Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/1-_urGheaOfzYWra_DKAbcL_O_tw.roa
File: 1-_urGheaOfzYWra_DKAbcL_O_tw.roa (raw, json)
Hash identifier: DqKMYsJv8zU8qDniwy31sO7K4L1dMvlcMPtgGHnDqd4=
Subject key identifier: FB:FB:AB:1A:17:9A:39:FC:D8:5A:B6:BF:0C:A0:1B:70:BF:CE:FE:DC
Certificate issuer: /CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Certificate serial: 04F8AD9F
Authority key identifier: DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/1-_urGheaOfzYWra_DKAbcL_O_tw.roa
Signing time: Sat 01 Jan 2022 01:01:45 +0000
ROA not before: Sat 01 Jan 2022 01:01:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56527
IP address blocks: 217.66.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83406239 (0x4f8ad9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dafcb643e6a21e2fb6e21cd0653ab095e9ebef13
Validity
Not Before: Jan 1 01:01:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fbfbab1a179a39fcd85ab6bf0ca01b70bfcefedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:99:69:07:1c:65:12:a9:45:fc:21:1a:2b:cb:
60:0c:a4:9a:85:ee:15:d5:09:e8:6b:48:26:31:56:
a1:de:94:29:36:74:24:8e:70:38:6c:a3:46:7a:da:
e9:23:3f:d1:9d:b8:06:c7:9b:fa:5c:b8:44:97:50:
01:3d:26:f8:a9:72:06:7f:01:fd:9f:4d:89:9b:ce:
8a:cc:4d:72:e9:e0:19:c8:2d:17:f1:62:6e:22:e9:
6e:fb:eb:7a:82:12:97:ab:c4:40:42:4e:91:6a:22:
e4:b3:2b:75:0e:a8:ff:03:7f:89:7a:02:80:5a:c8:
e8:62:3e:38:e0:90:2c:07:0f:cf:41:82:2a:a3:d9:
2a:de:fd:b7:3f:de:45:e1:88:60:bb:18:c1:d7:ea:
20:d0:c9:77:2c:52:2b:1f:35:b8:6f:e7:e9:5b:51:
63:01:83:86:92:fe:62:4f:3d:c6:fa:6c:cd:f3:ef:
c7:8b:43:6d:ee:08:ae:d2:f2:a6:97:64:e3:6c:a1:
a6:fb:d6:b3:17:81:27:41:0c:13:6d:ba:aa:5c:28:
08:41:45:17:34:ab:47:4f:f6:a8:53:39:33:60:e6:
76:42:43:ef:e7:ab:b3:45:c4:88:fa:5a:c5:b4:58:
70:8b:e2:46:86:9a:c3:91:2e:f5:ea:3d:9a:43:61:
e1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FB:AB:1A:17:9A:39:FC:D8:5A:B6:BF:0C:A0:1B:70:BF:CE:FE:DC
X509v3 Authority Key Identifier:
keyid:DA:FC:B6:43:E6:A2:1E:2F:B6:E2:1C:D0:65:3A:B0:95:E9:EB:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2vy2Q-aiHi-24hzQZTqwlenr7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/1-_urGheaOfzYWra_DKAbcL_O_tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/27a374-c984-4b19-ac7e-de2de15f90ed/1/2vy2Q-aiHi-24hzQZTqwlenr7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.66.96.0/22
Signature Algorithm: sha256WithRSAEncryption
90:b3:85:dd:2c:ed:04:af:98:de:d7:c1:56:cf:26:c4:50:95:
b8:c9:7f:d7:33:65:05:5a:94:d8:0e:31:87:e5:8d:85:6c:b0:
1b:2a:53:53:5d:d0:ce:9d:4b:ae:de:15:9a:cc:97:71:08:ca:
4e:fd:9d:6d:4d:78:ce:db:b5:cc:a2:7c:d5:7d:ad:0d:fc:69:
e4:99:15:ae:2e:18:9d:aa:8d:6c:d7:db:5a:96:7a:f8:5c:a3:
04:f3:6d:a2:0a:e7:42:b6:33:5f:1f:40:fb:f2:58:aa:ac:70:
2d:31:eb:b9:d8:5c:e8:91:2f:c2:05:52:63:cb:67:89:93:20:
d8:f6:9d:34:26:f2:43:7c:70:7c:cb:20:e9:56:fa:ac:c2:65:
07:dd:03:88:44:ac:3a:9d:55:96:f5:17:87:ca:9e:73:57:34:
b3:bd:6e:52:7f:ef:f6:02:db:cb:3c:75:38:9d:26:d7:db:34:
c2:aa:99:76:ff:7d:f7:5b:21:06:a0:2e:16:ae:dd:55:b7:da:
23:b6:20:97:92:ad:c1:59:3a:e8:0d:ad:23:da:b7:c1:45:fb:
b9:ed:b0:e6:02:02:ee:27:40:95:51:8b:ed:a5:bc:9d:6b:87:
b6:5e:87:87:e7:61:bd:9c:fb:b4:18:9a:dc:ca:d9:0f:cd:c8:
3c:fe:92:37
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEBPitnzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWZjYjY0M2U2YTIxZTJmYjZlMjFjZDA2NTNhYjA5NWU5ZWJlZjEzMB4XDTIyMDEw
MTAxMDE0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmJmYmFiMWExNzlh
MzlmY2Q4NWFiNmJmMGNhMDFiNzBiZmNlZmVkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJqZaQccZRKpRfwhGivLYAykmoXuFdUJ6GtIJjFWod6UKTZ0
JI5wOGyjRnra6SM/0Z24Bseb+ly4RJdQAT0m+KlyBn8B/Z9NiZvOisxNcungGcgt
F/FibiLpbvvreoISl6vEQEJOkWoi5LMrdQ6o/wN/iXoCgFrI6GI+OOCQLAcPz0GC
KqPZKt79tz/eReGIYLsYwdfqINDJdyxSKx81uG/n6VtRYwGDhpL+Yk89xvpszfPv
x4tDbe4IrtLyppdk42yhpvvWsxeBJ0EME226qlwoCEFFFzSrR0/2qFM5M2DmdkJD
7+ers0XEiPpaxbRYcIviRoaaw5Eu9eo9mkNh4ZECAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBT7+6saF5o5/Nhatr8MoBtwv87+3DAfBgNVHSMEGDAWgBTa/LZD5qIeL7bi
HNBlOrCV6evvEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJ2eTJRLWFpSGktMjRoelFaVHF3bGVucjd4TS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMjdhMzc0LWM5ODQtNGIxOS1hYzdlLWRlMmRlMTVmOTBlZC8x
LzEtX3VyR2hlYU9mellXcmFfREtBYmNMX09fdHcucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Jk
LzI3YTM3NC1jOTg0LTRiMTktYWM3ZS1kZTJkZTE1ZjkwZWQvMS8ydnkyUS1haUhp
LTI0aHpRWlRxd2xlbnI3eE0uY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALZQmAwDQYJKoZIhvcNAQELBQAD
ggEBAJCzhd0s7QSvmN7XwVbPJsRQlbjJf9czZQValNgOMYfljYVssBsqU1Nd0M6d
S67eFZrMl3EIyk79nW1NeM7btcyifNV9rQ38aeSZFa4uGJ2qjWzX21qWevhcowTz
baIK50K2M18fQPvyWKqscC0x67nYXOiRL8IFUmPLZ4mTINj2nTQm8kN8cHzLIOlW
+qzCZQfdA4hErDqdVZb1F4fKnnNXNLO9blJ/7/YC28s8dTidJtfbNMKqmXb/ffdb
IQagLhau3VW32iO2IJeSrcFZOugNrSPat8FF+7ntsOYCAu4nQJVRi+2lvJ1rh7Ze
h4fnYb2c+7QYmtzK2Q/NyDz+kjc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:59 2023 by rpki-client on console-ams.rpki-client.org