Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/IJJkqCYlWECiiaSAj0DGOt9-GnQ.roa
File: IJJkqCYlWECiiaSAj0DGOt9-GnQ.roa (raw, json)
Hash identifier: EcG5XJLnIN0bXu/Y8R/y9SN1PMszlQXLIAe/+wJSoB4=
Subject key identifier: 20:92:64:A8:26:25:58:40:A2:89:A4:80:8F:40:C6:3A:DF:7E:1A:74
Certificate issuer: /CN=8693655326b0472c866c5c99302e2b2d78cbddf7
Certificate serial: D635E0
Authority key identifier: 86:93:65:53:26:B0:47:2C:86:6C:5C:99:30:2E:2B:2D:78:CB:DD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/IJJkqCYlWECiiaSAj0DGOt9-GnQ.roa
Signing time: Fri 11 Feb 2022 12:23:22 +0000
ROA not before: Fri 11 Feb 2022 12:23:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15869
IP address blocks: 62.3.128.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14038496 (0xd635e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8693655326b0472c866c5c99302e2b2d78cbddf7
Validity
Not Before: Feb 11 12:23:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=209264a826255840a289a4808f40c63adf7e1a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f5:6b:82:bd:ad:28:d8:6c:49:37:af:87:5e:
e1:32:f4:fe:2a:9e:66:75:84:1d:5f:2d:77:43:f3:
81:69:d9:75:bc:b7:9b:10:1c:fe:08:b9:82:7b:28:
65:ea:cc:7c:0e:97:d5:23:52:16:b3:2b:0c:36:63:
5b:2a:dd:c8:a8:b0:73:6d:2d:9c:8f:e5:c5:bb:16:
ee:f2:8c:b4:38:30:d8:be:5b:cf:5e:8e:50:bc:72:
30:d3:85:10:ab:f9:c8:4f:1c:c8:e2:e3:62:d5:bd:
13:ca:df:bc:f0:98:8d:23:86:3f:d3:06:74:f7:60:
4c:c4:83:40:74:54:5d:0d:2c:2d:cf:06:ae:94:3a:
24:51:54:a5:43:dc:00:6a:66:2c:32:27:79:b4:f0:
60:d0:fb:cc:6e:b5:4a:f3:e9:53:0e:35:4e:e9:f3:
e4:61:a9:33:8d:4e:cf:38:49:2d:ea:7f:94:90:c5:
25:cb:16:64:ba:23:6a:b4:f1:f1:2d:9d:8e:d3:21:
13:89:6c:8e:8a:c0:12:8c:91:a9:46:5f:7f:a7:40:
54:98:89:26:76:4a:68:38:ba:95:c2:33:29:a6:30:
91:a7:15:2d:87:6d:29:c7:d2:86:be:46:9d:a1:db:
47:e2:6d:9a:fd:94:d9:8b:2b:48:c4:d7:de:ae:48:
65:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:92:64:A8:26:25:58:40:A2:89:A4:80:8F:40:C6:3A:DF:7E:1A:74
X509v3 Authority Key Identifier:
keyid:86:93:65:53:26:B0:47:2C:86:6C:5C:99:30:2E:2B:2D:78:CB:DD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpNlUyawRyyGbFyZMC4rLXjL3fc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/IJJkqCYlWECiiaSAj0DGOt9-GnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/dac337-8079-43bf-9fe1-9e6772ed39a6/1/hpNlUyawRyyGbFyZMC4rLXjL3fc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.3.128.0/21
Signature Algorithm: sha256WithRSAEncryption
64:ba:65:de:18:8d:02:1c:88:05:0c:75:a3:3c:80:fa:0e:d8:
54:6e:7b:7b:6e:17:3f:68:e3:1b:26:84:92:41:f6:f8:8c:9d:
69:52:83:fc:56:4f:2d:f4:ad:0a:6a:c3:67:36:51:04:b8:84:
b4:67:02:f5:2d:da:66:cd:c6:f4:63:2f:ab:b2:e9:dc:19:cb:
a0:d3:b4:e3:8b:bd:a6:7d:9f:6d:99:d1:87:46:64:b1:b6:f7:
dc:4e:8d:53:d1:99:fe:17:1b:ea:7f:58:b3:c2:2c:ae:b7:d8:
a9:74:2c:71:30:8e:35:1a:10:73:43:09:35:b0:aa:6d:d8:c2:
d5:3c:54:fd:ac:db:a6:5d:e4:68:ae:e2:24:62:5f:a8:1b:5a:
4a:6f:40:81:da:48:cc:b3:73:0a:2c:cd:46:64:92:c9:3c:e9:
c1:17:1c:ea:92:62:00:10:1e:b7:f4:2b:1d:86:28:02:8f:73:
50:f2:ba:2b:03:a8:e7:66:ed:80:79:45:3d:8b:e0:39:76:c5:
f9:0d:83:ad:e2:b7:b3:6e:23:b7:c6:9c:09:be:a0:2d:90:b7:
28:4b:74:52:10:0e:98:d7:cc:34:c9:f3:c6:12:9e:aa:4a:dd:
38:c0:89:b3:f6:9e:ea:bd:f5:5f:12:0e:f6:3a:a3:d9:c8:c0:
24:12:92:83
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEANY14DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NjkzNjU1MzI2YjA0NzJjODY2YzVjOTkzMDJlMmIyZDc4Y2JkZGY3MB4XDTIyMDIx
MTEyMjMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA5MjY0YTgyNjI1
NTg0MGEyODlhNDgwOGY0MGM2M2FkZjdlMWE3NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKL1a4K9rSjYbEk3r4de4TL0/iqeZnWEHV8td0PzgWnZdby3
mxAc/gi5gnsoZerMfA6X1SNSFrMrDDZjWyrdyKiwc20tnI/lxbsW7vKMtDgw2L5b
z16OULxyMNOFEKv5yE8cyOLjYtW9E8rfvPCYjSOGP9MGdPdgTMSDQHRUXQ0sLc8G
rpQ6JFFUpUPcAGpmLDInebTwYND7zG61SvPpUw41Tunz5GGpM41OzzhJLep/lJDF
JcsWZLojarTx8S2djtMhE4lsjorAEoyRqUZff6dAVJiJJnZKaDi6lcIzKaYwkacV
LYdtKcfShr5GnaHbR+Jtmv2U2YsrSMTX3q5IZYECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQgkmSoJiVYQKKJpICPQMY6334adDAfBgNVHSMEGDAWgBSGk2VTJrBHLIZs
XJkwListeMvd9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hwTmxVeWF3Unl5R2JGeVpNQzRyTFhqTDNmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvZGFjMzM3LTgwNzktNDNiZi05ZmUxLTllNjc3MmVkMzlhNi8x
L0lKSmtxQ1lsV0VDaWlhU0FqMERHT3Q5LUduUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
ZGFjMzM3LTgwNzktNDNiZi05ZmUxLTllNjc3MmVkMzlhNi8xL2hwTmxVeWF3Unl5
R2JGeVpNQzRyTFhqTDNmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAz4DgDANBgkqhkiG9w0BAQsFAAOC
AQEAZLpl3hiNAhyIBQx1ozyA+g7YVG57e24XP2jjGyaEkkH2+IydaVKD/FZPLfSt
CmrDZzZRBLiEtGcC9S3aZs3G9GMvq7Lp3BnLoNO044u9pn2fbZnRh0Zksbb33E6N
U9GZ/hcb6n9Ys8IsrrfYqXQscTCONRoQc0MJNbCqbdjC1TxU/azbpl3kaK7iJGJf
qBtaSm9AgdpIzLNzCizNRmSSyTzpwRcc6pJiABAet/QrHYYoAo9zUPK6KwOo52bt
gHlFPYvgOXbF+Q2DreK3s24jt8acCb6gLZC3KEt0UhAOmNfMNMnzxhKeqkrdOMCJ
s/ae6r31XxIO9jqj2cjAJBKSgw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:59 2023 by rpki-client on console-fra.rpki-client.org