Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/U8xQm-8vllgNS0J-AGmWsz87jFo.roa
File: U8xQm-8vllgNS0J-AGmWsz87jFo.roa (raw, json)
Hash identifier: etSoDOXp3s9oW7OoQyqhes9w9FhlzyzhpcDUov+BiJ8=
Subject key identifier: 53:CC:50:9B:EF:2F:96:58:0D:4B:42:7E:00:69:96:B3:3F:3B:8C:5A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 36579397
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/U8xQm-8vllgNS0J-AGmWsz87jFo.roa
Signing time: Sat 01 Jan 2022 13:57:17 +0000
ROA not before: Sat 01 Jan 2022 13:57:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20668
IP address blocks: 86.105.32.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 911709079 (0x36579397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 13:57:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=53cc509bef2f96580d4b427e006996b33f3b8c5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7c:cc:94:5a:fa:bf:9a:8f:a4:0c:da:b8:8f:
96:84:4c:19:12:b7:01:5b:5e:fd:e1:2a:b0:6d:ed:
2d:83:61:d3:c1:47:33:b9:60:dd:71:29:e6:cf:9e:
86:5d:d7:25:75:d0:8f:11:b8:90:90:2c:eb:1d:dc:
90:57:54:8a:f0:77:0d:66:73:c3:c7:9f:37:83:18:
d3:8e:39:a5:27:71:38:de:79:19:aa:ec:ed:37:d7:
61:7f:d6:13:f8:87:fb:f8:6d:19:20:7e:9e:c5:15:
74:e2:17:ad:24:86:60:9d:2f:b3:83:86:aa:70:c3:
17:a9:ce:7c:72:eb:7f:98:e9:ad:f3:e4:94:47:a2:
f4:53:7a:05:e0:5d:85:94:c1:91:ca:6a:1d:40:42:
c8:c8:d0:59:80:b4:41:0d:cb:32:91:1b:15:ab:5e:
f3:e2:be:22:62:4a:17:72:3f:32:23:04:bb:91:fb:
f8:28:d8:b5:04:7f:7b:05:04:89:96:4e:cc:d7:3b:
db:88:2a:b6:15:b6:7e:25:27:ab:62:aa:91:01:05:
6a:e3:c3:3c:7d:de:fd:b4:75:51:12:13:84:c9:c4:
07:22:70:e6:e2:c8:54:ec:29:3c:ef:31:da:d1:d7:
96:65:68:f3:83:24:5a:b2:a5:5a:e8:06:6d:b1:89:
1f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CC:50:9B:EF:2F:96:58:0D:4B:42:7E:00:69:96:B3:3F:3B:8C:5A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/U8xQm-8vllgNS0J-AGmWsz87jFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.32.0/21
Signature Algorithm: sha256WithRSAEncryption
37:77:66:ac:ef:1d:c4:eb:df:d2:11:53:1c:b7:a1:b7:09:a2:
c9:b2:77:94:e3:2d:60:61:bb:82:aa:a0:a9:97:4d:53:83:bc:
53:92:5d:62:43:a0:25:7e:28:bd:5c:e8:8c:80:f2:40:20:01:
1f:a0:34:22:44:69:59:d3:95:a0:59:78:22:77:81:b4:b4:bb:
be:ed:d5:10:0f:ee:6d:54:96:17:e7:a9:f2:cb:7a:65:51:1c:
2c:34:d6:4c:27:f5:a3:b3:ac:e2:44:90:c9:cf:77:69:ae:b6:
ae:93:3e:0c:a8:1c:e2:99:87:31:02:a2:5f:26:47:11:70:89:
4c:98:a7:78:84:e3:36:a1:dc:95:18:60:14:27:0a:c9:1c:86:
86:0c:29:60:69:de:66:2b:ed:db:77:e5:20:98:16:54:f0:e8:
e9:e9:9c:34:ae:6b:a6:f2:0d:aa:4e:18:31:80:a0:ed:6a:70:
d1:db:6f:7e:f7:09:9c:0a:73:97:a4:b2:06:ef:b8:ad:67:f6:
84:ea:56:62:f8:05:04:7e:68:f0:0c:7a:fd:3f:89:6a:bb:aa:
c2:01:3a:ad:3c:8e:0d:14:57:bf:94:fb:fb:fa:c8:33:be:03:
cb:7f:93:d6:91:7d:8f:bc:83:7c:03:b1:a1:a0:61:f1:da:91:
30:37:71:b7
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIENleTlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MWQ0NmUwZTNlOGNhYWFlZDRhNTI5YmQ3ZDczMDhiZDFlZjAxYzFkMB4XDTIyMDEw
MTEzNTcxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTNjYzUwOWJlZjJm
OTY1ODBkNGI0MjdlMDA2OTk2YjMzZjNiOGM1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALd8zJRa+r+aj6QM2riPloRMGRK3AVte/eEqsG3tLYNh08FH
M7lg3XEp5s+ehl3XJXXQjxG4kJAs6x3ckFdUivB3DWZzw8efN4MY0445pSdxON55
Gars7TfXYX/WE/iH+/htGSB+nsUVdOIXrSSGYJ0vs4OGqnDDF6nOfHLrf5jprfPk
lEei9FN6BeBdhZTBkcpqHUBCyMjQWYC0QQ3LMpEbFate8+K+ImJKF3I/MiMEu5H7
+CjYtQR/ewUEiZZOzNc724gqthW2fiUnq2KqkQEFauPDPH3e/bR1URIThMnEByJw
5uLIVOwpPO8x2tHXlmVo84MkWrKlWugGbbGJHxsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRTzFCb7y+WWA1LQn4AaZazPzuMWjAfBgNVHSMEGDAWgBTx1G4OPoyqrtSl
Kb19cwi9HvAcHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8x
L1U4eFFtLTh2bGxnTlMwSi1BR21Xc3o4N2pGby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWIv
ODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4MjhjMy8xLzhkUnVEajZNcXE3
VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1ZpIDANBgkqhkiG9w0BAQsFAAOC
AQEAN3dmrO8dxOvf0hFTHLehtwmiybJ3lOMtYGG7gqqgqZdNU4O8U5JdYkOgJX4o
vVzojIDyQCABH6A0IkRpWdOVoFl4IneBtLS7vu3VEA/ubVSWF+ep8st6ZVEcLDTW
TCf1o7Os4kSQyc93aa62rpM+DKgc4pmHMQKiXyZHEXCJTJineITjNqHclRhgFCcK
yRyGhgwpYGneZivt23flIJgWVPDo6emcNK5rpvINqk4YMYCg7Wpw0dtvfvcJnApz
l6SyBu+4rWf2hOpWYvgFBH5o8Ax6/T+JaruqwgE6rTyODRRXv5T7+/rIM74Dy3+T
1pF9j7yDfAOxoaBh8dqRMDdxtw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:56 2023 by rpki-client on console-ams.rpki-client.org