Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/ek7POn131htgwwG_XW5RhnHciiM.roa
File: ek7POn131htgwwG_XW5RhnHciiM.roa (raw, json)
Hash identifier: VJYW2VqDTGP8msDzJAZ7RGpIjYXkwgS7u3CHop9zOvo=
Subject key identifier: 7A:4E:CF:3A:7D:77:D6:1B:60:C3:01:BF:5D:6E:51:86:71:DC:8A:23
Certificate issuer: /CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Certificate serial: 12A5BB6B
Authority key identifier: F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/ek7POn131htgwwG_XW5RhnHciiM.roa
Signing time: Sat 01 Jan 2022 09:55:12 +0000
ROA not before: Sat 01 Jan 2022 09:55:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20769
IP address blocks: 91.208.87.0/24 maxlen: 32
2a04:a500::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 312851307 (0x12a5bb6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e826de1070d9d79daa9e415fc432613cc57e57
Validity
Not Before: Jan 1 09:55:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7a4ecf3a7d77d61b60c301bf5d6e518671dc8a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d1:ea:d1:e4:42:8d:26:b6:ef:17:3a:4d:38:
6f:98:5c:bc:a9:48:f8:e4:96:1a:cc:21:e8:a1:50:
36:62:e4:02:b7:d2:ca:06:fb:24:a4:04:06:f8:ee:
e1:34:ab:9d:5e:83:94:f8:ec:c7:25:25:92:a4:ef:
28:17:38:21:ef:2f:3a:2b:cf:73:1e:71:71:ae:1d:
34:0a:dc:eb:3b:30:02:1f:2a:2f:ee:0f:ec:1a:35:
db:20:45:a9:63:1d:10:bb:71:d8:5a:9c:e4:df:ed:
48:3b:40:8c:98:2e:5b:e3:76:89:f6:68:05:0c:6d:
aa:2f:59:73:ee:ff:9d:3e:ec:da:07:97:a9:b7:11:
f5:22:ca:6a:fc:ec:3b:d5:49:1e:36:cb:b2:f3:d1:
42:df:da:ab:1e:98:af:59:11:22:86:3e:0c:ba:b7:
a8:f5:18:49:ac:79:6a:63:3c:c4:f1:e4:44:50:cd:
48:10:44:d1:2f:2c:8b:1a:4a:b6:05:17:de:d1:68:
82:6f:36:74:78:28:f3:c0:ff:63:90:6d:ab:97:5c:
d4:fa:c3:4f:db:42:6f:24:8e:f2:a0:6e:a0:cc:62:
f0:03:e8:40:5f:af:39:f6:d2:f1:b5:01:31:68:ac:
03:15:bf:cc:7d:b1:7b:7e:07:82:bc:ff:d2:b5:2e:
86:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:4E:CF:3A:7D:77:D6:1B:60:C3:01:BF:5D:6E:51:86:71:DC:8A:23
X509v3 Authority Key Identifier:
keyid:F8:E8:26:DE:10:70:D9:D7:9D:AA:9E:41:5F:C4:32:61:3C:C5:7E:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Ogm3hBw2dedqp5BX8QyYTzFflc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/ek7POn131htgwwG_XW5RhnHciiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/73db77-0a6b-4f9b-a8e8-eaedb709efbf/1/1-Ogm3hBw2dedqp5BX8QyYTzFflc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.87.0/24
IPv6:
2a04:a500::/29
Signature Algorithm: sha256WithRSAEncryption
02:22:2a:3f:d4:16:81:cd:9d:a8:3c:eb:a2:72:64:55:cb:8e:
20:f3:e0:df:c3:45:55:67:8c:97:9b:95:cd:f0:08:ea:1c:3d:
50:93:9e:53:40:4a:56:fc:00:69:eb:05:a2:c8:bd:de:89:ab:
34:10:c9:6b:fe:91:2b:8d:af:93:87:93:bc:0f:ca:f5:d0:dd:
14:29:4b:ba:ea:9d:f0:fc:a5:19:a7:5a:b6:cf:da:2e:79:0e:
ed:93:2b:93:f9:b7:18:1c:a5:58:4a:56:b4:ac:5b:6b:08:55:
e2:06:0e:b1:01:88:29:f1:42:8a:33:91:59:83:c1:6d:a3:47:
89:2e:7a:e9:b7:50:45:84:10:55:99:c1:2f:74:bb:cc:15:c1:
6c:db:d3:3a:d5:27:2c:4f:b9:72:5c:5a:15:6b:76:a6:66:aa:
3d:0a:1e:ee:ec:8e:74:ae:41:3c:ca:22:19:74:cf:b0:5c:27:
bc:ae:d9:06:d9:97:2a:0f:7b:7b:58:a5:ec:37:fb:49:96:32:
ec:2a:de:72:0a:4b:dc:a1:64:b0:38:5a:66:b4:73:48:86:2b:
3b:54:3e:49:82:65:fa:46:99:1b:1a:c3:fd:d9:86:3e:16:4c:
a3:5d:3f:31:bb:e0:a0:7f:84:4a:6e:df:c9:f9:af:51:10:70:
6d:8d:b4:8b
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEEqW7azANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OGU4MjZkZTEwNzBkOWQ3OWRhYTllNDE1ZmM0MzI2MTNjYzU3ZTU3MB4XDTIyMDEw
MTA5NTUxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2E0ZWNmM2E3ZDc3
ZDYxYjYwYzMwMWJmNWQ2ZTUxODY3MWRjOGEyMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKnR6tHkQo0mtu8XOk04b5hcvKlI+OSWGswh6KFQNmLkArfS
ygb7JKQEBvju4TSrnV6DlPjsxyUlkqTvKBc4Ie8vOivPcx5xca4dNArc6zswAh8q
L+4P7Bo12yBFqWMdELtx2Fqc5N/tSDtAjJguW+N2ifZoBQxtqi9Zc+7/nT7s2geX
qbcR9SLKavzsO9VJHjbLsvPRQt/aqx6Yr1kRIoY+DLq3qPUYSax5amM8xPHkRFDN
SBBE0S8sixpKtgUX3tFogm82dHgo88D/Y5Btq5dc1PrDT9tCbySO8qBuoMxi8APo
QF+vOfbS8bUBMWisAxW/zH2xe34Hgrz/0rUuhpkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBR6Ts86fXfWG2DDAb9dblGGcdyKIzAfBgNVHSMEGDAWgBT46CbeEHDZ152q
nkFfxDJhPMV+VzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtT2dtM2hCdzJkZWRxcDVCWDhReVlUekZmbGMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzlkLzczZGI3Ny0wYTZiLTRmOWItYThlOC1lYWVkYjcwOWVmYmYv
MS9lazdQT24xMzFodGd3d0dfWFc1UmhuSGNpaU0ucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzlk
LzczZGI3Ny0wYTZiLTRmOWItYThlOC1lYWVkYjcwOWVmYmYvMS8xLU9nbTNoQncy
ZGVkcXA1Qlg4UXlZVHpGZmxjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9BXMA0EAgACMAcDBQMqBKUA
MA0GCSqGSIb3DQEBCwUAA4IBAQACIio/1BaBzZ2oPOuicmRVy44g8+Dfw0VVZ4yX
m5XN8AjqHD1Qk55TQEpW/ABp6wWiyL3eias0EMlr/pErja+Th5O8D8r10N0UKUu6
6p3w/KUZp1q2z9oueQ7tkyuT+bcYHKVYSla0rFtrCFXiBg6xAYgp8UKKM5FZg8Ft
o0eJLnrpt1BFhBBVmcEvdLvMFcFs29M61ScsT7lyXFoVa3amZqo9Ch7u7I50rkE8
yiIZdM+wXCe8rtkG2ZcqD3t7WKXsN/tJljLsKt5yCkvcoWSwOFpmtHNIhis7VD5J
gmX6RpkbGsP92YY+FkyjXT8xu+Cgf4RKbt/J+a9REHBtjbSL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:49 2023 by rpki-client on console-ams.rpki-client.org