Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/cciIdZ3LjwvvealQtDLV_tIVMrw.roa
File: cciIdZ3LjwvvealQtDLV_tIVMrw.roa (raw, json)
Hash identifier: sskJrAg/bjbRUZxIs1Usb/runsIn8uz8FCjKzBAWcmY=
Subject key identifier: 71:C8:88:75:9D:CB:8F:0B:EF:79:A9:50:B4:32:D5:FE:D2:15:32:BC
Certificate issuer: /CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Certificate serial: 07FEDE6B
Authority key identifier: 9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/cciIdZ3LjwvvealQtDLV_tIVMrw.roa
Signing time: Wed 02 Mar 2022 16:14:20 +0000
ROA not before: Wed 02 Mar 2022 16:14:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 81.28.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134143595 (0x7fede6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b0c0d04225566db95e9ad3b2ef605014975aaa2
Validity
Not Before: Mar 2 16:14:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71c888759dcb8f0bef79a950b432d5fed21532bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:49:71:9e:c4:58:e1:94:39:67:b5:97:c9:64:
6c:c7:14:73:f2:b5:6c:d5:71:6e:80:66:85:c8:9d:
ae:51:5c:7b:ff:c6:79:54:c4:31:52:6a:3f:77:77:
de:7d:6c:7e:ab:cb:5d:bf:d8:47:91:39:05:12:e8:
e9:94:0d:47:83:53:41:02:42:31:c5:3e:e4:9c:79:
9f:93:2e:d7:f2:48:8a:b4:92:05:e4:76:6d:7e:af:
09:84:f9:8b:5f:53:26:99:9b:54:5f:b8:29:0a:90:
ac:f1:4a:9f:07:86:9f:80:40:ff:84:fe:dd:0c:6d:
e4:de:d6:f1:28:dd:b0:17:85:54:05:8d:9b:a7:f9:
31:54:c7:99:ee:9a:64:69:a9:b3:48:a7:10:f7:1c:
91:31:7c:28:24:fc:8a:38:90:7b:d9:af:a8:25:aa:
c9:7b:4b:36:60:26:16:2b:d8:a5:35:51:5c:5f:c9:
f9:2a:c1:39:2f:2e:e8:f9:2f:f8:f0:05:1a:8d:15:
12:a3:1f:6d:11:e9:5a:79:42:54:c3:24:5f:75:da:
c9:cb:02:a2:d5:e6:4c:d8:3c:d1:d0:7d:19:c4:50:
80:a5:4c:43:f4:62:a3:7b:c8:e4:05:5e:50:9c:ef:
e3:b4:07:cb:43:fb:8b:01:79:49:fe:9f:f4:8f:e3:
12:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C8:88:75:9D:CB:8F:0B:EF:79:A9:50:B4:32:D5:FE:D2:15:32:BC
X509v3 Authority Key Identifier:
keyid:9B:0C:0D:04:22:55:66:DB:95:E9:AD:3B:2E:F6:05:01:49:75:AA:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mwwNBCJVZtuV6a07LvYFAUl1qqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/cciIdZ3LjwvvealQtDLV_tIVMrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/0ec6d2-f1d7-4b0a-ad33-e8ef2f09598e/1/mwwNBCJVZtuV6a07LvYFAUl1qqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.28.252.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:f0:f1:fb:22:be:a9:9d:68:8d:64:92:99:f9:a2:d3:66:79:
