Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j9qkJcycyDjGjXZNT7J-GisX7pc.roa
File: j9qkJcycyDjGjXZNT7J-GisX7pc.roa (raw, json)
Hash identifier: SQ7ZxFf+JGjKrffLo62COV0of1p6lI7EOH8zHgxPjWE=
Subject key identifier: 8F:DA:A4:25:CC:9C:C8:38:C6:8D:76:4D:4F:B2:7E:1A:2B:17:EE:97
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0181ED437D98878C773EF89F1285275FB958
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j9qkJcycyDjGjXZNT7J-GisX7pc.roa
Signing time: Mon 11 Jul 2022 12:37:12 +0000
ROA not before: Mon 11 Jul 2022 12:37:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34800
IP address blocks: 194.50.99.0/24 maxlen: 24
193.58.239.0/24 maxlen: 24
2001:7f8:e7::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ed:43:7d:98:87:8c:77:3e:f8:9f:12:85:27:5f:b9:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 11 12:37:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8fdaa425cc9cc838c68d764d4fb27e1a2b17ee97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:23:b8:78:c3:e1:f6:d9:3a:b1:0a:a3:3c:70:
6e:ba:74:c5:7a:66:fa:d2:0a:bf:df:a7:a8:8f:ba:
79:11:a2:ea:70:37:3f:f5:51:72:ea:f5:6f:49:39:
2b:63:00:cd:aa:91:8d:48:6d:2f:88:cb:57:bc:ed:
94:8b:cd:b8:ce:1f:b0:d9:f2:fb:8d:ce:bf:48:5d:
59:f6:8f:1f:68:cb:84:e2:53:bc:88:44:f1:d9:c6:
e7:97:71:e7:1d:79:b5:df:b9:ba:88:c3:4c:eb:09:
0a:ad:ff:bc:7e:1e:de:cc:8c:08:45:04:f5:a1:b5:
b9:2a:a5:dd:0c:37:e8:b5:89:95:ed:e1:53:77:f3:
e7:12:5d:95:98:32:26:64:df:cf:ab:31:0f:33:31:
8d:09:2c:19:75:ff:5d:dc:ca:c2:89:3c:91:b4:ec:
03:e7:25:07:80:19:70:8a:be:eb:c5:45:5a:f3:48:
bf:03:40:2e:5d:25:de:4c:40:17:79:a7:c2:0f:ec:
c9:9f:5d:b5:91:16:73:f2:47:7b:63:70:d4:10:51:
64:f8:68:7e:3c:42:59:08:bc:2d:b0:2a:93:14:a0:
ce:3f:1d:72:50:a9:1c:6e:d1:30:54:c8:6d:73:b0:
33:68:e0:c9:de:4a:02:84:a9:95:66:fc:4a:a7:cd:
21:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:DA:A4:25:CC:9C:C8:38:C6:8D:76:4D:4F:B2:7E:1A:2B:17:EE:97
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/j9qkJcycyDjGjXZNT7J-GisX7pc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.239.0/24
194.50.99.0/24
IPv6:
2001:7f8:e7::/48
Signature Algorithm: sha256WithRSAEncryption
1f:23:ba:a9:c2:19:61:45:17:7a:30:9d:ff:d8:79:a6:94:c8:
9e:48:8f:e5:18:a2:cf:21:7d:8c:2b:8e:e6:0f:ee:01:f6:ab:
c4:60:fa:c1:a8:d1:65:3e:46:0d:59:6f:87:2d:a1:57:cb:b2:
2f:e7:42:11:cf:c1:39:04:ad:48:ac:13:e4:26:2e:f3:18:72:
58:a7:c4:42:4a:72:10:df:e0:96:40:09:6f:5d:59:53:6a:c7:
ce:6f:ba:30:b5:08:41:8d:70:4b:00:8b:8c:b3:1e:1c:a6:dd:
99:4d:65:2a:65:05:7b:7f:72:16:24:1c:55:b0:0f:d0:21:8d:
ac:ef:1b:d1:60:84:06:84:a3:8d:83:94:78:6c:4e:69:c4:11:
8a:10:96:a2:db:11:bc:2d:55:a5:c1:25:9d:01:9a:34:39:d0:
83:e0:72:b5:fd:19:a0:c8:ac:43:d8:d7:5b:e8:f5:18:ba:ad:
56:9f:81:2f:ce:92:6f:1d:7b:0f:c4:fd:1d:ab:07:e3:58:91:
c1:55:f4:03:e3:43:8e:5c:8e:d2:37:9f:67:e1:5d:13:92:cb:
02:d0:34:ed:9e:bf:c4:81:32:22:72:d2:dc:da:23:eb:66:a2:
df:ec:5c:e6:43:a5:4b:9b:c2:62:aa:8d:28:00:3f:15:ee:10:
ab:08:bd:a6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYHtQ32Yh4x3PvifEoUnX7lYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwNzExMTIzNzEyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmRhYTQyNWNjOWNjODM4YzY4ZDc2NGQ0ZmIyN2UxYTJiMTdlZTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyO4eMPh9tk6sQqjPHBuunTFemb6
0gq/36eoj7p5EaLqcDc/9VFy6vVvSTkrYwDNqpGNSG0viMtXvO2Ui824zh+w2fL7
jc6/SF1Z9o8faMuE4lO8iETx2cbnl3HnHXm137m6iMNM6wkKrf+8fh7ezIwIRQT1
obW5KqXdDDfotYmV7eFTd/PnEl2VmDImZN/PqzEPMzGNCSwZdf9d3MrCiTyRtOwD
5yUHgBlwir7rxUVa80i/A0AuXSXeTEAXeafCD+zJn121kRZz8kd7Y3DUEFFk+Gh+
PEJZCLwtsCqTFKDOPx1yUKkcbtEwVMhtc7AzaODJ3koChKmVZvxKp80h6QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFI/apCXMnMg4xo12TU+yfhorF+6XMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvajlxa0pjeWN5RGpHalhaTlQ3Si1HaXNYN3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwTrvAwQA
wjJjMA8EAgACMAkDBwAgAQf4AOcwDQYJKoZIhvcNAQELBQADggEBAB8juqnCGWFF
F3ownf/YeaaUyJ5Ij+UYos8hfYwrjuYP7gH2q8Rg+sGo0WU+Rg1Zb4ctoVfLsi/n
QhHPwTkErUisE+QmLvMYclinxEJKchDf4JZACW9dWVNqx85vujC1CEGNcEsAi4yz
Hhym3ZlNZSplBXt/chYkHFWwD9AhjazvG9FghAaEo42DlHhsTmnEEYoQlqLbEbwt
VaXBJZ0BmjQ50IPgcrX9GaDIrEPY11vo9Ri6rVafgS/Okm8dew/E/R2rB+NYkcFV
9APjQ45cjtI3n2fhXROSywLQNO2ev8SBMiJy0tzaI+tmot/sXOZDpUubwmKqjSgA
PxXuEKsIvaY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:18 2023 by rpki-client on console-fra.rpki-client.org