Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/b1e6b0-f3a0-4f5f-bf25-812d45265186/1/9KxVK5FivwdUiCMz0oNR09byOlQ.roa
File: 9KxVK5FivwdUiCMz0oNR09byOlQ.roa (raw, json)
Hash identifier: nbD8UhBrCvuxeOOA9PQeoyxNYACC+d2njESK7OJ+vQo=
Subject key identifier: F4:AC:55:2B:91:62:BF:07:54:88:23:33:D2:83:51:D3:D6:F2:3A:54
Certificate issuer: /CN=7b221dacc6c3e371f5f0bb276c9fe588c5ee5fdc
Certificate serial: 032FF8B1
Authority key identifier: 7B:22:1D:AC:C6:C3:E3:71:F5:F0:BB:27:6C:9F:E5:88:C5:EE:5F:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eyIdrMbD43H18LsnbJ_liMXuX9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/b1e6b0-f3a0-4f5f-bf25-812d45265186/1/9KxVK5FivwdUiCMz0oNR09byOlQ.roa
Signing time: Sat 01 Jan 2022 05:56:30 +0000
ROA not before: Sat 01 Jan 2022 05:56:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207146
IP address blocks: 81.161.232.0/22 maxlen: 24
162.33.208.0/21 maxlen: 21
2a0d:2c40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53475505 (0x32ff8b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b221dacc6c3e371f5f0bb276c9fe588c5ee5fdc
Validity
Not Before: Jan 1 05:56:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4ac552b9162bf0754882333d28351d3d6f23a54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a5:8e:b2:35:05:f6:3a:dd:ca:65:2c:d2:86:
c0:23:83:c3:6a:3b:01:b2:7b:4c:fa:66:65:54:f8:
31:e1:39:b0:4e:b3:3f:38:d6:ff:83:bb:79:5d:dd:
74:00:28:ed:03:c4:87:1f:c2:08:dc:75:97:53:33:
d6:ca:c4:48:64:90:a7:35:58:4a:eb:86:1f:a8:20:
d9:d0:0f:3f:4d:dc:8e:e9:c1:d4:eb:12:d9:2a:9e:
db:83:23:38:bb:22:27:b3:40:b1:e7:eb:f2:6f:6f:
9d:be:15:92:e6:a5:a8:5d:6c:ae:cb:e5:76:3f:1c:
61:ab:3a:d2:e7:b7:ac:98:e6:cc:5f:25:e1:37:6f:
74:fd:5c:4f:d0:d1:f3:7d:b0:04:f3:91:3e:ec:a7:
1f:a4:9c:27:b2:b9:2b:f0:90:72:23:34:68:42:23:
f0:d2:34:44:58:84:f3:ac:15:c4:9a:d7:0e:95:32:
ea:eb:1d:92:eb:5a:f1:40:e0:c0:24:4e:56:e8:85:
26:3b:84:de:49:ea:13:7a:17:69:b5:ec:8c:64:c0:
5a:d5:84:94:f9:7f:25:85:1c:fe:00:d6:6d:7c:31:
81:89:92:10:15:3d:b1:ca:f0:cd:da:9a:8d:9f:29:
cf:26:19:d7:b2:67:88:50:7c:d6:ea:24:0b:5b:0f:
12:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AC:55:2B:91:62:BF:07:54:88:23:33:D2:83:51:D3:D6:F2:3A:54
X509v3 Authority Key Identifier:
keyid:7B:22:1D:AC:C6:C3:E3:71:F5:F0:BB:27:6C:9F:E5:88:C5:EE:5F:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eyIdrMbD43H18LsnbJ_liMXuX9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/b1e6b0-f3a0-4f5f-bf25-812d45265186/1/9KxVK5FivwdUiCMz0oNR09byOlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/b1e6b0-f3a0-4f5f-bf25-812d45265186/1/eyIdrMbD43H18LsnbJ_liMXuX9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.232.0/22
