Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/lyZIlgY3rTaNKmkL2Zfk9in-ETI.roa
File: lyZIlgY3rTaNKmkL2Zfk9in-ETI.roa (raw, json)
Hash identifier: f8ytpRI3BL1ZiQbOQ2fyA/LvYi2TwfSmZar4S1GEJ1s=
Subject key identifier: 97:26:48:96:06:37:AD:36:8D:2A:69:0B:D9:97:E4:F6:29:FE:11:32
Certificate issuer: /CN=716f6d11f0ce63230181a73f85a666170f7389bd
Certificate serial: 01837EDD2F3E6DF4764EF985A937EA38FE9E
Authority key identifier: 71:6F:6D:11:F0:CE:63:23:01:81:A7:3F:85:A6:66:17:0F:73:89:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cW9tEfDOYyMBgac_haZmFw9zib0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/lyZIlgY3rTaNKmkL2Zfk9in-ETI.roa
Signing time: Tue 27 Sep 2022 12:12:48 +0000
ROA not before: Tue 27 Sep 2022 12:12:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1741
IP address blocks: 130.231.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:7e:dd:2f:3e:6d:f4:76:4e:f9:85:a9:37:ea:38:fe:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=716f6d11f0ce63230181a73f85a666170f7389bd
Validity
Not Before: Sep 27 12:12:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=972648960637ad368d2a690bd997e4f629fe1132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f9:19:b6:73:86:f6:79:36:08:14:92:8a:44:
e4:dd:67:43:19:8c:72:6c:d3:4c:db:5d:de:57:e0:
70:41:34:08:ec:e8:1f:2d:f7:d7:0b:e8:70:99:21:
61:c8:97:0d:7b:86:b5:71:cf:b0:0a:67:2d:25:93:
58:96:05:38:b3:bb:a7:04:8e:c3:c7:11:03:4e:81:
88:42:68:93:15:4d:83:8c:f8:06:1d:84:9d:55:ed:
cf:37:2a:23:27:aa:62:85:b2:e6:84:e0:81:49:d5:
ec:00:c2:45:c5:8a:0b:d0:c7:a4:e6:db:c7:f9:43:
15:37:f4:25:9d:90:f2:cd:a0:fa:e0:f1:07:19:40:
ee:30:99:0b:58:da:f0:f5:9c:9e:26:a6:1f:09:3e:
ee:c4:4a:e4:de:6b:7d:5f:60:81:5b:2a:c2:43:0e:
53:65:1e:6e:9f:98:ff:8b:37:42:da:dc:1e:16:6d:
e8:41:50:16:b4:38:95:75:01:7c:3c:dc:e4:b6:3d:
a9:1a:29:62:8e:ac:0b:8a:e8:5a:9a:c7:54:ac:30:
20:76:23:2a:e4:78:1d:55:36:85:d7:98:ac:66:7a:
0f:04:6f:d9:2d:9d:42:b8:52:d1:a4:43:99:a8:17:
eb:81:4e:92:d7:a9:03:b2:33:7b:56:4b:71:4a:2e:
a5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:26:48:96:06:37:AD:36:8D:2A:69:0B:D9:97:E4:F6:29:FE:11:32
X509v3 Authority Key Identifier:
keyid:71:6F:6D:11:F0:CE:63:23:01:81:A7:3F:85:A6:66:17:0F:73:89:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cW9tEfDOYyMBgac_haZmFw9zib0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/lyZIlgY3rTaNKmkL2Zfk9in-ETI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/b6a233-6f80-4f4e-9312-e3f49ac49560/1/cW9tEfDOYyMBgac_haZmFw9zib0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.231.0.0/16
