Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ORRyi3yaaYhekm1G_piDJyYg3qI.roa
File: ORRyi3yaaYhekm1G_piDJyYg3qI.roa (raw, json)
Hash identifier: zpP9TIUioNYLhTQQrDF6j6zSU6CW5Pf1Hm1E+RCvDr8=
Subject key identifier: 39:14:72:8B:7C:9A:69:88:5E:92:6D:46:FE:98:83:27:26:20:DE:A2
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1BA262F8
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ORRyi3yaaYhekm1G_piDJyYg3qI.roa
Signing time: Sat 01 Jan 2022 05:03:44 +0000
ROA not before: Sat 01 Jan 2022 05:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57217
IP address blocks: 176.116.224.0/22 maxlen: 22
176.107.64.0/21 maxlen: 21
176.121.32.0/21 maxlen: 21
176.121.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 463627000 (0x1ba262f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3914728b7c9a69885e926d46fe9883272620dea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:38:63:38:e8:e9:e6:96:16:82:36:90:1f:68:
87:4b:c1:c6:aa:4f:6a:36:b4:fd:4c:a5:c6:6e:92:
63:b8:9b:d4:15:d8:d6:ca:9f:98:5c:df:07:a9:b5:
ce:d7:09:b6:c6:73:77:6f:56:64:cf:c3:a8:1e:f6:
82:d4:a3:08:de:4b:43:2f:78:51:37:72:f6:33:bf:
be:ac:bc:8a:55:75:c4:58:33:91:19:8f:a5:63:af:
01:bf:2b:86:8e:cd:16:c3:9b:da:bd:1d:ce:59:b7:
6f:47:d1:75:74:3e:9b:20:1e:62:72:43:05:fe:59:
ae:5f:6f:ec:a2:07:9e:04:5d:c5:b5:2f:04:38:d1:
6e:3d:c2:2b:e5:d8:3f:44:6d:88:26:3d:09:90:b0:
bc:9a:1a:ca:cd:f7:bf:d4:b4:42:6e:53:79:e3:c6:
1b:40:26:17:60:fd:4d:a6:cc:7b:29:42:6d:90:29:
5e:4d:de:a5:31:6e:7d:14:00:f5:9e:8b:f7:fb:f4:
4e:16:6e:72:e6:fd:19:43:58:4c:f8:82:fa:2f:f9:
f4:20:3b:ee:35:96:95:5c:0f:83:3d:26:1d:1a:9c:
cd:3f:98:c6:d7:22:21:a3:5f:7c:e2:07:94:42:30:
e3:f3:41:f3:77:d6:1f:f5:bd:78:fe:99:25:02:3a:
30:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:14:72:8B:7C:9A:69:88:5E:92:6D:46:FE:98:83:27:26:20:DE:A2
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/ORRyi3yaaYhekm1G_piDJyYg3qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.107.64.0/21
176.116.224.0/22
176.121.32.0/20
Signature Algorithm: sha256WithRSAEncryption
1b:dc:d2:9a:6d:ac:10:6d:b3:d5:70:25:4e:e8:4c:3f:19:05:
46:9c:46:e9:f6:ae:a0:cc:cc:98:e0:38:2e:d3:87:b2:68:68:
9d:1d:de:57:9c:0c:22:92:48:11:20:ee:1f:9d:79:f5:50:3c:
6d:b0:bc:0d:ff:3c:69:21:9d:25:22:de:9f:cd:f2:7f:4e:25:
f7:9c:82:92:05:b0:dc:81:a7:08:2a:c3:d3:14:d4:cc:f7:86:
73:a6:86:ae:6a:fc:7a:3c:bb:1a:cf:6e:67:26:bb:98:08:da:
70:64:8b:5b:b8:c1:17:8c:d3:a3:dd:ea:e6:bf:f0:12:7e:e9:
31:a4:5e:50:12:c0:59:37:16:d7:6f:3c:3a:71:33:53:76:71:
ab:1a:41:f8:cd:91:b4:da:5d:5b:bc:28:d7:ec:a3:30:ef:08:
e1:de:fe:68:cf:b8:d8:21:e3:4f:0c:c7:bb:23:58:d7:3d:eb:
90:02:94:da:3b:d3:be:d0:96:ad:8a:42:43:c0:94:7f:d0:c5:
1e:1c:cb:d8:11:aa:2f:9f:86:f0:28:2b:de:bd:a0:86:a7:40:
5d:9a:f4:1b:9e:f1:1f:eb:ed:c0:51:6a:a2:d9:e8:51:15:66:
20:93:e9:b0:b2:93:bf:75:c0:db:16:6b:11:44:e5:58:5a:46:
75:98:60:00
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEG6Ji+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDEw
MTA1MDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzkxNDcyOGI3Yzlh
Njk4ODVlOTI2ZDQ2ZmU5ODgzMjcyNjIwZGVhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALk4Yzjo6eaWFoI2kB9oh0vBxqpPaja0/Uylxm6SY7ib1BXY
1sqfmFzfB6m1ztcJtsZzd29WZM/DqB72gtSjCN5LQy94UTdy9jO/vqy8ilV1xFgz
kRmPpWOvAb8rho7NFsOb2r0dzlm3b0fRdXQ+myAeYnJDBf5Zrl9v7KIHngRdxbUv
BDjRbj3CK+XYP0RtiCY9CZCwvJoays33v9S0Qm5TeePGG0AmF2D9TabMeylCbZAp
Xk3epTFufRQA9Z6L9/v0ThZucub9GUNYTPiC+i/59CA77jWWlVwPgz0mHRqczT+Y
xtciIaNffOIHlEIw4/NB83fWH/W9eP6ZJQI6MIsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQ5FHKLfJppiF6SbUb+mIMnJiDeojAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L09SUnlpM3lhYVloZWttMUdfcGlESnlZZzNxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA7BrQAMEArB04AMEBLB5IDANBgkq
hkiG9w0BAQsFAAOCAQEAG9zSmm2sEG2z1XAlTuhMPxkFRpxG6fauoMzMmOA4LtOH
smhonR3eV5wMIpJIESDuH5159VA8bbC8Df88aSGdJSLen83yf04l95yCkgWw3IGn
CCrD0xTUzPeGc6aGrmr8ejy7Gs9uZya7mAjacGSLW7jBF4zTo93q5r/wEn7pMaRe
UBLAWTcW1288OnEzU3ZxqxpB+M2RtNpdW7wo1+yjMO8I4d7+aM+42CHjTwzHuyNY
1z3rkAKU2jvTvtCWrYpCQ8CUf9DFHhzL2BGqL5+G8Cgr3r2ghqdAXZr0G57xH+vt
wFFqotnoURVmIJPpsLKTv3XA2xZrEUTlWFpGdZhgAA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org