Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f9082b-cba3-4fbc-ada2-df063767c3f6/1/rirKxr4h1Sz0uYQm7gP7jCCx1-M.roa
File: rirKxr4h1Sz0uYQm7gP7jCCx1-M.roa (raw, json)
Hash identifier: 4YZ/tv8A67sBhL0vAVIIh6s4IdTlzBsNXzXwo06KVDE=
Subject key identifier: AE:2A:CA:C6:BE:21:D5:2C:F4:B9:84:26:EE:03:FB:8C:20:B1:D7:E3
Certificate issuer: /CN=f7e5647cd0b7f722bed4569f37b8bf8f92538cf5
Certificate serial: 02FF5672
Authority key identifier: F7:E5:64:7C:D0:B7:F7:22:BE:D4:56:9F:37:B8:BF:8F:92:53:8C:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9-VkfNC39yK-1FafN7i_j5JTjPU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f9082b-cba3-4fbc-ada2-df063767c3f6/1/rirKxr4h1Sz0uYQm7gP7jCCx1-M.roa
Signing time: Sat 01 Jan 2022 13:06:56 +0000
ROA not before: Sat 01 Jan 2022 13:06:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57033
IP address blocks: 193.106.65.0/24 maxlen: 24
193.106.66.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50288242 (0x2ff5672)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7e5647cd0b7f722bed4569f37b8bf8f92538cf5
Validity
Not Before: Jan 1 13:06:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ae2acac6be21d52cf4b98426ee03fb8c20b1d7e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:c0:1a:de:20:24:3a:44:36:2c:c7:42:00:5a:
27:ae:dc:df:b0:f7:44:4d:73:48:29:fa:50:d6:9a:
af:9e:70:db:83:c0:e6:0e:83:8b:d8:06:f0:f3:40:
cd:5e:8e:21:30:e4:5c:2f:41:48:ce:44:6d:79:3b:
ac:82:a1:17:65:78:43:dc:67:68:2b:e3:59:19:bc:
b3:ec:b8:be:65:5d:b8:90:ac:17:de:3a:fe:bc:2f:
14:d9:e0:11:82:76:33:70:ef:96:d0:f9:20:ab:c5:
34:9a:72:d3:38:93:6b:e8:e3:3d:0f:42:0d:40:59:
ca:3f:d8:d5:ae:94:db:f3:4b:8e:50:28:0a:47:cc:
e0:41:e6:a8:84:f1:b2:f8:b6:37:fa:47:a0:cb:92:
2e:da:d7:9e:a9:7e:e2:94:93:ab:83:b9:2a:5b:69:
68:08:0f:33:8c:a3:7b:8d:4d:0a:a5:6b:21:d7:e3:
60:d0:2c:c4:55:04:67:c0:99:67:b9:c7:62:ca:42:
8c:73:85:cb:5f:f0:cd:2b:e3:50:2c:aa:4e:6c:b5:
26:40:77:e8:f2:0c:e6:58:a1:0d:36:5f:64:07:2d:
69:c1:dd:25:dc:4d:fb:9b:ec:f5:0e:be:d8:0a:ff:
e6:c2:a8:a4:25:cc:56:a3:6c:1d:8e:7b:18:71:5b:
65:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2A:CA:C6:BE:21:D5:2C:F4:B9:84:26:EE:03:FB:8C:20:B1:D7:E3
X509v3 Authority Key Identifier:
keyid:F7:E5:64:7C:D0:B7:F7:22:BE:D4:56:9F:37:B8:BF:8F:92:53:8C:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-VkfNC39yK-1FafN7i_j5JTjPU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f9082b-cba3-4fbc-ada2-df063767c3f6/1/rirKxr4h1Sz0uYQm7gP7jCCx1-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f9082b-cba3-4fbc-ada2-df063767c3f6/1/9-VkfNC39yK-1FafN7i_j5JTjPU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.106.65.0-193.106.66.255