Signature Algorithm: sha256WithRSAEncryption
1b:0c:01:48:15:36:e8:96:7a:e1:ed:11:30:25:b0:29:f7:92:
35:73:5d:c5:0a:db:3a:e0:85:0b:73:48:55:fb:26:c3:63:c9:
f8:1c:45:15:ad:d9:06:2e:a5:6f:db:82:88:f9:37:81:c3:3d:
65:e3:cd:17:86:36:67:e6:ef:ad:33:82:85:d1:36:00:4a:8e:
3a:43:a7:5c:bb:77:ae:8e:71:a3:3f:a3:6d:eb:f3:75:cd:6b:
b9:c2:1e:03:e1:47:03:cb:e6:75:7d:a0:1e:a8:f4:c9:ac:6a:
f7:18:e9:09:99:73:d1:7e:9b:00:e7:d8:70:f4:27:b5:ea:d0:
13:63:49:0d:d5:b8:87:36:d8:85:3c:2e:a6:ae:ca:d0:0f:5f:
76:a8:9f:9d:4e:67:e6:8e:d9:55:c2:8b:bd:44:52:5a:ca:b5:
bc:32:8a:6a:69:8f:f7:1a:18:67:74:3f:a0:e6:16:10:83:35:
92:0f:89:2e:ae:e5:e2:c4:66:c4:0d:ee:40:30:1a:0c:a8:42:
99:d0:b2:dc:ac:02:ae:c4:bc:40:87:a2:09:91:48:c8:e8:dc:
f7:3e:f1:d8:44:7c:7d:fb:2f:1f:23:a5:3c:13:fc:e3:fd:64:
7b:fe:7c:3f:d1:d7:c5:4d:c2:40:0b:b8:20:44:8f:db:01:74:
c1:8f:6c:0c
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYN+3S8+bfR2TvmFqTfqOP6eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxNmY2ZDExZjBjZTYzMjMwMTgxYTczZjg1YTY2NjE3MGY3
Mzg5YmQwHhcNMjIwOTI3MTIxMjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI2NDg5NjA2MzdhZDM2OGQyYTY5MGJkOTk3ZTRmNjI5ZmUxMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvkZtnOG9nk2CBSSikTk3WdDGYxy
bNNM213eV+BwQTQI7OgfLffXC+hwmSFhyJcNe4a1cc+wCmctJZNYlgU4s7unBI7D
xxEDToGIQmiTFU2DjPgGHYSdVe3PNyojJ6pihbLmhOCBSdXsAMJFxYoL0Mek5tvH
+UMVN/QlnZDyzaD64PEHGUDuMJkLWNrw9ZyeJqYfCT7uxErk3mt9X2CBWyrCQw5T
ZR5un5j/izdC2tweFm3oQVAWtDiVdQF8PNzktj2pGilijqwLiuhamsdUrDAgdiMq
5HgdVTaF15isZnoPBG/ZLZ1CuFLRpEOZqBfrgU6S16kDsjN7VktxSi6lFQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFJcmSJYGN602jSppC9mX5PYp/hEyMB8GA1UdIwQY
MBaAFHFvbRHwzmMjAYGnP4WmZhcPc4m9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1c5dEVmRE9ZeU1CZ2FjX2hhWm1Gdzl6aWIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9iNmEyMzMtNmY4MC00ZjRlLTkzMTIt
ZTNmNDlhYzQ5NTYwLzEvbHlaSWxnWTNyVGFOS21rTDJaZms5aW4tRVRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9iNmEyMzMtNmY4MC00ZjRlLTkzMTItZTNmNDlhYzQ5NTYw
LzEvY1c5dEVmRE9ZeU1CZ2FjX2hhWm1Gdzl6aWIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAgucwDQYJ
KoZIhvcNAQELBQADggEBABsMAUgVNuiWeuHtETAlsCn3kjVzXcUK2zrghQtzSFX7
JsNjyfgcRRWt2QYupW/bgoj5N4HDPWXjzReGNmfm760zgoXRNgBKjjpDp1y7d66O
caM/o23r83XNa7nCHgPhRwPL5nV9oB6o9MmsavcY6QmZc9F+mwDn2HD0J7Xq0BNj
SQ3VuIc22IU8LqauytAPX3aon51OZ+aO2VXCi71EUlrKtbwyimppj/caGGd0P6Dm
FhCDNZIPiS6u5eLEZsQN7kAwGgyoQpnQstysAq7EvECHogmRSMjo3Pc+8dhEfH37
Lx8jpTwT/OP9ZHv+fD/R18VNwkALuCBEj9sBdMGPbAw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:52 2025 by rpki-client