Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/iSEmXMAb_5oXY3B_jp3HJpSrlnE.roa
File: iSEmXMAb_5oXY3B_jp3HJpSrlnE.roa (raw, json)
Hash identifier: vVbP/FGJ5dGd9FQYSb02nfLB0LAvnZB78DAxlodjRz0=
Subject key identifier: 89:21:26:5C:C0:1B:FF:9A:17:63:70:7F:8E:9D:C7:26:94:AB:96:71
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 3A53E8C2
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/iSEmXMAb_5oXY3B_jp3HJpSrlnE.roa
Signing time: Sat 01 Jan 2022 14:56:28 +0000
ROA not before: Sat 01 Jan 2022 14:56:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59962
IP address blocks: 46.209.32.0/21 maxlen: 24
46.209.168.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 978577602 (0x3a53e8c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 14:56:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8921265cc01bff9a1763707f8e9dc72694ab9671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:42:21:07:d5:27:5b:a9:8b:2c:4d:52:48:04:
a6:2d:fe:c7:fe:d0:fe:6d:aa:43:8a:7b:8e:cf:0e:
1a:5a:ef:09:a1:46:95:25:6f:90:65:7a:47:55:d2:
7d:2e:89:86:1a:1c:a1:9e:9c:2b:7a:20:ef:50:e6:
06:ce:c1:52:80:a9:a3:d3:e2:3b:db:60:35:31:36:
83:ee:d8:a4:6f:fd:17:2f:f8:a8:04:bb:52:ab:d5:
62:af:a2:ad:81:f2:d0:dd:32:0b:d2:4a:5d:50:57:
a2:ad:7b:22:a1:a7:c4:fb:61:fd:f3:3f:39:98:3b:
21:ae:48:c6:ad:df:95:f3:56:03:f1:98:25:fa:10:
be:62:2d:2d:7e:4f:90:c8:e7:e9:90:5f:af:72:af:
67:b7:89:04:45:a1:7a:f6:6d:8b:e2:ce:6a:f3:19:
a6:f1:63:b5:a2:0e:ee:10:89:2f:90:16:54:8e:2d:
4d:b5:65:d4:53:0e:25:2a:21:1a:26:a6:c8:14:5b:
60:e1:93:73:89:9b:96:50:9b:5a:0d:06:79:cc:d6:
e9:7a:26:24:51:10:0d:ed:29:6e:43:03:01:81:e0:
1e:e1:75:be:1a:5b:c9:62:5e:9f:8c:f6:a8:f2:67:
32:aa:cc:5c:9f:2e:6c:2a:66:d0:ed:13:95:cc:09:
be:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:21:26:5C:C0:1B:FF:9A:17:63:70:7F:8E:9D:C7:26:94:AB:96:71
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/iSEmXMAb_5oXY3B_jp3HJpSrlnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.209.32.0/21
46.209.168.0/21
Signature Algorithm: sha256WithRSAEncryption
4c:b5:db:27:7b:35:61:06:02:59:b9:64:22:6d:5f:0b:be:7a:
fe:83:1d:f8:0f:4d:de:ab:08:66:56:4e:b1:52:e8:b5:cb:65:
06:ac:e9:f6:97:c4:67:8e:f0:20:6d:2f:a5:da:47:b1:df:b4:
e6:e9:29:29:9d:ef:da:cf:d3:8a:9e:74:d8:cf:76:29:a7:ed:
56:ac:d5:39:5e:4b:9f:1d:d2:95:3a:79:62:5c:55:64:3b:f5:
ec:c4:a8:75:3b:62:b0:13:d4:f5:67:b3:f1:12:05:cf:74:15:
41:66:cd:bc:ae:10:69:b7:8a:7a:58:55:61:54:a7:5e:ff:cb:
25:84:e5:60:0e:71:85:32:6a:69:ac:18:8b:14:76:9c:8c:4c:
8f:9a:b7:77:c9:33:2d:66:37:33:61:af:f5:d3:75:54:51:98:
9e:50:05:9e:48:26:d0:ed:1c:bc:56:b5:4e:d4:2e:c0:b5:18:
d1:47:d1:c0:16:53:2c:e4:49:d7:a8:e7:92:9a:aa:1a:8a:40:
b9:c7:0f:84:46:b3:71:4c:1e:45:24:c0:d5:c7:53:03:d3:b8:
7a:22:b4:af:0e:69:ac:0d:a6:5f:f6:88:cc:46:0f:23:5d:1b:
c9:3b:be:b5:24:b5:5f:65:cd:bf:0c:77:c1:4e:2d:b1:57:a8:
93:74:d6:b1
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEOlPowjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MWNjYTlmMTVlMTkyMTk1M2E2MjhjOGFkMmFjNGJlOTc3YjZjMzAzMB4XDTIyMDEw
MTE0NTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODkyMTI2NWNjMDFi
ZmY5YTE3NjM3MDdmOGU5ZGM3MjY5NGFiOTY3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdCIQfVJ1upiyxNUkgEpi3+x/7Q/m2qQ4p7js8OGlrvCaFG
lSVvkGV6R1XSfS6JhhocoZ6cK3og71DmBs7BUoCpo9PiO9tgNTE2g+7YpG/9Fy/4
qAS7UqvVYq+irYHy0N0yC9JKXVBXoq17IqGnxPth/fM/OZg7Ia5Ixq3flfNWA/GY
JfoQvmItLX5PkMjn6ZBfr3KvZ7eJBEWhevZti+LOavMZpvFjtaIO7hCJL5AWVI4t
TbVl1FMOJSohGiamyBRbYOGTc4mbllCbWg0GeczW6XomJFEQDe0pbkMDAYHgHuF1
vhpbyWJen4z2qPJnMqrMXJ8ubCpm0O0TlcwJvm0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSJISZcwBv/mhdjcH+OnccmlKuWcTAfBgNVHSMEGDAWgBSBzKnxXhkhlTpi
jIrSrEvpd7bDAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2djeXA4VjRaSVpVNllveUswcXhMNlhlMnd3TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjQvMWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8x
L2lTRW1YTUFiXzVvWFkzQl9qcDNISnBTcmxuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjQv
MWVhMmIwLTZiOWEtNDRkNy1hMmU1LTIyMDZjYzJlNjkxYy8xL2djeXA4VjRaSVpV
NllveUswcXhMNlhlMnd3TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAy7RIAMEAy7RqDANBgkqhkiG9w0B
AQsFAAOCAQEATLXbJ3s1YQYCWblkIm1fC756/oMd+A9N3qsIZlZOsVLotctlBqzp
9pfEZ47wIG0vpdpHsd+05ukpKZ3v2s/Tip502M92KaftVqzVOV5Lnx3SlTp5YlxV
ZDv17MSodTtisBPU9Wez8RIFz3QVQWbNvK4QabeKelhVYVSnXv/LJYTlYA5xhTJq
aawYixR2nIxMj5q3d8kzLWY3M2Gv9dN1VFGYnlAFnkgm0O0cvFa1TtQuwLUY0UfR
wBZTLORJ16jnkpqqGopAuccPhEazcUweRSTA1cdTA9O4eiK0rw5prA2mX/aIzEYP
I10byTu+tSS1X2XNvwx3wU4tsVeok3TWsQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:06 2023 by rpki-client on console-ams.rpki-client.org