Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/97qolE9qi8aMQBYHgCJWJMRxH_Q.roa
File: 97qolE9qi8aMQBYHgCJWJMRxH_Q.roa (raw, json)
Hash identifier: AO3lsE092qHTDvTiQnwsO5NoPpSbcb0I8NhPNpHJmwU=
Subject key identifier: F7:BA:A8:94:4F:6A:8B:C6:8C:40:16:07:80:22:56:24:C4:71:1F:F4
Certificate issuer: /CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Certificate serial: 01836A258A039E9E73D513B13D619C366801
Authority key identifier: 98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/97qolE9qi8aMQBYHgCJWJMRxH_Q.roa
Signing time: Fri 23 Sep 2022 11:39:48 +0000
ROA not before: Fri 23 Sep 2022 11:39:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198500
IP address blocks: 217.69.96.0/20 maxlen: 20
2a00:5800::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:6a:25:8a:03:9e:9e:73:d5:13:b1:3d:61:9c:36:68:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98118687fdd6ff80fb098a9eeef06de377f85d6e
Validity
Not Before: Sep 23 11:39:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7baa8944f6a8bc68c40160780225624c4711ff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a2:ba:22:68:02:73:95:53:2c:c2:03:ed:0b:
8a:b5:95:db:f1:3a:24:7f:6a:51:a8:de:48:d8:65:
d0:0d:18:47:ed:4c:9b:0a:d2:13:c0:89:50:d3:79:
eb:b1:1d:9a:f3:99:d9:76:5d:72:1f:d7:61:0d:55:
00:1d:15:30:60:00:c5:29:e4:9c:9b:ac:bb:3b:93:
1d:1f:0c:39:70:45:2c:27:7f:81:50:90:f7:b2:42:
e9:99:1d:5e:e7:bf:19:0a:ee:66:6e:c0:49:d5:b2:
ae:7b:09:83:8e:18:6d:9f:15:3b:b8:97:65:19:1a:
72:8a:83:e2:3b:d1:59:de:37:a2:81:a9:7a:95:76:
5b:f7:54:24:83:f1:6c:43:d9:c8:b6:36:39:88:c9:
e3:3d:f0:ee:fe:6d:c3:52:25:47:67:e2:97:26:1f:
eb:cb:2e:64:b3:93:6b:e5:61:b5:c7:5e:19:b2:a4:
f0:f6:31:c6:af:64:c8:0d:cf:7e:91:8e:f0:ce:19:
23:ba:64:d4:46:c6:e5:dc:7a:8a:2f:de:44:9c:59:
f5:35:d5:c1:7f:6b:82:69:65:8d:40:ce:25:32:13:
ab:da:05:9d:8f:65:01:5f:85:e0:42:79:38:41:df:
c4:52:0b:50:01:f8:0a:f4:4d:8d:95:bb:ef:ac:bb:
61:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:BA:A8:94:4F:6A:8B:C6:8C:40:16:07:80:22:56:24:C4:71:1F:F4
X509v3 Authority Key Identifier:
keyid:98:11:86:87:FD:D6:FF:80:FB:09:8A:9E:EE:F0:6D:E3:77:F8:5D:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mBGGh_3W_4D7CYqe7vBt43f4XW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/97qolE9qi8aMQBYHgCJWJMRxH_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/5908a9-0c0f-40ab-bfd6-69af0a6e989b/1/mBGGh_3W_4D7CYqe7vBt43f4XW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.69.96.0/20
IPv6:
2a00:5800::/32
