Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/YrHo8tnZw1DyGXbtMpSkoywaaeQ.roa
File: YrHo8tnZw1DyGXbtMpSkoywaaeQ.roa (raw, json)
Hash identifier: 7gLhf8BGzuDIKEHTErY0aa2j2Rdacqb+M3oiWV3ZbZY=
Subject key identifier: 62:B1:E8:F2:D9:D9:C3:50:F2:19:76:ED:32:94:A4:A3:2C:1A:69:E4
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 07F54783
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/YrHo8tnZw1DyGXbtMpSkoywaaeQ.roa
Signing time: Sat 01 Jan 2022 01:01:38 +0000
ROA not before: Sat 01 Jan 2022 01:01:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211440
IP address blocks: 212.60.0.0/22 maxlen: 24
139.28.172.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133515139 (0x7f54783)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 01:01:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=62b1e8f2d9d9c350f21976ed3294a4a32c1a69e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ad:b1:2c:77:dd:9f:5c:e9:87:69:da:2f:c5:
61:fe:fb:f7:11:aa:4e:a4:15:ce:91:dd:73:c1:93:
f6:6d:ab:cd:6b:18:b7:7a:1b:90:ca:7a:b5:a8:36:
90:94:25:29:58:8f:5f:41:87:b4:52:b8:3d:36:41:
a9:bc:83:56:a3:4b:dc:69:44:c8:bb:35:63:83:d7:
ee:52:9c:3c:55:be:a7:cf:80:55:1c:22:37:1d:32:
7a:b5:f7:5b:9d:cc:96:08:26:e5:7d:ac:13:83:b7:
5d:ce:0f:cd:69:5c:5a:99:a9:21:a8:fe:f9:40:7a:
35:4b:a5:a9:c5:24:c1:69:af:1b:86:6f:7a:b6:e0:
a4:e4:78:eb:d8:79:e8:df:09:84:ab:24:0a:fe:f2:
42:14:e7:cb:53:aa:5e:29:7a:89:b1:a5:02:be:ca:
71:2a:d1:c3:58:a6:92:00:38:90:ef:84:bc:e9:cd:
c3:2a:31:5f:9c:4f:96:6d:4e:4e:04:b0:6b:af:e3:
bd:1b:cd:02:de:4c:6f:30:ce:f9:cc:18:95:30:6b:
1c:d7:76:59:ff:ee:db:b6:95:97:2c:93:0f:f0:04:
64:a1:02:67:ff:01:e6:c3:4c:cf:15:b0:21:2e:78:
1e:02:2c:44:ed:de:a6:6f:13:86:c4:93:1c:7b:60:
0f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B1:E8:F2:D9:D9:C3:50:F2:19:76:ED:32:94:A4:A3:2C:1A:69:E4
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/YrHo8tnZw1DyGXbtMpSkoywaaeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.172.0/22
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
52:a0:47:1f:dd:a1:8c:21:26:18:7b:f7:94:f4:71:b0:d5:29:
cc:2f:47:9d:8a:6c:1c:8d:43:df:58:59:de:2c:5b:ab:9f:7f:
e1:32:af:f6:15:2b:93:44:7a:e2:f7:a4:bb:08:87:ee:cf:0a:
bc:0c:4d:e6:5f:1a:1b:c2:b7:27:7b:70:e5:9c:64:2e:38:c8:
d0:32:18:9c:78:a6:a0:b4:db:a7:fe:05:30:eb:4e:1d:91:f8:
54:e2:b4:fb:ac:52:0d:ca:06:42:32:a1:d8:42:cf:3c:06:61:
12:df:c4:79:29:2d:65:43:5d:5b:7d:93:86:bb:9d:e5:9e:a4:
04:1d:d0:59:e7:a6:5d:b2:3b:3e:ff:c2:b8:16:f0:1b:c9:7e:
da:6f:e0:5a:ff:ee:3f:d2:b6:18:cf:7c:0a:a5:d2:98:d1:37:
2d:75:48:1c:4f:61:75:12:9b:e7:1b:0c:02:b1:f5:18:99:cf:
43:e3:f4:3a:15:c4:73:d0:7c:cd:95:13:08:3f:0c:a0:49:ae:
33:21:fd:04:00:2b:28:63:0e:e1:85:4f:86:5d:a0:0b:7b:e9:
3b:f3:ca:32:5b:b3:d7:9a:c3:9f:17:6f:5b:dd:8d:95:16:00:
7e:a3:f1:7a:b4:7d:c1:af:3c:57:aa:d8:3d:22:da:da:4e:02:
c1:dd:a2:17
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEB/VHgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Mjc2MDNhOTNiY2EzMWIwMThmNTExZjZkNGIwYjc1NDZlOTYzMzYyMB4XDTIyMDEw
MTAxMDEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjJiMWU4ZjJkOWQ5
YzM1MGYyMTk3NmVkMzI5NGE0YTMyYzFhNjllNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJetsSx33Z9c6Ydp2i/FYf779xGqTqQVzpHdc8GT9m2rzWsY
t3obkMp6tag2kJQlKViPX0GHtFK4PTZBqbyDVqNL3GlEyLs1Y4PX7lKcPFW+p8+A
VRwiNx0yerX3W53Mlggm5X2sE4O3Xc4PzWlcWpmpIaj++UB6NUulqcUkwWmvG4Zv
erbgpOR469h56N8JhKskCv7yQhTny1OqXil6ibGlAr7KcSrRw1imkgA4kO+EvOnN
wyoxX5xPlm1OTgSwa6/jvRvNAt5MbzDO+cwYlTBrHNd2Wf/u27aVlyyTD/AEZKEC
Z/8B5sNMzxWwIS54HgIsRO3epm8ThsSTHHtgDw0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRisejy2dnDUPIZdu0ylKSjLBpp5DAfBgNVHSMEGDAWgBSCdgOpO8oxsBj1
EfbUsLdUbpYzYjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2duWURxVHZLTWJBWTlSSDIxTEMzVkc2V00ySS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWIvOTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8x
L1lySG84dG5adzFEeUdYYnRNcFNrb3l3YWFlUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWIv
OTFhZjY2LWQzOTQtNDJmYS1hMGM2LWIxNmNiNGRmYWRkMy8xL2duWURxVHZLTWJB
WTlSSDIxTEMzVkc2V00ySS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAoscrAMEAtQ8ADANBgkqhkiG9w0B
AQsFAAOCAQEAUqBHH92hjCEmGHv3lPRxsNUpzC9HnYpsHI1D31hZ3ixbq59/4TKv
9hUrk0R64vekuwiH7s8KvAxN5l8aG8K3J3tw5ZxkLjjI0DIYnHimoLTbp/4FMOtO
HZH4VOK0+6xSDcoGQjKh2ELPPAZhEt/EeSktZUNdW32Thrud5Z6kBB3QWeemXbI7
Pv/CuBbwG8l+2m/gWv/uP9K2GM98CqXSmNE3LXVIHE9hdRKb5xsMArH1GJnPQ+P0
OhXEc9B8zZUTCD8MoEmuMyH9BAArKGMO4YVPhl2gC3vpO/PKMluz15rDnxdvW92N
lRYAfqPxerR9wa88V6rYPSLa2k4Cwd2iFw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:57 2023 by rpki-client on console-fra.rpki-client.org