Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/ZJsPTlIzKXLDkqiGbh_M6E50LIg.roa
File: ZJsPTlIzKXLDkqiGbh_M6E50LIg.roa (raw, json)
Hash identifier: P16O52YXTWvx8jN0pFLRKDUF04nkx6g0cC8OLB6SBhw=
Subject key identifier: 64:9B:0F:4E:52:33:29:72:C3:92:A8:86:6E:1F:CC:E8:4E:74:2C:88
Certificate issuer: /CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Certificate serial: 0816B558
Authority key identifier: D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/ZJsPTlIzKXLDkqiGbh_M6E50LIg.roa
Signing time: Sat 01 Jan 2022 14:08:33 +0000
ROA not before: Sat 01 Jan 2022 14:08:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209483
IP address blocks: 171.22.156.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 135705944 (0x816b558)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Validity
Not Before: Jan 1 14:08:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=649b0f4e52332972c392a8866e1fcce84e742c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:fd:ce:bf:53:01:6e:e6:42:39:e9:d5:3e:f8:
10:8c:18:15:52:fc:2a:b1:37:0a:2f:b8:ba:b1:19:
d5:19:7b:71:fd:08:67:6d:81:58:90:0f:bb:5d:3f:
79:9a:fa:2d:61:98:75:3f:26:9b:39:fd:13:62:52:
10:49:55:6c:b0:59:01:a6:6f:47:2e:67:7a:29:7a:
80:5e:4f:db:f1:ad:de:52:d8:c6:66:12:5d:cd:10:
d0:51:3d:94:69:b3:46:75:97:ca:7f:e7:6e:5d:1d:
1e:65:6b:55:3b:ff:72:87:c8:34:c2:42:cb:92:24:
c2:b6:05:a9:11:29:c7:51:45:02:2a:65:cb:fa:e6:
8e:21:89:6f:64:2d:b4:60:b6:bc:a3:dc:04:37:03:
e0:54:de:ac:20:a5:1d:01:47:b1:79:86:2a:c1:67:
6a:ba:92:c0:ff:ed:05:67:0e:1f:1d:c0:12:15:36:
02:24:33:46:e7:f9:90:10:ca:bf:52:9a:e0:ac:27:
d1:d5:44:a8:61:da:f1:b5:77:35:b8:81:0a:18:51:
a3:92:81:0f:8d:be:d7:95:8c:48:f3:18:5c:8f:0e:
9a:9c:09:e3:9c:a6:80:38:19:88:c5:ab:3a:f5:c8:
54:15:70:d4:e5:60:16:5e:b8:d1:4e:da:46:5c:f9:
24:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9B:0F:4E:52:33:29:72:C3:92:A8:86:6E:1F:CC:E8:4E:74:2C:88
X509v3 Authority Key Identifier:
keyid:D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/ZJsPTlIzKXLDkqiGbh_M6E50LIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.156.0/22
Signature Algorithm: sha256WithRSAEncryption
82:3b:41:32:7e:c8:2a:fd:73:72:ef:a1:64:ab:40:d2:f0:45:
96:8d:e0:24:d2:69:5a:7d:b5:09:f7:fe:8a:6e:23:d7:11:6a:
06:33:e9:54:7d:1a:c6:1b:bf:c2:63:5f:8e:2b:f4:76:45:be:
c7:79:73:bc:51:68:f6:77:7c:3e:25:2b:28:23:ae:eb:2d:f2:
bf:82:20:5b:c4:24:a3:46:17:01:74:33:22:8d:fb:7c:cb:aa:
7e:d0:e9:ce:73:80:c1:40:b8:94:e7:c8:7c:67:ae:c3:b4:c0:
7a:2f:5b:cb:3c:a2:42:78:67:50:0f:fd:e3:d0:60:b7:bc:20:
c6:56:d8:5f:ad:ec:94:a4:c1:e9:2a:87:bd:04:4d:77:ca:b1:
ee:34:11:c0:6c:e3:6f:1e:a9:59:79:d9:9d:ac:86:b3:30:0e:
70:65:7b:d4:80:4f:17:ee:08:40:5f:48:4a:02:2e:bc:89:32:
23:33:1f:4c:29:af:37:fa:7a:56:3c:fd:82:f6:0b:7f:42:a3:
83:05:f4:24:1f:6c:b2:e2:17:36:ef:99:a1:f4:02:bf:31:5a:
c8:f9:76:30:41:55:47:fc:6c:2d:10:09:e7:66:6f:4e:aa:8f:
58:81:09:b8:1d:a0:8b:7f:e3:5f:f1:8c:b5:6e:93:67:af:2b:
94:91:30:98
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECBa1WDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Mjc1ZDdhOGJhYzA0NzdmNTUwOWRmZjExYjkxOTVjYTYwZGY4N2RhMB4XDTIyMDEw
MTE0MDgzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjQ5YjBmNGU1MjMz
Mjk3MmMzOTJhODg2NmUxZmNjZTg0ZTc0MmM4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJr9zr9TAW7mQjnp1T74EIwYFVL8KrE3Ci+4urEZ1Rl7cf0I
Z22BWJAPu10/eZr6LWGYdT8mmzn9E2JSEElVbLBZAaZvRy5neil6gF5P2/Gt3lLY
xmYSXc0Q0FE9lGmzRnWXyn/nbl0dHmVrVTv/cofINMJCy5IkwrYFqREpx1FFAipl
y/rmjiGJb2QttGC2vKPcBDcD4FTerCClHQFHsXmGKsFnarqSwP/tBWcOHx3AEhU2
AiQzRuf5kBDKv1Ka4Kwn0dVEqGHa8bV3NbiBChhRo5KBD42+15WMSPMYXI8OmpwJ
45ymgDgZiMWrOvXIVBVw1OVgFl640U7aRlz5JLcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRkmw9OUjMpcsOSqIZuH8zoTnQsiDAfBgNVHSMEGDAWgBTSddeousBHf1UJ
3/EbkZXKYN+H2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBuWFhxTHJBUjM5VkNkX3hHNUdWeW1EZmg5by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvN2JlYjA0LTMxN2ItNDQ4YS04MmVkLTU2NWIxNDQ3MDM3Yi8x
L1pKc1BUbEl6S1hMRGtxaUdiaF9NNkU1MExJZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
N2JlYjA0LTMxN2ItNDQ4YS04MmVkLTU2NWIxNDQ3MDM3Yi8xLzBuWFhxTHJBUjM5
VkNkX3hHNUdWeW1EZmg5by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqsWnDANBgkqhkiG9w0BAQsFAAOC
AQEAgjtBMn7IKv1zcu+hZKtA0vBFlo3gJNJpWn21Cff+im4j1xFqBjPpVH0axhu/
wmNfjiv0dkW+x3lzvFFo9nd8PiUrKCOu6y3yv4IgW8Qko0YXAXQzIo37fMuqftDp
znOAwUC4lOfIfGeuw7TAei9byzyiQnhnUA/949Bgt7wgxlbYX63slKTB6SqHvQRN
d8qx7jQRwGzjbx6pWXnZnayGszAOcGV71IBPF+4IQF9ISgIuvIkyIzMfTCmvN/p6
Vjz9gvYLf0KjgwX0JB9ssuIXNu+ZofQCvzFayPl2MEFVR/xsLRAJ52ZvTqqPWIEJ
uB2gi3/jX/GMtW6TZ68rlJEwmA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:11 2023 by rpki-client on console-fra.rpki-client.org