Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/1bc6db-4576-4f1b-8672-c3326ad2cf8f/1/n2vh5hZCsk2kW3FW4kpDj_Wp9JI.roa
File: n2vh5hZCsk2kW3FW4kpDj_Wp9JI.roa (raw, json)
Hash identifier: IFWuYKe2QANhZTrBN/fpHuCgbzB+/Inr9ki9EqA/a5s=
Subject key identifier: 9F:6B:E1:E6:16:42:B2:4D:A4:5B:71:56:E2:4A:43:8F:F5:A9:F4:92
Certificate issuer: /CN=0ee3d4d810f2477841a8b85593b8f30e8aecd409
Certificate serial: 0D85FA8D
Authority key identifier: 0E:E3:D4:D8:10:F2:47:78:41:A8:B8:55:93:B8:F3:0E:8A:EC:D4:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DuPU2BDyR3hBqLhVk7jzDors1Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/1bc6db-4576-4f1b-8672-c3326ad2cf8f/1/n2vh5hZCsk2kW3FW4kpDj_Wp9JI.roa
Signing time: Sat 01 Jan 2022 10:02:00 +0000
ROA not before: Sat 01 Jan 2022 10:02:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58138
IP address blocks: 185.43.80.0/22 maxlen: 24
91.239.32.0/23 maxlen: 24
2a04:9040::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226884237 (0xd85fa8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ee3d4d810f2477841a8b85593b8f30e8aecd409
Validity
Not Before: Jan 1 10:02:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f6be1e61642b24da45b7156e24a438ff5a9f492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f6:be:47:68:27:be:2a:b3:19:37:50:bf:e7:
06:da:1c:1f:c9:13:da:fa:b6:33:b7:db:49:a2:04:
59:e7:1f:f2:ec:a5:63:6a:99:13:1e:32:3f:ea:5d:
2f:de:9e:b4:d9:6f:74:e6:2d:19:05:aa:b3:10:ff:
7a:f3:ad:91:e2:bf:3a:35:a4:5b:1b:28:2a:4c:41:
69:97:a7:f9:fe:5c:07:8e:f8:2d:70:d1:6f:87:59:
65:7a:9b:b6:85:7e:ae:89:80:29:67:36:fa:ea:04:
6f:80:ab:11:88:33:91:9d:ea:e5:cd:a4:a0:41:fb:
52:8c:54:dc:af:35:f6:ef:73:ab:c0:a2:97:5d:a3:
b0:6b:cb:b6:26:36:8f:47:a0:81:f1:03:95:8e:74:
1a:d7:60:f9:23:33:6d:e6:9d:81:50:ba:81:f9:7d:
f7:ba:17:eb:9c:84:b8:a8:98:c4:fd:33:a3:62:5c:
1a:80:32:f4:8b:ce:56:2d:17:d6:69:ec:f5:e3:d5:
77:a7:3c:b0:79:e0:e7:13:1a:ff:1e:b3:9e:ff:ad:
11:94:6c:51:a9:19:67:54:8b:21:c9:a1:26:79:b2:
c1:3c:97:a3:66:77:e1:54:1c:09:24:16:a3:34:2d:
07:0c:10:7b:81:32:46:6f:e7:7b:f2:74:b4:52:a4:
b9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:6B:E1:E6:16:42:B2:4D:A4:5B:71:56:E2:4A:43:8F:F5:A9:F4:92
X509v3 Authority Key Identifier:
keyid:0E:E3:D4:D8:10:F2:47:78:41:A8:B8:55:93:B8:F3:0E:8A:EC:D4:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DuPU2BDyR3hBqLhVk7jzDors1Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1bc6db-4576-4f1b-8672-c3326ad2cf8f/1/n2vh5hZCsk2kW3FW4kpDj_Wp9JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/1bc6db-4576-4f1b-8672-c3326ad2cf8f/1/DuPU2BDyR3hBqLhVk7jzDors1Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.32.0/23
