Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/j9DibA_UjmEBqDfzppUnVqoa2HA.roa
File: j9DibA_UjmEBqDfzppUnVqoa2HA.roa (raw, json)
Hash identifier: ayLlqVHIZ5V7phIx2Xt8b84yCTrfTNqWUItaY6ybLAc=
Subject key identifier: 8F:D0:E2:6C:0F:D4:8E:61:01:A8:37:F3:A6:95:27:56:AA:1A:D8:70
Certificate issuer: /CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Certificate serial: 01833C846F99DBA6E57965C43D1FA18717CB
Authority key identifier: 31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/j9DibA_UjmEBqDfzppUnVqoa2HA.roa
Signing time: Wed 14 Sep 2022 15:00:55 +0000
ROA not before: Wed 14 Sep 2022 15:00:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8075
IP address blocks: 202.22.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3c:84:6f:99:db:a6:e5:79:65:c4:3d:1f:a1:87:17:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31eb9b2db4a3bddf8c92fc50b9713043dd56dc38
Validity
Not Before: Sep 14 15:00:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8fd0e26c0fd48e6101a837f3a6952756aa1ad870
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d2:d3:95:b3:30:20:62:5a:d5:bc:f0:d1:43:
5e:57:e9:48:6b:72:e6:ca:e3:90:56:a4:39:2d:09:
51:b1:d1:12:1a:49:bb:73:9d:11:e3:63:33:7b:12:
34:f4:7f:b7:6c:31:36:ac:51:f7:dc:b1:cc:ff:72:
4d:33:11:d8:25:34:cd:4a:fc:9f:f8:39:a9:9a:39:
34:3b:d3:23:f2:d5:e1:d1:6d:49:0f:de:53:67:a4:
46:16:b2:2e:76:5b:ff:52:b5:e3:90:f1:11:02:64:
8c:ab:62:35:67:b1:03:d1:c7:7f:1c:0f:4d:3e:17:
1d:e5:41:5e:d4:95:93:72:59:bf:af:7d:22:2c:ad:
ea:76:c1:01:51:c7:b3:bf:12:ee:86:6d:69:58:c3:
e1:55:29:da:88:08:e1:49:fb:58:bd:70:f0:03:85:
38:6f:c8:db:e9:06:da:96:cd:7c:4c:c2:e8:c2:7f:
71:c3:d0:9d:bd:12:dd:88:64:31:56:be:1c:40:60:
aa:30:df:50:d8:f5:42:77:6b:f8:05:f9:92:31:35:
b3:ef:8c:d2:0f:d1:36:58:75:48:0b:65:14:28:57:
ff:6b:02:ce:01:50:c5:a8:c6:21:f0:14:49:e1:fd:
87:a9:44:8d:eb:dc:b9:c7:4f:65:62:f6:ce:74:13:
6e:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:D0:E2:6C:0F:D4:8E:61:01:A8:37:F3:A6:95:27:56:AA:1A:D8:70
X509v3 Authority Key Identifier:
keyid:31:EB:9B:2D:B4:A3:BD:DF:8C:92:FC:50:B9:71:30:43:DD:56:DC:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MeubLbSjvd-MkvxQuXEwQ91W3Dg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/j9DibA_UjmEBqDfzppUnVqoa2HA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/247005-559d-4eb4-b3e8-bd24f003578f/1/MeubLbSjvd-MkvxQuXEwQ91W3Dg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.22.173.0/24
