Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/Ar8I4fX9x9xpCeJ6xNesrN4ApkE.roa
File: Ar8I4fX9x9xpCeJ6xNesrN4ApkE.roa (raw, json)
Hash identifier: 5fBEM+vVgb+/v8lixVN0vBFa0Bj0JGoIBHshSh5xEts=
Subject key identifier: 02:BF:08:E1:F5:FD:C7:DC:69:09:E2:7A:C4:D7:AC:AC:DE:00:A6:41
Certificate issuer: /CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Certificate serial: 3C4F3C35
Authority key identifier: 96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/Ar8I4fX9x9xpCeJ6xNesrN4ApkE.roa
Signing time: Sat 01 Jan 2022 13:57:39 +0000
ROA not before: Sat 01 Jan 2022 13:57:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213087
IP address blocks: 134.97.3.0/24 maxlen: 24
134.97.2.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1011825717 (0x3c4f3c35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=969948d0fe4d7f99d54ba8bffcd99a1a608ae0d3
Validity
Not Before: Jan 1 13:57:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02bf08e1f5fdc7dc6909e27ac4d7acacde00a641
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e2:ce:55:72:b4:c8:20:76:84:3f:bf:60:be:
07:bd:5e:11:de:3d:fe:50:f0:c1:d4:e1:6d:36:f9:
58:cb:6d:d0:6e:33:98:48:5d:35:46:12:b5:7d:00:
20:33:34:07:f3:ec:43:6e:dd:a3:56:eb:cf:50:6d:
45:c5:e0:9f:aa:8d:92:a1:f5:7a:3c:f9:fa:47:83:
f5:37:ca:d3:6e:29:fb:cb:14:50:fc:60:9a:dc:83:
d6:ea:2a:3f:25:42:32:cb:10:64:d9:62:ae:ec:24:
91:d2:b0:b4:c8:70:a3:02:44:4d:75:bf:17:b3:ce:
16:37:d2:12:53:60:b1:46:01:79:11:97:8d:3a:1d:
7b:14:82:8a:97:4b:f6:25:51:1b:53:08:5b:eb:48:
3a:52:09:eb:a7:f8:fa:6e:73:e9:94:95:f6:f2:b2:
fa:df:e7:e0:83:2b:ba:f8:19:74:0b:c8:3d:7c:2e:
83:39:c8:88:94:59:3f:7b:4a:d6:2b:b9:26:4c:3d:
34:11:d7:9c:be:f9:6c:94:46:f4:ea:26:da:f5:ac:
da:de:f4:f6:4f:24:4e:f7:14:91:cb:2d:9f:fd:8d:
46:a4:70:2b:55:61:1e:bb:23:54:87:2b:f9:23:32:
7a:ef:04:bc:72:52:b7:86:5d:d6:62:ee:13:43:0a:
8e:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:BF:08:E1:F5:FD:C7:DC:69:09:E2:7A:C4:D7:AC:AC:DE:00:A6:41
X509v3 Authority Key Identifier:
keyid:96:99:48:D0:FE:4D:7F:99:D5:4B:A8:BF:FC:D9:9A:1A:60:8A:E0:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lplI0P5Nf5nVS6i__NmaGmCK4NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/Ar8I4fX9x9xpCeJ6xNesrN4ApkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1a2fa2-eeb3-4312-9130-53cc5daf52cf/1/lplI0P5Nf5nVS6i__NmaGmCK4NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.97.2.0/23
Signature Algorithm: sha256WithRSAEncryption
02:b6:cb:ce:ac:b3:96:03:47:e3:9a:85:43:a4:d5:79:cc:1e:
c5:b4:88:25:ad:01:19:a2:3a:fa:6c:76:a7:25:61:1d:57:bc:
cb:b1:50:ed:c8:93:8b:33:25:e9:b3:78:06:15:16:66:23:18:
e0:fe:94:ba:c1:09:86:e2:fc:ca:69:26:88:ac:52:6a:73:8f:
87:62:d0:27:db:c5:91:1f:ca:63:e7:17:6a:c8:61:65:7e:04:
f4:a7:dd:af:e3:ff:24:be:dd:ff:cc:08:43:f5:56:b6:b7:b8:
89:44:01:73:70:06:4a:1a:46:f0:df:2a:ed:2a:f0:ff:b8:c0:
9b:93:f9:15:e3:79:5c:4b:e8:6c:16:09:3f:d3:7d:90:ae:6e:
6d:b4:4c:1a:a0:35:55:31:83:bd:e0:e5:33:5f:00:7a:7e:ca:
e6:7c:68:e8:82:24:32:e9:b5:74:80:dc:f6:68:81:0d:4e:82:
e5:6d:82:28:db:10:62:ff:0b:3b:03:51:67:1c:4a:bf:a8:a2:
2b:50:e6:02:1d:c6:46:ac:c4:23:34:81:9b:7b:fe:b9:4c:8a:
9c:e9:2c:50:d3:5a:c4:b3:af:3f:7f:1d:89:db:a1:2e:3f:c0:
5d:9d:3a:13:54:83:2b:f8:12:51:f4:9b:b9:20:f7:31:74:de:
e7:34:87:15
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEPE88NTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
Njk5NDhkMGZlNGQ3Zjk5ZDU0YmE4YmZmY2Q5OWExYTYwOGFlMGQzMB4XDTIyMDEw
MTEzNTczOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDJiZjA4ZTFmNWZk
YzdkYzY5MDllMjdhYzRkN2FjYWNkZTAwYTY0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/izlVytMggdoQ/v2C+B71eEd49/lDwwdThbTb5WMtt0G4z
mEhdNUYStX0AIDM0B/PsQ27do1brz1BtRcXgn6qNkqH1ejz5+keD9TfK024p+8sU
UPxgmtyD1uoqPyVCMssQZNliruwkkdKwtMhwowJETXW/F7POFjfSElNgsUYBeRGX
jTodexSCipdL9iVRG1MIW+tIOlIJ66f4+m5z6ZSV9vKy+t/n4IMruvgZdAvIPXwu
gznIiJRZP3tK1iu5Jkw9NBHXnL75bJRG9Oom2vWs2t709k8kTvcUkcstn/2NRqRw
K1VhHrsjVIcr+SMyeu8EvHJSt4Zd1mLuE0MKjjkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQCvwjh9f3H3GkJ4nrE16ys3gCmQTAfBgNVHSMEGDAWgBSWmUjQ/k1/mdVL
qL/82ZoaYIrg0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xwbEkwUDVOZjVuVlM2aV9fTm1hR21DSzROTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmYvMWEyZmEyLWVlYjMtNDMxMi05MTMwLTUzY2M1ZGFmNTJjZi8x
L0FyOEk0Zlg5eDl4cENlSjZ4TmVzck40QXBrRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmYv
MWEyZmEyLWVlYjMtNDMxMi05MTMwLTUzY2M1ZGFmNTJjZi8xL2xwbEkwUDVOZjVu
VlM2aV9fTm1hR21DSzROTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAYZhAjANBgkqhkiG9w0BAQsFAAOC
AQEAArbLzqyzlgNH45qFQ6TVecwexbSIJa0BGaI6+mx2pyVhHVe8y7FQ7ciTizMl
6bN4BhUWZiMY4P6UusEJhuL8ymkmiKxSanOPh2LQJ9vFkR/KY+cXashhZX4E9Kfd
r+P/JL7d/8wIQ/VWtre4iUQBc3AGShpG8N8q7Srw/7jAm5P5FeN5XEvobBYJP9N9
kK5ubbRMGqA1VTGDveDlM18Aen7K5nxo6IIkMum1dIDc9miBDU6C5W2CKNsQYv8L
OwNRZxxKv6iiK1DmAh3GRqzEIzSBm3v+uUyKnOksUNNaxLOvP38diduhLj/AXZ06
E1SDK/gSUfSbuSD3MXTe5zSHFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:02 2024 by rpki-client on console-ams.rpki-client.org