Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Y-QsZ-jal_RiOMCSRh1Y4S6R4yQ.roa
File: Y-QsZ-jal_RiOMCSRh1Y4S6R4yQ.roa (raw, json)
Hash identifier: eRP7CMz3d5Qfgc5IA9sEOCGSIg5LJKaYW2L5sYEAba4=
Subject key identifier: 63:E4:2C:67:E8:DA:97:F4:62:38:C0:92:46:1D:58:E1:2E:91:E3:24
Certificate issuer: /CN=679a75debd65359a45317f203f11a321e14b2f2c
Certificate serial: 06A300BA
Authority key identifier: 67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Y-QsZ-jal_RiOMCSRh1Y4S6R4yQ.roa
Signing time: Wed 04 May 2022 00:21:59 +0000
ROA not before: Wed 04 May 2022 00:21:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 87.121.136.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 111345850 (0x6a300ba)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=679a75debd65359a45317f203f11a321e14b2f2c
Validity
Not Before: May 4 00:21:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63e42c67e8da97f46238c092461d58e12e91e324
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8b:85:88:c7:5c:b9:62:71:96:7d:c7:f1:f0:
8e:17:f8:fd:35:25:15:b5:d4:88:25:6e:6b:12:8e:
cb:c6:16:42:b2:c8:6e:c5:7e:b8:1e:8f:74:c5:5c:
89:01:39:73:5a:c1:35:bf:cd:d3:6b:1f:0e:97:83:
92:94:c3:1b:cd:14:18:6d:86:87:d1:90:d5:b8:a0:
60:c7:82:cc:f7:e7:a4:3b:8e:01:d7:3a:b6:c0:65:
7f:14:68:ce:db:e8:40:d1:4d:0b:87:3a:7a:10:64:
41:a1:ef:e0:8e:6e:3c:d2:9d:f2:e1:fb:39:f8:12:
b8:d7:03:b9:28:86:6c:b3:e6:0a:a4:48:6b:b0:2d:
02:9c:40:bb:d2:b4:3d:f3:c9:f3:87:be:94:90:47:
e8:82:eb:f3:93:4b:31:d0:20:86:89:d0:90:fe:b8:
5a:3b:1c:71:28:ca:80:80:98:c0:61:85:8d:98:47:
1a:c6:ed:79:39:bb:3c:0d:73:71:ec:f8:7f:40:bf:
bd:24:56:61:fd:e5:77:9f:b3:67:73:6e:8d:26:75:
5d:f1:f6:b5:2e:77:03:cc:7b:5e:dd:99:1e:5b:a5:
8d:1a:49:15:e6:75:ee:8f:b1:05:c3:da:c9:07:32:
56:53:6e:c5:25:1d:47:a9:0a:ca:c3:6d:4c:74:3f:
ea:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E4:2C:67:E8:DA:97:F4:62:38:C0:92:46:1D:58:E1:2E:91:E3:24
X509v3 Authority Key Identifier:
keyid:67:9A:75:DE:BD:65:35:9A:45:31:7F:20:3F:11:A3:21:E1:4B:2F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z5p13r1lNZpFMX8gPxGjIeFLLyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Y-QsZ-jal_RiOMCSRh1Y4S6R4yQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/7a39b1-1d1c-4919-b19c-3eebe7196972/1/Z5p13r1lNZpFMX8gPxGjIeFLLyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.136.0/21
Signature Algorithm: sha256WithRSAEncryption
a4:fa:43:4f:79:1a:c2:7e:a5:89:0d:ce:e9:67:9c:2b:4c:bd:
f7:83:12:52:25:3c:ff:a7:0f:2b:33:17:b2:29:73:34:c7:aa:
da:d0:e9:42:50:5d:ca:65:c5:6c:24:86:70:d1:c1:b8:19:a6:
99:d3:55:08:66:f0:00:31:90:cb:1b:e9:aa:1c:cc:28:6b:36:
05:b2:7d:b1:25:0f:24:d2:fe:89:05:7c:12:8b:b3:44:22:ae:
a7:be:b6:19:7d:cf:5a:83:e4:e3:26:8d:cd:fb:ec:a0:2b:1b:
89:66:8a:4a:cd:85:aa:83:15:4e:12:c7:43:dc:58:58:2c:2e:
77:ac:fd:da:aa:a7:de:f0:71:72:ca:77:46:d0:0a:bc:cc:a1:
b7:32:7a:9c:8c:b5:3b:9e:e1:30:8f:2a:f2:81:38:68:09:e0:
0b:83:1b:9a:73:9c:83:f2:fb:67:6c:29:b3:e8:8e:20:a9:a5:
4a:56:76:2c:3a:19:be:2b:fc:f4:56:a1:5b:75:07:5f:13:73:
8a:3c:45:e6:8b:66:ed:29:3f:0e:8b:61:7b:cb:46:c3:e0:ae:
34:51:d2:bc:0f:12:22:5b:a4:1f:5b:b1:a7:18:50:7d:94:67:
8e:d3:48:42:a4:5c:b4:e0:d6:a3:be:78:46:53:1e:55:ea:d5:
b1:93:2a:a9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBqMAujANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NzlhNzVkZWJkNjUzNTlhNDUzMTdmMjAzZjExYTMyMWUxNGIyZjJjMB4XDTIyMDUw
NDAwMjE1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjNlNDJjNjdlOGRh
OTdmNDYyMzhjMDkyNDYxZDU4ZTEyZTkxZTMyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ2LhYjHXLlicZZ9x/Hwjhf4/TUlFbXUiCVuaxKOy8YWQrLI
bsV+uB6PdMVciQE5c1rBNb/N02sfDpeDkpTDG80UGG2Gh9GQ1bigYMeCzPfnpDuO
Adc6tsBlfxRoztvoQNFNC4c6ehBkQaHv4I5uPNKd8uH7OfgSuNcDuSiGbLPmCqRI
a7AtApxAu9K0PfPJ84e+lJBH6ILr85NLMdAghonQkP64WjsccSjKgICYwGGFjZhH
GsbteTm7PA1zcez4f0C/vSRWYf3ld5+zZ3NujSZ1XfH2tS53A8x7Xt2ZHluljRpJ
FeZ17o+xBcPayQcyVlNuxSUdR6kKysNtTHQ/6k0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRj5Cxn6NqX9GI4wJJGHVjhLpHjJDAfBgNVHSMEGDAWgBRnmnXevWU1mkUx
fyA/EaMh4UsvLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1o1cDEzcjFsTlpwRk1YOGdQeEdqSWVGTEx5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjUvN2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8x
L1ktUXNaLWphbF9SaU9NQ1NSaDFZNFM2UjR5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjUv
N2EzOWIxLTFkMWMtNDkxOS1iMTljLTNlZWJlNzE5Njk3Mi8xL1o1cDEzcjFsTlpw
Rk1YOGdQeEdqSWVGTEx5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA1d5iDANBgkqhkiG9w0BAQsFAAOC
AQEApPpDT3kawn6liQ3O6WecK0y994MSUiU8/6cPKzMXsilzNMeq2tDpQlBdymXF
bCSGcNHBuBmmmdNVCGbwADGQyxvpqhzMKGs2BbJ9sSUPJNL+iQV8EouzRCKup762
GX3PWoPk4yaNzfvsoCsbiWaKSs2FqoMVThLHQ9xYWCwud6z92qqn3vBxcsp3RtAK
vMyhtzJ6nIy1O57hMI8q8oE4aAngC4MbmnOcg/L7Z2wps+iOIKmlSlZ2LDoZviv8
9FahW3UHXxNzijxF5otm7Sk/Dothe8tGw+CuNFHSvA8SIlukH1uxpxhQfZRnjtNI
QqRctODWo754RlMeVerVsZMqqQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:30 2023 by rpki-client on console-ams.rpki-client.org