Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/9CAyVrb6ukypzCMNFyc-Jv3GjdA.roa
File: 9CAyVrb6ukypzCMNFyc-Jv3GjdA.roa (raw, json)
Hash identifier: G20gS9zNayExZ7HtZrjQXMXf632CCgC83Hs0o0DBxIU=
Subject key identifier: F4:20:32:56:B6:FA:BA:4C:A9:CC:23:0D:17:27:3E:26:FD:C6:8D:D0
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 0149CFE3
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/9CAyVrb6ukypzCMNFyc-Jv3GjdA.roa
Signing time: Sat 01 Jan 2022 01:00:18 +0000
ROA not before: Sat 01 Jan 2022 01:00:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211449
IP address blocks: 194.28.97.0/24 maxlen: 24
2a0c:b641:150::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21614563 (0x149cfe3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Jan 1 01:00:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4203256b6faba4ca9cc230d17273e26fdc68dd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:3a:30:4a:8e:72:b0:8d:cc:fc:55:37:80:e3:
d4:04:cc:7d:12:ba:98:8a:73:05:40:1d:03:78:8f:
69:15:85:eb:41:d9:ce:75:cb:0a:a5:bb:ea:a2:c2:
67:0f:c0:9b:55:1f:c5:18:a5:d8:67:7d:a1:0f:af:
90:05:04:1d:3d:7b:04:7f:fa:79:0b:d8:32:96:9b:
fb:25:b7:a7:7b:2f:ed:7f:1a:00:60:b8:fd:49:21:
8e:f4:ec:c5:30:d1:f9:86:00:4f:45:50:ec:42:ff:
1a:9c:d2:c9:87:30:8d:67:1a:4c:76:0f:27:39:cb:
a6:53:0a:18:eb:56:40:75:46:f3:2a:af:e2:c2:44:
83:77:c6:00:c4:cf:57:e8:fd:ab:0a:80:a7:f5:7b:
ad:28:0c:94:69:b8:b1:c3:d7:7d:53:e1:cc:d8:3d:
43:bf:73:fc:c1:be:00:32:42:b4:40:fe:03:c7:50:
40:c6:fd:46:a3:d0:64:11:52:ba:8a:99:61:9c:13:
3e:3c:bc:0e:cf:e5:b6:8c:06:a4:e8:a5:4e:65:08:
21:c8:75:47:e2:bf:75:9e:a9:0e:35:e7:29:0d:9f:
06:1a:75:ac:0f:79:8d:29:f1:bf:5d:fc:68:c6:2d:
dc:db:3a:2d:fc:37:8c:23:89:20:d7:92:cc:4f:cb:
0a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:20:32:56:B6:FA:BA:4C:A9:CC:23:0D:17:27:3E:26:FD:C6:8D:D0
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/9CAyVrb6ukypzCMNFyc-Jv3GjdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.97.0/24
IPv6:
2a0c:b641:150::/44
Signature Algorithm: sha256WithRSAEncryption
33:03:2f:ea:24:06:cb:90:37:95:99:06:c4:1f:f4:c0:9c:b0:
eb:9c:85:70:20:3c:90:66:50:9b:eb:25:45:fa:b8:62:ef:cf:
82:d9:ea:fd:ad:7e:f5:b0:bf:8a:5b:5d:96:8f:dd:38:76:21:
4c:9a:5b:ca:ed:ce:75:90:80:80:0e:4c:c3:22:98:e8:7a:21:
2e:69:d4:e2:18:c6:01:b3:7e:b8:fd:a9:05:88:6e:61:70:51:
63:b6:4d:a8:fc:7e:d7:52:5e:ff:c4:cb:b3:83:f7:9f:fe:87:
76:49:f6:83:b4:43:db:b8:e0:8f:55:e2:2a:e7:9f:de:03:45:
cb:48:35:c1:f2:f2:65:7d:d8:e8:7f:fa:df:b2:05:1a:4e:69:
98:ba:83:0d:fc:7f:15:2a:7f:bf:13:a4:4c:85:02:53:0f:d2:
dd:90:2f:40:0a:bf:67:4b:4c:06:b1:be:3e:bb:c0:01:f3:50:
9a:09:35:43:56:65:f5:34:d0:a0:4c:f0:de:b0:73:e6:70:ef:
88:19:1d:54:13:ab:a0:7e:6a:98:55:65:ad:b5:94:05:08:c5:
82:c8:f1:22:10:20:fd:36:62:96:2a:05:ef:c4:aa:7d:f7:a4:
2c:af:74:5b:39:5c:d3:58:08:b9:f6:eb:e8:9e:5e:c3:58:92:
7c:59:34:ef
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEAUnP4zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTk3NjgwMTM2M2QzNzU3ODYxNTJlNGQwNjFlNzVjOGJlYjM1MDU4MB4XDTIyMDEw
MTAxMDAxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQyMDMyNTZiNmZh
YmE0Y2E5Y2MyMzBkMTcyNzNlMjZmZGM2OGRkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM86MEqOcrCNzPxVN4Dj1ATMfRK6mIpzBUAdA3iPaRWF60HZ
znXLCqW76qLCZw/Am1UfxRil2Gd9oQ+vkAUEHT17BH/6eQvYMpab+yW3p3sv7X8a
AGC4/UkhjvTsxTDR+YYAT0VQ7EL/GpzSyYcwjWcaTHYPJznLplMKGOtWQHVG8yqv
4sJEg3fGAMTPV+j9qwqAp/V7rSgMlGm4scPXfVPhzNg9Q79z/MG+ADJCtED+A8dQ
QMb9RqPQZBFSuoqZYZwTPjy8Ds/ltowGpOilTmUIIch1R+K/dZ6pDjXnKQ2fBhp1
rA95jSnxv138aMYt3Ns6Lfw3jCOJINeSzE/LCk8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBT0IDJWtvq6TKnMIw0XJz4m/caN0DAfBgNVHSMEGDAWgBQFl2gBNj03V4YV
Lk0GHnXIvrNQWDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JaZG9BVFk5TjFlR0ZTNU5CaDUxeUw2elVGZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvMmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8x
LzlDQXlWcmI2dWt5cHpDTU5GeWMtSnYzR2pkQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
MmJhYWRjLTJiN2EtNGVjMC05NWNhLTVlYzhjOGVkNjBmZC8xL0JaZG9BVFk5TjFl
R0ZTNU5CaDUxeUw2elVGZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMIcYTAPBAIAAjAJAwcEKgy2QQFQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAzAy/qJAbLkDeVmQbEH/TAnLDrnIVwIDyQZlCb
6yVF+rhi78+C2er9rX71sL+KW12Wj904diFMmlvK7c51kICADkzDIpjoeiEuadTi
GMYBs364/akFiG5hcFFjtk2o/H7XUl7/xMuzg/ef/od2SfaDtEPbuOCPVeIq55/e
A0XLSDXB8vJlfdjof/rfsgUaTmmYuoMN/H8VKn+/E6RMhQJTD9LdkC9ACr9nS0wG
sb4+u8AB81CaCTVDVmX1NNCgTPDesHPmcO+IGR1UE6ugfmqYVWWttZQFCMWCyPEi
ECD9NmKWKgXvxKp996Qsr3RbOVzTWAi59uvonl7DWJJ8WTTv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:25 2023 by rpki-client on console-ams.rpki-client.org