Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/9xsg0Ee3dLlrHlngMajvgToLOw0.roa
File: 9xsg0Ee3dLlrHlngMajvgToLOw0.roa (raw, json)
Hash identifier: r5/90FFTpR/fLJdLR3CUhVb4juhCHAwMRVj+egRWUbk=
Subject key identifier: F7:1B:20:D0:47:B7:74:B9:6B:1E:59:E0:31:A8:EF:81:3A:0B:3B:0D
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3AA2319B
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/9xsg0Ee3dLlrHlngMajvgToLOw0.roa
Signing time: Tue 01 Mar 2022 15:02:29 +0000
ROA not before: Tue 01 Mar 2022 15:02:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12912
IP address blocks: 217.8.160.0/19 maxlen: 19
78.133.128.0/17 maxlen: 17
85.219.128.0/17 maxlen: 17
89.174.0.0/16 maxlen: 16
2001:4190::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 983708059 (0x3aa2319b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Mar 1 15:02:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f71b20d047b774b96b1e59e031a8ef813a0b3b0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c6:b2:6f:e4:0e:69:4f:33:f4:a3:ef:a7:d7:
3c:d3:d2:d1:e5:12:ab:ac:af:46:2f:da:bd:00:e4:
e4:bd:b8:c8:b7:cf:ab:51:17:eb:40:77:c0:cf:e1:
8e:d6:8a:dd:94:e8:22:91:9d:1a:ef:bc:30:d3:4a:
9a:08:ba:8d:1b:c6:60:d0:5e:54:72:80:22:8d:f9:
27:86:15:b9:05:7c:24:52:a6:93:39:e6:fc:53:60:
b1:46:3e:1b:2e:e9:39:c9:8a:8f:a6:2b:97:9d:f6:
ea:da:5c:71:1a:b0:ac:5a:2a:ef:11:16:b7:4f:7e:
ad:31:95:09:00:08:74:66:43:ac:df:92:95:ef:59:
6f:4f:e3:73:81:13:93:83:e9:dd:8b:ed:f8:d8:bd:
84:0c:37:0f:f7:1a:45:de:6f:42:9a:7e:c6:cd:3e:
4c:4f:b9:d8:8f:53:07:9b:ee:e2:6a:8f:8c:4f:fc:
c1:da:96:7c:78:35:df:71:21:3b:b4:42:46:dc:31:
ae:d2:d5:0f:f0:6e:63:5b:58:66:f9:9a:6a:84:3d:
9c:c5:fd:1c:c0:9b:e8:26:df:0c:4c:ae:29:a4:d3:
a0:96:6e:e0:f3:cc:33:15:3b:2a:a9:79:85:41:2c:
ac:ab:f0:57:a7:38:9e:09:33:a8:15:1e:08:18:9f:
c7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:1B:20:D0:47:B7:74:B9:6B:1E:59:E0:31:A8:EF:81:3A:0B:3B:0D
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/9xsg0Ee3dLlrHlngMajvgToLOw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.128.0/17
85.219.128.0/17
89.174.0.0/16
217.8.160.0/19
IPv6:
2001:4190::/32
Signature Algorithm: sha256WithRSAEncryption
54:bf:a3:e4:d4:d5:55:47:ef:80:0e:e0:07:99:ba:ca:7e:04:
75:1a:4a:b3:57:30:e0:11:ac:71:71:f9:4a:14:cb:a7:41:08:
c6:2f:e8:5d:2d:4d:4c:14:a1:82:67:fd:2e:fc:c6:90:fe:a6:
f8:b4:d0:57:fd:27:d0:72:85:45:f7:25:e0:65:78:31:19:e8:
10:98:75:5c:06:9b:8b:ee:4c:9c:ce:85:cb:f8:55:80:a1:4a:
d6:3a:96:2d:c4:f4:77:99:cf:be:dc:aa:db:a7:90:f6:65:93:
58:a8:43:70:21:57:c2:af:d2:b0:a3:07:52:a5:35:2c:30:c3:
37:02:12:76:7a:a2:d0:05:41:3e:04:24:dd:ff:2e:e8:14:1b:
c0:76:75:29:8e:96:1e:48:f7:28:48:b2:be:68:3e:5f:19:81:
d0:cb:9a:1c:4a:74:09:4e:40:d8:89:93:5f:a9:8f:58:d6:63:
e2:41:13:66:e7:72:e8:d6:8f:21:27:09:73:e9:37:70:6f:35:
dc:a9:3e:3d:2e:91:a5:a9:ba:50:bc:cb:04:29:2e:c8:23:6f:
40:1e:62:31:d1:3b:95:67:50:5f:6d:e7:2e:69:c0:a1:29:a6:
eb:f3:57:d3:00:31:7d:ce:70:6b:83:cb:27:6d:5c:65:ec:77:
2d:3e:1f:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEOqIxmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDMw
MTE1MDIyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjcxYjIwZDA0N2I3
NzRiOTZiMWU1OWUwMzFhOGVmODEzYTBiM2IwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDGsm/kDmlPM/Sj76fXPNPS0eUSq6yvRi/avQDk5L24yLfP
q1EX60B3wM/hjtaK3ZToIpGdGu+8MNNKmgi6jRvGYNBeVHKAIo35J4YVuQV8JFKm
kznm/FNgsUY+Gy7pOcmKj6Yrl5326tpccRqwrFoq7xEWt09+rTGVCQAIdGZDrN+S
le9Zb0/jc4ETk4Pp3Yvt+Ni9hAw3D/caRd5vQpp+xs0+TE+52I9TB5vu4mqPjE/8
wdqWfHg133EhO7RCRtwxrtLVD/BuY1tYZvmaaoQ9nMX9HMCb6CbfDEyuKaTToJZu
4PPMMxU7Kql5hUEsrKvwV6c4ngkzqBUeCBifx2kCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBT3GyDQR7d0uWseWeAxqO+BOgs7DTAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
Lzl4c2cwRWUzZExsckhsbmdNYWp2Z1RvTE93MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wHQQCAAEwFwMEB06FgAMEB1XbgAMDAFmuAwQF2Qig
MA0EAgACMAcDBQAgAUGQMA0GCSqGSIb3DQEBCwUAA4IBAQBUv6Pk1NVVR++ADuAH
mbrKfgR1GkqzVzDgEaxxcflKFMunQQjGL+hdLU1MFKGCZ/0u/MaQ/qb4tNBX/SfQ
coVF9yXgZXgxGegQmHVcBpuL7kyczoXL+FWAoUrWOpYtxPR3mc++3Krbp5D2ZZNY
qENwIVfCr9KwowdSpTUsMMM3AhJ2eqLQBUE+BCTd/y7oFBvAdnUpjpYeSPcoSLK+
aD5fGYHQy5ocSnQJTkDYiZNfqY9Y1mPiQRNm53Lo1o8hJwlz6TdwbzXcqT49LpGl
qbpQvMsEKS7II29AHmIx0TuVZ1BfbecuacChKabr81fTADF9znBrg8snbVxl7Hct
Ph+A
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:02 2023 by rpki-client on console-ams.rpki-client.org