185.43.80.0/22
IPv6:
2a04:9040::/29
Signature Algorithm: sha256WithRSAEncryption
aa:e7:25:65:63:32:ff:99:23:08:e1:44:d4:5e:05:d9:ab:b1:
13:44:ee:9c:cd:52:25:22:93:8f:8a:88:3e:21:45:da:a6:47:
59:02:41:8b:01:6d:1e:dd:d2:4f:a5:e8:60:28:1e:37:44:85:
78:18:f6:c3:c4:51:b1:84:14:92:45:7a:9f:a5:e9:54:0e:d2:
b9:98:53:a8:05:59:5b:be:bb:2f:5b:56:38:10:01:2d:b2:e8:
e3:35:31:df:75:bc:74:f2:58:f3:ae:51:b2:cc:6d:37:21:61:
0e:89:61:aa:65:da:f6:58:97:ea:38:2d:cb:8f:e5:f9:28:d6:
32:ce:42:d6:e9:e7:5c:61:01:72:34:87:32:99:ab:f7:3d:a3:
3c:10:84:42:ec:e3:19:68:d4:be:2b:60:f7:e6:f5:25:d7:07:
e2:e6:88:8b:b7:82:e9:52:bb:4f:a8:36:ab:b4:68:fe:c1:ac:
d9:25:04:02:de:0c:4b:7d:87:e4:a2:db:02:91:74:37:ac:e0:
14:b4:be:ea:dc:4f:54:14:f3:77:7d:77:e2:f3:26:22:e9:92:
ac:d4:24:bc:13:d8:6c:0f:e3:54:8b:7b:d6:e1:f8:48:bb:b7:
f0:87:88:fd:86:bb:c6:06:bd:5a:fb:2a:83:84:81:cc:c0:2a:
27:a0:89:df
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDYX6jTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZWUzZDRkODEwZjI0Nzc4NDFhOGI4NTU5M2I4ZjMwZThhZWNkNDA5MB4XDTIyMDEw
MTEwMDIwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY2YmUxZTYxNjQy
YjI0ZGE0NWI3MTU2ZTI0YTQzOGZmNWE5ZjQ5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/2vkdoJ74qsxk3UL/nBtocH8kT2vq2M7fbSaIEWecf8uyl
Y2qZEx4yP+pdL96etNlvdOYtGQWqsxD/evOtkeK/OjWkWxsoKkxBaZen+f5cB474
LXDRb4dZZXqbtoV+romAKWc2+uoEb4CrEYgzkZ3q5c2koEH7UoxU3K819u9zq8Ci
l12jsGvLtiY2j0eggfEDlY50Gtdg+SMzbeadgVC6gfl997oX65yEuKiYxP0zo2Jc
GoAy9IvOVi0X1mns9ePVd6c8sHng5xMa/x6znv+tEZRsUakZZ1SLIcmhJnmywTyX
o2Z34VQcCSQWozQtBwwQe4EyRm/ne/J0tFKkuc8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSfa+HmFkKyTaRbcVbiSkOP9an0kjAfBgNVHSMEGDAWgBQO49TYEPJHeEGo
uFWTuPMOiuzUCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0R1UFUyQkR5UjNoQnFMaFZrN2p6RG9yczFBay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzYvMWJjNmRiLTQ1NzYtNGYxYi04NjcyLWMzMzI2YWQyY2Y4Zi8x
L24ydmg1aFpDc2sya1czRlc0a3BEal9XcDlKSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzYv
MWJjNmRiLTQ1NzYtNGYxYi04NjcyLWMzMzI2YWQyY2Y4Zi8xL0R1UFUyQkR5UjNo
QnFMaFZrN2p6RG9yczFBay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAVvvIAMEArkrUDANBAIAAjAHAwUD
KgSQQDANBgkqhkiG9w0BAQsFAAOCAQEAquclZWMy/5kjCOFE1F4F2auxE0TunM1S
JSKTj4qIPiFF2qZHWQJBiwFtHt3ST6XoYCgeN0SFeBj2w8RRsYQUkkV6n6XpVA7S
uZhTqAVZW767L1tWOBABLbLo4zUx33W8dPJY865RssxtNyFhDolhqmXa9liX6jgt
y4/l+SjWMs5C1unnXGEBcjSHMpmr9z2jPBCEQuzjGWjUvitg9+b1JdcH4uaIi7eC
6VK7T6g2q7Ro/sGs2SUEAt4MS32H5KLbApF0N6zgFLS+6txPVBTzd3134vMmIumS
rNQkvBPYbA/jVIt71uH4SLu38IeI/Ya7xga9Wvsqg4SBzMAqJ6CJ3w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:04 2023 by rpki-client on console-fra.rpki-client.org