rr0IPGxBHxIxZIkzfrBuPXhW8i0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/dab420-0de3-4321-9c09-6b5f68522a7d/1/p-4YLZxDpc5waN_Zunqo7ZDl4Lo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.9.4.0/23
Signature Algorithm: sha256WithRSAEncryption
e6:ff:68:29:a7:03:7c:3a:f7:22:40:01:91:77:56:62:de:f7:
a2:ce:aa:02:25:b6:13:fa:5c:22:44:99:96:fb:1d:32:00:b8:
7d:a8:24:6d:ed:45:2a:3c:80:a2:66:81:f9:66:41:05:d9:53:
0c:78:22:de:c5:e4:d0:8e:88:a4:8a:0f:97:9c:90:b3:8b:b0:
bc:fc:bf:de:e0:ee:ee:92:af:6c:48:3c:41:cd:51:02:4b:40:
59:96:79:14:d6:1f:3d:d9:e8:1d:5a:a7:99:e5:c5:ef:43:f9:
c1:2e:72:d4:59:a9:4f:25:7f:ff:86:3b:ff:c0:26:d4:26:93:
f1:ca:5f:2a:05:ab:d3:07:1c:8f:aa:e5:40:03:1c:1a:be:69:
fb:7f:72:a3:52:97:70:a2:7b:78:99:0f:b6:1e:37:24:17:83:
58:73:b4:37:b7:98:02:fd:d7:35:61:c9:7d:ea:ff:a8:55:b3:
c9:ab:b5:ea:08:e8:a6:eb:7b:82:2e:07:2b:28:45:e2:f3:ed:
a1:10:c2:ad:81:7a:b7:a2:a9:72:e6:ca:11:c7:60:bf:f3:ce:
64:65:63:f8:c9:e0:d3:55:e0:4e:46:3f:9e:3e:03:e7:9a:00:
3a:98:9d:e7:91:6c:1b:a1:22:04:0c:ab:7f:5b:ca:85:bc:88:
6e:c7:10:a9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEN501qzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
N2VlMTgyZDljNDNhNWNlNzA2OGRmZDliYTdhYThlZDkwZTVlMGJhMB4XDTIyMDEw
MTEyNTUyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWViZDA4M2M2YzQx
MWYxMjMxNjQ4OTMzN2ViMDZlM2Q3ODU2ZjIyZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANuLTZ7wR7O2Tq9j+GjcbKiD/RDEKbxfg70FhZcGRT3rQiTs
xkB69Oz3LfTb6DIeZqsotUruVyYePiEYrKRM6/xrzLKyuRrEFSDiAHLmu5W6VyMC
nBmhRGIte+Cpc6DFZmFOzjZ+ynxCH+9OVvseSfH+C0LfTGOeBpal0ovYj3cmG90D
5BmhVsiwRMgPoK2YR83ZZ+9/zdMJZDSkB0BVZvhc9qfolL5pe5cFrvijbjgXNX+6
LQweO7DhMFeYKDC42aSfUcubXum5s0Hu7iKRaUPPD+uMotUl8qmPcihPWKhGjCs9
z5FKuvg8FFfbSiCN83Atew64DUFzcSW473lLdYkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSuvQg8bEEfEjFkiTN+sG49eFbyLTAfBgNVHSMEGDAWgBSn7hgtnEOlznBo
39m6eqjtkOXgujAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3AtNFlMWnhEcGM1d2FOX1p1bnFvN1pEbDRMby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjIvZGFiNDIwLTBkZTMtNDMyMS05YzA5LTZiNWY2ODUyMmE3ZC8x
L3JyMElQR3hCSHhJeFpJa3pmckJ1UFhoVzhpMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjIv
ZGFiNDIwLTBkZTMtNDMyMS05YzA5LTZiNWY2ODUyMmE3ZC8xL3AtNFlMWnhEcGM1
d2FOX1p1bnFvN1pEbDRMby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAdkJBDANBgkqhkiG9w0BAQsFAAOC
AQEA5v9oKacDfDr3IkABkXdWYt73os6qAiW2E/pcIkSZlvsdMgC4fagkbe1FKjyA
omaB+WZBBdlTDHgi3sXk0I6IpIoPl5yQs4uwvPy/3uDu7pKvbEg8Qc1RAktAWZZ5
FNYfPdnoHVqnmeXF70P5wS5y1FmpTyV//4Y7/8Am1CaT8cpfKgWr0wccj6rlQAMc
Gr5p+39yo1KXcKJ7eJkPth43JBeDWHO0N7eYAv3XNWHJfer/qFWzyau16gjoput7
gi4HKyhF4vPtoRDCrYF6t6KpcubKEcdgv/POZGVj+Mng01XgTkY/nj4D55oAOpid
55FsG6EiBAyrf1vKhbyIbscQqQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:04 2024 by rpki-client on console-ams.rpki-client.org