Signature Algorithm: sha256WithRSAEncryption
43:85:47:1d:c2:99:b1:3a:4d:30:dd:ad:70:75:b3:5d:f2:f3:
c5:79:a2:c6:aa:01:9f:54:39:88:82:45:43:60:00:e1:c6:83:
3e:f2:59:da:eb:43:0f:9f:a9:65:14:eb:0a:86:1c:e3:c0:68:
a1:cc:43:f3:6d:3f:c7:a0:cf:65:00:1a:75:69:17:6b:ce:c0:
ad:3b:8e:6f:5a:b7:7a:76:ea:76:b8:57:8a:3c:5f:1d:1e:ef:
ca:08:77:49:27:fc:06:64:ff:72:3f:e3:ec:3d:6e:a3:8f:a5:
77:29:96:eb:04:18:77:2c:57:3b:0f:c1:65:e1:18:7d:bf:c0:
25:40:77:c6:15:ee:c2:7c:7d:e5:4a:1e:8e:05:d9:2c:cf:d2:
50:1d:0f:b3:80:24:1d:c3:00:6b:fa:f9:18:7b:96:2f:56:31:
3f:ae:f7:69:49:12:5f:42:6f:ed:10:39:3c:22:9b:5a:5e:f2:
60:27:1b:bf:9b:7c:57:18:22:d9:0b:b0:94:c3:5e:bc:05:c8:
01:95:3b:ae:47:42:e5:3a:a5:ad:e7:6d:16:14:41:27:fe:2f:
b9:d6:8d:f6:bb:54:71:98:c9:00:fb:bf:52:63:40:28:c0:29:
e7:8a:e1:26:b6:ac:42:76:5b:b8:a2:0d:10:ff:db:81:98:6b:
eb:c6:16:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM8hG+Z26bleWXEPR+hhxfLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxZWI5YjJkYjRhM2JkZGY4YzkyZmM1MGI5NzEzMDQzZGQ1
NmRjMzgwHhcNMjIwOTE0MTUwMDU1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmQwZTI2YzBmZDQ4ZTYxMDFhODM3ZjNhNjk1Mjc1NmFhMWFkODcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNLTlbMwIGJa1bzw0UNeV+lIa3Lm
yuOQVqQ5LQlRsdESGkm7c50R42MzexI09H+3bDE2rFH33LHM/3JNMxHYJTTNSvyf
+Dmpmjk0O9Mj8tXh0W1JD95TZ6RGFrIudlv/UrXjkPERAmSMq2I1Z7ED0cd/HA9N
Phcd5UFe1JWTclm/r30iLK3qdsEBUcezvxLuhm1pWMPhVSnaiAjhSftYvXDwA4U4
b8jb6Qbals18TMLown9xw9CdvRLdiGQxVr4cQGCqMN9Q2PVCd2v4BfmSMTWz74zS
D9E2WHVIC2UUKFf/awLOAVDFqMYh8BRJ4f2HqUSN69y5x09lYvbOdBNurwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI/Q4mwP1I5hAag386aVJ1aqGthwMB8GA1UdIwQY
MBaAFDHrmy20o73fjJL8ULlxMEPdVtw4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgt
YmQyNGYwMDM1NzhmLzEvajlEaWJBX1VqbUVCcURmenBwVW5WcW9hMkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNDcwMDUtNTU5ZC00ZWI0LWIzZTgtYmQyNGYwMDM1Nzhm
LzEvTWV1YkxiU2p2ZC1Na3Z4UXVYRXdROTFXM0RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyhatMA0G
CSqGSIb3DQEBCwUAA4IBAQBDhUcdwpmxOk0w3a1wdbNd8vPFeaLGqgGfVDmIgkVD
YADhxoM+8lna60MPn6llFOsKhhzjwGihzEPzbT/HoM9lABp1aRdrzsCtO45vWrd6
dup2uFeKPF8dHu/KCHdJJ/wGZP9yP+PsPW6jj6V3KZbrBBh3LFc7D8Fl4Rh9v8Al
QHfGFe7CfH3lSh6OBdksz9JQHQ+zgCQdwwBr+vkYe5YvVjE/rvdpSRJfQm/tEDk8
IptaXvJgJxu/m3xXGCLZC7CUw168BcgBlTuuR0LlOqWt520WFEEn/i+51o32u1Rx
mMkA+79SY0AowCnniuEmtqxCdlu4og0Q/9uBmGvrxhbS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:24 2024 by rpki-client on console-fra.rpki-client.org