Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/k0C9XS3mCnoWvBbJlzs4u-osGrQ.roa
File: k0C9XS3mCnoWvBbJlzs4u-osGrQ.roa (raw, json)
Hash identifier: 23jFtj+lT563mUQh6UFBlPTs2A01L7MqW9VKC5ieauI=
Subject key identifier: 93:40:BD:5D:2D:E6:0A:7A:16:BC:16:C9:97:3B:38:BB:EA:2C:1A:B4
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 0184BF1CB7BBAD86DD7FBE44A14A844F7930
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/k0C9XS3mCnoWvBbJlzs4u-osGrQ.roa
Signing time: Mon 28 Nov 2022 16:40:41 +0000
ROA not before: Mon 28 Nov 2022 16:40:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44587
IP address blocks: 80.66.89.0/24 maxlen: 24
217.151.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bf:1c:b7:bb:ad:86:dd:7f:be:44:a1:4a:84:4f:79:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Nov 28 16:40:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9340bd5d2de60a7a16bc16c9973b38bbea2c1ab4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:26:ac:c2:82:d3:d0:42:9a:1f:35:71:6c:63:
16:17:ad:98:4d:ea:29:b9:9f:3b:35:7d:4e:d9:b6:
6e:c5:a1:1e:3f:2e:48:74:ba:ec:82:d9:0b:99:31:
6d:01:97:d3:ec:6e:2f:7e:d9:7d:ee:3c:c8:97:f2:
98:50:98:80:60:5e:cd:af:78:f1:90:05:e5:40:ef:
6e:27:27:3f:4e:03:2c:c6:97:af:9a:d1:bc:ae:5d:
5f:d6:37:1f:73:e2:ad:67:08:ed:bf:ae:12:e1:c0:
22:a8:31:43:72:2f:c2:cb:b9:c9:b2:77:4a:be:23:
27:26:52:00:ef:cd:4a:b5:59:98:03:3d:de:34:f5:
82:6b:fb:46:3e:94:ee:0c:a4:c0:d5:db:20:c9:05:
c5:df:b1:23:10:27:9e:8c:23:5f:46:b8:eb:d8:e1:
55:4f:3f:13:5a:e5:62:de:4f:16:7e:54:cc:5e:37:
2f:20:18:7d:80:c9:35:71:63:34:50:7f:55:64:9b:
99:c0:7c:9b:83:63:a3:a6:32:45:ef:a5:8a:60:7d:
58:d1:28:4b:17:59:69:0e:b7:99:4f:78:90:01:56:
6a:9e:25:e7:46:95:78:da:d1:24:c1:01:a5:cc:f9:
c2:02:40:fc:74:3f:a4:30:7d:20:7c:d1:1a:a1:5f:
d9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:40:BD:5D:2D:E6:0A:7A:16:BC:16:C9:97:3B:38:BB:EA:2C:1A:B4
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/k0C9XS3mCnoWvBbJlzs4u-osGrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.89.0/24
217.151.228.0/24
Signature Algorithm: sha256WithRSAEncryption
23:73:eb:0e:04:46:49:72:77:01:08:ec:d4:d8:b8:51:d9:4d:
e1:fa:11:71:3f:89:10:89:70:48:bd:78:ce:bc:b8:eb:6a:7e:
53:98:1c:2e:79:e7:3b:c6:49:fe:61:75:f6:33:59:af:e2:f4:
7b:76:6e:c9:c1:ef:4f:53:7b:31:a7:fb:a6:6c:07:af:34:42:
fd:34:e0:5f:75:bf:3e:1b:59:7f:3b:d3:ff:d3:de:ca:a7:a1:
ab:bf:d5:f3:d0:f7:ed:41:2d:cc:b7:02:1e:22:e0:38:93:e6:
96:10:9b:a8:d5:e2:71:79:c2:42:dd:89:3d:14:e7:4f:35:8f:
f1:5e:ce:91:84:5b:42:9b:78:24:52:99:0a:8c:d2:fc:57:56:
76:0e:17:84:5c:32:89:25:53:e3:69:4c:47:cb:6b:0b:e0:c1:
6b:c3:a7:4c:21:07:15:67:c2:c0:90:d9:b3:06:10:a5:cd:99:
4c:2a:c6:82:dc:20:4d:c1:c6:fc:18:94:b7:93:a3:f9:34:9d:
5f:43:ce:51:20:30:f5:75:dd:c0:e3:77:3f:ae:9f:25:9e:5f:
1a:a2:9e:8f:25:07:93:48:b9:0c:98:ee:96:f3:35:cb:f3:a9:
59:ff:90:46:46:4b:1a:60:37:33:10:97:69:bb:59:a9:e0:a9:
05:b6:0d:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYS/HLe7rYbdf75EoUqET3kwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjIxMTI4MTY0MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzQwYmQ1ZDJkZTYwYTdhMTZiYzE2Yzk5NzNiMzhiYmVhMmMxYWI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyaswoLT0EKaHzVxbGMWF62YTeop
uZ87NX1O2bZuxaEePy5IdLrsgtkLmTFtAZfT7G4vftl97jzIl/KYUJiAYF7Nr3jx
kAXlQO9uJyc/TgMsxpevmtG8rl1f1jcfc+KtZwjtv64S4cAiqDFDci/Cy7nJsndK
viMnJlIA781KtVmYAz3eNPWCa/tGPpTuDKTA1dsgyQXF37EjECeejCNfRrjr2OFV
Tz8TWuVi3k8WflTMXjcvIBh9gMk1cWM0UH9VZJuZwHybg2OjpjJF76WKYH1Y0ShL
F1lpDreZT3iQAVZqniXnRpV42tEkwQGlzPnCAkD8dD+kMH0gfNEaoV/Z9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJNAvV0t5gp6FrwWyZc7OLvqLBq0MB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvazBDOVhTM21Dbm9XdkJiSmx6czR1LW9zR3JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEJZAwQA
2ZfkMA0GCSqGSIb3DQEBCwUAA4IBAQAjc+sOBEZJcncBCOzU2LhR2U3h+hFxP4kQ
iXBIvXjOvLjran5TmBwueec7xkn+YXX2M1mv4vR7dm7Jwe9PU3sxp/umbAevNEL9
NOBfdb8+G1l/O9P/097Kp6Grv9Xz0PftQS3MtwIeIuA4k+aWEJuo1eJxecJC3Yk9
FOdPNY/xXs6RhFtCm3gkUpkKjNL8V1Z2DheEXDKJJVPjaUxHy2sL4MFrw6dMIQcV
Z8LAkNmzBhClzZlMKsaC3CBNwcb8GJS3k6P5NJ1fQ85RIDD1dd3A43c/rp8lnl8a
op6PJQeTSLkMmO6W8zXL86lZ/5BGRksaYDczEJdpu1mp4KkFtg1d
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:53 2023 by rpki-client on console-fra.rpki-client.org