Signature Algorithm: sha256WithRSAEncryption
19:c3:5a:bf:df:68:30:66:2d:d5:d3:b1:79:4f:6a:38:af:33:
e6:b4:e0:94:79:7b:6d:f9:32:74:76:13:57:fd:b2:04:ab:c5:
04:db:d6:1e:31:a1:35:bf:f8:3d:06:cb:85:da:f9:7f:2e:a5:
55:96:92:ff:43:26:a6:52:d8:15:4c:5d:35:75:56:52:83:49:
49:f1:09:93:56:4a:5a:30:b7:bf:82:38:48:25:dc:96:da:00:
e1:50:cb:ae:07:3d:4e:01:6e:2b:32:39:cb:bb:42:5c:82:aa:
fe:72:b8:a3:77:8e:a9:8d:44:de:fb:01:d0:fe:e9:87:36:02:
24:33:8b:bd:2b:99:63:07:8e:35:bb:d5:4f:df:79:b7:03:35:
2a:8e:a1:f1:1d:03:5b:36:17:a5:85:b4:de:d1:35:0e:c1:a4:
2a:7e:37:bd:c9:cc:cc:df:b2:bb:04:ef:33:06:ca:13:a6:4d:
df:42:9b:ac:7a:89:14:5a:70:ee:ae:3d:8b:9e:a7:f3:7a:fb:
5c:c7:a0:8b:9b:ea:99:67:91:6e:02:3f:6c:5e:c8:c6:4e:bd:
70:aa:bb:c9:5b:43:df:9d:fa:88:dc:01:0c:4f:92:87:60:5f:
7d:df:8d:49:b9:85:29:0b:de:61:32:1c:f6:9e:31:4a:7c:59:
7f:81:0b:5c
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAv9WcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
N2U1NjQ3Y2QwYjdmNzIyYmVkNDU2OWYzN2I4YmY4ZjkyNTM4Y2Y1MB4XDTIyMDEw
MTEzMDY1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWUyYWNhYzZiZTIx
ZDUyY2Y0Yjk4NDI2ZWUwM2ZiOGMyMGIxZDdlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrAGt4gJDpENizHQgBaJ67c37D3RE1zSCn6UNaar55w24PA
5g6Di9gG8PNAzV6OITDkXC9BSM5EbXk7rIKhF2V4Q9xnaCvjWRm8s+y4vmVduJCs
F946/rwvFNngEYJ2M3DvltD5IKvFNJpy0ziTa+jjPQ9CDUBZyj/Y1a6U2/NLjlAo
CkfM4EHmqITxsvi2N/pHoMuSLtrXnql+4pSTq4O5KltpaAgPM4yje41NCqVrIdfj
YNAsxFUEZ8CZZ7nHYspCjHOFy1/wzSvjUCyqTmy1JkB36PIM5lihDTZfZActacHd
JdxN+5vs9Q6+2Ar/5sKopCXMVqNsHY57GHFbZXsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSuKsrGviHVLPS5hCbuA/uMILHX4zAfBgNVHSMEGDAWgBT35WR80Lf3Ir7U
Vp83uL+PklOM9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzktVmtmTkMzOXlLLTFGYWZON2lfajVKVGpQVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvZjkwODJiLWNiYTMtNGZiYy1hZGEyLWRmMDYzNzY3YzNmNi8x
L3Jpckt4cjRoMVN6MHVZUW03Z1A3akNDeDEtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
ZjkwODJiLWNiYTMtNGZiYy1hZGEyLWRmMDYzNzY3YzNmNi8xLzktVmtmTkMzOXlL
LTFGYWZON2lfajVKVGpQVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAwWpBAwQAwWpCMA0GCSqGSIb3
DQEBCwUAA4IBAQAZw1q/32gwZi3V07F5T2o4rzPmtOCUeXtt+TJ0dhNX/bIEq8UE
29YeMaE1v/g9BsuF2vl/LqVVlpL/QyamUtgVTF01dVZSg0lJ8QmTVkpaMLe/gjhI
JdyW2gDhUMuuBz1OAW4rMjnLu0Jcgqr+crijd46pjUTe+wHQ/umHNgIkM4u9K5lj
B441u9VP33m3AzUqjqHxHQNbNhelhbTe0TUOwaQqfje9yczM37K7BO8zBsoTpk3f
QpuseokUWnDurj2Lnqfzevtcx6CLm+qZZ5FuAj9sXsjGTr1wqrvJW0PfnfqI3AEM
T5KHYF99341JuYUpC95hMhz2njFKfFl/gQtc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:04 2023 by rpki-client on console-ams.rpki-client.org