4b:fe:4b:20:fb:f1:dc:9a:29:7c:4f:40:00:fb:3b:4d:63:17:
97:5b:70:aa:00:c7:03:8b:1c:74:54:ab:4c:ef:26:aa:cc:8c:
50:c7:4e:7e:3d:25:bc:a5:25:c0:d5:65:f8:a1:13:3c:a8:cf:
63:1c:18:bd:65:0f:f9:4f:45:40:1d:13:1d:f5:6c:cc:b5:7f:
b2:5c:bd:78:5b:50:5c:c7:7e:03:e0:4d:ae:90:88:43:21:f0:
ac:48:24:34:24:78:03:65:e9:e0:b3:15:23:9d:42:a9:12:ec:
c8:7e:d1:3a:33:fe:7f:0b:42:fa:49:25:1d:44:95:31:81:6d:
1d:d2:2e:a2:a6:0d:21:cb:0e:9b:1b:96:90:f0:ea:32:12:31:
59:33:52:81:f1:fe:fa:bc:38:5f:e3:57:37:93:ff:96:34:b2:
9e:42:27:1e:67:fd:28:25:3b:d2:10:0e:cf:49:63:22:7e:74:
e9:43:00:cc:da:7f:32:0c:e4:8e:5f:01:7f:86:19:90:38:e1:
9b:47:0e:a1:e8:fa:ba:3a:62:7c:6d:f2:4a:48:d3:ff:cc:d1:
67:e1:32:35:36:fb:35:55:c8:24:fc:04:0a:9d:0c:b0:52:2c:
3c:d3:e6:e9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB/7eazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjBjMGQwNDIyNTU2NmRiOTVlOWFkM2IyZWY2MDUwMTQ5NzVhYWEyMB4XDTIyMDMw
MjE2MTQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzFjODg4NzU5ZGNi
OGYwYmVmNzlhOTUwYjQzMmQ1ZmVkMjE1MzJiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMpJcZ7EWOGUOWe1l8lkbMcUc/K1bNVxboBmhcidrlFce//G
eVTEMVJqP3d33n1sfqvLXb/YR5E5BRLo6ZQNR4NTQQJCMcU+5Jx5n5Mu1/JIirSS
BeR2bX6vCYT5i19TJpmbVF+4KQqQrPFKnweGn4BA/4T+3Qxt5N7W8SjdsBeFVAWN
m6f5MVTHme6aZGmps0inEPcckTF8KCT8ijiQe9mvqCWqyXtLNmAmFivYpTVRXF/J
+SrBOS8u6Pkv+PAFGo0VEqMfbRHpWnlCVMMkX3XaycsCotXmTNg80dB9GcRQgKVM
Q/Rio3vI5AVeUJzv47QHy0P7iwF5Sf6f9I/jEoMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRxyIh1ncuPC+95qVC0MtX+0hUyvDAfBgNVHSMEGDAWgBSbDA0EIlVm25Xp
rTsu9gUBSXWqojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L213d05CQ0pWWnR1VjZhMDdMdllGQVVsMXFxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvMGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8x
L2NjaUlkWjNMand2dmVhbFF0RExWX3RJVk1ydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
MGVjNmQyLWYxZDctNGIwYS1hZDMzLWU4ZWYyZjA5NTk4ZS8xL213d05CQ0pWWnR1
VjZhMDdMdllGQVVsMXFxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlEc/DANBgkqhkiG9w0BAQsFAAOC
AQEAqvDx+yK+qZ1ojWSSmfmi02Z5S/5LIPvx3JopfE9AAPs7TWMXl1twqgDHA4sc
dFSrTO8mqsyMUMdOfj0lvKUlwNVl+KETPKjPYxwYvWUP+U9FQB0THfVszLV/sly9
eFtQXMd+A+BNrpCIQyHwrEgkNCR4A2Xp4LMVI51CqRLsyH7ROjP+fwtC+kklHUSV
MYFtHdIuoqYNIcsOmxuWkPDqMhIxWTNSgfH++rw4X+NXN5P/ljSynkInHmf9KCU7
0hAOz0ljIn506UMAzNp/Mgzkjl8Bf4YZkDjhm0cOoej6ujpifG3ySkjT/8zRZ+Ey
NTb7NVXIJPwECp0MsFIsPNPm6Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:19 2023 by rpki-client on console-fra.rpki-client.org