Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/n6hSy6N2YmijbenrIWwdz-idSSg.roa
File: n6hSy6N2YmijbenrIWwdz-idSSg.roa (raw, json)
Hash identifier: 3QtF37DqmJYAfwC09hfJQerd1yMeaSbZE75DI86tH3g=
Subject key identifier: 9F:A8:52:CB:A3:76:62:68:A3:6D:E9:EB:21:6C:1D:CF:E8:9D:49:28
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 3A9EC2D0
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/n6hSy6N2YmijbenrIWwdz-idSSg.roa
Signing time: Tue 01 Mar 2022 03:46:07 +0000
ROA not before: Tue 01 Mar 2022 03:46:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12912
IP address blocks: 78.133.128.0/17 maxlen: 17
85.219.128.0/17 maxlen: 17
89.174.0.0/16 maxlen: 16
2001:4190::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 983483088 (0x3a9ec2d0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Mar 1 03:46:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9fa852cba3766268a36de9eb216c1dcfe89d4928
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:26:99:a6:88:e6:f3:c9:6e:ee:32:b9:72:df:
ac:b5:86:8f:61:b2:60:04:7b:c6:60:8e:57:dd:17:
e4:2e:1d:ab:2b:c2:de:bf:86:f9:f1:ea:ae:e2:81:
dd:22:d6:ba:03:24:84:13:1b:c1:d8:f8:21:ce:99:
53:16:95:be:e8:97:fa:e6:c1:ae:47:15:22:d8:0d:
8d:bc:14:82:a4:d0:6e:9f:30:f1:bf:51:3b:4c:10:
80:d9:76:12:28:2d:87:94:0c:cd:ed:a3:02:8c:e4:
32:ab:04:c6:0b:0c:cf:94:91:fb:44:58:cd:50:88:
c5:08:85:3d:b2:cc:ca:e8:68:ec:0d:f2:e8:fc:ce:
1b:59:f5:fb:01:f9:ba:53:45:11:32:aa:13:c7:49:
d0:90:9c:d1:44:7f:e1:f3:97:cf:81:de:05:0e:7b:
c8:72:10:48:50:0a:b8:0c:5c:1a:a3:f3:18:aa:59:
2a:c6:e7:ad:2d:ca:1c:85:d6:ae:b6:58:ad:1e:ba:
1c:87:03:79:ad:f5:39:6d:cc:11:68:69:13:ed:d1:
89:4b:d4:be:8d:eb:4f:59:66:b3:a0:85:0f:6d:c5:
1b:c4:96:48:e8:56:7d:c2:eb:05:fa:d7:8b:1d:2b:
74:d4:9f:22:bd:e0:75:b1:9f:04:75:65:29:1c:dc:
24:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:A8:52:CB:A3:76:62:68:A3:6D:E9:EB:21:6C:1D:CF:E8:9D:49:28
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/n6hSy6N2YmijbenrIWwdz-idSSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.128.0/17
85.219.128.0/17
89.174.0.0/16
IPv6:
2001:4190::/32
Signature Algorithm: sha256WithRSAEncryption
94:80:ef:9d:8b:6f:5b:14:42:29:35:fa:8d:00:aa:04:3e:2a:
11:88:3c:f6:d1:92:27:52:02:02:96:d4:d1:53:a4:30:a2:79:
fb:36:e1:87:d6:49:6a:23:89:5d:36:7c:01:ab:b1:d0:33:bf:
48:74:88:e8:d6:b0:74:38:7d:0c:4e:b9:59:b8:26:02:53:02:
18:5e:df:77:5d:b0:dc:38:6d:dd:22:9f:6e:ce:15:c8:8f:e0:
0d:3b:6d:b3:01:bb:ca:da:2c:9b:8d:6a:e1:c9:56:c2:25:7e:
51:f2:23:e2:a8:f6:10:e6:fc:02:e0:a7:ca:62:1b:62:34:f4:
0a:75:06:a1:61:61:28:01:71:21:67:b0:c1:01:b4:3a:df:6b:
ed:80:ee:34:95:6e:47:dd:e2:a2:31:4c:99:73:0e:c6:41:33:
17:c8:87:4c:17:2c:9f:64:31:80:d4:89:f6:22:58:af:e0:a2:
22:13:57:a5:cc:aa:f4:b2:d5:93:fa:b3:bb:f4:5b:63:9e:ad:
45:69:0c:1d:f6:4d:bd:f4:20:f3:76:7c:c7:a9:1c:07:df:74:
f4:24:1a:bd:f0:29:7d:f6:6e:26:09:b6:22:59:2f:3c:02:80:
b7:28:35:44:03:95:05:d2:fe:39:b3:2b:36:ce:a5:ed:63:10:
23:30:b3:e8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEOp7C0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YWNhNjNkZjI0OGI3YWRmM2RkZDA3ZThjMmQzZWVkZDAyY2VmOTMzMB4XDTIyMDMw
MTAzNDYwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWZhODUyY2JhMzc2
NjI2OGEzNmRlOWViMjE2YzFkY2ZlODlkNDkyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcmmaaI5vPJbu4yuXLfrLWGj2GyYAR7xmCOV90X5C4dqyvC
3r+G+fHqruKB3SLWugMkhBMbwdj4Ic6ZUxaVvuiX+ubBrkcVItgNjbwUgqTQbp8w
8b9RO0wQgNl2Eigth5QMze2jAozkMqsExgsMz5SR+0RYzVCIxQiFPbLMyuho7A3y
6PzOG1n1+wH5ulNFETKqE8dJ0JCc0UR/4fOXz4HeBQ57yHIQSFAKuAxcGqPzGKpZ
KsbnrS3KHIXWrrZYrR66HIcDea31OW3MEWhpE+3RiUvUvo3rT1lms6CFD23FG8SW
SOhWfcLrBfrXix0rdNSfIr3gdbGfBHVlKRzcJOECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSfqFLLo3ZiaKNt6eshbB3P6J1JKDAfBgNVHSMEGDAWgBQaymPfJIt63z3d
B+jC0+7dAs75MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0dzcGozeVNMZXQ4OTNRZm93dFB1M1FMTy1UTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvMWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8x
L242aFN5Nk4yWW1pamJlbnJJV3dkei1pZFNTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
MWY2NDU4LWRjNzUtNGFkZC1hZTcyLTkxZTMxODRiYjBhYi8xL0dzcGozeVNMZXQ4
OTNRZm93dFB1M1FMTy1UTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwFwQCAAEwEQMEB06FgAMEB1XbgAMDAFmuMA0EAgAC
MAcDBQAgAUGQMA0GCSqGSIb3DQEBCwUAA4IBAQCUgO+di29bFEIpNfqNAKoEPioR
iDz20ZInUgICltTRU6Qwonn7NuGH1klqI4ldNnwBq7HQM79IdIjo1rB0OH0MTrlZ
uCYCUwIYXt93XbDcOG3dIp9uzhXIj+ANO22zAbvK2iybjWrhyVbCJX5R8iPiqPYQ
5vwC4KfKYhtiNPQKdQahYWEoAXEhZ7DBAbQ632vtgO40lW5H3eKiMUyZcw7GQTMX
yIdMFyyfZDGA1In2Iliv4KIiE1elzKr0stWT+rO79Ftjnq1FaQwd9k299CDzdnzH
qRwH33T0JBq98Cl99m4mCbYiWS88AoC3KDVEA5UF0v45sys2zqXtYxAjMLPo
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:09 2023 by rpki-client on console-fra.rpki-client.org