162.33.208.0/21
IPv6:
2a0d:2c40::/29
Signature Algorithm: sha256WithRSAEncryption
59:cf:ec:db:07:ae:03:33:0f:88:33:8c:d7:bd:15:6d:1e:b9:
36:94:b7:c2:4a:e2:d9:83:39:c5:36:73:c8:9c:77:99:40:5f:
51:cd:f5:a4:60:2b:2c:cd:73:c3:0c:ad:61:7c:da:e9:4f:9a:
83:4e:46:2d:1c:01:39:87:d3:cf:d5:d6:b8:48:21:75:24:5d:
55:9f:b0:52:e1:f2:e5:3f:11:e0:b8:9e:34:2d:87:c8:a9:e2:
8c:d9:58:48:7e:64:d7:ca:e8:98:88:2e:95:64:3a:c2:ab:99:
56:26:cb:c4:2f:e4:ca:71:ea:b6:f2:d0:5d:dc:e1:d0:16:72:
89:6b:47:6a:7e:2f:0f:a2:10:60:c7:9a:be:3f:b2:53:3c:a8:
dc:6e:aa:c2:11:b1:91:32:c2:9c:fd:6c:3d:0b:b8:82:a9:75:
a9:57:6d:72:55:49:34:64:b2:17:aa:a9:19:f2:0d:8c:00:a9:
14:9c:6d:15:80:fe:56:48:3e:03:b5:d6:d1:44:56:57:06:47:
10:f0:7d:ef:d6:0c:2d:16:05:e9:bb:cc:ae:e5:3f:f2:86:22:
17:d7:31:7b:bf:63:84:76:c2:da:4b:92:d9:7b:e9:6a:d1:cc:
bb:5a:a0:38:ea:00:74:3a:b8:20:f8:47:4c:e8:b8:c3:3d:36:
6d:72:bc:9c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAy/4sTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
YjIyMWRhY2M2YzNlMzcxZjVmMGJiMjc2YzlmZTU4OGM1ZWU1ZmRjMB4XDTIyMDEw
MTA1NTYzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjRhYzU1MmI5MTYy
YmYwNzU0ODgyMzMzZDI4MzUxZDNkNmYyM2E1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSljrI1BfY63cplLNKGwCODw2o7AbJ7TPpmZVT4MeE5sE6z
PzjW/4O7eV3ddAAo7QPEhx/CCNx1l1Mz1srESGSQpzVYSuuGH6gg2dAPP03cjunB
1OsS2Sqe24MjOLsiJ7NAsefr8m9vnb4VkualqF1srsvldj8cYas60ue3rJjmzF8l
4TdvdP1cT9DR832wBPORPuynH6ScJ7K5K/CQciM0aEIj8NI0RFiE86wVxJrXDpUy
6usdkuta8UDgwCROVuiFJjuE3knqE3oXabXsjGTAWtWElPl/JYUc/gDWbXwxgYmS
EBU9scrwzdqajZ8pzyYZ17JniFB81uokC1sPEhcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBT0rFUrkWK/B1SIIzPSg1HT1vI6VDAfBgNVHSMEGDAWgBR7Ih2sxsPjcfXw
uydsn+WIxe5f3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2V5SWRyTWJENDNIMThMc25iSl9saU1YdVg5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvYjFlNmIwLWYzYTAtNGY1Zi1iZjI1LTgxMmQ0NTI2NTE4Ni8x
LzlLeFZLNUZpdndkVWlDTXowb05SMDlieU9sUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
YjFlNmIwLWYzYTAtNGY1Zi1iZjI1LTgxMmQ0NTI2NTE4Ni8xL2V5SWRyTWJENDNI
MThMc25iSl9saU1YdVg5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAlGh6AMEA6Ih0DANBAIAAjAHAwUD
Kg0sQDANBgkqhkiG9w0BAQsFAAOCAQEAWc/s2weuAzMPiDOM170VbR65NpS3wkri
2YM5xTZzyJx3mUBfUc31pGArLM1zwwytYXza6U+ag05GLRwBOYfTz9XWuEghdSRd
VZ+wUuHy5T8R4LieNC2HyKnijNlYSH5k18romIgulWQ6wquZVibLxC/kynHqtvLQ
Xdzh0BZyiWtHan4vD6IQYMeavj+yUzyo3G6qwhGxkTLCnP1sPQu4gql1qVdtclVJ
NGSyF6qpGfINjACpFJxtFYD+Vkg+A7XW0URWVwZHEPB979YMLRYF6bvMruU/8oYi
F9cxe79jhHbC2kuS2XvpatHMu1qgOOoAdDq4IPhHTOi4wz02bXK8nA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:20 2024 by rpki-client on console-ams.rpki-client.org