Signature Algorithm: sha256WithRSAEncryption
3e:3b:c7:57:67:98:c6:7a:d7:1b:a5:ff:c6:ac:ed:5c:89:2b:
88:7d:55:54:d9:bf:31:bf:34:62:a6:49:57:00:2c:d3:a6:fb:
8d:9a:2e:ca:11:a1:3b:a5:d4:e1:a8:66:e0:0f:34:bc:2b:a6:
5c:ae:58:20:3d:d4:ed:63:db:88:61:34:76:91:09:03:20:b2:
8a:65:2d:a0:97:58:28:0b:69:43:69:52:9d:56:b2:d0:32:9c:
12:31:70:cd:c7:72:36:13:c8:ce:77:ba:a8:dc:24:9d:ae:15:
5e:c6:54:0b:5d:f3:2e:9a:3f:88:dc:79:42:92:18:97:3b:d1:
a7:cf:0d:b7:31:0d:9c:d0:38:f9:12:6f:fb:6c:b2:34:cb:9e:
be:5b:41:bb:8b:73:e6:9e:ca:36:51:ed:56:b4:25:de:7c:66:
09:1a:8d:8f:c2:be:83:9e:6e:58:49:5b:7a:ae:a1:30:cf:05:
a8:62:ae:20:2b:4b:8d:f3:99:80:9d:52:af:3c:85:f0:15:86:
47:76:aa:75:79:5d:3c:4b:28:6b:64:d2:40:96:45:ff:39:90:
8c:cc:d5:5f:5e:17:20:f1:6b:33:ae:f5:47:ee:87:cd:ef:47:
8b:88:9d:7f:54:33:22:76:79:9e:73:87:d9:16:8a:bf:f9:76:
72:a4:f2:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNqJYoDnp5z1ROxPWGcNmgBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MTE4Njg3ZmRkNmZmODBmYjA5OGE5ZWVlZjA2ZGUzNzdm
ODVkNmUwHhcNMjIwOTIzMTEzOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2JhYTg5NDRmNmE4YmM2OGM0MDE2MDc4MDIyNTYyNGM0NzExZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaK6ImgCc5VTLMID7QuKtZXb8Tok
f2pRqN5I2GXQDRhH7UybCtITwIlQ03nrsR2a85nZdl1yH9dhDVUAHRUwYADFKeSc
m6y7O5MdHww5cEUsJ3+BUJD3skLpmR1e578ZCu5mbsBJ1bKuewmDjhhtnxU7uJdl
GRpyioPiO9FZ3jeigal6lXZb91Qkg/FsQ9nItjY5iMnjPfDu/m3DUiVHZ+KXJh/r
yy5ks5Nr5WG1x14ZsqTw9jHGr2TIDc9+kY7wzhkjumTURsbl3HqKL95EnFn1NdXB
f2uCaWWNQM4lMhOr2gWdj2UBX4XgQnk4Qd/EUgtQAfgK9E2NlbvvrLthzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPe6qJRPaovGjEAWB4AiViTEcR/0MB8GA1UdIwQY
MBaAFJgRhof91v+A+wmKnu7wbeN3+F1uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYt
NjlhZjBhNmU5ODliLzEvOTdxb2xFOXFpOGFNUUJZSGdDSldKTVJ4SF9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy81OTA4YTktMGMwZi00MGFiLWJmZDYtNjlhZjBhNmU5ODli
LzEvbUJHR2hfM1dfNEQ3Q1lxZTd2QnQ0M2Y0WFc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UVgMA0E
AgACMAcDBQAqAFgAMA0GCSqGSIb3DQEBCwUAA4IBAQA+O8dXZ5jGetcbpf/GrO1c
iSuIfVVU2b8xvzRipklXACzTpvuNmi7KEaE7pdThqGbgDzS8K6ZcrlggPdTtY9uI
YTR2kQkDILKKZS2gl1goC2lDaVKdVrLQMpwSMXDNx3I2E8jOd7qo3CSdrhVexlQL
XfMumj+I3HlCkhiXO9Gnzw23MQ2c0Dj5Em/7bLI0y56+W0G7i3Pmnso2Ue1WtCXe
fGYJGo2Pwr6Dnm5YSVt6rqEwzwWoYq4gK0uN85mAnVKvPIXwFYZHdqp1eV08Syhr
ZNJAlkX/OZCMzNVfXhcg8WszrvVH7ofN70eLiJ1/VDMidnmec4fZFoq/+XZypPIK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:11 2024 by rpki-client on console-fra.rpki-client.org