Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/HYv5IkH7AcUGlaSg3083IB7chmU.roa
File: HYv5IkH7AcUGlaSg3083IB7chmU.roa (raw, json)
Hash identifier: PcN5yyM6h1nwn8WslIGv5ggpepo5wDPFAQmbm63ESYo=
Subject key identifier: 1D:8B:F9:22:41:FB:01:C5:06:95:A4:A0:DF:4F:37:20:1E:DC:86:65
Certificate issuer: /CN=f4e40f03979a3f4e4ad39da983b67ba7e6215c0d
Certificate serial: 08B9CF01
Authority key identifier: F4:E4:0F:03:97:9A:3F:4E:4A:D3:9D:A9:83:B6:7B:A7:E6:21:5C:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9OQPA5eaP05K052pg7Z7p-YhXA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/HYv5IkH7AcUGlaSg3083IB7chmU.roa
Signing time: Sat 01 Jan 2022 10:53:41 +0000
ROA not before: Sat 01 Jan 2022 10:53:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8218
IP address blocks: 217.168.96.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146394881 (0x8b9cf01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4e40f03979a3f4e4ad39da983b67ba7e6215c0d
Validity
Not Before: Jan 1 10:53:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d8bf92241fb01c50695a4a0df4f37201edc8665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:19:b2:f8:f3:33:9b:82:04:ad:e5:f4:66:31:
f1:07:4d:12:9b:a9:86:5e:e1:07:34:bf:b5:dd:40:
0a:b0:d0:9c:d8:81:ea:68:8a:9c:7a:5d:4f:8c:aa:
09:59:93:87:80:a3:72:23:43:fd:4d:80:13:ee:81:
92:b4:6e:7b:40:4c:86:06:16:ff:67:2c:ef:b7:ce:
10:81:47:2e:de:42:c2:86:4a:55:89:a6:a0:26:c2:
d7:df:6b:e9:db:5b:87:e3:84:95:fd:59:3f:7b:17:
e0:c8:8e:f0:1d:0f:9a:be:6f:83:6c:b7:c9:2f:56:
94:5e:ad:16:bf:9d:e5:c7:88:e9:41:86:42:4b:db:
e3:8d:d8:d0:5a:1a:64:41:4d:9f:a6:42:5a:7f:60:
de:f8:38:12:65:b0:73:bc:6d:d2:95:de:5c:a7:74:
76:44:5d:84:1e:da:bf:44:78:94:ec:9e:9b:35:48:
57:09:af:18:9c:88:31:cd:16:bc:71:bb:18:69:e1:
89:79:44:4f:2a:04:b8:5e:90:59:2d:3f:32:f6:00:
3b:b3:bc:af:ce:af:7d:f1:8a:1e:9a:f9:22:7a:2b:
6a:66:50:21:bd:a0:af:17:e8:57:1c:54:b3:d7:8b:
99:93:6d:9a:af:f6:00:8f:a4:3d:5c:22:4d:eb:ef:
94:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:8B:F9:22:41:FB:01:C5:06:95:A4:A0:DF:4F:37:20:1E:DC:86:65
X509v3 Authority Key Identifier:
keyid:F4:E4:0F:03:97:9A:3F:4E:4A:D3:9D:A9:83:B6:7B:A7:E6:21:5C:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9OQPA5eaP05K052pg7Z7p-YhXA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/HYv5IkH7AcUGlaSg3083IB7chmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d4ffc0-a52d-461b-9719-a914e3ce3941/1/9OQPA5eaP05K052pg7Z7p-YhXA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.168.96.0/20
Signature Algorithm: sha256WithRSAEncryption
