Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/aL2aFS70J7mgDMuyjSWsccP-Ee4.roa
File: aL2aFS70J7mgDMuyjSWsccP-Ee4.roa (raw, json)
Hash identifier: zTaPbztrSxXlR+Zxeg3jB+wm/rYTvzKllJOsxsB8o74=
Subject key identifier: 68:BD:9A:15:2E:F4:27:B9:A0:0C:CB:B2:8D:25:AC:71:C3:FE:11:EE
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 07721021
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/aL2aFS70J7mgDMuyjSWsccP-Ee4.roa
Signing time: Fri 11 Mar 2022 16:47:27 +0000
ROA not before: Fri 11 Mar 2022 16:47:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2856
IP address blocks: 188.172.160.0/21 maxlen: 21
188.172.160.0/20 maxlen: 20
188.172.168.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 124915745 (0x7721021)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Mar 11 16:47:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=68bd9a152ef427b9a00ccbb28d25ac71c3fe11ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:71:11:14:f4:cb:b8:09:41:e3:96:73:b9:11:
3b:01:1b:de:d3:bd:d7:c1:29:b8:e8:9d:89:74:0d:
bf:f0:74:6e:c5:6b:3e:34:f2:81:7f:f5:98:de:fb:
06:6a:0b:a3:4b:4f:8f:a3:35:7c:b9:fd:b4:20:11:
b2:6a:6c:0d:19:79:8c:4c:fa:0a:47:b1:56:0e:bf:
62:df:4d:1b:55:4c:e1:c5:4f:4c:cc:84:bc:b7:75:
62:f8:3d:c7:21:6f:2d:5e:e9:a0:70:d2:9f:dc:9f:
84:d7:1d:00:7b:67:e4:9a:e7:60:3f:a8:21:14:e6:
31:8d:c7:8d:7a:90:b3:1d:62:32:df:22:fb:4e:a5:
ff:aa:85:88:9a:c4:b3:d8:6b:90:67:f8:ea:6f:89:
07:5a:c3:f8:ad:3e:d7:3a:04:37:f2:b6:f8:47:39:
01:23:0e:33:67:24:5c:77:31:71:10:16:ed:c7:4f:
23:6f:92:50:37:7e:fb:b6:5a:50:f9:28:0a:e4:8f:
eb:49:e2:5d:e0:23:c8:e2:02:af:99:93:47:c3:39:
33:5a:ef:4b:5f:c6:4c:e5:c3:70:2b:80:79:91:b3:
d5:d0:0f:1f:09:96:dc:de:4f:72:fd:7d:71:c4:9b:
63:51:17:a2:d7:de:13:62:2f:5a:af:0e:cc:83:ac:
46:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BD:9A:15:2E:F4:27:B9:A0:0C:CB:B2:8D:25:AC:71:C3:FE:11:EE
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/aL2aFS70J7mgDMuyjSWsccP-Ee4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.172.160.0/20
Signature Algorithm: sha256WithRSAEncryption
91:bb:c4:5b:e4:8d:e0:fd:54:af:78:11:f0:54:7e:c0:d6:8c:
6a:50:9c:69:3e:37:e3:e4:dd:d0:67:b2:28:12:ff:62:a6:54:
2f:b2:94:3a:2c:62:5d:71:68:87:e4:a2:ff:f6:37:8b:39:81:
c9:ac:08:56:42:aa:c6:e2:d4:41:61:cf:e7:47:f3:53:c9:f2:
a9:69:3d:7a:2e:1f:21:5a:16:b3:49:58:72:7d:74:bd:67:96:
a7:74:0a:87:48:4d:21:be:60:00:15:b8:47:9d:10:03:aa:50:
10:aa:d5:4d:95:0c:fc:29:37:6c:3c:9f:52:21:78:8d:df:fd:
83:55:88:f6:3e:3f:d5:7f:59:8c:15:6d:c0:f1:d2:ad:13:28:
3a:4f:99:d5:31:98:0d:cb:9a:67:c4:cf:4a:2f:cb:6e:c2:54:
56:df:5b:62:d6:d4:66:0f:ea:b3:70:14:1a:0f:73:ab:3b:de:
01:02:ab:38:f9:20:41:e8:a7:3d:68:a5:24:6d:c1:fd:99:0c:
7a:7b:a3:42:c0:29:81:d4:4c:21:e5:7d:8a:b8:d1:40:8a:04:
a7:b6:77:14:38:93:24:8d:e7:f9:74:cb:72:af:2b:d4:38:87:
4d:e2:f0:05:3b:53:08:84:4c:e9:a7:32:5c:a3:86:14:fa:d4:
a2:46:96:17
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB3IQITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGY4MjRkMzJkZjFhNTExM2Q4MjEwMTM0NWQ3ODVhMzhhZGRiZGU1MB4XDTIyMDMx
MTE2NDcyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjhiZDlhMTUyZWY0
MjdiOWEwMGNjYmIyOGQyNWFjNzFjM2ZlMTFlZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMhxERT0y7gJQeOWc7kROwEb3tO918EpuOidiXQNv/B0bsVr
PjTygX/1mN77BmoLo0tPj6M1fLn9tCARsmpsDRl5jEz6CkexVg6/Yt9NG1VM4cVP
TMyEvLd1Yvg9xyFvLV7poHDSn9yfhNcdAHtn5JrnYD+oIRTmMY3HjXqQsx1iMt8i
+06l/6qFiJrEs9hrkGf46m+JB1rD+K0+1zoEN/K2+Ec5ASMOM2ckXHcxcRAW7cdP
I2+SUDd++7ZaUPkoCuSP60niXeAjyOICr5mTR8M5M1rvS1/GTOXDcCuAeZGz1dAP
HwmW3N5Pcv19ccSbY1EXotfeE2IvWq8OzIOsRn8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRovZoVLvQnuaAMy7KNJaxxw/4R7jAfBgNVHSMEGDAWgBSE+CTTLfGlET2C
EBNF14Wjit295TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hQZ2sweTN4cFJFOWdoQVRSZGVGbzRyZHZlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvOWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8x
L2FMMmFGUzcwSjdtZ0RNdXlqU1dzY2NQLUVlNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
OWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8xL2hQZ2sweTN4cFJF
OWdoQVRSZGVGbzRyZHZlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBLysoDANBgkqhkiG9w0BAQsFAAOC
AQEAkbvEW+SN4P1Ur3gR8FR+wNaMalCcaT434+Td0GeyKBL/YqZUL7KUOixiXXFo
h+Si//Y3izmByawIVkKqxuLUQWHP50fzU8nyqWk9ei4fIVoWs0lYcn10vWeWp3QK
h0hNIb5gABW4R50QA6pQEKrVTZUM/Ck3bDyfUiF4jd/9g1WI9j4/1X9ZjBVtwPHS
rRMoOk+Z1TGYDcuaZ8TPSi/LbsJUVt9bYtbUZg/qs3AUGg9zqzveAQKrOPkgQein
PWilJG3B/ZkMenujQsApgdRMIeV9irjRQIoEp7Z3FDiTJI3n+XTLcq8r1DiHTeLw
BTtTCIRM6acyXKOGFPrUokaWFw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:34 2023 by rpki-client on console-fra.rpki-client.org