Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/l9e4MKl92IDtKRx3RH0WuS1RzEA.roa
File: l9e4MKl92IDtKRx3RH0WuS1RzEA.roa (raw, json)
Hash identifier: 5oa5L206hwrsIoANDM7nznvTCGfh1YV/0ebkSOAEyiE=
Subject key identifier: 97:D7:B8:30:A9:7D:D8:80:ED:29:1C:77:44:7D:16:B9:2D:51:CC:40
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 07B1BF11
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/l9e4MKl92IDtKRx3RH0WuS1RzEA.roa
Signing time: Wed 11 May 2022 05:04:02 +0000
ROA not before: Wed 11 May 2022 05:04:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 188.209.140.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129089297 (0x7b1bf11)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: May 11 05:04:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97d7b830a97dd880ed291c77447d16b92d51cc40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d5:66:84:f9:f1:53:a4:71:f1:2e:16:2f:f5:
f8:b9:4b:22:2a:19:a4:a4:54:0c:3d:0d:73:dc:d6:
4a:7c:07:1c:66:6a:73:f3:92:41:55:66:9d:e3:08:
fc:de:f4:e4:94:24:f0:d2:57:f9:a9:88:27:87:3e:
f3:cd:1e:7b:64:3a:60:9e:b9:c6:0a:6e:10:c3:e2:
d9:9d:a0:1f:8c:3f:2b:05:e0:00:29:28:af:bb:a1:
37:21:84:cf:bc:50:0e:6b:d9:c2:79:07:e4:fd:07:
59:80:4f:00:5d:b1:69:a7:c3:10:0f:c4:ac:e3:ce:
07:02:08:84:e7:8b:80:32:de:63:3d:e8:47:29:36:
9e:11:12:ad:92:49:a9:dd:b7:20:bb:cf:d9:7f:ba:
49:fa:3c:df:4f:83:32:db:4b:45:28:70:c0:6a:08:
79:87:a4:ce:d0:12:0f:56:68:67:82:bf:a6:95:b3:
22:c9:32:9d:34:c9:b2:fb:d2:e8:98:10:73:1e:79:
77:35:81:b3:69:46:b8:9d:f5:8b:10:9f:0f:83:c9:
ab:e6:16:80:db:ee:26:e3:d7:c8:cf:f0:63:2c:82:
a2:a4:d7:94:f4:a9:eb:49:da:e6:33:1c:3e:a0:5d:
a9:c2:01:bf:e9:09:14:25:f3:40:ae:13:e3:77:2a:
bc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:D7:B8:30:A9:7D:D8:80:ED:29:1C:77:44:7D:16:B9:2D:51:CC:40
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/l9e4MKl92IDtKRx3RH0WuS1RzEA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.140.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:0c:29:ac:fe:b0:4b:74:11:11:4e:3f:7c:ec:a1:30:49:d0:
1d:db:09:f8:ec:34:d1:af:d3:cc:e9:dc:dd:1d:be:62:31:1f:
db:07:55:2e:0f:3e:00:2a:f9:9e:1e:a7:4c:b1:6f:bb:3c:32:
85:76:de:d6:22:35:da:73:eb:1d:cb:16:bf:a2:2d:7f:cb:7e:
79:42:cc:78:9c:ec:03:2c:ab:c9:f3:2b:c4:49:4c:7b:80:e8:
7a:d8:ce:b2:6f:61:b7:25:c9:30:6e:9c:c7:31:dc:e0:dd:1b:
a8:a4:95:48:5b:cf:81:f6:84:cc:8b:20:1c:ab:a0:60:af:40:
76:fe:d2:0c:00:7d:12:fe:65:b1:74:97:11:c4:3d:6a:59:c5:
7d:2e:76:18:39:ea:56:db:c9:37:06:7d:41:84:03:5c:52:e2:
27:a1:41:43:a4:f8:bc:a9:f2:0d:c7:f3:c4:2d:ee:75:c9:8c:
b8:76:3e:19:11:c8:d1:89:26:5a:8b:87:89:6a:cc:b6:c5:52:
c1:5e:44:cb:d8:52:df:bc:5e:00:1e:3e:5d:b0:e5:ea:e2:b3:
70:df:d1:db:06:fc:ba:08:8b:78:f5:34:57:85:d4:f9:31:96:
81:55:4c:8e:ad:5d:61:98:71:0d:6c:f9:f0:53:08:d1:5e:22:
b1:e8:2e:8b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB7G/ETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTNkYTIwMTk5MDlkOWZjMzc4MjlmZDllYzI5ZDk0OGVjZmY3YzkyMB4XDTIyMDUx
MTA1MDQwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTdkN2I4MzBhOTdk
ZDg4MGVkMjkxYzc3NDQ3ZDE2YjkyZDUxY2M0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvVZoT58VOkcfEuFi/1+LlLIioZpKRUDD0Nc9zWSnwHHGZq
c/OSQVVmneMI/N705JQk8NJX+amIJ4c+880ee2Q6YJ65xgpuEMPi2Z2gH4w/KwXg
ACkor7uhNyGEz7xQDmvZwnkH5P0HWYBPAF2xaafDEA/ErOPOBwIIhOeLgDLeYz3o
Ryk2nhESrZJJqd23ILvP2X+6Sfo830+DMttLRShwwGoIeYekztASD1ZoZ4K/ppWz
IskynTTJsvvS6JgQcx55dzWBs2lGuJ31ixCfD4PJq+YWgNvuJuPXyM/wYyyCoqTX
lPSp60na5jMcPqBdqcIBv+kJFCXzQK4T43cqvFUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSX17gwqX3YgO0pHHdEfRa5LVHMQDAfBgNVHSMEGDAWgBTZPaIBmQnZ/DeC
n9nsKdlI7P98kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8x
L2w5ZTRNS2w5MklEdEtSeDNSSDBXdVMxUnpFQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
NDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8xLzJUMmlBWmtKMmZ3
M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArzRjDANBgkqhkiG9w0BAQsFAAOC
AQEAtQwprP6wS3QREU4/fOyhMEnQHdsJ+Ow00a/TzOnc3R2+YjEf2wdVLg8+ACr5
nh6nTLFvuzwyhXbe1iI12nPrHcsWv6Itf8t+eULMeJzsAyyryfMrxElMe4DoetjO
sm9htyXJMG6cxzHc4N0bqKSVSFvPgfaEzIsgHKugYK9Adv7SDAB9Ev5lsXSXEcQ9
alnFfS52GDnqVtvJNwZ9QYQDXFLiJ6FBQ6T4vKnyDcfzxC3udcmMuHY+GRHI0Ykm
WouHiWrMtsVSwV5Ey9hS37xeAB4+XbDl6uKzcN/R2wb8ugiLePU0V4XU+TGWgVVM
jq1dYZhxDWz58FMI0V4iseguiw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:59 2023 by rpki-client on console-ams.rpki-client.org