Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/R9A1bQJbv_Y9qqyCS6GcxWPdLEc.roa
File: R9A1bQJbv_Y9qqyCS6GcxWPdLEc.roa (raw, json)
Hash identifier: ALnn4Hy4WRXE4wWRMCaCfUyrdj3p8p1huaS3l6rRawo=
Subject key identifier: 47:D0:35:6D:02:5B:BF:F6:3D:AA:AC:82:4B:A1:9C:C5:63:DD:2C:47
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 0189967795824FACA258ED1A836D9DEDD21F
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/R9A1bQJbv_Y9qqyCS6GcxWPdLEc.roa
Signing time: Thu 27 Jul 2023 08:29:26 +0000
ROA not before: Thu 27 Jul 2023 08:29:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31562
IP address blocks: 83.166.64.0/19 maxlen: 19
83.166.64.0/24 maxlen: 24
2a03:9600::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:77:95:82:4f:ac:a2:58:ed:1a:83:6d:9d:ed:d2:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: Jul 27 08:29:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47d0356d025bbff63daaac824ba19cc563dd2c47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e6:40:7f:22:39:b6:63:76:62:12:54:1d:3c:
38:66:f3:03:fd:58:f0:8a:85:ec:cb:ae:cd:12:42:
59:67:82:1c:bd:3f:79:6c:73:c9:84:6c:21:1a:bb:
cf:29:8e:99:ab:b9:cb:25:02:d0:b7:91:48:17:0e:
71:6e:30:fd:47:1f:73:00:cf:1e:cc:8a:d2:60:ac:
1c:45:b1:d4:8b:22:05:3b:5a:fa:b4:ce:39:6c:76:
16:e2:4c:79:c6:e9:af:8f:3c:af:48:c4:f2:cc:09:
b9:47:a3:83:8d:fd:cc:26:7d:41:a3:c1:9f:c3:43:
7f:b6:2c:37:8c:a7:76:2c:d7:a3:72:9d:ff:74:8b:
89:b2:e8:af:6e:db:ce:23:35:6b:f9:79:bd:65:da:
7e:b8:27:1d:e3:59:64:14:42:bc:8b:25:9e:68:7e:
e7:7c:f5:b8:43:d6:0f:ba:f7:90:08:95:20:f3:aa:
a7:d2:e5:c4:0f:05:6e:3a:e2:c0:7e:13:61:cc:3e:
2c:03:1a:aa:c6:86:c3:6d:07:22:bc:a3:53:68:25:
84:db:f1:dd:ba:4f:d5:49:f0:16:59:6e:1b:eb:72:
d6:cf:1c:a2:3a:b3:bb:21:c4:09:c4:4a:fc:26:da:
39:f0:c5:b7:68:55:a6:3b:55:a4:d7:ef:17:40:26:
44:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:D0:35:6D:02:5B:BF:F6:3D:AA:AC:82:4B:A1:9C:C5:63:DD:2C:47
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/R9A1bQJbv_Y9qqyCS6GcxWPdLEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.64.0/19
IPv6:
2a03:9600::/32
Signature Algorithm: sha256WithRSAEncryption
64:7a:8c:f0:b7:0f:c9:4b:35:a4:06:a6:d2:dc:e6:64:ae:3a:
5b:e7:9c:1b:ef:58:5e:c7:c2:13:42:4a:e5:c8:2b:ca:7a:53:
a0:4a:ef:29:67:1c:b5:0b:12:b5:a4:6a:6c:af:1b:a2:66:04:
8d:b4:28:6b:d4:18:2f:89:a2:4a:2d:78:11:34:06:0c:28:ab:
f6:2c:a6:9e:31:1a:3f:3d:89:94:06:05:d0:b5:11:bd:a6:7c:
10:06:00:87:a9:fb:87:2d:2f:5e:d3:79:25:18:46:af:4f:37:
78:38:50:7b:dc:90:00:4d:fa:da:ae:e3:ec:78:46:b0:1d:d2:
52:c1:f4:ad:b1:ca:41:8e:b3:b9:40:1c:ac:d3:a8:b2:43:2e:
e9:ec:39:dd:49:82:17:39:6a:0d:15:53:dc:9a:8c:ac:3a:f3:
2c:cf:a9:3b:fc:98:90:da:f7:17:5e:68:a3:62:01:cc:84:cd:
d7:14:32:c5:d6:2e:57:14:74:c6:1b:f4:7c:36:64:ca:30:eb:
91:6c:13:1a:f4:85:f9:e7:ce:a5:47:05:53:29:44:72:bf:1a:
ed:d2:81:8d:37:5e:73:9f:34:38:d4:ff:79:ba:6e:50:99:9b:
cd:5b:8f:b0:22:2e:9a:97:ba:c1:86:c6:f3:a3:43:e4:8a:ef:
e4:bb:e3:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYmWd5WCT6yiWO0ag22d7dIfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjMwNzI3MDgyOTI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2QwMzU2ZDAyNWJiZmY2M2RhYWFjODI0YmExOWNjNTYzZGQyYzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+ZAfyI5tmN2YhJUHTw4ZvMD/Vjw
ioXsy67NEkJZZ4IcvT95bHPJhGwhGrvPKY6Zq7nLJQLQt5FIFw5xbjD9Rx9zAM8e
zIrSYKwcRbHUiyIFO1r6tM45bHYW4kx5xumvjzyvSMTyzAm5R6ODjf3MJn1Bo8Gf
w0N/tiw3jKd2LNejcp3/dIuJsuivbtvOIzVr+Xm9Zdp+uCcd41lkFEK8iyWeaH7n
fPW4Q9YPuveQCJUg86qn0uXEDwVuOuLAfhNhzD4sAxqqxobDbQcivKNTaCWE2/Hd
uk/VSfAWWW4b63LWzxyiOrO7IcQJxEr8Jto58MW3aFWmO1Wk1+8XQCZEnwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEfQNW0CW7/2PaqsgkuhnMVj3SxHMB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvUjlBMWJRSmJ2X1k5cXF5Q1M2R2N4V1BkTEVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFU6ZAMA0E
AgACMAcDBQAqA5YAMA0GCSqGSIb3DQEBCwUAA4IBAQBkeozwtw/JSzWkBqbS3OZk
rjpb55wb71hex8ITQkrlyCvKelOgSu8pZxy1CxK1pGpsrxuiZgSNtChr1BgviaJK
LXgRNAYMKKv2LKaeMRo/PYmUBgXQtRG9pnwQBgCHqfuHLS9e03klGEavTzd4OFB7
3JAATfraruPseEawHdJSwfStscpBjrO5QBys06iyQy7p7DndSYIXOWoNFVPcmoys
OvMsz6k7/JiQ2vcXXmijYgHMhM3XFDLF1i5XFHTGG/R8NmTKMOuRbBMa9IX5586l
RwVTKURyvxrt0oGNN15znzQ41P95um5QmZvNW4+wIi6al7rBhsbzo0Pkiu/ku+PS
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:40 2025 by rpki-client