Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/n4I1PqMz7E8CchPZeRbvreJmWTA.roa
File: n4I1PqMz7E8CchPZeRbvreJmWTA.roa (raw, json)
Hash identifier: gShYVlyOzkOc+Ao8mXJdtqwBTZd25MCORzC54WZYqzg=
Subject key identifier: 9F:82:35:3E:A3:33:EC:4F:02:72:13:D9:79:16:EF:AD:E2:66:59:30
Certificate issuer: /CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Certificate serial: 058343AD
Authority key identifier: DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/n4I1PqMz7E8CchPZeRbvreJmWTA.roa
Signing time: Sat 01 Jan 2022 14:07:30 +0000
ROA not before: Sat 01 Jan 2022 14:07:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16314
IP address blocks: 217.116.64.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 92488621 (0x58343ad)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd53f63f13a0c952a079f4578a10edbf6e3aa58b
Validity
Not Before: Jan 1 14:07:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f82353ea333ec4f027213d97916efade2665930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:83:2d:3f:d5:ee:16:53:2f:af:f2:29:9b:48:
1a:79:57:df:21:a7:35:d9:74:2e:e3:60:6e:6c:d0:
98:39:d7:90:19:f7:40:fb:fe:47:4a:6d:d9:f1:02:
ea:12:46:61:6c:10:26:fb:8d:0d:21:4e:2c:94:bd:
7b:4b:bd:09:bd:33:59:ad:e2:e1:d1:f3:cf:72:86:
c8:8d:8d:40:48:1d:dc:6f:d0:e8:b2:fd:9d:d9:fe:
85:6a:0a:c5:7f:b1:39:d4:88:93:9d:aa:ff:4d:fd:
bc:b8:ef:c8:9d:04:f3:46:2b:71:1c:51:dc:8f:e2:
56:b4:99:40:6c:c2:c7:b6:d3:5a:73:b5:49:ef:c3:
c1:87:4e:16:be:ae:c3:ec:2c:de:81:e2:0d:04:6f:
c4:06:cd:d9:ce:cd:a2:da:46:84:1f:3f:58:43:21:
15:9b:d3:2d:53:18:07:ed:71:98:ac:ac:b9:6c:63:
13:80:7d:02:93:c5:d3:5f:e0:e0:c6:56:38:21:42:
56:88:a7:90:74:42:46:ba:73:3b:b0:8d:63:18:de:
2a:20:18:29:72:b0:0f:84:28:90:99:f4:00:56:fa:
cd:95:43:f6:2c:c4:72:93:21:38:d7:1f:f0:a4:4e:
8b:7a:ab:aa:b5:3b:a5:19:69:c7:0d:8c:f3:30:3a:
83:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:82:35:3E:A3:33:EC:4F:02:72:13:D9:79:16:EF:AD:E2:66:59:30
X509v3 Authority Key Identifier:
keyid:DD:53:F6:3F:13:A0:C9:52:A0:79:F4:57:8A:10:ED:BF:6E:3A:A5:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3VP2PxOgyVKgefRXihDtv246pYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/n4I1PqMz7E8CchPZeRbvreJmWTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1c444d-058d-475c-abff-5cdfa117aec6/1/3VP2PxOgyVKgefRXihDtv246pYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.116.64.0/20
Signature Algorithm: sha256WithRSAEncryption
5d:33:b6:9f:8b:2b:90:c7:e0:cc:f0:9f:cd:35:41:db:d6:b7:
17:57:eb:9d:ff:a3:4a:10:ba:2e:68:49:8d:6a:2c:96:e9:81:
2b:90:38:4b:84:b8:c0:e1:25:ed:40:73:79:b2:ce:98:bc:e8:
cb:c3:68:fc:e9:41:ac:51:4a:0a:1a:fe:53:47:42:12:c7:96:
e1:73:e1:aa:b7:54:a5:d3:d3:4e:e0:4d:36:21:f6:f4:b2:f4:
b6:c0:76:9f:6e:ff:c3:f7:97:78:cc:54:b4:91:d0:5d:ce:cd:
d8:5e:66:be:31:6c:22:c1:9e:1f:82:62:00:57:89:08:09:51:
40:8d:03:0e:a2:f5:62:0d:00:d5:7c:10:11:d7:6f:f6:f6:63:
19:dd:02:21:9f:76:63:85:80:92:a9:4e:0d:cc:00:74:87:8a:
ca:60:9f:5c:c0:6d:15:e3:6e:b4:2f:bc:e9:9a:6c:84:2a:66:
30:6a:cb:f6:0a:0d:6f:d9:98:86:d3:53:84:03:02:38:84:a5:
5d:cc:96:4c:f6:de:78:05:30:57:cc:0e:38:54:45:42:62:07:
51:7d:ce:4a:6b:fb:6c:2a:71:12:78:7c:e9:16:df:9a:d6:a5:
85:15:c8:17:df:e0:c9:8f:d5:30:94:50:97:ee:d6:f6:db:4d:
76:4c:6b:b4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBYNDrTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDUzZjYzZjEzYTBjOTUyYTA3OWY0NTc4YTEwZWRiZjZlM2FhNThiMB4XDTIyMDEw
MTE0MDczMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY4MjM1M2VhMzMz
ZWM0ZjAyNzIxM2Q5NzkxNmVmYWRlMjY2NTkzMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMiDLT/V7hZTL6/yKZtIGnlX3yGnNdl0LuNgbmzQmDnXkBn3
QPv+R0pt2fEC6hJGYWwQJvuNDSFOLJS9e0u9Cb0zWa3i4dHzz3KGyI2NQEgd3G/Q
6LL9ndn+hWoKxX+xOdSIk52q/039vLjvyJ0E80YrcRxR3I/iVrSZQGzCx7bTWnO1
Se/DwYdOFr6uw+ws3oHiDQRvxAbN2c7NotpGhB8/WEMhFZvTLVMYB+1xmKysuWxj
E4B9ApPF01/g4MZWOCFCVoinkHRCRrpzO7CNYxjeKiAYKXKwD4QokJn0AFb6zZVD
9izEcpMhONcf8KROi3qrqrU7pRlpxw2M8zA6g70CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSfgjU+ozPsTwJyE9l5Fu+t4mZZMDAfBgNVHSMEGDAWgBTdU/Y/E6DJUqB5
9FeKEO2/bjqlizAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNWUDJQeE9neVZLZ2VmUlhpaER0djI0NnBZcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvMWM0NDRkLTA1OGQtNDc1Yy1hYmZmLTVjZGZhMTE3YWVjNi8x
L240STFQcU16N0U4Q2NoUFplUmJ2cmVKbVdUQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
MWM0NDRkLTA1OGQtNDc1Yy1hYmZmLTVjZGZhMTE3YWVjNi8xLzNWUDJQeE9neVZL
Z2VmUlhpaER0djI0NnBZcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNl0QDANBgkqhkiG9w0BAQsFAAOC
AQEAXTO2n4srkMfgzPCfzTVB29a3F1frnf+jShC6LmhJjWoslumBK5A4S4S4wOEl
7UBzebLOmLzoy8No/OlBrFFKChr+U0dCEseW4XPhqrdUpdPTTuBNNiH29LL0tsB2
n27/w/eXeMxUtJHQXc7N2F5mvjFsIsGeH4JiAFeJCAlRQI0DDqL1Yg0A1XwQEddv
9vZjGd0CIZ92Y4WAkqlODcwAdIeKymCfXMBtFeNutC+86ZpshCpmMGrL9goNb9mY
htNThAMCOISlXcyWTPbeeAUwV8wOOFRFQmIHUX3OSmv7bCpxEnh86RbfmtalhRXI
F9/gyY/VMJRQl+7W9ttNdkxrtA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:16 2023 by rpki-client on console-fra.rpki-client.org