8e:c8:d4:97:e7:19:75:c7:c8:b7:60:e8:85:f2:41:e1:f7:21:
1d:5a:f5:67:8c:65:dc:7f:af:ab:ff:03:ce:69:15:45:21:36:
f3:6b:d0:29:fc:bc:a3:59:41:f0:e7:a3:bd:a1:f3:27:3e:b9:
96:18:a9:8a:bc:7d:c5:ba:15:ec:5f:29:1b:d0:d2:5b:12:b8:
3e:47:9e:de:c2:fe:95:dd:11:47:b6:99:32:fc:79:5f:9e:45:
28:c1:55:6f:50:a9:de:bb:e7:b1:17:c4:da:84:46:81:03:87:
14:68:65:2b:9f:5b:0e:27:84:d6:5f:33:14:38:13:c2:1c:89:
3c:38:85:90:ec:86:38:65:d5:7d:9f:a1:13:85:2f:4f:13:80:
0b:f4:5a:6a:40:20:c0:6c:8c:fb:83:28:e7:7e:de:08:fe:50:
8b:bf:1b:b1:4e:84:0d:08:b3:a7:e5:c8:ed:09:d5:7e:ea:7a:
3e:e8:ef:67:b0:a2:ef:cc:aa:19:53:80:7b:51:e2:76:7b:cc:
5e:b5:38:ce:f8:60:d6:03:93:83:d9:93:bf:b8:3c:dc:08:3d:
d7:1a:c1:2c:5b:1b:1e:61:78:1e:72:f2:14:9d:2d:5e:f3:86:
0f:c8:e8:90:73:64:b8:4b:f3:74:98:4c:21:8e:21:88:63:db:
52:06:e4:6e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECLnPATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NGU0MGYwMzk3OWEzZjRlNGFkMzlkYTk4M2I2N2JhN2U2MjE1YzBkMB4XDTIyMDEw
MTEwNTM0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ4YmY5MjI0MWZi
MDFjNTA2OTVhNGEwZGY0ZjM3MjAxZWRjODY2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ4ZsvjzM5uCBK3l9GYx8QdNEpuphl7hBzS/td1ACrDQnNiB
6miKnHpdT4yqCVmTh4CjciND/U2AE+6BkrRue0BMhgYW/2cs77fOEIFHLt5CwoZK
VYmmoCbC199r6dtbh+OElf1ZP3sX4MiO8B0Pmr5vg2y3yS9WlF6tFr+d5ceI6UGG
Qkvb443Y0FoaZEFNn6ZCWn9g3vg4EmWwc7xt0pXeXKd0dkRdhB7av0R4lOyemzVI
VwmvGJyIMc0WvHG7GGnhiXlETyoEuF6QWS0/MvYAO7O8r86vffGKHpr5InoramZQ
Ib2grxfoVxxUs9eLmZNtmq/2AI+kPVwiTevvlHkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdi/kiQfsBxQaVpKDfTzcgHtyGZTAfBgNVHSMEGDAWgBT05A8Dl5o/TkrT
namDtnun5iFcDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlPUVBBNWVhUDA1SzA1MnBnN1o3cC1ZaFhBMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvZDRmZmMwLWE1MmQtNDYxYi05NzE5LWE5MTRlM2NlMzk0MS8x
L0hZdjVJa0g3QWNVR2xhU2czMDgzSUI3Y2htVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
ZDRmZmMwLWE1MmQtNDYxYi05NzE5LWE5MTRlM2NlMzk0MS8xLzlPUVBBNWVhUDA1
SzA1MnBnN1o3cC1ZaFhBMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNmoYDANBgkqhkiG9w0BAQsFAAOC
AQEAjsjUl+cZdcfIt2DohfJB4fchHVr1Z4xl3H+vq/8DzmkVRSE282vQKfy8o1lB
8OejvaHzJz65lhipirx9xboV7F8pG9DSWxK4Pkee3sL+ld0RR7aZMvx5X55FKMFV
b1Cp3rvnsRfE2oRGgQOHFGhlK59bDieE1l8zFDgTwhyJPDiFkOyGOGXVfZ+hE4Uv
TxOAC/RaakAgwGyM+4Mo537eCP5Qi78bsU6EDQizp+XI7QnVfup6PujvZ7Ci78yq
GVOAe1HidnvMXrU4zvhg1gOTg9mTv7g83Ag91xrBLFsbHmF4HnLyFJ0tXvOGD8jo
kHNkuEvzdJhMIY4hiGPbUgbkbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:58 2024 by rpki-client on console-fra.rpki-client.org